Advantage Security

Advantage by PrimeLSA is designed with security and data minimization as core principles. We take reasonable and industry-standard measures to protect customer data while providing analytics and insights for Google Local Services Ads.

This page outlines how we secure data, manage access, and handle retention.

User authentication is handled via Clerk, providing secure login and session management.

Access to the application is restricted to authenticated users. Internal administrative access is limited to authorized personnel only.

Advantage uses Google OAuth 2.0 to connect to Google Local Services Ads accounts. OAuth access and refresh tokens are stored securely on the server.

Tokens are used solely to access authorized Google APIs for product functionality. Users may revoke Google access at any time via their Google account or within the app.

Advantage accesses Google LSA data primarily in read-only mode. Limited write actions, such as replying to lead conversations, occur only if explicitly enabled by the user.

All data in transit is encrypted using HTTPS and TLS.

Secure connections are used for communications with Google APIs, OpenAI, Stripe, and internal services.

We store only the data required to operate the service. Lead and analytics data are retained for up to 30 days.

Older data is automatically deleted or overwritten as part of scheduled cleanup processes. Billing data is handled by Stripe, and payment card details are not stored on our servers.

Advantage integrates with third parties strictly for service delivery. OpenAI may be used to generate insights, summaries, and optional AI-powered features. Stripe is used for subscription and usage-based billing.

Data shared with these providers is limited to what is necessary for the requested feature.

The application is hosted on modern cloud infrastructure with built-in security controls.

Access to internal services is restricted using environment-based secrets and protected routes. Automated processes, such as scheduled cleanup tasks, are protected by internal authentication mechanisms.

Application events and errors are logged to support monitoring and debugging.

Lead data, analytics, and related metadata are retained for no longer than 30 days. Users may request account and data deletion at any time.

OAuth access can be revoked independently through Google. Details on data handling are available in our Privacy Policy.

If we become aware of a security incident that affects user data, we will investigate the issue promptly, take reasonable steps to mitigate impact, and notify affected users as required by applicable law.

Users are responsible for maintaining the confidentiality of login credentials, ensuring they have authority to connect Google accounts, and reviewing connected accounts and enabled features.

For security questions or concerns, contact PrimeLSA at info@primelsa.ai or (725) 567-5861.