When we serve mobile advertisements on behalf of our advertiser clients we endeavor to make the ads relevant to Users. We accomplish this by matching ads with relevant non-PII characteristics about the User and the mobile publication that the User has visited, such as the time of day, content on the site or app, latitude/longitude of User, other devices associated with the User, carrier network, type of mobile device/mobile browser, IP address, as well as other non-PII data provided through our Partners. In other words, although we may serve an ad to a User based on certain demographic information about the Users (e.g., female in New York between the ages of 35 and 50), our MDSP does not know – nor do we seek to know – who that User is, or any information that would allow us to identify who the User is.
Currently we obtain certain device IDs (Android Advertising ID, Apple IDFA) in some cases to verify a User election, such as a User-requested app install request. In those cases we obtain the device ID not to track the User, but rather to substantiate for our advertiser clients whether the User installed the app.
In order to ensure the geographic relevance of ads that we serve and to identify correlations between disparate devices, we derive User device location data from information made available to us from inventory partners and data partners, as follows:
Our MDSP does not currently use or seek to obtain information about a User’s browsing history (i.e, web sites visited) or Web-based purchasing history. In addition, we will not use a User’s current GPS geographic location to target an ad unless we or one of our data or inventory Partners have previously obtained permission to do so. Because we do not have a nexus with a User before the User generates a specific bid request, we rely on our inventory partners to adhere to contractual requirements and applicable regulatory and self-regulatory guidelines, including any requirements related to obtaining User consent to access the User’s geographic location.
Our clients are corporate organizations and businesses and our services are not directed at or developed for persons under the age of 13.
We collect non-PII data both from our Partners and by looking at the non-PII information that comes to our servers from a User’s device, such as a mobile phone, during an ad view. This information enables our MDSP to deliver the most relevant and useful advertisement given the non-PII data available about the media “impression.” We currently do not store any cookies on User devices to identify any User. We do store cookies on User devices in order to anonymously identify one device from another. The ID stored in the cookie is an anonymous unique ID (AUID).
AdTheorent adheres to the requirements of the NAI Code of Conduct related to the collection and use of Precise Location Data, consistent with NAI guidance submitted on the NAI blog on April 1, 2016. As a third party ad network, AdTheorent complies through its adherence to the requirements of the Digital Advertising Alliance (DAA) Mobile Guidance, Section IV.B.2, which provides a number of methods for third party ad networks to obtain reasonable assurances that a first party publisher, such as a mobile application, has obtained such consent on their behalf.
Data collected by our MDSP is only retained in an aggregated form after 180 days, so that information about an individual User cannot be retrieved. All the data we hold is protected by multiple layers of physical, electronic and administrative safeguards, to secure it against accidental, unauthorized or unlawful access, use, modification, disclosure, loss or destruction.
From time-to-time we may share the aggregated, non-individual specific, data we hold with Publishers and Networks for reporting and accounting purposes, as well as other unaffiliated third parties for various purposes such as statistical or educational analysis. In these cases we work with organizations we believe to have appropriate safeguards in place to protect data at the levels we require. In situations where we are obligated by law, we may also disclose information in order to investigate, prevent or take action regarding suspected or actual prohibited activities, included but not limited to, fraud and situations involving potential threats to the physical safety of any person.
AdTheorent takes various steps to ensure compliance with the federal Children’s Online Privacy Protection Act (COPPA) as well as voluntary industry frameworks such as the Children’s Advertising Review Unit (CARU), administered by the Council of Better Business Bureau’s, Inc., including the following:
If you have any questions about this Policy or our privacy practices, please email us at firstname.lastname@example.org.