<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=134132097137679&amp;ev=PageView&amp;noscript=1">

Pixalate Privacy Policy

Effective as of 14 March 2022

Pixalate Europe Limited and its affiliates (Pixalate,” “we,” “us” or our) are committed to protecting the privacy of individuals. Because we know that you care most about your individual privacy, this Pixalate Privacy Policy is designed to inform you as to how we collect, use, correct and share information.

1. What sites and services are covered by this Privacy Policy?

This Privacy Policy describes Pixalate’s privacy practices in relation to our corporate website, www.pixalate.com (Website), and the products and services that we offer (collectively, the Services), which our clients use in the context of digital advertising to benchmark digital advertising inventory supply quality, identify potentially fraudulent digital advertising inventory, and comply with applicable laws. It applies to information collected: (i) in connection with operation of, access to, and use of our Website and Services, (ii) when our clients, prospective clients and partners express interest in learning more about Pixalate and our Services, and (iii) in connection with the day-to-day operation of our business. By accessing and using our Website or Services, you are hereby acknowledging, and agreeing to, collection, use, disclosure, and the procedures that this Privacy Policy describes. Beyond the Privacy Policy, your use of our Website and Services is also subject to our Terms of Use (https://www.pixalate.com/terms).

2. What do we do with information collected in connection with our Website and Services?

To power portions of our Website, and provide our Services, we collect the categories of information detailed in Section 3 below. We use such collected data to: (i) analyze the quality of digital advertising opportunities, (ii) provide digital advertising inventory fraud detection Services, (iii) generate digital advertising inventory quality-related rankings, reports and indices, and (iv) provide legal compliance tools. Because of the nature of our Services, we do not combine this collected data with any other data in order to personally identify individual, human users.

3. What technologies are used, and data types are collected, in connection with operation of our Website and Services?

Cookies. Cookies are small packets of data that are transmitted to an internet browser’s storage medium in order to enable the browser to “remember” information such as page visits, user log-in information, and other related records of online activity. In addition to using cookies in connection with fraud detection, fraud prevention, legal compliance and digital advertisement quality determinations, we use cookies on our Website and Services as a means to prevent unauthorized access to client-specific, secure content and reports. Please note that, when accessing client-specific, secure content, you are acting as a representative of your organization and your interactions with our Website and Services in this capacity will be governed by the master subscription terms, master services agreement, terms of use, or other agreements applicable to your organization’s access to and use of our Website and Services.

Pixel tags, script tags, SDKs, and macros. Pixel tags (small, transparent images present on web pages) and script tags (used to define a client-side JavaScript) allow an operator of a web page, a developer of an app, or a third party serving a tag, to set, read, and modify cookies and to collect information directly from internet-connected browsers, devices or systems. In connection with use of an internet browser (on a desktop computer or mobile device), a mobile application, or any other internet-connected media-viewing system (e.g., connected television and so-called over-the-top media technologies; collectively, "CTV") upon which pixel tags, script tags, software development kits (which enable third-party code to run in a mobile or an CTV application; SDKs), or other software code snippets (known as Macros) are deployed, our servers or our clients’ servers, as applicable, automatically collect and log certain information. Such logs may include information about the browser, mobile application or CTV system or device accessing a page, application or media, including internet protocol (IP) address, browser, user agent, application, device or system, referring URL, information about the page, application or media where a digital advertisement was to be displayed, the advertisement’s dimensions, location and viewability, and generalized user interaction data. We use this information to power aspects of our Website and provide our Services (i.e., for fraud detection, fraud prevention, legal compliance and digital advertisement quality assessment purposes).

Location Information. We derive your general location information, for example, by using your IP address.

4. What specific data types are collected and received in connection with day-to-day operation of our business, including with respect to our billing and support of existing clients, marketing and sales to prospective and existing clients, and human resources-related activities?

In connection with the day-to-day operation of our business, we collect and receive the following categories of information:

Contact information. We collect contact information from: (i) visitors to our Website, (ii) direct marketing outreach efforts, (iii) third-party marketing automation tools, (iv) our clients’ use of our Services, and (v) our client’s submission of contact information of themselves and/or their business partners (collectively, “Contact Information”). Contact Information may be provided via telephonic, email or text communications, or browser-based forms, and may include first name, last name, email address, job title, name of the organization, street number and name, state/province/region, country, phone numbers (cell and/or landline), and other information reasonably required for us to respond and engage properly and expeditiously. This Contact Information may be used by our sales, customer success, human resources, legal affairs, and/or finance teams to contact our Website visitors, Services clients, and client prospects, as permissible under applicable law, so that we may provide information (including marketing materials), support, training and/or our Services.  In addition, if you submit Contact Information for a third party to Pixalate (e.g., through a Service trial referral form) you authorize Pixalate to disclose to such third party that you provided us with the individual’s Contact Information.  Such disclosure may include your name, title, and any organization affiliation(s).

Billing information. We collect financial, billing and payment information from our clients, prospective clients (in connection with credit checks), and third-party vendors, which may include purchase order numbers, account numbers, credit reports, and/or instructions for wire, automated clearing house (ACH) or bankers automated clearing services (BACS) transfers. This billing and payment information may be used to prepare and send invoices, make and receive payments, and otherwise manage our clients’ and third-party vendors’ accounts.

5. What technologies are used, and what data types are collected and used, in connection with our day-to-day operations?

Automatic data collection. Like most organizations, we rely on automatic data collection technology, including third-party technologies (e.g., Google Analytics), when you access and use our Website and Services. These third-party services may use online tracking technologies to collect information such as your IP address, internet service provider, browser type, operating system and language, referring and exit pages and URLs, date and time, amount of time spent on particular pages, what sections of our Website or Services you visit, number of links you click while on our Website or Services, search terms, and other data.

Please be advised that if you disable, restrict, or block cookies, or similarly opt out of or otherwise limit the performance of our Website or Services, or related services performed by any third party vendor, you may not be able to use the full functionality of our Website and Services. (For more information on Google Analytics, including how to opt out from certain data collection, please visit https://www.google.com/analytics.)

Other third-party servicesThird-party services incorporated into our Website, such as social media widgets (e.g., LinkedIn Like button or the Twitter Share button), online advertising networks or job applicant tracking services, may collect information about your visits to our Website for other purposes, including interest-based advertising. You may choose to provide information voluntarily to such third-party service providers, and the information that they collect may include personal information such as IP addresses, pages visited, times and dates of visits, browser or operating system configuration, and other usage data. Third-party service providers may combine information that you provide with information collected from other sites and/or apps. Because we do not host or control such third-party services, your interactions with these services will not be governed by this Privacy Policy; instead, such interactions will be governed by the privacy policy of the third-party service provider.

Use of aggregated dataIn an ongoing effort to better understand our Website visitors and Services clients, we may analyze information in an aggregated form to operate, maintain, manage, and improve our Website and Services. We may share aggregated data – and insights derived therefrom – with our clients and Website visitors, as well as with our agents and business partners. We may also disclose aggregated statistics to prospective business partners and other third parties, in order to describe our Website and Services and for other lawful purposes.

Additional data uses. We also use Contact Information, billing information and other information collected pursuant to this Privacy Policy to respond to general inquiries, solicit feedback regarding our Website or Services, deploy – and provide training and support for – our Services, provide relevant content on our Website and for our Services, and communicate with you via email and/or text regarding our current and future Services.

6. Under what circumstances would data be transferred, and what safeguards are in place regarding data transfer?

Onward transfer of data to third partiesLike many businesses, we hire third-party vendors to perform certain business-related services. We may disclose personal information to certain types of third-party vendors but only to the extent reasonably required to enable them to provide such services. The types of companies that may receive personal information, and their functions include: direct marketing assistance, billing, client service, data processing and storage, Website and Services hosting, and disaster-recovery services. All such third-party vendors perform such services at our instruction and on our behalf pursuant to contracts that incorporate the standard contractual clauses (SCCs) for data transfers between EU and non-EU countries and require at least the same level of privacy protection as is required by this Privacy Policy and applicable law, and as implemented by Pixalate. In addition, as required by the EU-US and Swiss-US Privacy Shield Principles, we will remain liable if a third party that we engage to process personal information on our behalf does so in a manner inconsistent with the Privacy Shield Principles, unless we prove that we are not responsible for the matter giving rise to the damage. With respect to your personal information collected via our marketing efforts, you may opt out of having such personal information transferred to any or all of our categories of agents – and other third-party vendors performing such services at our instruction and on our behalf – by contacting us at privacy@pixalate.com. Please allow us a reasonable time to process your request.

Business-transaction-related transfersIn the event of a merger, dissolution, reorganization or similar corporate event, or the sale of all or substantially all of our assets, we expect that the information that we have collected, including personal information, would be transferred to the surviving entity in such a merger or the acquiring entity. All such transfers shall be in accordance with applicable law, and subject to our commitments with respect to the privacy and confidentiality of such personal information as set forth in this Privacy Policy. This Privacy Policy is binding upon Pixalate and its legal successors in interest.

Disclosure of personal information in connection with legal and administrative proceedings. We are required from time to time to disclose personal information in response to lawful requests by public authorities, including for the purpose of meeting national security or law enforcement requirements. We may also be required to disclose personal information in the course of defending ourselves in litigation, and to third parties when compelled to do so by governmental authorities or as otherwise required by law or regulation (including, but not limited to, in response to court and administrative orders and subpoenas). In all such circumstances, we will make reasonable efforts to maintain confidentiality of such personal information.

7. May you review, correct, modify or delete any of your personal information that we possess?

You may request to review, correct, modify or delete any of the personal information that you have previously provided to us. To update your billing information, or request return or deletion of your data associated with your account, please contact your account representative or our customer success team. For other requests to access, correct, modify or delete your personal information, please email privacy@pixalate.com. Requests to access, change, or delete your personal information will be addressed within a reasonable timeframe.

8. How long is personal information retained, and what steps are taken to safeguard personal information?

Retention of personal information. We will retain your personal information in a form that identifies you only for as long as it reasonably serves the purpose(s) for which it was initially collected, or for a purpose that you authorized subsequently, and, in both circumstances, in accordance with this Privacy Policy and applicable law. In the event that we continue processing your personal information for longer periods, it will only be for the time and to the extent reasonably required for a lawful and permissible purpose (e.g., archival, compelling public interest, journalism, literature, scientific or historical research, and statistical analysis), and subject to the protections afforded by this Privacy Policy and applicable law. After such time periods have expired, we may either delete your personal information or retain it in an anonymous form that does not identify you personally.

How we protect personal information. Pixalate takes protection of the security and privacy of personal information that we collect pursuant to this Privacy Policy very seriously. Accordingly, we have implemented and will maintain reasonable and appropriate technical, administrative and physical measures designed to protect personal information from loss, misuse and unauthorized access, disclosure, alteration and destruction. We will take into account the risks involved in processing, and the nature of such personal information, and will comply with all applicable laws and regulations.

9. Is your Website or Services collecting information from children, or directed in any way towards children?

We do not knowingly collect, maintain, or use any personal information from children under the age of 13 in connection with our Website or Services, and no part of our Website or Services is directed towards children. If you have reason to believe that a child under the age of 13 has provided any personal information to us, please contact us at privacy@pixalate.com.

10. Do you exercise any control over the privacy practices of third-party websites to which you may link?

Our Website may contain links to third party websites (External Sites). Pixalate has no control over the privacy practices of these External Sites. As such, we are not responsible for the privacy policies of those External Sites. You should check the applicable third-party privacy policy, and applicable terms and conditions of use, when visiting any External Sites, and before providing any personal information to such External Sites.

11. Does the European Union (“EU”)’s General Data Protection Regulation (“GDPR”) apply to you?

GDPR applicability. The GDPR applies to the collection, use, and disclosure of data relating to identified or identifiable human end users in the EU (Data Subjects). The GDPR describes system- and device-related identifiers like IP addresses, unique device IDs, and cookie IDs as “pseudonymous” forms of Data Subjects’ personal information.

Pseudonymous information. Information in pseudonymous form is commonly collected and processed in connection with digital advertising. Even though operation of our Website and Services do not require processing or storage of names, phone numbers, house numbers, street addresses, or similarly-identifying data elements of Data Subjects – nor does operation of our Website and Services require processing or storage of sensitive personal information of Data Subjects, such as governmental ID numbers or personal health information – the GDPR still applies to our Website and Services.

Fraud prevention is a legal basis under Article 6 and Recital 47 of the GDPR. Article 6 of the GDPR requires one or more legal bases for the processing of a Data Subject’s personal data. The GDPR provides a right to process the personal data of Data Subjects to further a company’s own “legitimate interests,” or the legitimate interests of a third party, provided that doing so will not infringe adversely upon the fundamental rights and freedoms of the applicable Data Subjects. Recital 47 of the GDPR states expressly that the “processing of personal data strictly necessary for the purposes of preventing fraud” constitutes a legitimate interest, and such provision serves as our legal basis for the processing of Data Subjects’ personal data in connection with operation of our Website and Services.  To learn about other ways we may use your personal data to further legitimate interests under the GDPR, please click here.

Express consent is a legal basis under GDPR Article 6. Another permissible legal basis to process a Data Subject’s personal data is express consent from the Data Subject. We may utilize such basis from time to time in connection with our direct marketing efforts to Data Subjects. With respect to the processing of client and client-prospect data relating to Pixalate’s Website and Services, we will take reasonable steps to ensure that our consent mechanisms for obtaining personal data of Data Subjects enable them to understand what consent(s) they are providing, and why and how we use such consent(s); and we give clear, defined ways to consent to us controlling and/or processing such Data Subject personal data. Where we use any third party to process Data Subjects’ personal data on our behalf (e.g., employee payroll, recruitment, and benefits), we will enter into reasonable data-processor agreements and establish (and update from time to time) due diligence procedures for ensuring that they (as well as we), meet and understand their/our GDPR obligations. These measures will include initial and ongoing reviews of the service provided, the necessity of the processing activity, and the technical and organizational measures in place to ensure reasonable data protection and compliance with the GDPR.

Safeguards regarding data transfer of personal information to third partiesWhere a third party to which we are transferring personal information is acting as:

  • A data controller, we ensure, contractually, that such: (i) third party complies with applicable notice and choice obligations, and (ii) data may only be processed for limited and specified purposes (e.g., fraud prevention). Where consent serves as a legal basis for processing, we ensure, contractually, that: (A) the processing will be consistent with the consent provided by the individual, (B) the third party will provide at least the same level of information security and privacy protection as Pixalate, and (C) the third party will notify us if it makes a determination that it can no longer meet these contractual obligations; or
  • Our agent (or other third-party vendors performing services at our instruction and on our behalf in accordance with this Privacy Policy and applicable law), we ensure, contractually, that: (i) such data is only processed for limited and specified purposes (e.g., fraud prevention), and (ii) such third party: (A) provides at least the same level of information security and privacy protection as Pixalate, (B) processes the personal information transferred in a manner consistent with our obligations specified herein, and (C) notifies us promptly if it makes a determination that it can no longer meet these contractual obligations. (We will provide a summary or a representative copy of the relevant privacy provisions of our contract with the applicable third party to government authorities upon request.)

In the event that a third party data controller or processor to which we are transferring personal information makes a determination that it can no longer meet its information security and privacy obligations to us as referenced above, the applicable contract will require cessation of processing and other reasonable and appropriate steps to remediate any such failure.

Hosting on third-party platforms. Pixalate’s Services run on Amazon Web Services (AWS) and the Google Cloud Platform. The EU data protection authorities, acting collectively as the Article 29 Working Party, approved: (i) Google’s “model clauses” based agreements for its Cloud Platform, and (ii) Amazon’s AWS Data Processing Agreement (DPA).

12. Does Pixalate transfer, process and/or store your data outside of your country?

Pixalate processes data inside the U.K., the European Economic Area, and the U.S. Data protection laws vary among countries, with some providing more protection than others. Pixalate complies with various legal mechanisms, as applicable, to protect the transfer, processing and storage of such data. Learn more.

13. Does Pixalate comply with the Privacy Shield Frameworks?

Although Pixalate is aware of the 16 July 2020 ruling by the European Court of Justice (ECJ), and the 8 September 2020 opinion by the Swiss Federal Data Protection and Information Commissioner (FDPIC), invalidating the EU-US Privacy Shield Framework and the Swiss-US Privacy Shield Framework, Pixalate nonetheless continues to comply with the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and Switzerland to the United States.  Pixalate has certified to the U.S. Department of Commerce that it adheres to the Privacy Shield Principles.  If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern.  To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/.

14. What is the process for resolving complaints about Pixalate’s collection or use of personal information?

In accordance with the Privacy Shield Principles, Pixalate commits to resolve complaints about our collection or use of your personal information.  EU and Swiss individuals with inquiries or complaints regarding our Privacy Shield policy should first contact Pixalate via email at privacy@pixalate.com, or via mail at:

Pixalate Europe Limited
20 North Audley Street
London, W1K 6WE, United Kingdom
Attn: Legal Affairs Department

Pixalate has further committed to cooperate with the panel established by the EU data protection authorities (DPAs) and the Swiss Federal Data Protection and Information Commissioner (FDPIC) with regard to unresolved Privacy Shield complaints concerning data transferred from the EU and Switzerland.

15. Which U.S. governmental agency has investigatory and enforcement powers regarding Pixalate?

Pixalate is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission (FTC).

16. Is it possible, under certain conditions, for individuals to invoke binding arbitration?

Yes, is it possible, under certain conditions, for individuals to invoke binding arbitration. In order to address privacy-related complaints not resolved by other means, Pixalate offers a binding arbitration option in such circumstances. Any such arbitration shall be conducted in accordance with the UK Arbitration Act 1996 by the International Chamber of Commerce (“ICC”) under its 2021 Arbitration Rules and Expedited Procedure Provisions. These rules and provisions are available on the ICC website or by sending an email to info@iccwbo.uk.

17. How do California residents submit requests for information under California’s privacy rights regulation?

Pursuant to Section 1798.83 of the California Civil Code, residents of California have the right to obtain certain information about the types of personal information that companies with whom they have an established business relationship (and that are not otherwise exempt) have shared with third parties for direct marketing purposes during the preceding calendar year, including the names and addresses of those third parties, and examples of the types of services or products marketed by those third parties. If you wish to submit a request pursuant to Section 1798.83, please contact Pixalate via email at privacy@pixalate.com.

18. Is it possible to opt out of direct marketing and/or interest-based digital advertising?

Opting out of direct marketing or email management. We may contact you via any of your Contact Information, including email, phone, mail, text messages, push notifications, apps or other ways through our Website or Services for direct marketing purposes.  However, you may opt out at any time from the use of your personal information for direct marketing purposes, or the transfer of your personal information to third parties for direct marketing purposes, by emailing us at privacy@pixalate.com. Please allow us a reasonable time to process your request. If you are a Pixalate client company, you may not opt out from receiving transactional emails related to your account.

Browser tracking opt out. Individual users may opt out of interest-based digital advertising in the context of internet browsing, or otherwise limit the information that may be collected about them and/or how it is used. Please visit https://www.aboutads.info/choices to learn more about interest-based advertising and how to opt out of this form of advertising.

Mobile device tracking opt-outIndividual users who opt-out of mobile device tracking limit the information that may be collected about them and/or how it may be used. You may opt-out of interest-based and demographic-based advertising using your mobile device settings. Please follow the instructions below for Android and iOS applications.

Opt-out process for Android-based mobile devices:

  • Open the Google Settings app on your device
  • Select Ads
  • Set the “Opt-out of interest-based ads” slider to your desired position
  • Optionally, you may reset the advertising identifier associated with your device

Opt-out process for iOS-based mobile devices:

  • Open Settings
  • Select Privacy
  • Select Advertising
  • Set the “Limit Ad Tracking” slider to your desired position
  • Optionally, you may reset the advertising identifier associated with your device

Please note that opting out via your browser on your desktop computer will not limit the collection of information on your mobile device(s) or CTV system(s), and opting out on your mobile device(s) or CTV system(s) will not limit the collection of information through your computer’s internet browser. Opting out limits the collection of data but does not eliminate such data collection completely. Some information may still be collected about your browsing of websites, and use of mobile applications or CTV systems, after you limit tracking on such browsers, devices or systems.

“Do Not Track” signals. Currently, various browsers – including Chrome, Firefox, and Safari – offer a “do not track” or “DNT” option that relies on a technology known as a DNT header, which sends a signal to websites visited by the user about the user's browser DNT preference setting. At present, Pixalate does not commit to responding to browsers' DNT signals with respect to our Website or Services, in part, because no common industry standard for DNT has been adopted by industry groups, technology companies or regulators. Accordingly, there is not presently a consistent standard for interpreting user intent. Pixalate takes privacy and meaningful choice seriously and will continue to monitor developments around DNT browser technology and the implementation of any such standards.

19. When did this Privacy Policy become effective, and when do any future changes to this Privacy Policy become effective?

This Privacy Policy is effective as of the date stated at the top of this Privacy Policy. We may change this Privacy Policy from time to time, and will post any changes on the Website as soon as they go into effect. If we materially change the ways in which we use or share personal information previously collected from you through our Website or Services, we will notify you through our Services, by email, or other communication.

20. How do you contact us?

If you have questions about this Privacy Policy, please contact us in one of the following ways:

  • E-mail us at privacy@pixalate.com;
  • Call us at +44 (0)800 011 2050; or
  • Send us postal mail or express delivery at:

Pixalate Europe Limited
20 North Audley Street
London, W1K 6WE, United Kingdom
Attn: Legal Affairs Department