Last Updated: September 29, 2016; Effective: October 31, 2016.
We are concerned about privacy issues and want you to be familiar with how we collect, use and share information we receive about our clients and users and the options available to you. If you have any questions, you may contact us (see the "Contacting Us" section below.)
Opt Out: to go directly to the opt-outs for interest-based advertising and cross-device targeting, click here: http://www.pubmatic.com/opt-out/
Choice and Access: to go directly to our section on Choices and Access regarding your Personally Identifiable Information, click here.
PERSONALLY IDENTIFIABLE INFORMATION
Collection of Personally Identifiable Information from the PubMatic Pages
"Personally Identifiable Information" is information that identifies you as an individual, including: name, postal address, telephone number and email address. We and our third party service providers may collect Personally Identifiable Information from you from the PubMatic Pages. For example, we collect your Personally Identifiable Information when you request information about the Services through our client user interfaces or the "Contact Us" section of our Websites or the "Featured Content" section of our Websites where you can download reports and white papers.
Use of Personally Identifiable Information
We and our third-party service providers may use Personally Identifiable Information collected from the PubMatic Pages:
Disclosure of Personally Identifiable Information
Your Personally Identifiable Information collected from the PubMatic Pages may be disclosed:
Retention of Personally Identifiable Information
Collection of Other Information
"Other Information" is any information that is linked or reasonably linkable to a particular computer or device, but does not reveal your specific identity or directly identify an individual, such as: browser and device information; IP address; time spent on the Services, pages visited, language preferences, date and time an ad was served, clicks on ads, and other anonymous traffic data; your precise location; general location inferred from IP address; unique identifier, including mobile advertising identifier such as Apple IDFA or Google Advertising ID or statistical identifier; obfuscated user identifiers such as hashed email addresses; operating system type and version; information about mobile apps used; information about applications installed on a device; demographic information; and aggregated information.
We and our third-party service providers may collect Other Information in a variety of ways, including through: your browser or device; your mobile advertising identifier, such as Apple IDFA and Google Advertising ID; the use of statistical identifiers (which collect and use certain characteristics of your device to help us identify it over time); your use of the Apps; the use of pixel tags and other similar technologies; your IP address; the aggregation of information; ETags and web cache; and cookies (cookies are pieces of information stored directly on the computer that you are using).
Our publisher clients may also collect information about you that they choose to pass to us either directly through our Services or through application programming interfaces or APIs, when our services connect to their systems. APIs are a particular set of rules and specifications that allow one software program to access and make use of another software program. The information our publisher clients may share includes network type of a user's device, age, ethnicity (where permitted by law), gender, and precise geolocation (where permitted by law). Some publisher clients may provide precise geolocation information collected on certain platforms. We will not use precise geolocation information for interest-based advertising without your opt-in consent.
Use of Other Information
We may use Other Information from the Services:
At this time, we do not honor "Do Not Track" headers and similar mechanisms.
We will not use data we collect for the purpose of determining employment eligibility, credit eligibility, health care eligibility, or insurance eligibility and underwriting and pricing.
We will not collect or use sensitive data, such as Social Security Numbers or Government identifiers, insurance plan numbers, financial account numbers; information about past, present, or potential future health or medical conditions or treatments, including genetic, genomic, and family medical history; and sexual orientation unless we have obtained your prior consent.
We may receive the following non-sensitive health-related advertising segments that we use to target ads to you that may be of interest to you: diet and fitness; doctors; health care professionals; health conscious; health and medicine; health and well-being; interest in health insurance; and pregnancy.
Cross-Device and Cross-App Targeting
Our clients and partners may use Other Information that we share with them to establish connections among related devices (such as smartphones, tablets, and computers) for targeted advertising, analytics, and reporting purposes. They may match your devices if you log into the same online service on multiple devices or web browsers, or if your devices share similar attributes that support an inference that they are used by the same person or household. This means that information about your use of websites or applications on your current browser or device may be combined and used with information from your other browsers or devices. For example, this allows advertisers to deliver ads to you on your tablet based on activities you engaged in on your smartphone. To opt out of cross-device targeting practices, please follow the instructions in the section below titled "Opting Out of Cross-Device Targeting."
Our clients and partners also may use Other Information about your activity across multiple, unaffiliated third-party mobile applications for targeted advertising, analytics, and reporting purposes. For example, if you use a travel app, these third parties may display travel-related ads to you on another, unrelated app. To opt out of cross-app targeting practices, please follow the instructions in the section below titled "Opting Out of Interest-Based Advertising for Mobile Advertising Identifiers."
Disclosure of Other Information
We may disclose Other Information:
In some instances, we may combine Other Information with Personally Identifiable Information (such as combining your name with your geographical location). If we combine any Other Information with Personally Identifiable Information, the combined information will be treated by us as Personally Identifiable Information as long as it is combined. We will not use PII merged with previously-collected Other Information for Interest-based advertising purposes without your opt-in consent.
Retention of Other Information
We retain Other Information that we collect for purposes of serving targeted advertisements to you (including the segment information that we receive from third parties) for up to 90 days from the last date that we received any of your user data. We retain impression information for up to six months. We retain raw ad server logs for our mobile ad server business for up to 9 months. We use precise geolocation for the specific ad impression to which the geolocation relates, after which the geolocation information is aggregated with other geolocation data for use by us for analytical purposes. If we de-identify Other Information we collect in connection with targeted advertising purposes, we may retain that information, in an aggregated format, indefinitely. In such cases, we commit to not re-identifying the information.
CHOICES AND ACCESS
Choice and Access regarding Personally Identifiable Information
If you would like to review, correct, update, suppress, or delete Personally Identifiable Information that has been previously provided to us by you or you would like to request a copy of your Personally Identifiable Information held by us, you may contact us at firstname.lastname@example.org. We will respond within a reasonable period of time to your request.
In your request, please make clear what Personally Identifiable Information you would like to have changed, whether you would like to have your Personally Identifiable Information suppressed from our database or otherwise let us know what limitations you would like to put on our use of your Personally Identifiable Information that you have provided to us.
For your protection, we may only implement requests with respect to the Personally Identifiable Information associated with the particular email address that you use to send us your request, and we may need to verify your identity before implementing your request.
We also give you many choices regarding our use and disclosure of your Personally Identifiable Information for marketing purposes. You may opt-out from:
Please also note that if you do opt-out of receiving marketing-related emails from us, we may still be required to send you administrative messages relating to the Services from time to time.
For more information about cookies, including how to see what cookies have been set on your device and how to manage and delete them, visit www.allaboutcookies.org and www.youronlinechoices.eu.
We are a member of the Network Advertising Initiative (NAI) and adhere to the 2015 Updates to the NAI Code of Conduct and NAI Mobile Application Code. We also adhere to the Digital Advertising Alliance's (DAA) Self-Regulatory Principles for Online Behavioral Advertising and Multi-Site Data, the Application of Self-Regulatory Principles to the Mobile Environment, and the Application of the DAA Principles of Transparency and Control to Data Used Across Devices. If you go to http://www.networkadvertising.org/managing/opt_out.asp, http://www.aboutads.info/choices/, or www.youronlinechoices.eu, you can learn how to exercise choice regarding the collection of information about your online activities over time and across multiple third-party websites, online services, devices, or applications.
Some of our publisher clients have their own opt-out mechanisms that are linked from their sites or their online-posted privacy policies. You should review the privacy policies of those companies for these opt-out links if you no longer wish to receive targeted advertising from a particular company, or multiple companies.
Our clients and partners may display interest-based advertising to you in mobile applications, based on your use of mobile applications over time and across non-affiliated apps. To learn more about these practices and how to opt out, please visit http://www.aboutads.info/appchoices.
We offer mobile, in-app and mobile web page statistical identification opt-outs. Please go to http://www.pubmatic.com/opt-out/ to opt out from such statistical identification and for more information on what it means to opt-out.
Our clients and partners may combine and use information from websites or applications on your current browser or device with information from your other browsers or devices for advertising purposes. To opt out of such practices by our clients and partners, please follow the instructions above for opting out on each of your browsers and on each of your mobile devices, including:
Please note that you will need to opt out separately on each of your browsers and on each of your mobile devices to ensure that information collected on a particular browser or device is not used on another browser or device.
We ask that you not send us, and you not disclose, any sensitive Personally Identifiable Information (e.g., social security numbers, information related to racial or ethnic origin, political opinions, religion or other beliefs, health, criminal background or trade union membership) on or through the Services or otherwise to us.
Please note that we are not responsible for the collection, usage and disclosure policies and practices (including the data security practices) of other organizations, such as Facebook, Apple, Google, Microsoft, RIM or any other app developer, app provider, social media platform provider, operating system provider, wireless service provider or device manufacturer, including any Personally Identifiable Information you disclose to other organizations through or in connection with the Services.
SECURITY OF PERSONALLY IDENTIFIABLE INFORMATION
We seek to use reasonable organizational, technical and administrative measures to protect Personally Identifiable Information within our organization. Unfortunately, no data transmission or storage system can be guaranteed to be 100% secure. If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of any account you might have with us has been compromised), please immediately notify us of the problem by contacting us in accordance with the "Contacting Us" section below.
USE OF SERVICES BY MINORS
PubMatic's Services are not intended for nor directed to individuals under the age of thirteen (13), and we request that these individuals do not provide Personally Identifiable Information through any of the Services.
INTERNATIONAL PRIVACY FRAMEWORKS
|EU-U.S. Privacy Shield Status|
PubMatic participates in and has certified its compliance with the EU-U.S. Privacy Shield Framework with respect to its advertising technology platform. PubMatic is committed to subjecting all personal data received from European Union (EU) member countries, in reliance on the Privacy Shield Framework, to the Framework’s applicable principles. To learn more about the Privacy Shield Framework, and to view PubMatic's certification, please visit https://www.privacyshield.gov.
PubMatic is responsible for the processing of personal data it receives from EU member countries in connection with the platform, under the Privacy Shield Framework, and subsequently transfers to a third party acting as an agent on its behalf. PubMatic complies with the Privacy Shield Principles for all onward transfers of such personal data from the EU, including the onward transfer liability provisions.
With respect to personal data received or transferred pursuant to the Privacy Shield Framework, PubMatic is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, we may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
If you have an unresolved privacy or data use concern under the Privacy Shield Framework that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.
Under certain conditions, more fully described here on the Privacy Shield website, you may be entitled to invoke binding arbitration when other dispute resolution procedures have been exhausted.
U.S.-Swiss Safe Harbor Status
PubMatic adheres to the U.S.-Swiss Safe Harbor Framework as set forth by the U.S. Department of Commerce regarding information received from affiliates and corporate customers in Switzerland. PubMatic has certified that it adheres to the Safe Harbor Privacy Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement. To learn more about the Safe Harbor program, and to view PubMatic's certification, please visit http://www.export.gov/safeharbor/.
If you have an unresolved privacy or data use concern under the U.S.-Swiss Safe Harbor Framework that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.
The Services are controlled and operated by us from the United States, and are not intended to subject us to the laws or jurisdiction of any state, country or territory other than that of the United States. Your Personally Identifiable Information may be stored and processed in any country where we have facilities and/or employees, or in which we engage service providers, and by using the Services you consent to the transfer of information to countries outside of your country of residence, including the United States, which may have different data protection rules than those of your country of residence.
Please note that email communications are not always secure; so please do not include sensitive information in your emails to us.