IAS is acting as the data controller for the Personal Data collected through our Website, Client Portal, and Technology Solutions (as these terms are defined below).
I. OUR WEBSITE AND THE CLIENT PORTAL
A. Personal Data We Collect; Purpose of Collection and Use; Legal Basis and Data Retention
Personal Data we may collect from you through our Website, Client Portal, and Technology Solutions.
Contact Personal Data. We collect business contact information from visitors and clients who wish to obtain information or support, or to purchase our Technology Solutions. Contact information is provided via browser forms, online order forms, email, and during events via submission of business cards or physical forms and include first name, last name, business email address, job title, name of the organization, country, business phone number, and organization type.
Use of Contact Personal Data. Personal Data submitted to our websites is used by our marketing, sales, support, and solutions teams to contact you so that we can provide the requested information, support, or Technology Solutions.
Legal Basis and Retention Period. We only collect data for this purpose that you consent to communicate to us. We keep your Personal Data as long as your user account is active and during three years after your last login to your account or after your last contact with us.
Billing Personal Data. We collect billing and payment information from our clients, which may include a purchase order number, and account number, or instructions for wire transfers and/or ACH transfers. When payment is made by credit card, we use third-party credit card processors. The billing and payment Personal Data is used to prepare and send invoices, make and receive payments, and manage client accounts.
Legal Basis and Retention Period. We only collect Billing Personal Data that you consent to communicate to us. We keep your Personal Data as long as your user account is active and during ten years after your last transaction with us for tax and accounting purposes.
B. Additional Uses of Personal Data and Other Information
Aggregate Data. In an ongoing effort to better understand our clients and visitors, and how they interoperate with our Website and the Client Portal, we may analyze your information in aggregate form to operate, maintain, manage, and improve our Website, Client Portal, and Technology Solutions. This aggregate information does not identify you personally. We may share this aggregate data with our affiliates, agents, and business partners. We may also disclose aggregated user statistics in order to describe our Technology Solutions, Website, and Client Portal to current and prospective business partners and to other third parties for other lawful purposes.
II. TECHNOLOGY SOLUTIONS
A. Data We Collect; Purpose of Collection and Use; Legal Basis and Data Retention
Data We Collect. Our accredited Technology Solutions serves both advertisers and media sellers by providing independent, third-party verification measurement. By analyzing information about ad impression delivery and website traffic, IAS verifies whether the media has met or failed expectations based on characteristics that include the brand safety of a webpage, the viewability of the ad placement, the existence of ad fraud, as well as additional contextual variables.Measurement is available across both browser and app environments for mobile and desktop devices. IAS collects and surfaces this data to increase trust and transparency for its customers. The data collected can be used by customers to proactively prevent advertising on undesirable and/or low-quality inventory, monitor overall quality performance, and make future media planning decisions. We do not combine the collected data with any other data that would enable us to personally identify the user.
In order to provide Technology Solutions to our clients, we use pixels and other similar technologies (see “Our Tools” below) that places a small piece of HTML code on a webpage to collect information about advertising impression opportunities and displayed ads or website/mobile app traffic. The following categories of Personal Data are collected when these technologies are deployed when providing Technology Solutions to our clients:
For the purpose of identifying and preventing online ad impression fraud and invalid traffic and determining if advertisers and publishers are in compliance with their agreements, our Technology Solutions utilize the following additional technologies (in addition to the data described above):
Mobile device tracking opt-out. Individual users that opt-out of mobile device tracking limit the Personal Data that is collected about them and/or how it is used. Individual users may opt-out of interest-based and demographic-based advertising using their mobile device settings. Individual users will need to follow the below instructions for Android and iOS applications.
Opt-out process for Android-based mobile devices:
Opt-out process for iOS-based mobile devices:
Please note that opting out through a website (see, “Automatic Data Collection,” and “Other Third Party Services,” above) will not limit the collection of Personal Data on mobile devices, and opting out on Individual users‘ mobile device will not limit the collection of Personal Data through Individual users‘ computer’s browser. Opting out limits the collection of data but does not eliminate it completely. Some Personal Data will still be collected about Individual users‘ use of websites or mobile applications after Individual users limit tracking on that platform.
Cookie-grade data. Our Technology Solutions use pixel tags, SDKs, and cookies to enable campaign performance analytics and optimization services on behalf of our clients. While we collect information about browsers, devices, and how users interact with web and mobile content, the cookies we attempt to set for our Activation services do not contain any directly identifiable Personal Data such as name or email address in the cookie itself. Rather, we use pseudonymous identifiers such as a unique cookie ID for measurements pertaining to ad viewability and user interactions with the ad.
Purpose of Collection and Use. We use the data we collect to deliver our Technology Solutions for any lawful purpose, including:
Our Technology Solutions include the detection and elimination of general invalid and sophisticated invalid traffic, including ad impression fraud, which we define in this policy as the management of ad serving, ad display, or traffic activity such that ad impression measurements are shown inappropriately because the ads cannot be viewed by a user, are not served within operationally viewable parameters or were displayed as a result of fraudulent machine-generated traffic. Our fraud and invalid traffic services are intended to address fraud for advertising measurement purposes.
Additionally, IAS uses advertising impression information, mobile app information, and website traffic information including IP address and browser header information to:
IAS leverages AI and Machine Learning in order to automate the process of detecting invalid traffic and fraudulent activity.
Legal Basis and Data Retention
We process pseudonymous Personal Data (notably your IP address) along with non-personal technical information when necessary to do so for fraud and invalid traffic prevention purposes or providing services related to advertising viewability and brand safety as discussed in this policy, when these interests are not overridden by your data protection rights. Where we process your personal data for this purpose, our legitimate interest is to carry out our business in favor of the well-being of all our employees and members.
We minimize our use of Personal Data by, for example, truncating the IP address after 30 days. The resulting string of digits provides us with research value but may no longer represent a unique device or household. We retain our clients reporting data for up to 13 months.
B. Our Tools
Use of Pixel Tags. We may set cookies associated with pixel tags where authorized by clients within their email messages and on their own websites.
Pixels (also sometimes referred to as beacons or web beacons) and tags are elements included in web pages to enable companies to collect data, serve advertising, and provide related services, such as measuring ad effectiveness or preventing fake ad traffic. They do this by allowing communication between a web browser and a server. A beacon is a small transparent image that is placed on a web page. A tag is a small piece of website code that is run by the web browser. Pixel tags are small, invisible images on a web page or other document. Pixel tags allow the operator of the web page or other document, or a third party who serves the pixel tag, to set, read, and modify cookies and to directly collect Personal Data from browsers and devices. Our pixel tags allow cookies to be set, read, and modified when Individual users visit a website, and directly collect the Personal Data described under “Data We Collect.”
Use of Mobile Device Identifiers and SDKs. We also use, or partner with publishers or publisher-facing and application developer platforms that use mobile SDKs, to collect the types of Personal Data described under “Log-level data,” “Mobile device data,” and “Cookies.” An SDK is a piece of computer code that developers include in their mobile applications. A mobile SDK is in effect the mobile app version of a pixel tag or beacon. The SDK is computer code that app developers can include in their apps to enable ads to be shown, data to be collected, and related services to be implemented. We may use this technology, for instance, to analyze or measure certain advertising through mobile applications and browsers based on Personal Data associated with a mobile device.
Use of Cross-Device and Cross-App Technology. We may work with third parties that provide cross-device and cross-app technology to establish connections among devices (such as mobile devices, tablets, and computers) used by an individual. We may share pseudonymous identifiers (such as cookies, mobile device IDFAs, or Google Advertising IDs) with those third parties to assist in connecting devices. Using these connections, we may combine Personal Data about an individual’s use of websites or applications on his/her current device, with usage Personal Data from his/her other devices. We use this Personal Data to provide Technology Solutions to our clients to enable campaign performance analytics and optimization services on behalf of our clients.
III. PERSONAL DATA SHARED WITH THIRD PARTIES
Please allow us a reasonable time to process your request.
Onward Transfers Between Group Companies. Personal Data may be transferred from our subsidiaries located within the EU to IAS. We have executed European Commission’s data controller to data controller model clauses to legally transfer such data.
Disclosure to Public Authorities.We are required to disclose Personal Data in response to lawful requests by public authorities, including for the purpose of meeting national security or law enforcement requirements. We may also disclose Personal Data to other third parties when compelled to do so by government authorities or required by law or regulation including, but not limited to, in response to court orders and subpoenas.
IV.TRANSFER OF PERSONAL DATA TO THE UNITED STATES (U.S.).
Our servers are located in the U.S. If you are located outside of the U.S., please be aware that any information provided to us or collected by us, including Personal Data, will be transferred from your country of origin to the U.S. As our servers are located in the U.S., we have a legitimate interest in transferring your Personal Data to the U.S. For Personal Data transferred from our subsidiaries located within the EU to IAS, note that we have executed European commission’s standard contractual clauses to legally transfer such data. Contact Information and billing information are transferred for central management purposes.
V. YOUR RIGHTS
You have the right to request from us the access to and rectification or erasure of the Personal Data we hold on you or restriction of processing or to object to processing as well as the right to data portability.
Opt-Out for Direct Marketing; Email Management. You may opt out at any time from the use of your Personal Data for direct marketing purposes, and/or the transfer of your Personal Data to third parties for direct marketing purposes, by following the instructions at this link: firstname.lastname@example.org. Please allow us a reasonable time to process your request.
You may also manage your receipt of marketing and non-transactional communications by visiting our Online Subscription Management Center or clicking on the “unsubscribe here” link located on the bottom of any IAS marketing email communications and following the instructions found on the page to which the link takes you. You cannot opt out of receiving transactional emails related to your account or purchase orders.
European residents have the right to lodge a complaint at any time about our processing of your Personal Data with their local data protection authority.
VI. YOUR SECURITY
California Privacy Rights. Pursuant to Section 1798.83 of the California Civil Code, residents of California have the right to obtain certain information about the types of personal information that companies with whom they have an established business relationship (and that are not otherwise exempt) have shared with third parties for direct marketing purposes during the preceding calendar year, including the names and addresses of those third parties, and examples of the types of services or products marketed by those third parties. If you wish to submit a request pursuant to Section 1798.83, please contact IAS via email at email@example.com. We do not recognize browser “Do Not Track” signals.
E-mail us at firstname.lastname@example.org
Call us at +1-646-278-4860
Or write to us at: Integral Ad Science
95 Morton Street
New York, NY 10014
Attn: General Counsel
If you wish to escalate your inquiry after contacting the privacy team, you are welcome to contact our Data Protection Officer, Lucid Privacy Group.
E-mail the DPO at email@example.com
Or write to them at: Lucid Privacy
1556 Shrader Street
San Francisco CA 94117
Attn: Integral Ad Science