legal

Privacy Policy

We handle only the data Intent On Demand needs to run your marketing, we protect it, and you stay in control of every connection. The plain-English version: the AI proposes, you approve, and nothing happens to your data or your spend without you.

Effective July 3, 2026

01

Who we are

Intent On Demand is an AI-run marketing operating system operated by Power Consulting LLC d/b/a Intent On Demand ("we", "us", "our"). It connects to the marketing platforms you authorize, proposes a plan, and runs approved campaigns across email, SMS, AI voice, Meta, Google, and landing pages on your behalf.

This policy explains what data we handle, why, and the choices you have. It covers the Intent On Demand console at app.intentondemand.io and this marketing site.

02

What data we collect and why

We collect only what the product needs to do its job:

  • Account data. Your name, work email, and company. We use a secure authentication provider to manage sign-in and never store your passwords.
  • Audience data you bring. The first-party intent and contact data you load or connect, used to segment your audience and run the channels you approve.
  • Connected-platform data. Data we read from accounts you connect (see section 03), such as Google Ads campaigns and metrics, Meta ad accounts and pages, and CRM records.
  • Usage and diagnostic data. Standard logs about how the console is used, to keep it secure and reliable.
03

Connected accounts and OAuth tokens

When you connect a platform, you authorize us through that platform’s official authorization flow (OAuth or an equivalent token mechanism). We request the narrowest scopes the feature needs. The resulting access tokens are used only by our servers to fetch your data and to perform the actions you approve.

Platforms you can connect include:

  • Google Ads. To read your campaigns, ad groups, and performance, and to create or change campaigns, budgets, and audiences when you approve them.
  • Google Search Console and Google Analytics. To read site search and traffic performance.
  • Meta (Facebook and Instagram). For pages, ad accounts, audiences, performance metrics, and Lead Ads data.
  • Your CRM (GoHighLevel, or HubSpot, Salesforce, Pipedrive, and Zoho via Composio). To sync leads and outcomes.
04

Google user data and Google API Services

Intent On Demand’s use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

Data we access from your Google account (including Google Ads, Search Console, and Analytics) is used only to provide and improve the specific feature you connected it for. Google Ads data is used solely to manage, report on, and optimize the Google Ads account you connected. We do not use Google user data to build audiences, to target or serve ads outside that connected account, to power any other channel, or for any personalized advertising or remarketing. We do not use Google user data to train generalized AI or machine-learning models, and we do not sell it.

To generate the proposals you ask for, limited Google Ads performance data may be processed by our AI model providers (such as Anthropic and OpenAI) solely to provide this feature to you. These providers are contractually bound not to train their models on your data. A human reads your raw Google data only with your explicit permission, or where required for security or to comply with law.

We do not transfer Google user data to others except: as needed to provide a feature you requested; to comply with applicable law; to protect against security threats or fraud; or, in connection with a merger, acquisition, or sale of assets, only after obtaining your explicit prior consent.

You can revoke our access at any time in your Google Account permissions or by disconnecting inside the console.

05

Meta Platform data and Platform Terms

Intent On Demand’s use of information received from Meta Platforms (Facebook and Instagram) complies with the Meta Platform Terms and Developer Policies, including their data use and Limited Use requirements.

Data we access from your connected Meta account — Pages, ad accounts, audiences, performance metrics, and Lead Ads (lead form) submissions — is used only to provide and improve the specific features you connected it for: reporting on and managing the Meta ad account and Pages you authorized, and syncing the leads your forms collect into your workspace and CRM. We do not use Meta data to build or enrich audiences outside your connected account, to power other channels, or for advertising outside the Meta account you connected.

We do not use Meta Platform data to train generalized AI or machine-learning models, and we do not sell it. To generate the proposals you ask for, limited Meta performance data may be processed by our AI model providers (such as Anthropic and OpenAI) solely to provide this feature to you; these providers are contractually bound not to train their models on your data.

We do not transfer Meta Platform data to others except: as needed to provide a feature you requested; to comply with applicable law; to protect against security threats or fraud; or in connection with a merger, acquisition, or sale of assets, only after obtaining your explicit prior consent. You can revoke our access at any time from your Meta Business settings or by disconnecting inside the console, and you can request deletion as described in section 10.

06

How we use data

We use the data above to: run the product you signed up for; segment audiences and propose plans; execute the channels and campaigns you approve; verify deliverability and honor do-not-call and consent rules; show you performance; and keep the service secure. The AI proposes; deterministic executors act only after you approve. We never spend or send on your behalf without an approval from you.

Audience segmentation and the other channels run on the first-party audience data you bring, not on data from your Google account. Google Ads data is used only for the connected Google Ads feature as described in section 04.

07

How your tokens and data are secured

Access tokens are encrypted at rest with AES-256-GCM and used exclusively by our backend. They are never sent to, or stored in, the browser. All traffic uses TLS/HTTPS. Each client’s data is isolated per account, and connected-account data is never shared between clients.

08

Connecting and disconnecting

You control every connection. Connecting is always an explicit action you take. You can disconnect any platform at any time from the console, which revokes our stored token and stops further access. You can also revoke access directly from the platform (for Google, in your Google Account security settings).

09

Data retention

OAuth tokens are kept while a connection is active and deleted when you disconnect. Cached platform data that powers your dashboards is removed when you disconnect that integration or request deletion. Account and audience data is retained for the life of your workspace, except where we must keep limited records for legal, tax, or security reasons.

10

Requesting deletion

You can delete your data at any time from the console settings, or by emailing privacy@intentondemand.io. We will delete your account data, audience data, and connected-account tokens and caches, except for the limited records noted above. We respond to deletion requests promptly.

11

Third-party services

We connect to Google, Meta, Microsoft, and GoHighLevel as data sources at your direction. We rely on infrastructure providers, including Supabase, Vercel, and Cloudflare, to run the service. These providers process data only to provide their services to us and are bound by their own commitments.

12

What we never do

We do not sell your data. We do not share one client’s connected-account data with another client. We do not use your access tokens for anything other than the features you enabled. We do not use your connected-platform data, including Google user data, to train generalized AI or machine-learning models. We do not use Google user data for personalized advertising or remarketing beyond the Google Ads account you connected.

13

The mobile app

The Intent On Demand mobile app (iOS, and Android when available) is another way to sign in to the same workspace and covers the same data described in this policy. In addition, the app handles:

  • Sign-in credentials. The app authenticates you through the same secure authentication provider as the console. Your password is never stored on the device.
  • Push notification tokens. If you enable notifications (for example, to approve a proposal from your phone), we store the device token needed to deliver them. Disable notifications in your device settings at any time to stop this.
  • Device and diagnostic data. Basic device model, OS version, and crash/diagnostic logs, used only to keep the app reliable.
  • No cross-app tracking. The app does not track you across other companies’ apps or websites and does not use advertising identifiers.
14

Account deletion from the app

You can delete your account and its data directly inside the app (Settings → Account → Delete account), from the console settings, via our data deletion page, or by emailing privacy@intentondemand.io. Deletion covers the same scope described in section 10.

15

Changes to this policy

If we make material changes, we will update this page and the effective date above, and where appropriate notify you in the console or by email.

16

Contact us

Questions about this policy or your data? Email privacy@intentondemand.io.