Last Updated: 12 July 2021
It is our policy to respect your privacy regarding any information we may collect while using our services and websites, collectively called the Services.
Information We Collect
Website user’s Data
We collect your data when you engage with us through our marketing platforms. We may collect information on your device and your interaction with the advertisement. This information enables us to provide better user experience to you, improve our Services including to recognize your device when you use other sites and applications that have partnered with us. The information includes:
- Device identifiers such as iOS devices’ Identifier for Advertising (IDFA) and iOS Identifier for vendors, Google Advertising ID (GAID), or Android ID for Android devices
Location information, including:
- Geo-location or precise location of your device if you have given the app or site permission to collect your location information.
- IP address (only for countries other than United Kingdom and countries outside European Union)
- Location information we infer from your device’s IP address.
- Other information such as Device type, Operating System, and Language settings
Publishers, Advertisers, Domain parking companies and Domain Owners provide data that is necessary to create accounts.
For creation of user accounts, you provide your name, email address, password, telephone number and correspondence address. You also provide billing details for invoicing purposes.
We also collect data when you use our applications and websites:
- Log Data - Our servers automatically collect information when you access or use our applications and services. This data is recorded in log files. Examples of such data include IP Address
- Subscription Data – You provide personal data such as your name and email Id to us as part of signing up for communication from us through our websites. We may also collect personal data from you when you use interactive features of the Websites, promotions, requesting customer support, or otherwise communicating with us.
- Contact Us Data – When you enquire about our products and services, we collect and store this data to communicate with you and respond to your enquiry.
- Data received from B2B contact databases – We may receive your data such as name, business email and contact number from GDPR compliant B2B contact databases we have subscribed to.
We collect data through cookies.
Click here to view the Cookie List.
How We Use Your Data
How we use your personal data will depend on which Services you use and how you use those Services.
We use ‘Website user’s Data’ that we collect about your device to:
- Display advertisements on your device, which may include interest-based advertising customized to your interests, preferences, locations.
- For bidding to serve advertisements and to determine which ads are most effective
- To redirect users who erroneously enter a typo domain of an Advertiser (in the address bar only) to the original brand website.
- To suggests Advertisers / relevant brands to users based on a search input.
- To analyze and provide our demand partners or advertisers reports on the effectiveness of advertisements and campaigns, including across different types of devices based on our determination of devices that are related to the same person.
- For pushing the notifications based on the consent you have given to our publishers such as browsers or devices
- For pushing the notifications based on the consent you have given to us when we act as publishers
- To detect, deter and prevent fraud, fraudulent traffic or to protect the security of our systems
- To provide detailed reports to our publishers and advertisers about their campaign performance
- Internal business reporting
‘Other Data’ is used by us to provide our services, send our newsletters and to communicate with you by responding to your requests, comments, and questions.
Lawful bases for processing
We process your personal data only when we have a lawful basis. Presently, we use the Performance of Contract (i.e. to deliver the services to our customers) and consent as the lawful basis for processing. For certain processing, we may also use legitimate interests as provided under the Data Protection Regulations.
In some cases, we may also have a legal obligation to collect personal information from you or may otherwise need the personal information to protect your vital interests or those of another person.
Where you have consented to a particular processing, you have a right to withdraw the consent at any time.
Users under 16 years of age
The Sites and Services do not knowingly collect personal information from users under the age of 16
If you are under the age of 16, you are not permitted to use the Sites and Services or to disclose Personal Information. If we learn we have collected or received Personal Information from a child under 16, we will delete that information. If you believe we might have any information from or about a child under 16, please contact us.
Data Retention Policy
Website user’s Data:
We will retain data collected in the context of our Marketing Platform for a period of up to 3 years, unless otherwise required by law or applicable contract.
We may retain the information it obtains about you as per the instructions of its customers or partners who provide such information or as required to fulfil our contractual obligations.
After the applicable retention period, we may only retain and use your data:
- in an aggregated or anonymized format;
- to comply with its legal obligations;
- to resolve disputes and enforce agreements.
Please note that the use cases stated in this provision will apply as an exception to your data subject or consumer rights related requests.
You can request to access, update or correct your personal information. You also have the right to object to direct marketing.
You may have additional rights pursuant to your local law applicable to the processing. For example, if the processing of your personal information is subject to the EU General Data Protection Regulation ("GDPR"), and your personal information is processed based on legitimate interests, you have the right to object to the processing on grounds relating to your specific situation. Under GDPR you may also have the right to request to have your personal information deleted or restricted and ask for portability of your personal information.
Your Rights to Control Data
Whenever you use our services, we aim to provide you easy means to access, modify, delete, object to or restrict use of your personal information
We strive to give you ways to access, update/modify your data quickly or to delete it unless we have to keep that information for legal purposes. For our website visitors and business partners, these rights can be exercised by contacting us with your specific request.
- Change or Correct Data: You can edit some of your personal data through your account. You can also ask us to change, update or fix your data in certain cases, particularly if it’s inaccurate.
- Delete Data: You can ask us to erase or delete all or some of your personal data (e.g. if it is no longer necessary to provide Services to you).
- Object to, or Limit or Restrict, Use of Data: You can ask us to stop using all or some of your personal data (e.g. if we have no legal right to keep using it) or to limit our use of it (e.g. if your personal data is inaccurate or unlawfully held).
- Right to Access and/or Take Your Data: You can ask us for a copy of your personal data and can ask for a copy of personal data you provided in machine readable form.
Website user’s rights
We provide same rights to the users of our services. We receive requests related to user’s rights from our publishers and advertisers.
We keep some personal data even after account closure.
Once you choose to close your account, we generally delete your personal information within 3 years of closure of your account. Some information that is necessary for statutory obligations such as records of payment processing, invoicing data will be retained as necessary.
Your information shared with others
Recipients of your data
Affinity may share the data we collect or receive about you as described in this Policy as follows:
- Publishers and Supply Partners. We may share your information with publishers (the app or site publishers) to help them understand how users interact with their apps and sites and advertisements on their apps and sites.
- Demand Partners and Advertisers. We may share your information with demand partners, brands and advertisers who use our Marketing Platform, to allow them to understand the performance of their campaigns; and to help them better target their campaigns, products or offerings
- Marketing Partners. We may share your information with data partners who help us with better understanding your preferences by providing data enrichment services and measurement companies who help us with attribution and tracking of advertisements distributed through us (“Marketing Partners”)
- Content Providers. We may share personal information we collect about you with our content providers who provide content to be displayed on our websites.
- Service Providers. We may share personal information we collect about you with our third- party service providers. The categories of service providers to whom we entrust personal information include: IT and related services such as cloud-based data centers, analytics service providers; service providers for fraud detection; CRM and email marketing services.
- Disclosures to Protect Us or Others. We may access, preserve, and disclose any information we store associated with you to external parties if we, in good faith, believe doing so is required or appropriate to: comply with law enforcement or national security requests and legal process, such as a court order or subpoena; protect your, our or others’ rights, property, or safety; enforce our policies or contracts; collect amounts owed to us; or assist with an investigation or prosecution of suspected or actual illegal activity
- Disclosures in the Event of Merger, Sale, or Other Asset Transfers. If we are involved in a merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, purchase or sale of assets, or transition of service to another provider, then your information may be sold or transferred as part of such a transaction, as permitted by law and/or contract.
Cross-Border Data Transfers
Your data will be stored and processed in multiple countries including outside of the European Union (EU) Region
Since we are an international company, your data will be processed outside of the EU region. Your data will be processed within Third Party Data Centers in Europe and India as well as Affinity data center in USA. Some countries where we process data may not have as protective laws as your own country and there are risks associated with such transfer.
Affinity offers European Union Model Clauses, also known as Standard Contractual Clauses, to meet the adequacy and security requirements for our publishers and advertisers that operate in the European Union, and other international transfers of data. These clauses are contractual commitments between parties transferring personal data (for example, between Affinity and its Clients, suppliers or data processors outside the EU), binding them to protect the privacy and security of the data.
Security Measures to Protect your Data
We implement security controls to prevent breaches and unauthorised access to your data.
We maintain reasonable and appropriate security measures to protect your data from loss, misuse, and unauthorized access, disclosure, alteration, and destruction.
Examples of security measures include physical access controls, restricted access to data, monitoring for threats and vulnerabilities etc.
Protection of personal information
Our Sites and Services uses commercial efforts to maintain safeguards for protection of your Personal Information.
Affinity takes all measures reasonably necessary to protect against the unauthorized access, use, alteration or destruction of potentially personally-identifying and personally-identifying information.
If you have questions or complaints regarding this Policy, you may contact us through email at email@example.com. You may contact us at our mailing address below
20 N. Wacker Drive, 12th Floor,
Chicago, IL 60606
If you are a resident of the European Economic Area and we maintain your Personal Data within the scope of the General Data Protection Regulation (GDPR), you have additional rights. If you are not satisfied with the resolution, you can also lodge a complaint with the Supervisory Authority in the country of your residence.