Our Services receive information from and about end users (“Users” or “Data Subjects”) from our own Sites and Apps, from third party Sites and Apps that utilize affiliate software development tools or other collection interfaces, through our own and third party ad exchange services and data aggregation services we work with to provide the Services. As more described in this Policy, We may collect information such as your device ID (except in the EEA); IP address; geolocation data (if you have enabled your device to share location information); browser type; the website from which you accessed the Site or App; click-stream data about your activity on the Site or App such as the times you access the Site or App, and the pages and content you visit; and the types of products, services, and content along with retail locations in which you may be interested based on your online and App activities.
Generally, the information we collect is not information that identifies you personally (“Non-PII”) Non-PII is information that is linked or reasonably linkable to a particular computer or device, including over time, but does not directly identify the individual. Non-PII may include browser, operating system and device information (except, for citizens in the European Economic Area (EEA)—see below), pages visited, language preferences, date and time an ad was served, clicks on ads, and other anonymous traffic data; geolocation data, a unique identifier (which may collect and use certain characteristics of your device to help us identify a device in connection with our Services over time); and aggregated information. If you have previously given consent for collection of geolocation information, You are always free to turn off geolocation (or limit it to certain mobile applications) or to adjust your advertising settings on your device.
As part of our Services, we collect geo location information from our own Apps and through our partners, which include mobile advertising networks and third party mobile App owners. Our technology collects information about the location of mobile devices and processes it to determine geo location segments that can be used to make digital advertisements and marketing decisions more relevant and useful. We receive geo location data generated from your use of your mobile device provided by mobile App publishers (via SDK, beacon pings or other methodology), other media supply sources in conjunction with the opportunity to purchase advertising inventory, and via data providers. We may also buy data from select third parties where we get sufficient comfort that the data was obtained in conformance to current privacy regulations. When we receive geo location data, we rely upon the mobile app publishers and other media supply sources that are responsible for enabling your connection to our Services to provide or withdraw consent with respect to the collection and use of your geo location data. You may also control your mobile device directly by enabling or disabling your location settings on your device. We may collect this information over time and across websites, mobile apps and devices. We may also supplement the information we collect via our technology with audience information from third parties.
Personally Identifiable Information, as the term used in the United States, or Personal Data as referred to for individuals pursuant to the European Directives 95/46/EC and 2002/58/EC (EU General Data Protection Regulations Legislation, also known as GDPR) (hereinafter “PII”), is information used or intended to be used to identify a particular individual (including name, social security number, billing information and government identifiers such as a driver’s license). We strive to only collect PII if you voluntarily provide it to us or our clients and partners by your consent, such as information you provide in completing a registration form, information you publicly share over social media including your username or handle, photos, and other public information you make available based on your privacy settings on third party sites and services and by your consents.
PIXELS, COOKIES AND OTHER PERSISTENCE TOOLS
Our Services include advertising services that allow us to help our advertising and publishing clients provide more relevant advertising and content on the Sites and Apps on our Network and determine general interest in certain locations. In general, we use the information collected from and about you on Sites, Apps and from partners to enhance our advertising services by providing advertising and content that is more closely related to your interests. For example, the information is used to create audiences that are grouped together based on shared interests or preferences (e.g., Sports Fans, car enthusiasts, movie goers) and to measure the effectiveness of ad campaigns. Data used to create online audiences is de-identified, helping ensure that neither the ad server nor our cookies contains PII. While our advertising services are targeted, our system is set up to create anonymous user profiles and not to identify individuals specifically. We may share Non-PII, aggregated information, and de-identified information with our clients, advertisers and partners.
Our Services also include business intelligence, data and attribution services, which involve robust data information and reporting to advertising clients and other customers, which look to us to provide reporting on trends and aggregated data activities. We use our internal, proprietary tools to manipulate the information collected as described above, including geolocation information. We only collect geolocation data if you have enabled it on your device and given permission to the Site or App. We utilize our technology to derive and provide our clients and customers with trend and statistical analyses, such as identifying patterns that will enhance the relevance of ads, providing advertisements to certain types of audiences, identifying and optimizing trade areas and business locations, and for helping our clients make informed business decisions about consumer behavior with trend and movement information.
UberMedia does not knowingly collect data or create data segments that are based upon what we consider to be sensitive information (for example, we don’t create any data segments to determine religion, or credit worthiness). UberMedia may collect data to create health-related segments such as an inferred interest in diet and wellness, but not comprised of sensitive health data such as medical conditions or diseases. UberMedia does not sell its data products to law enforcement agencies for use in law enforcement activities or to monitor the movement of individuals or groups.
We also receive pseudonymous information from third parties, when they choose to provide it to us. This information may include identifiers (like mobile advertising IDs) and interest-based advertising data tied to those identifiers, including segments provided by third-party data providers for our clients to use in targeting ads through the Services. UberMedia does not use this data to personally identify you.
We may assign an UberMedia ID to your browser, computer or mobile device when we serve an ad to it or we identify it on a client’s website or mobile app. The UberMedia ID and other information collected via the Services can also help our advertising clients measure the effectiveness of advertisements delivered via the Services. They enable the Services to determine within a reasonable level of confidence that a computer or device is the same as one with which the Services has previously interacted. For instance, the Services can determine that a computer or device to which we served an ad on Monday may be the same computer or device for which we observed a purchase on Tuesday.
In some cases, UberMedia is also able to infer within a reasonable probability that a particular computer or mobile device should be associated with the same UberMedia ID that we have previously assigned to another computer or mobile device. In other words, in such cases we are able to infer that a device (e.g. your computer) and another device (e.g. your smartphone) are used by the same user. Where we are able to make such inferences, we may use this information to deliver targeted ads across multiple computers or devices, and to improve the services we provide to our clients. This is sometimes referred to as cross-device advertising.
UberMedia may share Non-PII with advertisers, clients, customers and partners as described above. We may also share information that includes PII, for the following purposes:
All of the User Information is kept on servers that UberMedia manages, using reasonable administrative, technical and physical safeguards designed to protect against unauthorized access or disclosure of data. Please be aware that no data transmission over the Internet or information contained in our servers can be guaranteed to be 100% secure. As a result, while we strive to use commercially acceptable means to protect your information, we cannot guarantee or warrant its security.
We do not knowingly collect or distribute information from or about children under age 13 (or up to age 16 in certain countries). If you believe your child has provided UberMedia with personal information, such as by registering at one of our Apps without parental consent, and you would like to have the data removed, please contact us using the contact information below.
CALIFORNIA ADDITIONAL NOTICE
Under California Civil Code sections 1798.83-1798.84, California residents are entitled to ask us for a notice describing what categories of personal customer information we have shared with third parties or corporate affiliates for those third parties or corporate affiliates’ direct marketing purposes in the past 12 months. That notice will identify the categories of information shared and will include a list of the third parties and affiliates with which such was shared. If you are a California resident and would like a copy of this notice, please submit a written request to the contact address set forth in the “Who We Are. Contact Us” section below. In your request, please specify that you want a ‘California Privacy Rights Notice’.
EUROPEAN UNION, UK AND SWITZERLAND ADDITIONAL NOTICE
UberMedia utilizes the services of multiple third parties ad network exchanges and tools which enable the purchase of advertising inventory and the serving of advertisements to Data Subjects of Apps and Sites. In utilizing these services, the providers will transmit devices id, location information and other application related information (“Data”). Such Data may include information which constitutes Personal Data, as this term is referred to under GDPR. When utilizing the described advertising services, UberMedia will undertake to hash and anonymize all device ID information, upon receipt, from Data Subjects whose devices are seen in EEA countries so as to not retain the Personal Data. We hash the device ID information before any transfer of data outside the EEA.
Legal basis for processing any personal data; Retention
As before, UberMedia will only collect and process Personal Data when we have lawful bases for doing so. These lawful bases include when you provide consent, when we have a contractual obligation to collect or process your personal data, and when we have a legitimate interest in processing your Personal Data.
While UberMedia will hash and anonymize Device Id of Data Subjects in the EEA in connection with our Services (and accordingly do not plan to store Personal Data of users located in the EEA), during the instant moment where Personal Data is sent to us in the course of performing advertising services as described above, the legal basis for this processing is in order for UberMedia to process the data under its contractual agreements in connection with serving the advertising through our ad networks. UberMedia will retain this information no longer than 24 hours as a back up to the advertising process.
In general, for any Personal Data other than as specified above (for Device Ids), We will keep your Personal Data only for as long as we need it for our legitimate business purposes. For example, we will retain your information for as long as the Services are active and after that, for a period which enables us to handle or respond to any complaints, queries or concerns relating to the Services. . We will periodically review the Personal Data we hold and delete it securely, or in some cases anonymize it, when there is no longer a legal, business, or consumer need for it to be retained
Consent; Withdrawing Consent
The ad network providers we work with will only pass device id and other information to Us if consent has been obtained from Data Subjects. We rely on the publishers of the Sites and Apps to request consent from individuals using the Site or Apps and upon our ad exchange partners in passing the information to us to ensure they only pass us device id and information from Data Subjects. In addition, You have the ability to withdraw consent at any time by contacting the publisher of the relevant App or Site and checking your privacy settings on your devices and with the Apps and Sites you visit from time to time.
We respect your privacy rights and provide you with reasonable access and rights to the Personal Data, as this term is referred to for individuals located in the countries of the EU, UK or Switzerland pursuant to the European Directives 95/46/EC and 2002/58/EC (EU General Data Protection Regulations Legislation, also known as GDPR), that you may have provided through your use of the Products. If you live in the EEA, and wish to access, amend, delete, or transfer any Personal Data we hold about you, you may contact us as set forth in the “Who We Are. Contact Us” section below.
You may update, correct, or delete your Personal Data and preferences at any time by request to us at the email below. Please note that while any changes you make will be reflected in active user databases instantly or within a reasonable period of time, we may retain all information you submit for backups, archiving, prevention of fraud and abuse, analytics, satisfaction of legal obligations, or where we otherwise reasonably believe that we have a legitimate reason to do so.
You may decline to share certain Personal Data with us, in which case we may not be able to provide to you some of the features and functionality of the Services.
At any time, you may object to the processing of your Personal Data, on legitimate grounds, except if otherwise permitted by applicable law. If you believe your right to privacy granted by applicable data protection laws has been infringed upon, please contact us at the email below. You also have a right to lodge a complaint with data protection authorities.
Where we transfer your Personal Data outside the EEA, we rely on approved standard EU Model Clauses so these transfers are conducted in accordance with applicable laws and using adequate and appropriate safeguards.
To find out more about how we safeguard your information (including obtaining a copy of such safeguards) in relation to transfers outside the EEA, please contact us via the details provided in the “Who We Are. Contact Us” section below.
Except as specified as to Personal Data for EEA Data Subjects, We generally retain your information as long as reasonably necessary to provide the Services and to comply with applicable law. We may retain archival copies of data as reasonably necessary to comply with any legal requirements and to verify our compliance with our terms and policies.
Or you can contact us by mail at:
130 West Union Street
Pasadena, CA 91103
Attn: Chief Compliance Officer
Updated: May 25, 2018