Legal

Privacy Policy

What data FifthBoston Ad Network collects, why we collect it, how we use it, and what rights you have over it. We keep this straightforward.

Effective date: March 1, 2026
Last revised: March 1, 2026
On This Page
Who We Are Data We Collect How We Use It Data Sharing Cookies & Tracking Data Retention Your Rights Security Children Changes Contact

1. Who We Are

FifthBoston Ad Network is operated by FifthBoston Holdings. References to "we," "us," and "our" in this policy refer to FifthBoston Holdings and its affiliates involved in operating the ad network platform.

This policy covers data processed through the ad-admin.fifthboston.services dashboard, the ads-api.fifthboston.services ad serving infrastructure, and the ads.fifthboston.services public website.

2. Data We Collect

We collect data in two contexts: from account holders (advertisers and publishers) who use our dashboard, and from end users who are served ads through our publisher network.

Account Holder Data

Data TypeWhat It IncludesWhy We Collect It
Account informationEmail address, API key, account roleAuthentication and account management
Campaign dataCampaign names, budgets, targeting settings, creative assetsRunning and optimizing your campaigns
Zone / publisher dataSite URLs, zone names, ad tag configurationsServing ads on your properties
Payment dataPayment method details (processed by our payment provider), billing addressProcessing charges and payouts
Usage dataDashboard login timestamps, feature usage, API call logsSecurity, debugging, product improvement

End User Data (Ad Serving)

When an ad is served on a publisher's site, our infrastructure may collect:

Data TypeWhat It Includes
Request metadataIP address (truncated to /24 subnet), user agent string, referrer URL
Device signalsDevice type (mobile/desktop/tablet), browser family, operating system
Interaction dataImpression timestamp, click timestamp, creative ID served
Geographic inferenceCountry and region inferred from truncated IP address

We do not collect: Full IP addresses for storage, precise geolocation, biometric data, health or financial data from end users, or any data explicitly designated as sensitive under GDPR or CCPA.

3. How We Use Your Data

We use collected data only for the purposes listed here. We do not sell personal data to third parties.

  • Delivering ads to publisher zones and recording impressions and clicks
  • Calculating advertiser spend and publisher revenue accurately
  • Detecting and preventing invalid traffic, click fraud, and policy violations
  • Providing the reporting dashboard and analytics features
  • Sending transactional emails (account notifications, payment confirmations, policy updates)
  • Debugging technical issues and improving platform reliability
  • Complying with legal obligations

4. Data Sharing

We do not sell, rent, or trade personal data. We share data only in the following limited circumstances:

  • Service providers: Infrastructure partners (Cloudflare for CDN and security, Neon for database hosting) process data on our behalf under data processing agreements
  • Payment processors: Payment data is processed directly by our payment partner and is not stored on our servers
  • Legal requirements: We may disclose data when required by law, court order, or to protect the rights and safety of FifthBoston Holdings or others
  • Business transfers: In the event of a merger or acquisition, data may be transferred as part of that transaction with advance notice to affected users

5. Cookies & Tracking

Dashboard (Account Holders)

The admin dashboard uses a single session cookie (fb_ads_api_key) to maintain your authenticated session. This cookie is essential for dashboard functionality and is not used for cross-site tracking. It expires when you sign out or after 7 days of inactivity.

Ad Serving (End Users)

Our ad serving script does not set cookies on end users' browsers by default. Impression and click tracking is done server-side using request metadata. Publishers are responsible for disclosing ad serving to their users as required by applicable law.

No third-party trackers: We do not use Google Analytics, Meta Pixel, or any third-party analytics scripts on the ad-admin.fifthboston.services dashboard.

6. Data Retention

Data TypeRetention Period
Account informationDuration of account + 90 days after closure
Campaign and creative dataDuration of account + 90 days
Impression and click records24 months (for reporting and fraud detection)
Payment records7 years (legal / tax requirements)
API and access logs90 days
Email correspondence3 years

After the retention period, data is permanently deleted from our systems. We do not archive or anonymize data as a substitute for deletion.

7. Your Rights

Depending on your location, you may have the following rights over your personal data. To exercise any of these rights, email ads@fifthboston.services with "Privacy Request" in the subject line. We respond within 30 days.

Access

Request a copy of the personal data we hold about you.

Correction

Request correction of inaccurate or incomplete data.

Deletion

Request deletion of your personal data, subject to legal retention requirements.

Portability

Request your data in a structured, machine-readable format.

Restriction

Request that we restrict processing of your data in certain circumstances.

Objection

Object to processing of your data for direct marketing purposes.

California residents have additional rights under CCPA, including the right to know what personal information is sold or disclosed and to whom (we do not sell personal information). To submit a CCPA request, use the same email address above.

8. Security

We take reasonable technical and organizational measures to protect your data. These include:

  • All data transmitted between your browser and our servers is encrypted via TLS 1.2+
  • API keys are hashed before storage; we cannot recover a lost key -- only reset it
  • Database access is restricted by IP allowlist and requires authenticated credentials
  • Cloudflare WAF and DDoS protection sit in front of all public endpoints
  • Access to production systems is limited to authorized personnel on a need-to-know basis

No system is perfectly secure. If you discover a vulnerability, please report it responsibly to ads@fifthboston.services before disclosing it publicly.

9. Children's Privacy

FifthBoston Ad Network is not directed at children under the age of 13. We do not knowingly collect personal data from children. If you believe a child under 13 has provided us with personal data, contact us immediately and we will delete it.

Advertisers targeting content that may appeal to children must comply with COPPA and obtain appropriate parental consent mechanisms independently.

10. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the effective date at the top of this page and send notice to the email associated with your account at least 14 days before changes take effect.

Continued use of the platform after the effective date of any changes constitutes acceptance of the updated policy.

11. Contact

For privacy-related questions, data access requests, or concerns:

FifthBoston Holdings
Email: ads@fifthboston.services
Subject line: "Privacy Request" (speeds up routing)
Response time: within 30 days of receipt