passoagency.com/How it works
How it works

How we use your Google Ads data.

When you connect your Google Ads account on day zero, we read your campaign performance and reconcile it against your Shopify orders to build the strategy report. This page documents exactly which API calls we make, what we do with the data, and what we do not do.

Connecting your account

The connection runs through Google’s standard OAuth 2.0 flow. From the onboarding screen you click Connect Google Ads and are redirected to accounts.google.com, where Google asks you to authorise Passo to read your Google Ads data with the scope https://www.googleapis.com/auth/adwords. Once you confirm, Google redirects you back to passoagency.com/api/auth/google/callback with an authorisation code, which we exchange for a refresh token.

The refresh token is encrypted at rest with AES-256 and is the only credential we store. Each API call we make to Google derives a short-lived access token in memory only.

You can skip the connection.

If you would rather not connect Google Ads, click Continue. We will fall back to category-peer benchmarks for the report. Most merchants connect because the report is materially better with their own data.

What we read

At the access tier we have applied for (Basic), every Google Ads API call we make is read-only, called from a server-side worker against the latest stable Google Ads API. Your browser never receives or sees Google Ads tokens.

The fields we pull, and what they power in the report:

ResourceFieldPurpose in the report
campaign name, status, advertising_channel_type, bidding_strategy_type Lists your active campaigns in the strategy report and tells the recommendation engine what type of campaign each one is.
campaign campaign_budget.amount_micros Aggregates your committed daily and monthly Google Ads spend for the audit section.
ad_group / ad_group_ad name, headlines, descriptions, ad_strength Used to reference specific creatives in the strategy narrative (“your highest-performing search ad currently is…”).
keyword_view text, match_type, status, metrics by keyword Powers the keyword-level performance read-out in the audit section, including which match types and keywords are pulling weight.
search_term_view search_term, status, metrics by query Surfaces the actual customer queries that triggered your ads. The report calls out top converting queries and queries spending without converting.
product_group_view / shopping_performance_view listing group dimensions, product item id, metrics by product Ties Google Ads spend on Shopping and Performance Max campaigns back to specific Shopify SKUs so the report can show product-level Google Ads performance.
change_event change_date_time, change_resource_type, user_email, old_resource, new_resource Lets the report comment on recent activity in the account, for example when a campaign was last edited or when budgets were last changed.
metrics impressions, clicks, cost_micros, conversions, conversions_value, all_conversions, cost_per_conversion The core performance numbers reconciled against Shopify revenue to compute cost per acquisition and channel ROAS.
geo_target_constant name (resolved from geo IDs) Translates location targeting IDs into human-readable names for the geography section of the report.

Each merchant generates roughly ten GAQL queries on day one across the resources above, then a single daily refresh query. Steady-state load is around 30 read operations per merchant per day, well inside the Basic tier quota.

What we do not do

  • We do not create, pause, edit, or delete any campaigns, ad groups, ads, keywords, audiences, budgets, or conversion actions in your Google Ads account.
  • We do not call any mutate method on the Google Ads API, including RecommendationService.applyRecommendation.
  • We do not resell, export, or share your Google Ads data with any third party. It is not visible to other merchants on the platform; it is partitioned by Postgres Row-Level Security.
  • We do not use your Google Ads data to train generalised machine-learning models that would be applied to other merchants without explicit opt-in.

If at some future date we add the ability to apply recommendations directly inside Passo, we will apply for Standard Access first and announce that change in advance. Until then, recommendations are displayed in the dashboard and you click through to Google Ads to action them yourself.

Storage and retention

All Google Ads data lives in a single Supabase-managed Postgres database hosted in the EU (eu-west-2). Each merchant’s rows are protected by Row-Level Security policies; an authenticated request can only ever read the rows belonging to its own merchant context.

Raw report rows are kept for 13 months rolling, long enough for year-on-year comparisons, then aggregated to weekly summaries and the row-level detail is deleted.

Refresh tokens are encrypted with AES-256 using a per-environment key managed in Vercel’s encrypted environment variables. The developer token is server-side only; it is never sent to the browser or written to logs.

Disconnect and deletion

From the dashboard settings page you can click Disconnect Google Ads at any time. We issue a token revocation call to oauth2.googleapis.com/revoke and delete the encrypted refresh token from our database immediately.

If you uninstall the Shopify app entirely, all Google Ads-derived data, including raw report rows, aggregates, and the refresh token, is deleted within 30 days, alongside everything else we hold for your store. The full retention schedule is in our privacy policy.