IAS Website Privacy Policy
Updated March 6, 2024
1.0 Applicability and Scope
1.1 Applicability
The IAS Website Privacy Policy (hereafter referred to as this “Policy”) applies to the various operations related to Personal Data processing within Integral Ad Science Inc. (“IAS”), its sales platforms, all employees and, as applicable, subsidiaries, affiliates and vendors that support IAS’s business activities (collectively, “IAS Entities”).
1.2 Scope
This Policy applies to Personal Data (as defined below) that IAS collects from IAS corporate Websites (see defined term below) and how IAS collects and processes this Personal Data. This Policy does not cover Personal Data that is collected and processed through IAS’s Technology Solutions or the unified reporting platform called IAS Signal, available at www.integralplatform.com (the “Reporting Platform”). For more information on privacy as it relates to IAS’s Technology Solutions and Reporting Platform, please see IAS Technology and Reporting Platform Privacy Policy here.
If visitors have disabilities which prevents them from electronically accessing this Policy and requires it to be provided in alternative format (e.g., audio, large print), they can send IAS a message at privacy@integralads.com for assistance.
IAS is the “data controller,” as defined by the EU General Data Protection Regulation for the Personal Data collected through our Websites.
2.0 Overview and Purpose
Integral Ad Science, Inc. and its subsidiaries (“IAS”) is a global measurement and analytics company that builds verification, optimization and analytics solutions to empower the advertising industry to invest with confidence and activate consumers everywhere, on every device. As part of its role in promoting trust and transparency in digital advertising, IAS takes its responsibilities with respect to privacy seriously. This Policy is provided to visitors and others whose Personal Data is collected by IAS. IAS knows that visitors and others care about how their Personal Data is collected, used, shared and retained.
3.0 Policy Content
3.1 Definitions
The following defined terms/acronyms are used within this Policy.
| Term | Definition |
|---|---|
| Personal Data | Any information that relates to a living person that can be used, directly or indirectly, to identify that person Personal information, for example, may include business contact information collected from visitors who wish to obtain information or support or to purchase IAS Technology Solutions. Business contact information includes first name, last name, business email address, job title, name of the organization, country, business phone number and organization type. |
| Visitors | Visitors to IAS websites whose Personal Data (when collected by IAS via the Website) are subject to this Policy. |
| Website | www.integralads.com |
3.2 Business Requirements
3.2.1 Personal Data IAS Collects
3.2.1.1 Personal Data about website visitors that they provide
IAS Entities may collect the Personal Data visitors provide directly via the Website. For example, IAS collects Personal Data when visitors submit an inquiry via the “Contact Us” form on the IAS Website. This Personal Data may include:
• Contact Information: IAS collects contact information from visitors who wish to obtain information or support or to purchase its Technology Solutions. For example, contact information may be provided via browser forms, online order forms, email and during events via submission of business cards or physical forms. Contact information includes first name, last name, email address, job title, name of employer, country, phone number and organization type.
3.2.1.2 Personal Data Collected Automatically
IAS Entities may also automatically collect certain information about visitors when they access or use the Website (“Usage Information”). Usage Information may include IP address, device identifier, browser type, operating system, information about visitors’ use of the Website and data regarding network connected hardware (e.g., computer or mobile device). The methods that may be used on the Website to collect Usage Information include:
• Log Information: Log information includes data about visitors’ use of the Website, such as IP address, browser type, Internet service provider, referring/exit pages, operating system, date/time stamps and related data stored in log files.
• Information Collected by Tracking Technologies: We and our service providers use technologies on our sites and services to collect information that helps us improve the quality of our sites and services and the online experience of our visitors and users. In this Privacy Notice, we refer to these technologies, which include cookies–small text files stored on your computer or mobile device to remember your actions or preferences over time–and similar technologies from third party providers, collectively as “cookies.” Cookies allow us to personalize your return visits to our sites and services and to save you time during certain activities, such as remembering your user preferences; tracking interactions on our services; or determining whether or not you have opened an email communication from us. Most web browsers support cookies, and users can control the use of cookies at the individual browser level. Please note that if you choose to disable cookies, it may limit your use of certain features or functions on our sites and services.
We and service providers on our behalf use cookies and similar technologies to:
- Deliver advertisements that we believe are more relevant to your interests;
- Keep track of how many visitors click on an advertisement;
- Limit the number of times you see a certain ads;
- To detect and combat fraud
- To infer preferences based on how you interact with our [sites and services]
- To gather information about our user base as a whole
- To monitor and provide analytics about the performance, trends and operation of [our website, mobile application or services]
- To enable you to use and access our website, mobile application or services
- To better understand how our users interact with our website, application or services
- To store and honor your preferences and settings
Third-party advertisers and other organizations may use their own cookies to collect information about your activities on our sites and services and/or the advertisements you have clicked on. This information may be used by them to serve advertisements that they believe are most likely to be of interest to you based on content you have viewed. Third-party advertisers may also use this information to measure the effectiveness of their advertisements. We do not control these cookies and to disable or reject third-party cookies, please refer to the relevant third party’s website.
Some information about visitors’ use of the Website and certain Third-Party Services (defined below in 3.2.4) may be collected using tracking technologies across time and services and used by IAS and other parties for purposes such as to associate different devices they use and deliver relevant ads and/or other content to them on the Website and certain Third-Party Services. IAS does not recognize browser “Do Not Track” signals.
3.2.2 How IAS uses the Personal Data Obtained
IAS may use Personal Data collected about visitors from the Website for the following purposes:
- To facilitate, manage, personalize and improve the visitors’ online experience.
- To perform necessary business functions, such as processing the visitors’ registration and managing their accounts.
- To transact with visitors; provide services or information that they request; respond to their comments, questions and requests; serve them content and/or advertising and send them notices.
- To improve the Website, repair errors, and ensure the security and integrity of Personal Data.
- To tailor IAS content, marketing, advertisements and offers, including short-term, transient uses of Personal Data and auditing related to ad impressions.
- Internal research and development to maintain and enhance IAS’s products and services.
- To fulfill other purposes disclosed at the time of Personal Data collection to the visitor.
- Where IAS is legally permitted or required to process Personal Data.
- To prevent and address fraud, breach of policies or terms and threats of harm.
3.2.3 How and Why IAS Discloses Visitors’ Personal Data
3.2.3.1 Disclosures to Other Parties
Like many businesses, IAS hires other companies to perform certain business-related services. IAS may disclose Personal Data to certain of these companies but only to the extent needed to enable them to provide such services. The types of companies that may receive Personal Data and their functions are direct marketing assistance (including disclosure to IAS distributors for direct marketing of IAS Technology Solutions), data hosting services.
All such companies function as IAS agents, performing services at its instruction and on IAS’s behalf pursuant to contracts which require they provide data protection in compliance with privacy laws/legislations.
3.2.3.2 Disclosures to Affiliates
IAS may also disclose Personal Data to its affiliates in order to support the marketing, sales and delivery of IAS Technology Solutions. Personal Data may be disclosed between affiliate, subsidiary and parent organizations of IAS.
3.2.3.3 Business Disclosures
IAS may share visitors’ Personal Data in connection with or during negotiations of any proposed or actual financing of an IAS business; merger, purchase, sale, joint venture or any other type of acquisition or business combination of all or any portion of IAS’s assets; or transfer of all or a portion of IAS’s business to another company, whether as a going concern or as part of bankruptcy, liquidation or similar proceeding.
3.2.3.4 Disclosures to Public Authorities
IAS may share visitors’ Personal Data to comply with the law, law enforcement or other legal process and, where permitted, in response to a government request. IAS may also disclose Personal Data to other parties when compelled to do so by government authorities or required by law, regulation or legal process including, but not limited to, in response to court orders and subpoenas.
3.2.4 Unaffiliated Content, Services, Analytics and Social Features
The Website may include hyperlinks to other sites, platforms, applications or services operated by unaffiliated parties (“Third-Party Service(s)”). These Third-Party Services may use their own cookies, web beacons and other tracking technologies to independently collect Personal Data about visitors and may solicit Personal Data from them. Please note that if you visit a Third-Party Service, that unaffiliated party may collect Personal Data about you. IAS is not responsible for the privacy practices of Third-Party Services. You should review the terms, policies, settings, of these Third-Party Services to learn more about their privacy practices.
Certain functionalities on the Websites permit interactions that visitors initiate between the Website and certain Third-Party Services, such as third-party social networks (“Social Features”). Examples of Social Features include “liking” or “sharing” IAS’s content or logging in to the Service using a third-party account (e.g., using LinkedIn to sign in to the Website). If visitors post information on a third-party service that references IAS (e.g., by using a hashtag associated with IAS in a tweet or status update), their posts may be used on or in connection with the Website or otherwise by IAS. Also, both IAS and the Third-Party Services may have access to certain Personal Data about visitors and their use of the Service and other Third-Party Services.
IAS may engage and work with Sub Processors and other parties to serve advertisements on Third-Party Services. Some of these ads may be tailored to visitors’ interests based on their browsing of the Website and elsewhere on the Internet and may include the use of precise location and/or Cross-Device Data, sometimes referred to as “interest-based advertising,” “targeted advertising” and “cross-context behavioral advertising,” which may include sending visitors an ad on a Third-Party Service after they have left the Website (i.e., “retargeting”).
IAS may use Google Analytics or other Sub Processors for analytics services. These analytics services may use cookies and other tracking technologies to help IAS analyze Website users and how they use the Website. Information generated by these services (e.g., their IP address and other Usage Information) may be transmitted to and stored by these Sub Processors on servers in the U.S. (or elsewhere), and these Sub Processors may use this information for purposes such as evaluating visitors’ use of the Website, compiling statistical reports on the Website’s activity and providing other services relating to Website activity and other Internet usage.
3.2.5 Visitor and client rights
3.2.5.1 Opt-Out of Direct Marketing; Email Management
Visitors may opt out at any time from the use of their Personal Data for direct marketing purposes and/or the transfer of their Personal Data to third parties for direct marketing purposes here. Visitors should allow IAS a reasonable time to process their request.
Visitors may also manage their receipt of marketing and non-transactional communications by visiting IAS’s Online Subscription Management Center or clicking on the “unsubscribe here” link located on the bottom of any IAS marketing email communications and following the instructions found on the page to which the link takes them. Visitors cannot opt out of receiving transactional communications related to their account or purchase orders.
3.2.5.2 Privacy Rights
The laws in some jurisdictions provide individuals in those jurisdictions with certain rights regarding their Personal Data. Subject to certain exceptions, visitors may have the right to ask IAS to:
- Provide visitors with information about IAS’s processing of their Personal Data and give them access to their Personal Data.
- Update or correct inaccuracies in their Personal Data.
- Delete their Personal Data.
- Transfer a machine-readable copy of their Personal Data to them or another party of their choice.
- Restrict the processing of their Personal Data.
- Object to IAS’s processing of their Personal Data for direct marketing or targeted advertising purposes.
- Obtain information about and object to IAS’s reliance on IAS’s legitimate interests as the basis for processing visitors Personal Data.
Visitors can submit these requests via the IAS Privacy Request Portal here or IAS postal address provided below in 3.2.9.5. IAS may request specific information to help IAS confirm their identity prior to processing their request. Applicable law may require or permit IAS to decline visitors’ requests. If IAS declines their request, IAS will tell them why, subject to legal restrictions. If visitors have questions regarding their Personal Data processing or if they would like to submit a complaint or appeal, they may contact IAS via the IAS Privacy Request Portal here. They may also contact IAS Data Protection Officer at the contact information provided below in 3.2.9.5. IAS will do its best to resolve any questions or concerns that visitors may have. Visitors may also submit a complaint to the data protection regulator in their jurisdiction. We will respond to your request within a reasonable timeframe.
3.2.6 Legal Bases for Processing
IAS’s processing of visitors’ Personal Data is carried out pursuant to the following legal bases:
- The processing is necessary for IAS to provide visitors with the products and services they request or to respond to their inquiries.
- IAS has a legal obligation to process visitors’ Personal Data, such as compliance with applicable tax and other government regulations or compliance with a court order or binding law enforcement request.
- IAS has a legitimate interest in carrying out the processing activity. In particular, IAS has a legitimate interest in the following cases:
- To analyze and improve the safety and security of the Website. This includes implementing and enhancing security measures and safeguards and protecting against fraud, spam and abuse.
- To maintain and improve the Website.
- To operate the Website and provide visitors with certain information and communications tailored to, and in accordance with, their preferences.
- More information IAS’s legitimate interest balancing test may be obtained by contacting IAS at privacy@integralads.com.
- Visitors have consented to the processing of their Personal Data. When they consent, they may change their mind at any time.
3.2.7 International Transfers
IAS servers are located in the U.S. If visitors are located outside of the U.S., they should be aware that any Personal Data provided to IAS or collected by IAS will be transferred from their country of origin to the U.S., as IAS servers are located in the U.S. For Personal Data transferred from IAS subsidiaries located within the EU, U.K. or Switzerland to IAS, note that IAS has executed the European Commission’s Standard Contractual Clauses to legally transfer such data. Visitors from the EU, U.K. and Switzerland may obtain information about the transfer mechanisms implemented at the IAS Data Protection Portal here.
EU-U.S. Data Privacy Framework with UK Extension, and Swiss-U.S. Data Privacy Framework
Integral Ad Science, Inc. (“IAS”) complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. IAS has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) under the UK Extension to the EU-U.S. DPF. IAS has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/.
IAS is responsible for the processing of personal data it receives, under the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and Swiss-U.S. DPF and subsequently transfers to a third party acting as an agent on its behalf. IAS complies with the EU-U.S. DPF Principles and the Swiss-U.S. DPF Principles for all onward transfers of personal data from the EU, UK, and Switzerland, including the onward transfer liability provisions.
The Federal Trade Commission has jurisdiction over IAS’ compliance with the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF. In certain situations, IAS may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
In compliance with the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF, IAS commits to refer unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF to TRUSTe, an alternative dispute resolution provider based in the United States. If you do not receive timely acknowledgment of your DPF Principles-related complaint from us, or if we have not addressed your DPF Principles-related complaint to your satisfaction, please see section 3.2.9.5 How to Contact Us for how to contact our third party Independent Recourse Mechanism.
For complaints regarding EU-U.S. DPF, the UK Extension to the EU-U.S DPF, and Swiss-U.S. DPF compliance not resolved by any of the other DPF mechanisms, you have the possibility, under certain conditions, to invoke binding arbitration. Further information can be found on the official DPF website: https://www.dataprivacyframework.gov/s/article/ANNEX-I-introduction-dpf?tabset-35584=2.
3.2.8 Personal Data Security
IAS takes the security and privacy of the Personal Data that it collects and otherwise processes pursuant to this Privacy Policy very seriously. Accordingly, IAS will implement reasonable and appropriate security measures to protect Personal Data from loss, misuse, unauthorized access or disclosure, alteration or destruction, taking into account the risks involved in processing and the nature of the Personal Data and compliance with applicable laws and regulations.
3.2.9 General
3.2.9.1 Retention of Personal Data
IAS will retain Personal Data for as long as it is needed to fulfill the purpose for which it was collected or as required by the law. To determine the appropriate retention period, IAS will consider the amount, nature and sensitivity of the data; the potential risk of harm from unauthorized use or disclosure of the data; the purposes for which IAS processes the data and whether IAS can achieve those purposes through other means; and the applicable legal requirements. Unless otherwise required by applicable law, at the end of the retention period IAS will remove Personal Data from its systems and records or take appropriate steps to properly anonymize it.
3.2.9.2 Children
IAS does not market its Website to minors and does not knowingly collect any Personal Data from children under the age of sixteen through its Website. If a person has reason to believe that a child under the age of sixteen has provided Personal Data to IAS, they should contact IAS at privacy@integralads.com, and IAS will endeavor to delete that Personal Data from its databases immediately.
3.2.9.3. U.S. State Privacy Rights
If visitors are California or Virginia residents, they should review IAS’s Supplemental U.S. State Privacy Notice here, which describes their rights under the state-specific privacy laws and provides additional information regarding IAS’s collection, use and disclosure of Personal Data.
3.2.9.4 Changes to this Privacy Policy
We may update this Privacy Notice and its effective date to reflect changes to our data governance practices. If we propose to make any material changes, we will notify you by means of a notice on this page. We encourage you to periodically review this page for the latest information on our privacy practices.
3.2.9.5 How to Contact Us
If anyone has questions about this Privacy Policy, please contact IAS in one of the following ways:
E-mail IAS at privacy@integralads.com
Or write to IAS at:
Integral Ad Science, Inc.
12 East 49th Street, 20th floor
New York, NY 10017
Attn: Chief Compliance Officer
If visitors from the EEA or UK wish to escalate their inquiry after contacting IAS’s privacy team, they are welcome to contact IAS Data Protection Officer, Lucid Privacy Group.
E-mail the DPO at dpo@integralads.com
Or write to IAS at: Lucid Privacy
1556 Shrader Street
San Francisco CA 94117
Attn: Integral Ad Science
If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.
