Security by design, control by you

Minimum permissions. Maximum transparency. Your data, your rules.

Our security principles

Built from the ground up with your security in mind.

We request only the permissions we need and give you full control over your data at every step.

BidHelm starts in read-only mode. We can analyze your campaigns but can't change anything until you explicitly enable write access.

We only request the permissions we need — nothing more. No access to billing, payment methods, or personal data.

Every action logged with timestamps, reasoning, and before/after data. Export anytime for your records or compliance.

Your Google account, your control. Revoke BidHelm's access instantly from Google Account settings — no support needed.

OAuth scopes we use

Transparency is core to how we operate. Here are the exact scopes BidHelm requests from your Google account.

Read
View campaign structure, settings, budgets, and performance metrics. Required to analyze your account.

Read
Access keyword performance and search query data. Required to identify waste and optimization opportunities.

WriteOptional
Pause/enable keywords, adjust budgets, add negatives. Only enabled when you activate PRO autopilot mode.

Data handling

Your Google Ads data is handled with care. Here is exactly how we store, protect, and manage your information.

All data encrypted at rest and in transit. OAuth tokens stored securely with industry-standard encryption.

Optimization logs kept for 180 days. Alex messages for 45 days. Delete your account and all data is removed.

We use DodoPayments for billing, PostHog for analytics, and Crisp for chat. None have access to your Google Ads data.

Every optimization can be reversed instantly. We keep history so you can undo any change Alex makes.

Billing information, payment methods, personal customer data, or any data outside of Google Ads campaign management.

Alex can find and eliminate that waste automatically.