Reviewer guide
This guide is for platform reviewers assessing Maivas's request for production API access (for example Meta App Review and Google OAuth verification). It explains what Maivas is, why it needs each permission, how connected-account data is handled, and how to test the integration end to end. Maivas is operated by Move Me Media Pty Ltd (ACN 699 626 385).
Key documents:
- Privacy Policy: https://maivas.ai/docs/legal/privacy.html
- Terms of Service: https://maivas.ai/docs/legal/terms.html
- Security and Data Handling: https://maivas.ai/docs/legal/security.html
- Data deletion: https://maivas.ai/docs/legal/data-deletion.html
- Full document pack: https://maivas.ai/docs/
1. What Maivas is
Maivas is a marketing service for gyms, studios and clinics. A business owner signs in, gives Maivas knowledge about their business, and connects their own marketing accounts. Maivas plans campaigns and produces marketing assets, and, after a human approves, it carries out the approved action inside the owner's connected accounts. A person is always in the loop, and any action that spends money requires a human to approve it.
Maivas acts on behalf of the business that owns the connected account. It never accesses an account the user has not explicitly connected and authorised, and there is no open or public endpoint: all access runs through the authenticated app on the owner's behalf.
2. How access works
- The business owner connects an account through the standard OAuth flow for that platform, granting only the scopes listed below.
- The resulting tokens are encrypted before storage, with the keys held separately from the database, and are never exposed to the browser. See the Security page. A detailed security overview (encryption, tenant isolation, access controls, incident response) is available to reviewers on request at info@movememedia.com.au.
- The owner can disconnect any account at any time from the Integrations screen, which removes the stored credential promptly.
3. Test access
Request a review workspace and we will provide:
- a test account (email and password) for a seeded demo business ("Maivas Review Workspace") with sample campaigns and connected sandbox accounts; and
- a walkthrough recording, if required by the platform.
Contact for review access and questions: info@movememedia.com.au.
4. Meta permissions requested and why
[Confirm the exact permission strings against the current Meta app configuration before submission. The table below states the intended use for each capability Maivas relies on.]
| Capability / permission | Why Maivas needs it | Data touched | Where it is stored |
|---|---|---|---|
ads_management |
Create and manage ad campaigns, ad sets and ads in the owner's ad account, after the owner approves | Campaign structure and creative that Maivas produced and the owner approved | Campaign metadata in Maivas; the ads live in the owner's Meta account |
ads_read |
Read ad performance to report results and inform the next campaign | Aggregated performance metrics (spend, reach, results) | Aggregated metrics in Maivas |
business_management |
Operate within the owner's Business Manager to reach the connected ad account and assets | Business and ad-account identifiers | Connection metadata in Maivas |
pages_show_list, pages_read_engagement |
Identify and select the owner's Page for ad delivery | Page identifiers and public engagement metrics | Connection metadata in Maivas |
instagram_basic |
Link the connected Instagram account for ad delivery | Instagram account identifiers | Connection metadata in Maivas |
Maivas does not read private messages, does not export a business's audience for use elsewhere, and does not use one business's Meta data to benefit another. It acts only inside the account the owner connected.
5. Google scopes requested and why
[Confirm the exact scope strings against the current Google Cloud OAuth configuration before submission. Google Ads API also requires a developer token; Google Drive is a restricted scope and may require a CASA security assessment.]
| Scope / API | Why Maivas needs it | Data touched | Where it is stored |
|---|---|---|---|
| Google Ads API | Create and manage search and performance campaigns after owner approval, and read performance | Campaign structure Maivas produced; aggregated performance | Campaign metadata and aggregated metrics in Maivas; ads live in the owner's Google Ads account |
| Google Business Profile API | Manage the owner's business listing (posts, details) after approval | Business listing content | Connection metadata; content the owner approved |
| Google Analytics 4 (read) | Read website and campaign analytics to report results | Aggregated analytics | Aggregated metrics in Maivas |
Google Drive (drive.file, if used) |
Store and retrieve the brand assets the owner chooses to share | Only files the owner opens or creates with Maivas | File metadata in Maivas; bytes in the owner's Drive or Maivas storage as configured |
Where Drive access is requested, Maivas seeks the narrowest scope that meets the need (for example
drive.file rather than full Drive) and will complete any required security assessment.
6. Data handling summary for reviewers
- Purpose limitation. Connected-account data is used only to plan, produce and deliver the owner's own marketing, and to report on it. It is not sold, not shared for third-party marketing, and not used to train general-purpose AI models.
- No cross-tenant use. Row-level security isolates every business. One business's connected-account data is never used to serve another. Any cross-business learning is de-identified and aggregated only.
- Least privilege and revocation. Only the scopes needed are requested, and the owner can revoke any connection at any time.
- Human in the loop. Outbound actions require human approval, and spend always requires a person.
7. Test script
Using the review workspace:
- Sign in with the provided test account.
- View a connection. Open Integrations and confirm the seeded connection shows as connected, with no secret ever visible in the UI or network responses.
- Produce an asset. Open a campaign and view the generated brief and creative (already produced in the seed data).
- Approve. On the Approve screen, approve an asset and observe that publishing is gated behind this human approval.
- Ship (sandbox). With sandbox connections, confirm the approved action is sent to the connected account, and that Maivas reports back aggregated performance.
- Disconnect. In Integrations, disconnect an account and confirm the connection is removed.
- Data deletion. Follow the deletion path in the Privacy Policy, or use the in-app request, to confirm a business can have its data removed.
[Confirm that steps 5 and 6 are live in the review build at submission time. Where the publish path is not yet enabled for a given platform, describe it as sandbox or state clearly what is live, so the reviewer tests only what exists.]
8. What reviewers cannot do
- There is no public endpoint; access is only through an authenticated, role-scoped account.
- Reviewers cannot access another business's data; tenant isolation prevents it.
- Reviewers cannot read stored credentials; they are encrypted and never exposed to any client.