We're asking you for the keys to your ad account.Here's what we do to deserve them.
Most tools bury this in a policy page nobody reads. But you're about to hand a stranger on the internet a credential that can spend your money — so you should know exactly how it's held, in words that mean something.
Your ad tokens are encrypted before they touch our database
A Meta or TikTok token is a key to your ad account — with the wrong permissions it can spend your money. So we treat it like a credit card, not a config value. Every token is encrypted at rest, and the key that unlocks it is not stored in the database. A stolen copy of our database is useless on its own.
Once you save a token, it is never sent back to your browser. Not to you, not to anyone. It goes in once and stays in.
Your money never passes through us
Sales go directly to your own Stripe account. We are not a middleman holding your balance, we do not take a cut of your sales, and we never see a card number. If git-royal disappeared tomorrow, your Stripe account and everything in it would be entirely unaffected.
We can't lose money we never hold.
Your fan list is yours — including the right to leave with it
Fan emails belong to you, not to us. They can be forwarded straight to your own email provider as they arrive, and you can export everything we hold about you as a single file, any time, from your settings — no support ticket, no waiting.
A platform that holds your audience hostage isn't a partner. It's a landlord.
We only ask for the narrowest permission that works
Tracking your conversions needs one kind of access. Letting us build audiences for you needs a far more powerful one — the kind that can spend money. Those are separate, and the powerful one is entirely optional. Most artists never need it, and we say so on the page where you'd add it.
If a tool asks for more access than the job requires, that's the tell. We'd rather ask for less.
Ad measurement is consent-gated, and it fails closed
For visitors in the EU, EEA and UK, nothing is sent to an ad platform unless they've explicitly agreed. That decision is made on our servers, not in the visitor's browser — because a check the browser performs is a check the browser can skip. If we can't confirm consent, we don't send. Silence is not permission.
We'd rather lose a data point than a person's trust.
How to spot someone pretending to be us
This is the part worth actually remembering. The likeliest way you get robbed is not a breach of our servers — it's an email that looks like it came from us, or from Meta, telling you to “reconnect your account” within 24 hours.
git-royal will never email you asking for a token, a password, or a login.
Not once. Not for “verification”, not for “urgent account review”, not ever. If an email asks you to click through and enter a credential, it is not from us — no matter what the logo looks like. The same is true of Meta: real enforcement notices live inside Business Manager, not in a button in your inbox.
When in doubt: don't click the link. Type the address in yourself and go look. An urgent deadline is the oldest trick there is — and a real one will still be there in ten minutes.
No security theatre
We're a small team, and we're not going to pretend we have a compliance department. What we have is a rule we actually follow: we don't publish a promise the code doesn't keep. Every claim on this page is something the system enforces today, not something on a roadmap. When we find a gap between what we said and what we do, we close the gap — and if we can't close it, we change what we said.
You can disconnect any ad platform from your settings in one click, and revoke us from Meta's side entirely without asking our permission. You can export everything we hold about you, and you can delete your account outright — no email, no retention call, no dark pattern.
If you find something wrong, tell us: support@git-royal.com. We'd much rather hear it from you than read about it later.
Now you know how we'd treat your keys.
Free to start. Nothing to connect until you want to.
Start free