Interest Based Ads

Last Updated: December 19, 2022  

What does our Interest Based Ads Privacy Policy Cover?

We want to be transparent with you about how we collect and use your Personal Data in providing our technology to website and mobile app publishers (“Publishers”) and online advertisers (“Advertisers”).

With that in mind, this Interest Based Ads Privacy Policy is designed to describe:

This Interest Based Ads Privacy Policy does not cover Personal Data collected or used in respect of access to our website or use of the Nativo Platform – this information can be found here.

EU-wide data protection legislation known as the “General Data Protection Regulation” or “GDPR” (a copy of which is posted here), has effect from May 25th, 2018. California data protection legislation known as the “California Consumer Privacy Act of 2018” or “CCPA” has effect from January 1, 2020, as amended and superseded by the "California Privacy Rights Act of 2020" or "CPRA." The Interest Based Ads Privacy Policy is intended to meet our duties of Transparency under the GDPR, the CPRA and other applicable privacy and data protection laws.

We will post any modifications or changes to this Interest Based Ads Privacy Policy on this page.

Who we are.

We are Nativo, Inc. We are a Delaware company. Our address is: 222 Pacific Coast Highway, 10th Floor, El Segundo, CA 90245.

We have appointed a “Data Protection Officer”; this is a person who is responsible for overseeing and advising us in relation to our compliance with the GDPR (including compliance with this Interest Based Ads Privacy Policy) and other privacy and data protection laws. If you want to contact our Data Protection Officer directly, you can email: [privacy@nativo.com].

What we do.

Nativo is an advertising technology provider. We focus on delivery of online advertisements (“Ads”). This may include “native” Ads, which refers to content (which may be a textual article, an image and/or a video) that adopts the look and feel of adjacent editorial content, but that is separately labeled as sponsored or advertising content. It may also include more traditional digital Ads (e.g., a banner Ad displayed at the top or along the side of a website).

Our technology enables us to ensure that you see Ads on Publishers’ websites and mobile apps (“Publisher Properties”) that we, Publishers and Advertisers think you would prefer to see, based on your previous interaction with other Publisher Properties and the Advertiser’s websites and mobile apps (“Advertiser Properties” and collectively with Publisher Properties “Properties”). This decision is made based on online activity associated with:

  • In the context of web users – a unique identifier (which is resettable) assigned to a particular cookie (a “Cookie ID”) we place on your device (the “Nativo Cookie”); or
  • In the context of mobile users – mobile advertising IDs (such as iOS Advertising Identifiers and Google’s Advertising IDs), these are unique identifiers (which are resettable) set by the applicable mobile operating system provider (“Mobile Advertising IDs”).

To enable us to provide these services we have developed software for Publishers and Advertisers to integrate into their Properties. This software, together with the Nativo Cookie we set, enables us to:

  • display tailored Ads to you when you visit Publisher Properties;  
  • collect and build certain User Profile Records tied to information associated with your current Cookie ID or Mobile Advertising ID – the meaning of the term ‘User Profile Records’ can be found here;
  • limit the number of times you see a particular Ad; and  
  • measure the effectiveness of Ads and other Advertiser content.

Cookies.

The Nativo Cookie we set is a ‘persistent’ browser cookie. This means the Nativo Cookie remains on your device even after you close out of your browser or turn off your device.

Nativo uses this Nativo Cookie to help us store basic information about a user of website-based Properties. This enables us to either:

  • identify that user when we see them on a different Property; or
  • remember not to serve that user targeted Ads if they opt out.

To be able to do the above, we need to collect:

  • the Cookie ID; and
  • information about whether that user has opted-out or not.

Effect of clearing your Cookies.

All the information we have about a web-based user is tied to the Cookie ID that is assigned to the Nativo Cookie currently placed on their device. If you clear your cookies, it will delete the Nativo Cookie and therefore the Cookie ID will no longer identify a cookie on your device. This means the next time you visit a Property, we will not recognize you or your device, we will treat you as an entirely new user we have never seen before and we will set the Nativo Cookie (together with a new Cookie ID) again.

Important note: if you clear or reject cookies, you will also clear the Nativo Cookie that lets us know that you have opted out of Nativo’s Ads. So, if you’ve previously opted out and clear/reset your cookies, you will need to opt out again – following the steps outlined here.

Expiry date of the Nativo Cookie.

The Nativo Cookie expires: a year following the time at which you last viewed an Ad we served.

Mobile Advertising IDs.

Nativo collects Mobile Advertising IDs to help us store basic information about users of mobile app-based Properties. This enables us to identify that user when we see them on a different mobile app-based Property. To be able to do that, we need to collect the Mobile Advertising ID itself.

Effect of resetting your Mobile Advertising ID.

All the information we have about a mobile-based user is tied to their current Mobile Advertising ID. If you reset your Mobile Advertising ID, the next time you visit a mobile app-based Property, we will not recognize you or your device, we will treat you as an entirely new user we have never seen before, and we will collect your new Mobile Advertising ID.

What "Your Rights" are (including your 'opt-out' rights).

Opting-out from your Desktop Browser.
You can opt out of all targeting of any Ads by all Advertisers using Nativo’s services using Personal Data collected on your browser by clicking below:

You are currently not opted out.

When you opt out of receiving interest-based Ads, we will stop collecting Personal Data from the browser that you used to opt out for purposes of targeting Ads. In addition, we will, as soon as reasonably possible, permanently decouple any information we hold from your Cookie ID.

Note that if you use multiple devices and/or web browsers, you would need to visit this link on each browser/device to fully opt-out of interest-based Advertising.

In addition, Nativo has a partnership with Liveramp to provide our Advertiser and Publisher partners the ability to do Audience-Matched Advertising, which uses data linked, or previously linked, to personally-identified information for the purpose of tailoring advertising. To opt-out of this type of advertising please visit the Liveramp opt-out link here.


Opting-out on Mobile.
iOS:

  • Go to ‘Settings’
  • Scroll down to ‘Privacy’
  • Scroll down to ‘Advertising’
  • Shift the ‘Limit Ad Tracking’ slider to the right.

Reset your iOS Advertising Identifier: if at any time you wish to reset your iOS Advertising Identifier, which will disassociate that Mobile Advertising ID (and any data collected using that Mobile Advertising ID) from your device and cause us to start afresh, you can do so by replacing the final step with “Click on ‘Reset Advertising Identifier’”.

Android:

  • Go to ‘Settings’
  • Scroll down and click on ‘Google’
  • Scroll down and click on ‘Ads’
  • Shift the ‘Opt out of Ads Personalization’ slider to the right.

Reset your Android Advertising ID: if at any time you wish to reset your Android Advertising ID, which will disassociate that Mobile Advertising ID (and any data collected using that Mobile Advertising ID) from your device and cause us to start afresh, you can do so by replacing the final step with “Click on ‘Reset advertising id’”.

Find your Android Advertising ID: if at any time you want to know your Android Advertising ID, you can find it at the bottom of the ‘Ads’ section referred to above. You will need to find your Android Advertising ID to send it to us if you want to make a specific Erasure or Access request in respect of your Android device.

Other options.

Nativo is a member in good standing of the Network Advertising Initiative (NAI) and undergoes an annual review by the NAI. You may use the NAI opt out tool, which will allow you to opt out of receiving tailored online ads from Nativo and from other NAI members.

Nativo participates as a vendor in the IAB Europe’s Transparency and Consent Framework and intends to participate as a Framework Participant in the IAB US State Signals for technology companies to manage data collection and processing in California. If you are located in the European Economic Area (EEA), Switzerland, the United Kingdom or United States, you may be presented with certain choices regarding our collection and use of your Personal Data when you visit Publisher Properties, which choices may be passed to us via the IAB Europe’s Transparency and Consent Framework or the IAB US State Signals, as applicable. We honor consumer choices that we receive via those Frameworks.

Reset your web-based User Profile Records.
If you want to continue to see our tailored Ads on your web browser, but want us to clear the information we currently associate with you and your device, you should remove your cookies – as described below, in effect this will reset your User Profile Record.

You can typically remove or reject cookies via your browser settings. In order to do this, follow the instructions provided by your browser (usually located within the “settings,” “help” “tools” or “edit” facility).

As noted above, all the information we have about a web-based user is tied to the Cookie ID that is assigned to the Nativo Cookie currently placed on their device. If you clear your cookies, it will delete the Nativo Cookie and therefore the Cookie ID (and associated User Profile Records) will no longer identify a cookie on your device. This means the next time you visit a Property, we will not recognize you or your device, we will treat you as an entirely new user we have never seen before and we will set the Nativo Cookie (together with a new Cookie ID) again.

ADDITIONAL PRIVACY RIGHTS FOR EEA, UK AND SWITZERLAND USERS

If you are located in the European Economic Area, the United Kingdom or Switzerland, you have the following additional rights:

Erasure.
In addition to the opt-out rights described above, you may have the right to request that we erase Personal Data we hold about you in certain situations. You can exercise these rights by contacting our Data Protection Officer at privacy@nativo.com or by filling out our Data Subject Request Form. Since we don’t have a way to identify your data by name in our systems, we may need to request certain information from you (such as the applicable Cookie ID and Mobile Advertising IDs from your systems) to complete this request.

When we receive an eligible request to erase your Personal Data, we will try to comply with it as soon as reasonably practicable and (in any event) within one month.

Access.
You may also have the right, in certain situations, to request that we provide you with the Personal Data associated with your current Cookie ID and/or Mobile Advertising ID. You can exercise this right, if applicable, by contacting our Data Protection Officer at privacy@nativo.com or by filling out our Data Subject Request Form. Since we don’t have a way to identify your data by name in our systems, we may need to request certain information from you (such as the applicable Cookie ID and Mobile Advertising IDs from your systems) to complete this request.

When we receive an eligible request to provide you with the Personal Data associated with your current Cookie ID and/or Mobile Advertising ID, we will try to comply with it as soon as reasonably practicable and (in any event) within one month.  

Correction and amendment.
As the Personal Data we hold about you is ‘pseudonymous’ (for more information on what this means, see here), we do not know who you are. This means we would not be able to correct or amend any Personal Data that may be inaccurate.

However, if you believe we hold information about you that is inaccurate or you would like to correct or amend, we recommend you contact our Data Protection Officer at: privacy@nativo.com or by filling out our Data Subject Request Form.

Right to object.
You may have a right to object to our use of your Personal Data, in certain situations. If you want to exercise this right at any time, the quickest and easiest way to do so is by ‘opting out’ following the steps described here.

Alternatively, you may also have the right to request that we ‘erase’ your Personal Data by following the steps outlined here. However, this will be a more manual, lengthier process.

Complaints.
If you would like to make a complaint regarding this Interest Based Ads Policy or our practices in relation to your Personal Data, please contact our Data Protection Officer at privacy@nativo.com

We will reply to your complaint as soon as we can and in any event, within forty-five (45) days.

If you feel that your complaint has not been adequately resolved, please note that the GDPR gives you the right to contact your local data protection supervisory authority, which for the UK, is the Information Commissioner’s Office.

For EEA residents: Please contact our EU Representative at eurep@nativo.com.

Alternatively, they can be reached by post or phone:

The DPO Centre

Alexandra House

3 Ballsbridge Park

Dublin

D04C 7H2

(+353 1 631 9460)

www.dpocentre.com

ADDITIONAL PRIVACY RIGHTS FOR CALIFORNIA AND SPECIFIC US STATE USERS

Effective January 1, 2020, If you are a resident of the State of California (as defined in Section 17014 of Title 18 of the California Code of Regulations), then you have the below additional rights under the California Consumer Privacy Act of 2018 (CCPA), as amended by the California Consumer Privacy Rights Act of 2020 (CPRA), effective January 1, 2023. Any terms defined in the CPRA have the same meaning when used in this Section. In addition, depending on where you reside, you may have certain data protection rights under laws applicable to you and such state. Those rights may include the following rights.

Deletion. You have the right to request the deletion of your personal information that we have collected and retained, subject to certain exceptions.  

Disclosure. You have the right to request, no more than twice in a 12-month period, disclosure of the personal information about you that we collect, use, disclose and sell during the preceding year, which shall include as follows:

• The categories of personal information that we’ve collected and sold about you, or shared for a business purpose with our service providers.

• The categories of sources from which we collected such information.

• The categories of third parties with whom we’ve shared that personal information and to whom we’ve sold that personal information.  

• Our business or commercial purpose for collecting or selling that personal information.

• The specific pieces of personal information we collected about you in a format that is easily understandable, and to the extent technically feasible, in a structured, commonly used, machine-readable format. That information may then be transmitted to another entity at your request without hindrance.

Correction. If the personal information we hold about you is inaccurate or incomplete, you are entitled to have it corrected or completed.

Non-Discrimination. We will not discriminate against you for exercising any of your privacy rights.  

Opt out. You have the right to opt out of our “sale” of your personal information to third parties.  

If you wish to contact us to submit a data subject request, please feel free to contact us by email at privacy@nativo.com, or by filling out our Data Subject Request Form. Your request must: (a) provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative; and (b) describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it. Since most of the information we collect is pseudonymous and not connected to your name or email address, we may need to request additional information from you, such as your cookie or mobile advertising ID, to identify you and comply with your request.    

You may appeal the denial of a request by emailing us at privacy@nativo.com.

For purposes of exercising your rights above, please refer to the “What Personal Data we Collect”, “How we Use Your Personal Data and Why” and “Who We Share Your Personal Data With” sections of this policy, which discloses the categories of personal information we have collected about consumers in the previous 12 months and the categories of personal information that we have disclosed for a business purpose or sold to third parties in the previous 12 months. You may designate an authorized agent to make a CPRA request on your behalf by verifying your identity and providing written permission to your agent to make the request for you.

To opt out of the use of your personal information for interest-based-advertising purposes, please refer to the “What Your Rights Are” Section of this policy. For clarity, under CPRA personal information does not include de-identified or aggregated consumer information.  

LEARN MORE

What Personal Data we collect.

All the Personal Data we collect, both from you and from third parties about you, is outlined in the table below.

“Personal Data” refers to information about you that may be considered “personal data” or “personal information” under GDPR, CPRA or other applicable privacy or data protection laws.

As further detailed below, the personal information we collect may include: (A) identifiers, such as your Internet Protocol address, cookie identifiers and mobile device identifiers; and (B) Internet or other electronic network activity information, such as information regarding your interaction with our Publisher and Advertiser websites, mobile properties or advertisements that you view or visit. We may also draw and store inferences about you and your preferences from the information we collect.      

Three important notes:

  • All the Personal Data we collect from you directly, and that we receive from third parties, is ‘pseudonymous data’. It does not directly identify you – e.g., we do not collect or know your: name, email, phone number, date of birth etc. We do not take any steps to try to link any information we hold to any specific individual.
  • Although we do receive Personal Data from third party sources, please note that no such Personal Data is available to the general public (e.g., we’re not scraping Personal Data from social media sites).
  • Our customers and other third parties that use our services may use their own tags, cookies or similar tracking technologies (or those of third-party suppliers or affiliates) on their advertisements and on certain digital properties in connection with their use of our services. We are not responsible for the use by our customers or any third parties of these tracking technologies or their privacy practices.
Category of Personal Data collected What this means How we collect it
User Profile Records Cookie ID or Mobile Advertising ID (as applicable) and reference data tied to that Cookie ID or Mobile Advertising ID (i.e., previous history of interacting with site content and ads, including pages visited, ads viewed and frequency of ads viewed). To improve the relevance of the data we collect directly, we also supplement it with applicable Segment Data and Location Data we receive (see below). Via the Nativo Cookie or your Mobile Advertising ID when you visit a Property.
Log Records Log records contain transactional data describing details about a user session and ad impression, including timestamp, Cookie ID or Mobile Advertising ID (as applicable), user agent (device, browser, etc.), IP address, browser language, page visited, referring page, logged-in status and key/value records. Via the Nativo Cookie or your Mobile Advertising ID when you visit a Property.
Segment Data Audience segments containing inferred interests, and approximate demographic information, age range and gender, tied to a Cookie ID or Mobile Advertising ID (as applicable). Segment Data may include Non-Sensitive Health-Related Segments (see below). Received from Data Management Platforms
Note: this is a third party source.
Non-Sensitive Health-Related Segments Audience segments containing inferred non-sensitive health-related interests, such as interest in treatments for knee-pain, ulcers, migraines, eczema or other similar non-sensitive conditions. Received from Data Management Platforms
Note: this is a third party source.
Location Data This is ‘non-precise’, inferred location information tied to an IP address. This gives us a zip code-level (or above) picture of the location of your IP address. Received from IP Resolution Providers
Note: this is a third party source.

How we use your Personal Data and why.

Purpose Category(ies) of Personal Data involved Why do we do this Our legal basis for this use of data (European Economic Area, Switzerland and United Kingdom visitors only)
To serve you with tailored Ads User Profile Records

Segment Data

Location Data
Using this data helps us tailor the ad experience for you, ensuring that you see Ads that are relevant to your interests. As we cannot ask you directly what your preferences are, we use your previous history of interacting with content on Properties and Ads to build a profile of your interests and to infer additional information about you. We also enhance your profile by syncing our Cookie ID with cookie IDs that third parties have assigned to you. We rely on your consent, which is obtained for us by the operator of the Properties that use our technology.
To serve you with contextual Ads (i.e., Select Basic Ads) Location Data and user agent
We collect and process your IP address and user agent in order to determine your Location Data for purposes of determining whether you are in the European Economic Area, Switzerland or United Kingdom and whether to request your consent for the purposes described above. If you are located in the European Economic Area, Switzerland or the United Kingdom and you do not provide consent (or subsequently revoke consent), we select and deliver a basic contextual Ad (non-personalized) based on Location Data and real-time data. Our legitimate interests, as well as those of our Publishers. It is essential to comply with GDPR and enable our Publishers to comply with GDPR to determine whether you are located in a country subject to GDPR and to identify you as a visitor who has opted out, as applicable. This then gives us the ability to select basic geo-targeted ads (using non-precise Location Data), to technically deliver basic ads as necessary to provide basic services to our Advertiser and Publisher customers.
Cross device tracking User Profile Records

Segment Data (including Non-Sensitive Health Related Segments)

Location Data
We may tie the Cookie ID or Mobile Advertising ID (and related records) associated with your current device to a Cookie ID or Mobile Advertising ID (and related records) associated with other devices that you may use (e.g., your computer, tablet and phone) in order to measure and target advertisements tailored to your interests across your devices. We rely on your consent, which is obtained for us by the operator of the Properties that use our technology.
Frequency capping Log Records We log how many times you’ve seen a particular Ad, to ensure that you do not see it too often. We rely on your consent, which is obtained for us by the operator of the Properties that use our technology.
Reporting Log Records We use your Log Records to prepare reports (which do not themselves include individual Log Records) to report on campaign delivery and performance and interaction with Properties. We rely on your consent, which is obtained for us by the operator of the Properties that use our technology.
Troubleshooting Log Records We use Log Records to track issues that might be occurring on our systems. We rely on your consent, which is obtained for us by the operator of the Properties that use our technology, to retain your full Log Records for troubleshooting purposes. For users who do not provide consent, we rely on our legitimate interests to retain a subset of Log Records (IP address and user agent) for troubleshooting purposes. It is in our legitimate interests that we are able to monitor and ensure the proper operation of our systems and services.
Fraud Prevention Log Records We use Log Records to monitor for potential fraudulent use, such a person mimicking a user to make it look like more people are interacting with an Ad than actually are in reality. Our Publisher and Advertiser partners also require us to keep Log Records so that they can audit us, which they may do from time-to-time to make sure we are acting responsibly. We rely on your consent, which is obtained for us by the operator of the Properties that use our technology, to retain your full Log Records for fraud prevention purposes. For users who do not provide consent, we rely on our legitimate interests, as well as those of Publishers and Advertisers, to retain a subset of Log Records (IP address and user agent) for fraud prevention purposes. It is essential for the integrity of our operations that we ensure our services are conducted free from fraud.
Compliance IP address and user agent; Location Data; opt-out Cookie ID We collect and process your IP address and user agent in order to determine your Location Data for purposes of determining whether you are in the European Economic Area, Switzerland or United Kingdom and whether to request your consent for the purposes described above. If you are located in the European Economic Area, Switzerland or the United Kingdom and you do not provide consent (or subsequently revoke consent), we set an opt-out cookie and retain a corresponding opt-out cookie ID for purposes of identifying you as a visitor who has not provided consent. Our legitimate interests, as well as those of our Publishers. It is essential to comply with GDPR and enable our Publishers to comply with GDPR to determine whether you are located in a country subject to GDPR and to identify you as a visitor who has opted out, as applicable.

Who we share your Personal Data with.

The table below describes who we share your Personal Data with, what we share and why we share it.

We endeavor to ensure that people to whom we provide Personal Data hold it subject to appropriate safeguards and controls. In addition, where relevant, when we share Personal Data with third parties who are not directly subject to the GDPR, we make sure:

- that party is either:

  • based in a country that has laws and institutions in place; or
  • part of a sector or participates in a framework, that the European Union considers ensures that your Personal Data will be adequately protected; or

- adequate safeguards are in place to ensure your Personal Data will be protected in line with the requirements of the GDPR.

Important note: as above, all the Personal Data we share is ‘pseudonymous’.    

Recipients Category(ies) of Personal Data we share. Why we share this Personal Data
Demand Side Platforms, Supply Side Platforms, Ad Networks, Exchanges, and Dynamic Creative Optimization Partners (At a high-level, these are technology providers we partner with that use software programs to enable Advertisers to buy ad space on Publisher Properties). Segment Data (including Non-Sensitive Health Related Segments), Location Data, device information (i.e., device type, make, model, and user agent string, which contains additional information about your device and application you are using), browser language and IP address, in each case tied to a Cookie ID or Mobile Advertising ID. To allow Demand Side Platforms to target advertising content you will see as Ads more effectively.
Hosting Provider User Profile Records; Log Records; Segment Data (including Non-Sensitive Health Related Segments); and Location Data. Our services are hosted on our proprietary Nativo Platform. In order to host this service, we have to pass all the data we hold (including your Personal Data) to our hosting provider
Affiliates User Profile Records; Log Records; Segment Data (including Non-Sensitive Health Related Segments); and Location Data. As a group of companies, we rely on affiliates to provide certain services to us. All affiliates are required to adhere to the descriptions and specifications set out in this Interest Based Ads Privacy Policy.
An acquirer or insolvency practitioner User Profile Records; Log Records; Segment Data (including Non-Sensitive Health-Related Segments); and Location Data. We may share Personal Data when we do a business deal, or negotiate a business deal, involving the sale or transfer of all or a part of our business or assets. These deals can include any merger, financing, acquisition, or bankruptcy transaction or proceeding. All counterparties will be required to keep such information strictly confidential.
Law enforcement agencies and regulatory authorities User Profile Records; Log Records; Segment Data (including Non-Sensitive Health Related Segments); and Location Data. We may share Personal Data as we believe necessary or appropriate:
• to comply with applicable laws; and/or
• to comply with lawful requests and legal process, including to respond to requests from public and government authorities to meet national security or law enforcement requirements.

How we keep your Personal Data secure.

We have put in place appropriate security measures to prevent your Personal Data from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed.

We limit access to your Personal Data to those employees and other staff who have a business need to have such access. All such people are subject to a contractual duty of confidentiality.

We have put in place procedures to deal with any actual or suspected Personal Data breach. In the event of any such breach, we have systems in place to work with applicable regulators. In addition, in certain circumstances (e.g., where we are legally required to do so) we may notify you of this breach.

Important note: as the Personal Data we hold about you is ‘pseudonymous’, we do not know who you are – so, we don’t have any means of liaising with you directly to inform you of any Personal Data breach that may have occurred. Although this will be decided on a case-by-case basis, working in conjunction with the regulator, it is most likely that we will provide notice of any such breach by way of a general posting on this website.

How long we store your Personal Data.

We will only retain your Personal Data for so long as we reasonably require it to use it for the purposes set out above, unless a longer retention period is required by law (for example for regulatory purposes):

The table below shows our standard retention practices:

Category of Personal Data Retention period
User Profile Records (plus associated Segment Data and Location Data) We permanently delete User Profile Records (plus any associated Segment Data and Location Data) forty-five (45) days after we last see repeat visits on a Property from a user with a known Cookie ID. Please note: this means that we keep User Profile Records for as long as the user with a known Cookie ID remains active on Properties
Log Records We keep Log Records for a maximum of two (2) years from the data on which they are collected, after which they will be deleted permanently. The duration of this retention period is required to ensure that we are able to retain this information for as long as is needed to comply with our obligations to our Publishers and Advertisers relating to Fraud Prevention (particularly audit requests) and Campaign Reporting