ADLOOX PRIVACY POLICY

UPDATED : 2019 JANUARY 16

Adloox SAS and its subsidiaries (“Adloox,” “we,” “us,” or “our”) is an Advertisement verification and measurement company that builds verification, optimization, and analytics solutions and sells Technology Solution to its Clients.

The protection and security of your data is an important concern for us and we know that you care about how your information and personal data (Personal Data) is collected, used, shared, and retained. We have therefore taken technical and organisational measures to protect your data from loss, destruction, deliberate manipulation and unauthorised access from third parties. In addition to this, we use your data exclusively in compliance with the relevant data protection regulations.

Data protection regulations means EU Directive 95/46/EC and EU Directive 2002/58/EC, as transposed into domestic legislation of each EU member state including the Data Protection Act 2018 and as amended, replaced or superseded from time to time, including by the EU General Data Protection Regulation 2016/679 (“GDPR”) and laws implementing or supplementing the GDPR;

We operate the website www.adloox.com (Web Site) and the online services www.adloox.io (Online Services) and are responsible for collecting, processing and utilising your personal data.

This Privacy Policy applies to Personal Data collected when you visit our websites or access our Online Services.

This Privacy Policy also applies to Personal Data collected through the verification, optimization, and activation technology solutions (“Technology Solutions”) that we provide to our clients through various channels, including our Client Portal, which allow our clients to track marketing performance, to match users to their campaigns, and to understand how users engage with a client’s advertisements, websites, and mobile applications, as the case may be.

In the following document, we will inform you on which personal data we collect and store, how this data is used and what rights you have regarding this.

I. WEB SITE AND ONLINE SERVICES

A. PERSONAL DATA WE COLLECT; PURPOSE OF COLLECTION AND USE; LEGAL BASIS AND DATA RETENTION

Personal Data we may collect from you through our Website and Online Services.

Contact Personal Data. We collect business contact information from visitors and clients who wish to obtain information or support, or to purchase our Technology Solutions. Contact information is provided via browser forms, online order forms, email, and during events via submission of business cards or physical forms and include first name, last name, business email address, job title, name of the organization, country, business phone number, and organization type.

Use of Contact Personal Data. Personal Data submitted to our websites is used by our marketing, sales, support, and solutions teams to contact you so that we can provide the requested information, support, or Technology Solutions. We also use Contact Personal Data and other Personal Data collected pursuant to this Privacy Policy to respond to general inquiries, solicit feedback regarding our Technology Solutions, the Online Services and support, provide relevant content on our Website, and to communicate with you via email regarding our current and future Technology Solutions.

Legal Basis and Retention Period. We only collect data for this purpose that you consent to communicate to us. We keep your Personal Data as long as your user account is active and during three years after your last login to your account or after your last contact with us.

Billing Personal Data. We collect billing and payment information from our clients, which may include a purchase order number, and account number, or instructions for wire transfers and/or ACH transfers. When payment is made by credit card, we use third-party credit card processors. The billing and payment Personal Data is used to prepare and send invoices, make and receive payments, and manage client accounts.

Legal Basis and Retention Period. We only collect Billing Personal Data that you consent to communicate to us. We keep your Personal Data as long as your user account is active and during ten years after your last transaction with us for tax and accounting purposes.

Cookies and other tracking tools. We use cookies on our Website and Online Services. Cookies are small files which are stored on your device and contain information about certain settings and data used by your browser when visiting our website. Cookies allow us to adapt our Website and Online Service to the needs of the user, to analyse their usage behaviour when visiting our Website or use our Online Services or to help identify the user anonymously, so that they do not have to log in every time. No personal data are collected with cookies, unless you have given us your express consent. If you do not want to enjoy the advantages of cookies, it’s possible to change your browser settings to block cookies, or inform you before a cookie is saved. In addition to this, you are able to delete cookies from your device after they have already been saved. However, certain features of our website do not fully function without the use of cookies.

B. THIRD PARTY SERVICES AND CONTENT

1. Google Analytics
In order to analyse and optimise our Web Site and our Online Service, we make use of Google Analytics. Google Analytics is a web analytics service provided by Google Inc., which uses cookies to provide information about website usage. The information generated, including IP addresses, is generally transferred to Google’s servers in the USA and stored there.

Google uses the information on our behalf to evaluate the way users interact with our website and to compile reports about this usage. User profiles, with pseudonyms, are created using this data. We only use Google Analytics with the IP address anonymisation function (anonymizeIP), which anonymises or hides the IP addresses before they are saved or processed. If you don’t wish to participate in Google Analytics, you can install a browser add-on to deactivate it.

He information generated by cookies and web beacons about the usage of this website (including your IP address) and the delivery of advertising formats are transmitted to a Google server in the USA and stored there. This information can be given by Google to contractors of Google. Google will not link your IP address with any other data stored by Google.

You may refuse the use of cookies by selecting the appropriate settings on your browser, but we point out, that in that case, you might not be able to take full advantage of all the features of our website.

By using our website, you agree to the processing of data Google collected about you in the manner described above and for the above-mentioned purposes.

2. Social Media
Buttons for Facebook, LinkedIn and Twitter are integrated in to our Website. The logo of each company is used for the corresponding button. As soon as you actively click on one of these buttons, a new window opens and you will be forwarded to the page of our corresponding social media profile. This also establishes a direct connection between your browser and the social media’s server, and sends a message that your IP address has visited our website. If you are also a user of the social media provider and are logged in to your account, they are also able to see that your social media profile visited our website. We have no influence on the collection or use of your data carried out by the social media providers. For more information on their individual data protection policies, click here: Facebook, LinkedIn, Twitter.

C. YOUR LEGAL RIGHTS

On request, we can inform you if we have any personal data from you, and which data we have stored. You can also retract the processing and use of your personal data at any time. In accordance with legal requirements, we can correct, block, or delete your personal data.

If you would like to make use of your legal rights or if you have any questions regarding our data protection, send us an email: rbellion@adloox.com

II. ADLOOX' TECHNOLOGY SOLUTION

A. Data We Collect; Purpose of Collection and Use; Legal Basis and Data Retention

Our accredited Technology Solutions serves both advertisers and media sellers by providing independent, third-party verification measurement. By analyzing information about ad impression delivery and website traffic on behalf of its Clients, Adloox verifies whether the media has met or failed expectations based on characteristics that include the brand safety of a webpage, the viewability of the ad placement, the existence of ad fraud, as well as additional contextual variables. Measurement is available across both browser and app environments for mobile and desktop devices. Adloox collects and surfaces this data to increase trust and transparency for its Clients. The data collected can be used by Clients to proactively prevent advertising on undesirable and/or low-quality inventory, monitor overall quality performance, and make future media planning decisions. We do not combine the collected data with any other data that would enable us to personally identify the user.

Data We Collect. In order to provide Technology Solutions to our clients, we use javascript and other similar technologies that places a small piece of HTML code on a webpage to collect information about advertising impression opportunities and displayed ads or website/mobile app traffic.

The following categories of Personal Data are collected when these technologies are deployed when providing Technology Solutions to our Clients:

• Browser and computer environmental information. This information is necessary to determine the viewability of an advertisement, which includes information such as the ad’s location in the browser viewport, size of the browser viewport, ad size, size of the display, application in focus, the browser tab in focus, and other data.
• Standard HTTP header information. This includes IP address, referring URL, user agent data (data transmitted by your browser about itself when submitting an HTTP request) and other data including browser configuration parameters, including browser type and language and session storage and local storage settings, and characteristics of your device such as the CPU class and time zone setting.
• Information contained within an advertisement. This is known as an “ad tag,” that includes information used to identify the advertiser displaying the ad and the media property that sold the impression.
• Mobile application and mobile device data. Examples include log-level data, Personal Data about users’ interactions with those applications (including IP address and time-stamp Personal Data), and Personal Data about users’ mobile devices (including device type, device make and model, operating system type and version, mobile identifiers such as Apple IDFA and Android Advertising ID and App Identifier).

For the purpose of identifying and preventing online ad impression fraud and invalid traffic and determining if advertisers and publishers are in compliance with their agreements, our Technology Solutions utilize the following additional technologies (in addition to the data described above):

• Device identification technology, which analyzes device parameters collected as described above, including IP address and browser header information, to probabilistically identify a particular device.
• Clickstream data including URLs and other data regarding the websites on which a particular browser has viewed advertising impressions we are analyzing.
• Clickstream data including mobile application identifier and other data regarding the mobile apps on which a particular user has viewed advertising impressions.
• Webpage (HTML and Javascript) structure analysis.

Mobile device tracking opt-out. Individual users that opt-out of mobile device tracking limit the Personal Data that is collected about them and/or how it is used. Individual users may opt-out of interest-based and demographic-based advertising using their mobile device settings. Individual users will need to follow the below instructions for Android and iOS applications.

Opt-out process for Android-based mobile devices:

• Open the Google Settings app on individual users’ device
• Select Ads
• Set the “Opt-out of interest-based ads” slider to individual users’ desired position

Optionally, Individual users may reset the advertising identifier associated with their device Opt-out process for iOS-based mobile devices:

• Open Settings
• Select Privacy
• Select Advertising
• Set the “Limit Ad Tracking” slider to Individual users’ desired position

Optionally, Individual users may reset the advertising identifier associated with their device

Please note that opting out through a website will not limit the collection of Personal Data on mobile devices, and opting out on Individual users’ mobile device will not limit the collection of Personal Data through Individual users’ computer’s browser. Opting out limits the collection of data but does not eliminate it completely. Some Personal Data will still be collected about Individual users’ use of websites or mobile applications after Individual users limit tracking on that platform.

Purpose of Collection and Use.
We use the data we collect to deliver our Technology Solutions for any lawful purpose, including:

• Examining impression data of advertising opportunities, using Adloox technology and client profile decisions, to determine if clients’ advertisements should or should not be displayed.
• Detailing contextual information about advertisements displayed in order to ensure its compliance with terms of our client or partner’s contracts, insertion orders that detail client campaigns, and/or profile decisions that clients make in our systems.
• Reporting viewability metrics of advertisements that indicate: qualified « Viewed Impressions » according to industry standards and/or clients’ criteria, time in which advertisements are displayed on consumers’ browsers, and properties of creative elements that are displayed on consumers’ browsers.
• Website and mobile apps visitation characteristics such as visitor quality, fraud identification, invalid traffic detection, and other quality characteristics necessary to determine agreement compliance.
• Our Technology Solutions include the detection and elimination of general invalid and sophisticated invalid traffic, including ad impression fraud, which we define in this policy as the management of ad serving, ad display, or traffic activity such that ad impression measurements are shown inappropriately because the ads cannot be viewed by a user, are not served within operationally viewable parameters or were displayed as a result of fraudulent machine-generated traffic. Our fraud and invalid traffic services are intended to address fraud for advertising measurement purposes.

Additionally, Adloox uses advertising impression information, mobile app information, and website traffic information including IP address and browser header information to:

• Identify traffic sources by their geographic location and determine if the location is correct and located within the advertiser’s campaign parameters or traffic settings
• Determine if traffic is being acquired is fraudulent, or if traffic acquisition practices that are out of compliance with an advertiser’s guidelines or contractual requirements.
• Determine if a middleware is attempting to misrepresent its operating characteristics to prevent the identification of fraud or other invalid traffic.
• Determine if traffic or ad impressions are originating from a server farm unlikely to be responsible for human-generated browsing activity.

Legal Basis and Data Retention
Adloox Technology Solution is based on Article 6. (1) f. GDPR.

We process pseudonymous Personal Data (notably your IP address) along with non-personal technical information when necessary to do so for fraud and invalid traffic prevention purposes or providing services related to advertising viewability and brand safety as discussed in this policy, when these interests are not overridden by your data protection rights.

We anonymise completely the IP information when it arrive into our servers, we don't store it. This process is being made when we retrieve the data with a strong encryption (bcrypt + salt key). We minimize our use of Personal Data by, for.

We retain our clients reporting data for up to 13 months.

III. PERSONAL DATA SHARED WITH THIRD PARTIES

Onward Transfer to Third Parties. Like many businesses, we hire other companies to perform certain business-related services. We may disclose Personal Data to certain types of third party companies but only to the extent needed to enable them to provide such services. The types of companies that may receive personal Data and their functions are: direct marketing assistance (including disclosure to our distributors for direct marketing of Technology Solutions), billing, client service, data storage, hosting services, disaster recovery services, and credit card processors. All such third parties function as our agents, performing services at our instruction and on our behalf pursuant to contracts which require they provide at least the same level of privacy protection as is required by this Privacy Policy and implemented by IAS. We may also disclose Personal l Data to our affiliates in order to support marketing, sale and delivery of Technology Solutions. You may opt out of having your Personal Data transferred to any or all of our categories of agents by contacting us at privacy@integralads.com.
Please allow us a reasonable time to process your request.

Business Transfers. In the event of a merger, dissolution, reorganization or similar corporate event, or the sale of all or substantially all of our assets, we expect that the Personal Data that we have collected, including Personal Data, would be transferred to the surviving entity in a merger or the acquiring entity. All such transfers shall be subject to our commitments with respect to the privacy and confidentiality of such personal Personal Data as set forth in this privacy policy. This policy shall be binding upon ADLOOX and its legal successors in interest.

Disclosure to Public Authorities.We are required to disclose Personal Data in response to lawful requests by public authorities, including for the purpose of meeting national security or law enforcement requirements. We may also disclose Personal Data to other third parties when compelled to do so by government authorities or required by law or regulation including, but not limited to, in response to court orders and subpoenas.

IV. TRANSFER OF PERSONAL DATA OUTSIDE OF the EUROPEAN UNION.

Our servers are located in Europe. We do not transfer Personal Data outside of the EU.

V. YOUR RIGHTS

You have the right to request from us the access to and rectification or erasure of the Personal Data we hold on you or restriction of processing or to object to processing as well as the right to data portability.

Access to Personal Data. Upon request, we will provide you with confirmation as to whether we are processing your Personal Data, and have the data communicated to you within a reasonable time. You have the right to correct, amend or delete your Personal Data where it is inaccurate or has been processed in violation of this privacy policy. Please allow us 30 days to respond to your direct inquiries and requests, or those of our clients seeking our assistance.
European residents have the right to lodge a complaint at any time about our processing of your Personal Data with their local data protection authority.

VI. YOUR SECURITY

How We Protect Your Personal Data. ADLOOX takes very seriously the security and privacy of the Personal Data that it collects pursuant to this Privacy Policy. Accordingly, we will implement reasonable and appropriate security measures to protect Personal Data from loss, misuse and unauthorized access, disclosure, alteration and destruction, taking into account the risks involved in processing and the nature of such data, and comply with applicable laws and regulations.

VII. GENERAL

Retention of Personal Data. We will retain your Personal Data in a form that identifies you only for as long as it serves the purpose(s) for which it was initially collected as stated in this Privacy Policy, or subsequently authorized and in accordance with this privacy policy. We may continue processing your Personal Data for longer periods, but only for the time and to the extent such processing reasonably serves the purposes of archiving in the public interest, journalism, literature and art, scientific or historical research, and statistical analysis, and subject to the protection of this Privacy Policy. After such time periods have expired, we may either delete your personal Personal Data or retain it in an anonymous form.

Links to External Websites. Our Website may contain links to third party websites (“External Sites”). As such, we are not responsible for the privacy policies of those External Sites. You should check the applicable third-party privacy policy and terms of use when visiting any External Sites, and before providing any Personal Data to such External Sites.

Changes to this Privacy Policy. This Privacy Policy is effective as of the date stated at the top of this Privacy Policy. We may change this Privacy Policy from time to time, and will post any changes on our Website as soon as they go into effect. By accessing our Website after we make any such changes to this Privacy Policy, you are deemed to have accepted such changes. Please refer back to this Privacy Policy on a regular basis.

How to Contact Us. If you have questions about this Privacy Policy, please contact in one of the following ways:
E-mail us at privacy@adloox.com
Call us at +1-646-278-4860
Or write to us at: ADLOOX SAS
40 rue du Louvre
75 001 PARIS
Attn: DPO

Get in touch

Want to know more ?

Salutation