Our website uses cookies to enhance your experience. Necessary cookies are always enabled.

Contact opnemen Richard

TJ-DA S2S App — App Homepage & Privacy Policy

Last updated: November 28, 2025
Owner/Operator (Controller): Thijs Joosten Digital Acquisition
Contact: thijs.joosten@tj-da.com

About this app (App Homepage)

What it does
The TJ-DA S2S App is a WordPress integration that enables advertisers to measure server-to-server (S2S) conversions for Google Ads and keep GA4 revenue reporting consistent. After an administrator authorizes the connection, the app can read conversion actions and upload S2S conversions (including Enhanced Conversions for Leads).

Who uses it
Only site owners/administrators on tj-da.com or TJ-DA-managed client sites. End users (site visitors) do not authorize anything; authorization is performed by an administrator.

Scopes (minimum required)

  • https://www.googleapis.com/auth/adwords (Google Ads – sensitive scope)

  • (Optional identity only) openid, email, profile
    We do not request Gmail/Drive/Calendar/YouTube or other Google product scopes.

How it works (in brief)

  1. An admin authorizes the app via Google OAuth.

  2. The app can list conversion actions/labels and upload server-side conversions to the authorized Ads account.

  3. For Enhanced Conversions, email/phone identifiers are normalized and SHA-256 hashed before upload.

Support & documentation
Email thijs.joosten@tj-da.com.

Privacy Policy (Google APIs User Data Policy Addendum)

This policy explains how the TJ-DA S2S App accesses, uses, stores, shares, and retains Google user data obtained via the Google Ads API. It supplements our general privacy policy.

1) Scope

This policy applies to Google user data accessed only through the Google Ads scope listed above. The app does not access content from other Google products (e.g., Gmail/Drive).

2) Data Controller & Contact

  • Controller: Thijs Joosten Digitial Acquisition

  • Address: Weegsteen 8, Amersfoort, 3823GC, Nederland

  • Email: thijs.joosten@tj-da.com

3) Data Accessed (what we access)

After explicit admin authorization, and within the adwords scope, the app may access:

  • Account & configuration metadata: Google Ads customer ID and related account details required to link conversions.

  • Conversion actions/labels: to display selectable actions and ensure correct mapping.

  • Conversion uploads: ability to upload offline/server-side conversions to the authorized Ads account.

Non-Google data processed for conversion uploads (first-party website data):

  • Order/lead details (e.g., order ID, value/currency, product items) from your website.

  • Identifiers for Enhanced Conversions (optional): email and/or phone — normalized (e.g., lowercase/trim/E.164) and SHA-256 hashed before upload to Google.

4) Data Usage (how we use data)

We use the above data solely to:

  • configure and display conversion actions/labels;

  • upload server-side conversions (including Enhanced Conversions for Leads) to your own Ads account;

  • enable reporting/optimization in Google Ads;

  • perform technical diagnostics and security (limited, non-sensitive logs).

We do not sell data, profile users for unrelated purposes, or use Google user data outside of advertising measurement for the authorized account.

5) Data Sharing (who we share with)

  • Google Ads: conversion uploads and retrieval of conversion actions occur directly with Google Ads.

  • Processors/sub-processors: hosting, security, and optional logging/monitoring providers acting on our behalf under contractual confidentiality and security obligations.

  • We do not sell Google user data and do not share it with third parties for their own independent purposes. We may disclose data if required by law.

6) Data Storage & Protection (how we store/protect)

  • Tokens & secrets: OAuth tokens are stored locally in the WordPress database of your site and are visible only to users with administrator privileges. Tokens/secrets are not logged.

  • Transport security: all communication with Google and the admin interface uses HTTPS/TLS.

  • Access control: admin-only settings, WordPress nonces/CSRF protection, and (recommended) 2FA for admin accounts.

  • Identifier hashing: email/phone for Enhanced Conversions are normalized and SHA-256 hashed prior to upload.

  • Backups: part of regular server/hosting backups with access controls; backups observe the same deletion timeframes.

7) Data Retention & Deletion (how long we keep it / how to delete)

  • OAuth tokens: retained until an admin clicks Disconnect or the user revokes access at myaccount.google.com; upon disconnect/revocation, tokens are deleted.

  • Operational logs: limited technical logs (no raw identifiers) are kept for up to [90 days] for troubleshooting, then deleted.

  • Order/lead data: remains within your own WordPress/WooCommerce/CRM systems; we do not store it outside your environment.

  • Deletion requests: email thijs.joosten@tj-da.com with subject “Data deletion – TJ-DA S2S App.” We will remove admin-side logs/tokens within 30 days (subject to legal retention requirements).

8) Your Choices & Controls

  • Revoke access: admins can click Disconnect in the app, or revoke access in Google at myaccount.google.com.

  • Data subject rights (GDPR): you can exercise rights of access, rectification, restriction, deletion, and portability by contacting thijs.joosten@tj-da.cm.

  • Opt-out: you can stop using the app, disconnect, and uninstall the plugin at any time.

9) Legal Bases (GDPR)

Processing is based on:

  • Performance of a contract with the site owner (providing measurement functionality), and/or

  • Legitimate interest of the site owner to measure advertising conversions (Article 6(1)(f) GDPR).
    Where required, the app supports honoring user consent for advertising measurement.

10) International Transfers

Google LLC may process data outside the EEA. Google provides appropriate safeguards (e.g., EU-US Data Privacy Framework / SCCs). See the Google Privacy Policy for details.

11) Children

This app is not intended for children. No child-specific profiles are created.

12) Changes to this policy

We may update this policy. Material changes will be posted on this page with an updated date.

Data Deletion Instructions (quick steps)

  1. In WordPress admin, open TJ-DA S2S App → Disconnect (removes tokens).

  2. Optionally, revoke access in Google: myaccount.google.com → Security → Third-party access.

  3. If desired, uninstall the plugin and remove server logs/backups per your internal policies.

  4. Email thijs.joosten@tj-da.com for confirmation or additional requests.

App Identity & Domain Ownership

  • App name: TJ-DA S2S App (Google Ads & GA4)

  • Owner: Thijs Joosten Digital Acquisition

  • Primary domain: tj-da.com (verified in Search Console)

  • Support: thijs.joosten@tj-da.com

  • Privacy contact: thijs.joosten@tj-da.com