AdUnity Privacy Notice

About this Notice
GDPR Articles 13 and 14
This privacy notice has been prepared in fulfilment of the obligations under Articles 13 and 14 of Regulation (EU) 2016/679 (GDPR), and under the provisions of Directive 2002/58/EC, as revised by Directive 2009/136/EC, on the subject of Cookies.

1. Who we are / contact us

This privacy notice applies to all the products, services and websites provided by AdUnity Ltd. Our main office is located at:
20 East Road
London N1 6AD
UK

AdUnity Ltd is the data controller responsible for the personal data collected via the website adunity.com. AdUnity is also a data controller for certain personal data provided to us by our customers. However, AdUnity services are provided on the basis we are a Data Processor for our customers. Our customers are consumer brands, media agencies and digital publishers.

If you have questions about how we use your data or you would like us to stop using your data you can contact us via our contact form.

If you have other reasonable questions relating to your personal information you can contact us at privacy@adunity.com. It may take up to 30 days to respond.

Before contacting us please check what types of data we collect under "What types of personal data do we use and how long do we store it?", if you make a query about types of data we do not collect or process or make other irrelevant queries we have the right not to respond.

2. Your Rights

You have the right to know whether we have stored any personal information about you. The types of data we collect and store are described in the section "What types of personal data do we use and how long do we store it?".

If you do not want us to process your personal information then:

  • Do not ask us to provide your business with our services
  • Do not give your consent for marketing
  • Do not put your name and contact details in our contact forms
  • Opt out of any marketing email we may send you by clicking the unsubscribe link or reply to the email with "unsubscribe" in the subject line
  • Contact us via our contact form to stop processing your data

If you have provided us with your personal information, you can ask us to give you a copy of the information, update the information, correct the information, stop using the information or delete the information. You can exercise these rights via our contact form. We may make an administrative charge of £10 for you to access any information we may store about you. We will not make a charge for any request to simply delete personal information we may hold about you.

If you make frequent or unreasonable requests we may refuse to act on the request or make a reasonable charge to do so.

If you are concerned about how we have processed your personal data you can complain to the Information Commissioners Office (ICO). The ICO is the UK’s data independent data supervisory authority. AdUnity Ltd is a UK company and complaints about us should be referred to the ICO.

3. Who do we share your data with?

We may disclose your personal information to any member of our group of companies.

Some of our web pages use plug-ins from other organisations (such as the ‘Google Analytics‘). These are only activated if you provide a consent. For more information on how these organisations use information, please read their privacy policies.

We may also disclose your personal data to other companies in the following limited circumstances:

  • In the event that we sell AdUnity Ltd or asset/s of AdUnity Ltd, we may disclose your personal data to the prospective buyer of AdUnity Ltd or the asset/s.
  • If AdUnity Ltd or a substantial part of its shareholding are acquired by a third party, the personal information held by AdUnity Ltd may be transferred to the acquirer.
  • We will disclose your personal data in order to comply with any legal obligation, or in order to enforce or apply our Service Agreement and/or other agreements; or to protect the rights, property, or safety of AdUnity Ltd, our customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection, credit risk reduction and debt collection.
  • Where you give us permission to do so (for example, for marketing our products and services)

Other than the above, limited circumstances we will never disclose your data to any third party.

4. What are the purposes and legal basis for processing your personal data?

We use different legal basis for processing your data depending on the purpose and your relationship with us.

Your relationship to AdUnity Purpose of Processing your Information Legal Basis
I am a customer Provision of our service to your business Contract
I am a customer Collect payment / recover debt Contract
I am a customer User authentication and system security Contract
I am a customer System access logs and reporting Contract
I am a customer Customer Support (inc. Support Tickets) Contract
I am a customer System improvement and debugging Legitimate Interest
I am a customer Law enforcement Legal Obligation
I am a customer/former customer Marketing of AdUnity's products and services Legitimate Interest
I am a customer Marketing of third-party products and services Consent
I am not a customer Marketing of AdUnity's products and services Consent
I am not a customer Marketing of third-party products and services Consent

If you are a visitor to our site and only browse the pages or our site we will process your personal information for statistical purposes related to the number and type of users of our site. These statistical purposes are often referred to as “analytics”. Specifically, this means we count how many users we have and how often they visit our website. We collect information listing which of our pages are most frequently visited, and by which types of users and from which countries.

5. What types of personal data do we use and how long do we store it?

Description / Collection Method Personal Information Type Purpose of Processing Your Personal Information Retention Period
Correspondence Name, email address and other personal information you may tell us in the course of our communication. If you contact us, we may keep a record of the correspondence for future reference. Indefinite
Mailing Lists Name, email address and area of interest provided by you. If you subscribe to our mailing list, we will use your email address to send you emails corresponding to your stated area of interest. Until we close the mailing list or you unsubscribe from the mailing list.
Contact Form Name, email address and other personal information you may tell us in the course of our communication. If you provide us with other information via the contact form, we will retain it and use it for the defined purpose. Two years, unless you request deletion of your personal information sooner.
Site Visitor Logs Anonymous or pseudonymous information relating to your visits to our website. This includes, but is not limited to, the IP address from which you accessed our website, your device screen size, device operating system type, browser type, browser language setting, URLs you access on our website, and the times of your access to those URLs. Site visitor logs are used for system administration, debugging, security analysis or improving the availability or usability of our website and service. Site visitor logs may also be aggregated, from time-to-time, to create statistics about the use of our website, e.g. the total number of unique visitors per month. Such statistics are entirely anonymous. Site visitor logs are retained for up to 52 weeks. Statistics are retained indefinitely. Site visitor logs are used for system administration, debugging, security analysis or improving the availability or usability of our website and service. Site visitor logs may also be aggregated, from time-to-time, to create statistics about the use of our website, e.g. the total number of unique visitors per month. Such statistics are entirely anonymous. Site visitor logs are retained for up to 52 weeks. Statistics are retained indefinitely.
Reference IDs for Consent or a Contract Agreement If you give us consent for marketing or you agree to a contract with us, we will keep a reference to that consent or contract. This reference will be linked to one or more of your devices. Consent or contract references are used by us as a way to identify. References to consent or contract are held until the expiry date. For consent, the maximum is 13 months, for contract it is 30 days after contract expiry or termination.

If you are a customer of AdUnity Ltd then we also use and store the following types of data.

Description / Collection Method Personal Information Type Purpose of Processing Your Personal Information Retention Period
Service Set-Up, Service Provision, System, Operational Notifications and Customer Marketing Communications Name, email address (provided by you) and IP address (collected by us). To provide you with the service you have requested and other product and service information. This includes: verification of your contact details via email, payment collection, system security, system and operational notifications and support. In addition to this, we will send you marketing communications about our products and services. Until 12 months after termination of service and collection of all outstanding payments.
Service Access, Activity Logs and Security Logs Anonymous or pseudonymous information relating to your use of our service. This includes, but is not limited to, the IP address from which you accessed our service, URLs you accessed, and the times of your access to those URLs. If you share the use of our service with your suppliers or customers then their personal data will be collected and processed in the same way. Service access, activity logs and security logs are used for user authentication, system administration, debugging, security analysis or improving the availability or usability of our service. User logs may also be aggregated, from time-to-time, to create statistics about the use of our service. Indefinite

6. How do we store and process your data?

The data that you provide to us, such as your name and email address will always be stored within the European Economic Area (“EEA”). Some of the data we collect from your device as shown in the table below may be transferred and processed outside of the EEA to a country that has been judged by the European Commission to offer an adequate level of data protection. For a list of such countries click here.

Personal Information Storage and Processing Locations
Name, email address and information shared during communications. Within European Economic Area (EAA) only.
Anonymous or pseudonymous information relating to your visits to our website. This includes, but is not limited to, the IP address from which you accessed our website, your device screen size, device operating system type, browser type, browser language setting, URLs you access on our website, and the times of your access to those URLs. Within European Economic Area (EAA) only and countries that have been deemed by the European Commission to have adequate privacy protection.
References to your consent for use of your personal information or agreement to a contract. Within European Economic Area (EAA) only and countries that have been deemed by the European Commission to have adequate privacy protection.

If you are a customer of AdUnity Ltd then we also use and store the following types of data in the locations listed below.

Personal Information Storage and Processing Locations
Name, email address and IP address processed as part of system authentication. Within European Economic Area (EAA) only.
Anonymous or pseudonymous information relating to your use of our service. This includes, but is not limited to, your IP address from which you accessed our service, URLs you access on our website, and the time of your access to those URLs. Within European Economic Area (EAA) only.

We take all reasonably necessary measures to ensure that your personal information is secure and treated as private and in accordance with this privacy notice.

Please note that the transmission of any data via the internet is not secure and hence you transmit your personal information to us at your own risk.

7. Cookies

A cookie is a file that is downloaded to your computer or phone when you access a web page. Cookies are used for many purposes. For more information about cookies please visit the section on cookies the ICO website here.

We use cookies to enhance your experience, (e.g. improve page loading times), enhance security (e.g. identify trusted and untrusted users), analytics (e.g. count the number of visitors to the site and which pages they visited), to authenticate devices that have a user that has agreed to our contract and to authenticate devices that have a user that has consented to marketing.

Under law cookies for marketing and analytics require a consent to be stored on your device, the others do not.

The cookies that may be stored when you visit our website and services are detailed below.

Name Type Name Possible Values Purpose Expiry Information
AdUnity myaccount 1st-Party x1auth Random alphanumeric hash Maintain user session state 2 hours AdUnity
AdUnity myaccount 1st-Party x1mautologin Alphanumeric hash Maintain user autologin 365 days AdUnity
Cloudflare Security and Performance Cookie 1st-Party __cfduid Unique number To enhance website security and load time performance. 365 days Cloudflare
Google Analytics cookie 1st-Party _ga Unique number To count unique visitors 2 years Google Analytics
Google Analytics cookie 1st-Party _gid Unique number To count unique visitors per day 24 hours Google Analytics
Google Analytics cookie 1st-Party _gat 1 To control requests to Google Analytics 1 minute Google Analytics
Google Advertising 3rd-Party __gads 1 Used to register what ads have been displayed to the user. 1 minute Google