Security

1. Data Security

Keenbid uses reasonable technical and organizational safeguards to protect customer data.

We apply security practices such as:

• Encryption in transit using HTTPS/TLS
• Encryption at rest where supported by our infrastructure providers
• Access controls for internal systems
• Role-based access control for customer workspaces
• Secure credential handling for connected integrations
• Monitoring and logging for system activity
• Regular review of permissions and access needs

2. Apple Ads and Integration Credentials

When customers connect Apple Ads, MMPs, analytics tools, or other integrations, Keenbid only uses those credentials to provide the requested service.

We use integration access to:

• Read advertising and performance data
• Generate reports and recommendations
• Execute approved or configured actions
• Maintain data freshness and system health

We do not ask for or store Apple ID passwords.

Where API keys, private keys, OAuth tokens, or other credentials are used, they are stored using secure practices and are not displayed again after being saved.

3. Role-Based Access Control

Keenbid supports role-based permissions so teams can control who can view, approve, configure, or manage account settings.

4. Human-Controlled Automation

Keenbid is designed around human-in-command automation.

AI recommendations are intended to be explainable, reviewable, and reversible. Customers can choose how much automation to enable.

Controls may include:

• Approve, edit, or reject recommendations
• Safety guardrails for bid and budget changes
• Role-based approval requirements
• Action logs and audit history
• Ability to pause or disable automation rules
• Confirmation for high-risk actions

5. Audit Logs

Keenbid keeps audit logs to help customers understand what changed, when, and by whom.

Audit logs may include:

• User actions
• Approved recommendations
• Edited recommendations
• Rejected recommendations
• Automation rule changes
• Integration changes
• Campaign, ad group, keyword, and ad actions
• Timestamp and actor information
• Model or system reason where applicable

6. Data Access and Least Privilege

We aim to limit access to customer data to personnel and systems that need it to operate, support, secure, or improve the service.

Internal access is granted based on job responsibilities and reviewed periodically.

7. Infrastructure and Hosting

Keenbid is hosted using reputable cloud infrastructure providers.

Our infrastructure is designed to support:

• Secure application hosting
• Data backup and recovery practices
• Monitoring and alerting
• Scalable service availability
• Environment separation where appropriate

8. Data Retention and Deletion

Keenbid retains customer data for as long as needed to provide the service, meet legal obligations, support billing, maintain audit logs, and resolve disputes.

Customers may request deletion of account data, subject to legal, security, billing, and audit log retention requirements.

9. Incident Response

If we identify a security incident that affects customer data, we will investigate, take appropriate containment steps, and notify affected customers when required by law or contractual obligations.

10. Third-Party Service Providers

Keenbid may use trusted service providers for hosting, analytics, payments, email, support, and infrastructure operations.

We evaluate service providers based on security, reliability, and business need.

11. Customer Responsibilities

Customers are responsible for:

• Using strong passwords
• Protecting account credentials
• Managing user access
• Removing users who no longer need access
• Reviewing automation settings before enabling them
• Ensuring they have authority to connect Apple Ads and MMP accounts
• Complying with Apple Ads and MMP platform terms

12. Security Questions

If you have security questions or need information for vendor review, contact us:

Email: security@keenbid.com