Last updated: April 2026
Tixy Labs Ltd ("Tixy Labs", "we", "our", "us") is a paid media consultancy registered in England and Wales. We operate as a data controller in respect of personal data collected through this website and through the delivery of our services.
For any data protection queries, contact us at: hello@tixylabs.co.uk
We may collect the following categories of personal data:
We apply data minimisation principles and collect only data that is necessary for the stated purpose. We do not collect personal or sensitive data (such as email addresses, phone numbers, physical addresses, gender, or demographic information) from end users of client campaigns without explicit consent.
We use personal data solely for the following purposes and will not process it for any other purpose without prior disclosure:
We do not use client advertising data for any purpose beyond the scope of the contracted engagement. We do not build, modify, or augment user profiles using device identifiers or tracking mechanisms without explicit consent. We do not sell, license, or transfer advertising data to third parties for their own commercial purposes.
We process personal data under the following legal bases as defined by UK GDPR and applicable data protection law:
Tixy Labs uses the Meta Marketing API to access and manage client advertising accounts on Meta platforms (Facebook and Instagram). This access is granted exclusively by the account holder and is governed by Meta's Platform Terms and Meta's Developer Policies.
Through this API access we may read and manage the following data types: campaigns, ad sets, ads, ad insights (performance metrics), ad account configurations, and conversion event data.
Data use restrictions: Meta platform data is used solely for the purposes of managing and optimising the authorised client's advertising campaigns. It is not used for any other commercial purpose, not combined with data from other sources for profiling, and not shared with any third party except as required to deliver the contracted service.
Data segregation: Data from each client's advertising account is maintained separately and is never combined with or accessible to other clients.
Custom audiences: Where custom or lookalike audiences are created on behalf of clients, Tixy Labs operates on the basis that the client has obtained all necessary consents from end users for the use of their data in audience-building tools, in accordance with Meta's policies and applicable law. Tixy Labs will not create audiences using data for which consent has not been confirmed by the client.
AI-generated content: Where AI tools are used to assist in ad creative or copy generation, this will be disclosed to the client. Any such content is subject to review and approval before publication.
Data source declaration: Tixy Labs declares the source of all data used in client campaigns, including for remarketing and cross-platform tracking, in accordance with Meta's 2026 compliance requirements.
Revoking access: Clients may revoke Tixy Labs' access to their Meta advertising accounts at any time via Meta Business Manager → Settings → Partners. Upon termination of engagement, all API access credentials relating to the client account will be revoked or deauthorised.
In addition to Meta, we may connect to the following platforms on behalf of clients:
All platform connections are established only with explicit written authorisation from the client. Data accessed via these integrations is used solely for delivering contracted services.
We do not sell, rent, or trade personal data. We may share data only in the following circumstances:
We maintain administrative, physical, and technical safeguards that meet or exceed industry standards to protect personal data against unauthorised access, disclosure, alteration, or destruction. These include access controls, encrypted storage, and secure API credential management.
In the event of a data breach or unauthorised access to platform data, we will take immediate corrective action, notify affected parties as required by law, and report the incident to Meta and any other relevant platform through their respective incident reporting channels.
We retain personal data only for as long as necessary to fulfil the purposes described in this policy, or as required by law. Client advertising data is retained for the duration of the engagement and for up to 12 months thereafter, unless a different period is agreed in writing or deletion is requested earlier.
Platform data obtained via Meta APIs will be deleted when it is no longer needed for the contracted purpose, when the client engagement ends, or upon written request — whichever comes first. We will not retain Meta platform data beyond what is permitted under Meta's Platform Terms.
Under UK GDPR and applicable data protection laws, you have the right to:
To request deletion or exercise any of your rights, contact us at hello@tixylabs.co.uk. We will respond within 30 days. This right is available to all users and clients who interact with Tixy Labs.
You also have the right to lodge a complaint with the Information Commissioner's Office (ICO).
This policy is designed to comply with applicable privacy laws including but not limited to:
This website may use cookies and similar technologies to understand how visitors use the site. These are used for analytics purposes only and do not track you across third-party websites. You can disable cookies in your browser settings at any time.
We may update this policy from time to time to reflect changes in our practices or applicable law. The most current version will always be available at this URL. All previous versions are retained and available upon request. Continued use of our services following any material changes constitutes acceptance of the updated policy.
This policy does not replace, modify, or conflict with Meta's Platform Terms, Meta's Developer Policies, or any other applicable platform policies.