Does Your AI Agent for Google Ads Comply With Your Client NDAs?

In my last article I wrote about why AI agents for Google Ads are only as good as the business context you feed them. The ICP, the offer, the unit economics, margins, lifetime value, churn, what worked and what didn't in previous campaigns.

That context is what separates a useful agent from a generic one. But there's a side of this conversation that almost nobody is having: where does that data actually go?

What "Business Context" Actually Means

When I set up an agent for a client, I'm not just loading in campaign structure and keyword lists. I'm loading in sensitive business information. The kind of information that is covered by an NDA.

Client lifetime value. Margins. Churn rates. Revenue targets. Competitive positioning. Internal Slack conversations. Email threads. Strategic pivots. Information a client shared with me because they trust me with it, and because I signed a legal document making me liable if it leaks.

This is no different from the information flow that has always existed between a business and its marketing consultant. The client gives you sensitive data so you can make better decisions. You sign an NDA. You are responsible for protecting it.

The difference now is that AI agents need that same data to function well. And if you're not careful about where that data goes when you feed it to an agent, you may be in breach of your NDA without realising it.

The Problem With Cloud-Based and SaaS Agent Tools

This is where the "plug it in and run your ads" crowd goes quiet.

Most out-of-the-box agent tools are cloud-based. When you upload business context, whether that's a document, a data file, or a conversation thread, that data is transmitted to and processed on third-party servers. It may be stored. It may be used to train models. It may sit in a database you have no visibility into or control over.

Read the terms of service carefully on most of these tools and you will find that the data you upload is processed by infrastructure you did not vet, in jurisdictions you may not have considered, under retention policies that may not align with your client agreements.

If your client gave you their margin data under NDA and you uploaded it to a SaaS agent platform without their knowledge, you potentially just violated that agreement. Not maliciously or carelessly by your own standards, but legally and practically, the data left your control the moment you hit upload.

This is not a hypothetical risk. It's a live one, and most practitioners using these tools have not thought it through.

There's also a subtler problem. Competitive intelligence. If you're managing accounts for two clients in the same vertical and feeding detailed competitive landscape data into a shared cloud platform, you need to think carefully about data isolation. Not all platforms guarantee it.

How I Handle It

Every client I work with has their own business context file stored locally on my machine. A structured markdown file that I update whenever something material changes: a new objective, a shift in the competitive landscape, a change in pricing or margins, a campaign learning that needs to carry forward.

This file contains everything the agent needs to do its job properly. Unit economics, LTV, churn, margin data, historical campaign context, what worked, what didn't, internal communications that provide strategic background. The full picture.

None of it lives in the cloud. None of it is transmitted to a third-party server. The agents I use with Claude Code run locally, pulling from local files, processing within an environment I control. When a session ends, nothing is retained elsewhere.

This matters because it mirrors the security model I've always operated under. A client gives me sensitive data. I use it to do my job. I don't pass it on to third parties. The fact that an AI agent is now part of my workflow doesn't change that obligation. It just means I have to be more deliberate about the infrastructure I choose.

What You Should Be Asking Before You Feed Data to Any Agent

If you're using AI agents in your Google Ads workflows and loading in sensitive client data, these are the questions worth sitting with.

Where is this data processed? Is it on a third-party server, or within an environment you control?

Is it stored after the session ends? If so, for how long, and under what conditions?

What does the platform's terms of service say about data usage? Is your data used to improve their models?

Does your client NDA cover third-party data processors? Many don't, because they were written before this was a realistic scenario. That's your problem to flag, not theirs to anticipate.

Do your clients know how you're using their data? They don't need a technical briefing, but they do deserve to know that AI tooling is part of your workflow and that you've taken steps to protect their information.

The Bottom Line

AI agents for Google Ads require sensitive business data to work properly. That's not optional. Generic context produces generic output.

But feeding sensitive data into tools you haven't vetted is a liability, both legally under your NDA obligations and professionally in terms of client trust. The convenience of a cloud-based plug-and-play solution is real. So is the risk.

Storing context locally, working within controlled environments, and being deliberate about what goes where isn't the most exciting part of building an AI-assisted workflow. But it's the part that means you can actually use one without putting your clients or your business at risk.