CSCSCCStrategy StudioOpen command center

CSCC document

Privacy Policy

This policy explains how CSCC handles account, integration, creative, performance, and operational data for the brands and strategists that use the platform.

Last updated: April 30, 2026

Who We Are

CSCC is the creative strategy command center for performance marketers. The service connects to commerce, marketing, lifecycle, review, survey, analytics, and creative systems so teams can manage briefs, measure performance, and turn learnings into the next creative decision.

Information We Collect

We collect account information such as name, email address, brand membership, and role. When a brand connects providers, we process provider account identifiers, configuration, OAuth state, access tokens, scopes, sync logs, and provider-reported data needed to operate the service.

  • Commerce data such as stores, orders, products, customers, and customer journeys.
  • Marketing data such as ad accounts, campaigns, creatives, insights, and conversion configuration.
  • Creative strategy data such as findings, insights, concepts, briefs, taxonomy tags, and learning logs.
  • Lifecycle and customer experience data such as email, subscription, review, and survey records.
  • Operational data such as sync jobs, audit events, logs, errors, and connection health.

How We Use Information

We use information to authenticate users, enforce brand access, connect provider accounts, run sync jobs, resolve attribution, support the brief pipeline, surface operational health, and dispatch conversion events where configured by the brand.

Provider Connections

Connected providers may include Shopify, Meta, Google Ads, TikTok, AppLovin, Klaviyo, Slack, Recharge, Skio, Judge.me, Okendo, and KnoCommerce. The exact data processed depends on which providers a brand connects and which permissions are granted.

How We Share Information

We do not sell personal information. We share information only as needed to provide the service, operate infrastructure, comply with law, or send configured data back to connected providers on behalf of a brand.

Security

We use access controls, encrypted secrets, scoped provider credentials, and operational monitoring to protect customer and provider data. No system is perfectly secure, but we design the platform to limit access to authorized users and necessary service operations.

Data Retention

We retain information for as long as needed to provide the service, maintain auditability, comply with legal obligations, and support brand operations. Retention may vary by provider, data category, and contractual requirements.

Your Rights

Depending on your location, you may have rights to access, correct, delete, or restrict use of your personal information. Contact the CSCC operator responsible for your account to make a privacy request.

Changes

We may update this policy as the service changes. The latest version will be posted on this page with an updated date.

Contact

For privacy questions, contact the team that provisioned your CSCC access or your brand administrator.