Cart 0

What does our Interest Based Ads Privacy Policy Cover?

We want to be transparent with you about how we collect and use your Personal Data in providing our technology to website and mobile app publishers (“Publishers”) and online advertisers (“Advertisers”).

With that in mind, this Interest Based Ads Privacy Policy is designed to describe:

This Interest Based Ads Privacy Policy does not cover Personal Data collected or used in respect of access to our website or use of the Nativo Platform – this information can be found here.

Incoming, EU-wide data protection legislation known as the “General Data Protection Regulation” or “GDPR” (a copy of which is posted here), will have effect from May 25th, 2018. The Interest Based Ads Privacy Policy is intended to meet our duties of Transparency under the GDPR.

We will post any modifications or changes to this Interest Based Ads Privacy Policy on this page.

Who we are.

We are Nativo, Inc. We are a Californian company. Our address is: 100 N. Sepulveda Blvd., 10th Floor, El Segundo, CA 90245.

We have a UK subsidiary called Nativo London Limited. Its address is: 5 Margaret Street, 2nd Floor, London, UK W1W 8RG.

When we refer to “Nativo”, “we” or “us” in this Interest Based Ads Privacy Policy, we are referring to both ourselves and our UK subsidiary.

We have appointed a “Data Protection Officer”, this is a person who is responsible for overseeing and advising us in relation to our compliance with the GDPR (including compliance with this Interest Based Ads Privacy Policy). If you want to contact our Data Protection Officer directly, you can email: [privacy@nativo.com].

What we do.

Nativo is an advertising technology provider.

We focus on delivery of online advertisements (“Ads”). This may include “native” Ads, which refers to content (which may be a textual article, an image and/or a video) that adopts the look and feel of adjacent editorial content, but that is separately labeled as sponsored or advertising content. It may also include more traditional digital Ads (e.g., a banner Ad displayed at the top or along the side of a website).

Our technology enables us to ensure that you see Ads on Publishers’ websites and mobile apps (“Publisher Properties”) that we, Publishers and Advertisers think you would prefer to see. This decision is made based on online activity associated with:

  • In the context of web users – a unique identifier (which is resettable) assigned to a particular cookie (a “Cookie ID”) we place on your device (the “Nativo Cookie”); or
  • In the context of mobile users – mobile advertising IDs (such as iOS Advertising Identifiers and Google’s Advertising IDs), these are unique identifiers (which are resettable) set by the applicable mobile operating system provider (“Mobile Advertising IDs”).

Important note: although we collect both Cookie IDs and Mobile Advertising IDs, we do not engage in ‘cross‑device tracking’ – i.e., we do not link multiple identifiers collected across your different devices and browsers to create a consolidated picture of your cross-device online activity or behavior. 

To enable us to provide these services we have developed software for Publishers to integrate into their Publisher Properties. This software, together with the Nativo Cookie we set enables us to:

  • display tailored Ads to you when you visit Publisher Properties; and
  • collect and build certain User Profile Records tied to information associated with your current Cookie ID or Mobile Advertising ID – the meaning of the term ‘User Profile Records’ can be found here.

Cookies.

The Nativo Cookie we set is a ‘persistent’ browser cookie. This means the Nativo Cookie remains on your device even after you close out of your browser or turn off your device.

Nativo uses this Nativo Cookie to help us store basic information about a user of website-based Publisher Properties. This enables us to either:

  • identify that user when we see them on a different Publisher Property; or
  • remember not to serve that user targeted Ads if they opt out.

To be able to do the above, we need to collect:

  • the Cookie ID; and
  • information about whether that user has opted-out or not.

Effect of clearing your Cookies.

All the information we have about a web-based user is tied to the Cookie ID that is assigned to the Nativo Cookie currently placed on their device. If you clear your cookies, it will delete the Nativo Cookie and therefore the Cookie ID will no longer identify a cookie on your device. This means the next time you visit a Publisher Property, we will not recognize you or your device, we will treat you as an entirely new user we have never seen before and we will set the Nativo Cookie (together with a new Cookie ID) again.

Important note: if you clear or reject cookies, you will also clear the Nativo Cookie that lets us know that you have opted-out of Nativo’s Ads. So, if you’ve previously opted-out and clear/reset your cookies, you will need to opt out again – following the steps outlined here.

Expiry date of the Nativo Cookie.

The Nativo Cookie expires: a year following the time at which you last viewed an Ad we served.

Mobile Advertising IDs.

Nativo collects Mobile Advertising IDs to help us store basic information about users of mobile app-based Publisher Properties. This enables us to identify that user when we see them on a different mobile app-based Publisher Property. To be able to do that, we need to collect the Mobile Advertising ID itself.

Effect of resetting your Mobile Advertising ID.

All the information we have about a mobile-based user is tied to their current Mobile Advertising ID. If you reset your Mobile Advertising ID, the next time you visit a mobile app-based Publisher Property, we will not recognize you or your device, we will treat you as an entirely new user we have never seen before, and we will collect your new Mobile Advertising ID.

What "Your Rights" are (including your 'opt-out' rights).

Opting-out from your Desktop Browser.
You can opt out of all tracking and targeting of any Ads by all Advertisers using Nativo’s services on your browser by clicking below:

You are currently opted out.

When you opt out of receiving interest-based Ads, we will stop collecting Personal Data from the browser that you used to opt out. In addition, we will, as soon as reasonably possible, permanently decouple any information we hold from your Cookie ID.


Opting-out on Mobile.
iOS:

  • Go to ‘Settings’
  • Scroll down to ‘Privacy’
  • Scroll down to ‘Advertising’
  • Shift the ‘Limit Ad Tracking’ slider to the right.

Reset your iOS Advertising Identifier: if at any time you wish to reset your iOS Advertising Identifier, which will disassociate that Mobile Advertising ID (and any data collected using that Mobile Advertising ID) from your device and cause us to start afresh, you can do so by replacing the final step with “Click on ‘Reset Advertising Identifier’”.

Android:

  • Go to ‘Settings’ 
  • Scroll down and click on ‘Google’
  • Scroll down and click on ‘Ads’
  • Shift the ‘Opt out of Ads Personalization’ slider to the right.

Reset your Android Advertising ID: if at any time you wish to reset your Android Advertising ID, which will disassociate that Mobile Advertising ID (and any data collected using that Mobile Advertising ID) from your device and cause us to start afresh, you can do so by replacing the final step with “Click on ‘Reset advertising id’”.

Find your Android Advertising ID: if at any time you want to know your Android Advertising ID, you can find it at the bottom of the ‘Ads’ section referred to above. You will need to find your Android Advertising ID to send it to us if you want to make a specific Erasure or Access request in respect of your Android device.


Reset your web-based User Profile Records.
If you want to continue to see our tailored Ads on your web browser, but want us to clear the information we currently associate with you and your device, you should remove your cookies – as described below, in effect this will reset your User Profile Record.

You can typically remove or reject cookies via your browser settings. In order to do this, follow the instructions provided by your browser (usually located within the “settings,” “help” “tools” or “edit” facility).

As noted above, all the information we have about a web-based user is tied to the Cookie ID that is assigned to the Nativo Cookie currently placed on their device. If you clear your cookies, it will delete the Nativo Cookie and therefore the Cookie ID (and associated User Profile Records) will no longer identify a cookie on your device. This means the next time you visit a Publisher Property, we will not recognize you or your device, we will treat you as an entirely new user we have never seen before and we will set the Nativo Cookie (together with a new Cookie ID) again.

Erasure.
In addition to the opt-out rights described above, you have the right to request that we erase Personal Data we hold about you in certain situations. You can exercise these rights by contacting our Data Protection Officer at privacy@nativo.com. Since we don’t have a way to identify your data by name in our systems, we may need to request certain information from you (such as the applicable Cookie ID and Mobile Advertising IDs from your systems) to complete this request.

When we receive any request to erase your Personal Data, we will try to comply with it as soon as reasonably practicable and (in any event) within one month.  


Access.
If you would like us to provide you with the Personal Data associated with your current Cookie ID and/or Mobile Advertising ID, you can contact our Data Protection Officer at privacy@nativo.com. Since we don’t have a way to identify your data by name in our systems, we may need to request certain information from you (such as the applicable Cookie ID and Mobile Advertising IDs from your systems) to complete this request.

When we receive any request to provide you with the Personal Data associated with your current Cookie ID and/or Mobile Advertising ID, we will try to comply with it as soon as reasonably practicable and (in any event) within one month.  


Correction and amendment.
As the Personal Data we hold about you is ‘pseudonymous’ (for more information on what this means, see here), we do not know who you are. This means we would not be able to correct or amend any Personal Data that may be inaccurate.

However, if you believe we hold information about you that is inaccurate or you would like to correct or amend, we recommend you contact our Data Protection Officer at: privacy@nativo.com.


Right to object.
You have a right to object to our use of your Personal Data. If you want to exercise this right at any time, the quickest and easiest way to do so is by ‘opting out’ following the steps described here.

Alternatively, you can also request that we ‘erase’ your Personal Data by following the steps outlined here. However, this will be a more manual, lengthier process.


Complaints.
If you would like to make a complaint regarding this Interest Based Ads Policy or our practices in relation to your Personal Data, please contact our Data Protection Officer at privacy@nativo.com

We will reply to your complaint as soon as we can and in any event, within forty-five (45) days.

If you feel that your complaint has not been adequately resolved, please note that the GDPR gives you the right to contact your local data protection supervisory authority, which for the UK, is the Information Commissioner’s Office.

What Personal Data we collect.

All the Personal Data we collect, both from you and from third parties about you, is outlined in the table below.

Before you read that table, it might be useful to explain what “Personal Data” is. The GDPR definition of Personal Data can be found here. Essentially, it boils down to: information about an individual, from which that individual is either directly identified or can be identified. 

It does not include ‘anonymous data’ (i.e., information where the identity of individual has been permanently removed).

However, it does include ‘indirect identifiers’ or ‘pseudonymous data’ (i.e., information which alone doesn’t identify an individual but, when combined with certain additional and reasonably accessible information, could be attributed to a particular person).


Two important notes:

  • All the Personal Data we collect from you directly, and that we receive from third parties, is ‘pseudonymous data’. It does not directly identify you – e.g., we do not collect or know your: name, email, phone number, date of birth etc. We do not take any steps to try to link any information we hold to any specific individual.
  • Although we do receive Personal Data from third party sources, please note that no such sources are available to the general public (e.g., we’re not scraping information from social media sites).
Category of Personal Data collected What this means How we collect it
User Profile Records Cookie ID or Mobile Advertising ID (as applicable) and reference data tied to that Cookie ID or Mobile Advertising ID (i.e., previous history of interacting with site content and ads, including pages visited, ads viewed and frequency of ads viewed). To improve the relevance of the data we collect directly, we also supplement it with applicable Segment Data and Location Data we receive (see below). Via the Nativo Cookie or your Mobile Advertising ID when you visit a Publisher Property.
Log Records Log records contain transactional data describing details about a user session and ad impression, including timestamp, Cookie ID or Mobile Advertising ID (as applicable), user agent (device, browser, etc.), IP address, browser language, page visited, referring page, logged-in status and key/value records. Via the Nativo Cookie or your Mobile Advertising ID when you visit a Publisher Property.
Segment Data Audience segments containing inferred interests, and approximate demographic information, age range and gender, tied to a Cookie ID or Mobile Advertising ID (as applicable). Received from Data Management Platforms Note: this is a third party source.
Location Data This is ‘non-precise’, inferred location information tied to an IP address. This gives us a zip code-level (or above) picture of the location of your IP address. Received from IP Resolution Providers Note: this is a third party source.

How we use your Personal Data and why.

Purpose Category(ies) of Personal Data involved Why do we do this Our legal basis for this use of data
To serve you with tailored Ads User Profile Records Segment Data Location Data Using this data helps us tailor the ad experience for you, ensuring that you see ads that are relevant to your interests. As we cannot ask you directly what your preferences are, we use your previous history of interacting with content on Publisher Properties and Ads to build a profile of your interests and to infer additional information about you. Our legitimate interests, as well as those of Publishers and Advertisers. We have a legitimate commercial interest in operating our business. The presence of paid-for advertising content is the cornerstone of the Internet as it exists today. Our provision of our services improves the quality and relevance of advertising content you see. In turn, the payments that we and Publishers each receive when you interact with an Ad mean that our Publishers are able to make available their Properties at either a lower or no cost to you.
Frequency capping Log Records We log how many times you’ve seen a particular Ad, to ensure that you do not see it too often. Our legitimate interests, as well as those of Publishers and Advertisers. To ensure the successful operation of our business (and to stop you becoming frustrated with seeing the same Ad all the time), it is important we cap how often you see a particular Ad.
Campaign Reporting Log Records We use your Log Records to prepare reports (which do not themselves include individual Log Records) to report on campaign delivery and performance. Our legitimate interests, as well as those of Publishers and Advertisers. So that it can be assessed how successful a campaign is, and how many people are interacting with Ads, we need to be able collect information to report back to our Publishers and Advertisers.
Troubleshooting Log Records We use Log Records to track issues that might be occurring on our systems. Our legitimate interests. It is in our legitimate interests that we are able to monitor and ensure the proper operation of our systems and services.
Fraud Prevention Log Records We use Log Records to monitor for potential fraudulent use, such a person mimicking a user to make it look like more people are interacting with an Ad than actually are in reality. Our Publisher and Advertiser partners also require us to keep Log Records so that they can audit us, which they may do from time-to-time to make sure we are acting responsibly. Our legitimate interests, as well as those of Publishers and Advertisers. It is essential for the integrity of our operations that we ensure our services are conducted free from fraud.

Who we share your Personal Data with.

The table below describes who we share your Personal Data with, what we share and why we share it.

We endeavor to ensure that people to whom we provide Personal Data hold it subject to appropriate safeguards and controls. In addition, where relevant, when we share Personal Data with third parties who are not directly subject to the GDPR, we make sure:

  • that party is either:
    • based in a country that has laws and institutions in place; or
    • part of a sector or participates in a framework (e.g., the EU-U.S. Privacy Shield), that the European Union considers ensures that your Personal Data will be adequately protected; or
  • adequate safeguards are in place to ensure your Personal Data will be protected in line with the requirements of the GDPR.

Important note: as above, all the Personal Data we share is ‘pseudonymous’.    

Recipients Category(ies) of Personal Data we share. Why we share this Personal Data
Demand Side Platforms, Supply Side Platforms, Ad Networks, Exchanges, and Dynamic Creative Optimization Partners (At a high-level, these are technology providers we partner with that use software programs to enable Advertisers to buy ad space on Publisher Properties). Segment Data, Location Data, device information (i.e., device type, make, model, and user agent string, which contains additional information about your device and application you are using), and browser language To allow Demand Side Platforms to target advertising content you will see as Ads more effectively.
Hosting Provider User Profile Records; Log Records; Segment Data; and Location Data. Our services are hosted on our proprietary Nativo Platform. In order to host this service, we have to pass all the data we hold (including your Personal Data) to our hosting provider
Affiliates User Profile Records; Log Records; Segment Data; and Location Data. As a group of companies, we rely on affiliates to provide certain services to us. All affiliates are required to adhere to the descriptions and specifications set out in this Interest Based Ads Privacy Policy.
An acquirer or insolvency practitioner User Profile Records; Log Records; Segment Data; and Location Data. We may share Personal Data when we do a business deal, or negotiate a business deal, involving the sale or transfer of all or a part of our business or assets. These deals can include any merger, financing, acquisition, or bankruptcy transaction or proceeding. All counterparties will be required to keep such information strictly confidential.
Law enforcement agencies and regulatory authorities User Profile Records; Log Records; Segment Data; and Location Data. We may share Personal Data as we believe necessary or appropriate:
• to comply with applicable laws; and/or
• to comply with lawful requests and legal process, including to respond to requests from public and government authorities to meet national security or law enforcement requirements.

How we keep your Personal Data secure.

We have put in place appropriate security measures to prevent your Personal Data from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed.

We limit access to your Personal Data to those employees and other staff who have a business need to have such access. All such people are subject to a contractual duty of confidentiality.

We have put in place procedures to deal with any actual or suspected Personal Data breach. In the event of any such breach, we have systems in place to work with applicable regulators. In addition, in certain circumstances (e.g., where we are legally required to do so) we may notify you of this breach.

Important note: as the Personal Data we hold about you is ‘pseudonymous’, we do not know who you are – so, we don’t have any means of liaising with you directly to inform you of any Personal Data breach that may have occurred. Although this will be decided on a case-by-case basis, working in conjunction with the regulator, it is most likely that we will provide notice of any such breach by way of a general posting on this website.

How long we store your Personal Data.

We will only retain your Personal Data for so long as we reasonably require it to use it for the purposes set out above, unless a longer retention period is required by law (for example for regulatory purposes).

The table below shows our standard retention practices:

Category of Personal Data Retention period
User Profile Records (plus associated Segment Data and Location Data) We permanently delete User Profile Records (plus any associated Segment Data and Location Data) forty-five (45) days after we last see repeat visits on a Publisher Property from a user with a known Cookie ID. Please note: this means that we keep User Profile Records for so as long as the user with a known Cookie ID remains active on Publisher Properties.
Log Records We keep Log Records for a maximum of two (2) years from the data on which they are collected, after which they will be deleted permanently. The duration of this retention period is required to ensure that we are able to retain this information for as long as is needed to comply with our obligations to our Publishers and Advertisers relating to Fraud Prevention (particularly audit requests) and Campaign Reporting.

Our policy on children.

We contractually require our Publishers to not place any Ads on, or make available any ad space for Ads on, any Publisher Property that is:

  • directed to children under the age of sixteen (16); or
  • that collects information from users known by Publisher to be under the age of sixteen (16).