GDPR Notice

 

GDPR NOTICE

PRIVACY NOTICE: EUROPEAN UNION, UK AND SWITZERLAND ADDITIONAL NOTICE

Effective on: January 1, 2020

This PRIVACY NOTICE FOR EUROPEAN UNION, UK AND SWITZERLAND RESIDENTS supplements the information contained in the Privacy Statements of UberMedia, Inc. (“UberMedia” or “We,”) and applies solely to data subjects who reside in those countries (“Data Subjects” or “you”). We adopt this notice to comply with pursuant to the European Directives 95/46/EC and 2002/58/EC (EU General Data Protection Regulations Legislation, also known as “GDPR”) and addresses data subjects whose Personal Data we may receive in the course of delivering our mobile advertising and business intelligence services (collectively, the “Services”).  Terms defined herein shall have the same meaning as in the GDPR when used in this notice, except as otherwise noted herein.

Controllership

Within the scope of this Policy, UberMedia acts as a data controller for the Personal Data we process.

Basis of Processing

We may process your Personal Data on the basis of:

  • your consent;
  • the need to perform a contract;
  • our legitimate interests or those of a third party, such as our interest in marketing our Services;
  • the need to comply with the law; or
  • any other ground, as required or permitted by law.

Where we process your Personal Data based on your consent, you may withdraw it at any time. However, this will not affect the lawfulness of our processing before you withdrew your consent. It will also not affect processing performed on other lawful grounds.

How We Receive Personal Data

We may receive your Personal Data:

  • when you provide it directly to us as part of using our websites or mobile applications;
  • when you provide it directly to us as part of formation or fulfillment of a contract or as part of us delivering our Services;
  • from third party app publishers and advertising companies who collect your Personal Data through their web-based software applications;
  • when our service providers provide it to us; or
  • we purchase data from trusted third parties.

Categories of Personal Data

We may process the following types of Personal Data from Data Subjects:

For   Personal Data
Advertising and Business Intelligence Services Device information such as mobile advertising device ids (MAIDs), ip addresses, and browser type

Geolocation data (if enabled) associated with a device id. such as latitude-longitude, GPS source, postal code, and country code

Interaction with advertisements including advertising click-stream data.

 Our Mobile Apps

 

Your Twitter handle

Mobile advertising device ids (MAIDs), ip addresses, and location data (if enabled) associated with a device id;

Browsing history with Apps and interaction with advertisements  including advertising click-stream data

 Our Websites Your ip address; and your interaction with the Sites

 

Purposes of Processing

We may process your Personal Data for the purposes of:

  • providing the Services to our customers;
  • creating and updating data sets;
  • providing targeted advertising and content;
  • responding to your requests or questions; and
  • sending you email marketing communications about our business which we think may interest you.

Data Retention

For  Personal Data , We keep your Personal Data only for as long as we need it for our legitimate business purposes.  For example, when we collect information about your interaction with an advertisement served to you, we retain that information for the calendar quarter and then delete it.  Other information, like device ids, we retain for our ongoing Services.  We will retain your information for as long as the Services are active and after that, for a period which enables us to handle or respond to any complaints, queries or concerns relating to the Services. We will periodically review the Personal Data we hold and delete it securely, or in some cases anonymize it, when there is no longer a legal, business, or consumer need for it to be retained.

Sharing Personal Data with Third Parties

As discussed more fully in our Privacy Policies, most of the information we collect and use is de-identified and aggregated information, such as de-identified categories of app use and jittered geolocation information associated with a de-identified device id. We also provide partners with de-identified mobile device activity in aggregate, except in cases when the actual device id is needed, such as for targeted advertising, and for matching and measurement of advertising. De-identified and aggregated information is not Personal Data, and we use such information in a number of ways for our business intelligence services as we discuss in our Privacy Policy. We may also share aggregate, anonymized information with advertisers, clients, customers, and partners when providing our Services to those parties.

We may also share Personal Data with third party service providers, who process Personal Data on our behalf, and who agree to use the Personal Data only to assist us in providing our Services or as required by law. Our service providers may provide:

  • payment processing services;
  • cloud storage services;
  • web site hosting services;
  • maintenance and IT services;
  • customer support services;
  • analytics and metrics services;
  • email software; and
  • CRM software.

Some of these third parties may be located outside of the United States. However, before transferring your Personal Data to these third parties, we will either ask for your explicit consent or require the third party to maintain at least the same level of privacy and security for your Personal Data that we do.

We do not share or use your Twitter handle other than to authenticate your use on our Twitter-based Apps.

Cookies

A “cookie” is a small file stored on your device that contains information about your device. We may use cookies to provide basic relevant ads, website functionality, authentication (session management), usage analytics (web analytics), and to remember your settings, and generally improve our applications, websites, and Services.

If you would prefer not to accept cookies, you can change the setup of your browser to reject all or some cookies. Note, if you reject certain cookies, you may not be able to use all of our Services’ features. For more information, please visit https://www.aboutcookies.org/.

You may also set your browser to send a Do Not Track (DNT) signal. For more information, please visit https://allaboutdnt.com/. Please note that our Services do not have the capability to respond to “Do Not Track” signals received from web browsers.

Access & Review

If we process your Personal Data, you may have the right to request access to (or to update, correct, or delete) such Personal Data.

You may also have the right to opt out of having your Personal Data shared with third parties and to revoke your consent to our sharing your Personal Data with third parties. You may also have the right to opt out if your Personal Data is used for any purpose that is materially different from the purpose(s) for which it was originally collected or which you originally authorized. To submit these requests or raise any other questions, please visit our Consumer Choices and Opt Out Options page.

Exercising Access, Data Portability, and Deletion Rights

You have the right to request that we disclose certain information to you about our collection and use of your Personal Data. To provide this information we need your mobile advertising device id (which is a unique id number assigned to each device).  We ask you to complete a form and then follow the instructions to provide us with a legible image of your mobile advertising device id.  To exercise the rights described above,  please visit our Consumer Choices pages. We cannot respond to your request or provide you with Personal Data if we cannot verify your mobile device identity to confirm the Personal Data relates to you.  Making a verifiable consumer request does not require you to create an account with us.  We will only use Personal Data provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.

We provide you with reasonable access and deletion rights to the Personal Data. If you live in the EU, and wish to exercise your rights with respect to any Personal Data we hold about you, please visit our “Consumer Choices” pages.

We endeavor to respond to a verifiable consumer request promptly.  If we require more time (than required by law), we will inform you of the reason and extension period in writing.  We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or unfounded.

International Transfers

Where we transfer your Personal Data outside the EU, we rely on approved standard EU Model Clauses so these transfers are conducted in accordance with applicable laws and using adequate and appropriate safeguards.

Changes to This Notice

We reserve the right to amend this notice at our discretion and at any time. When we make changes to this privacy notice, we will post the updated information on our website.

Contact Information

If you have any questions or comments about this notice, our Privacy Statement, the ways in which we collect and use your Personal Data, your choices and rights regarding such use, or wish to exercise your rights under GDPR, please do not hesitate to contact us.