Home
Privacy Policy

Roqad Privacy Notice

We are delighted that you have interest in our company. Data protection is a high priority for Roqad (“we”, “us”, “our” or “Roq.ad”).

This privacy notice (“Notice”) describes the nature, scope, and purpose of the personal data we collect, use and process on the Roqad website, through our enterprise services, our pixel, and through any other means through which you may interact with us (the “Services”). In addition, this Notice also describes your rights and how you can access them. If you are a resident of California please see additional disclosures at the end of this Notice.

About Roqad

Roqad delivers identity solutions across North America and Europe for the marketing and advertising sectors, including data onboarding and probabilistic identity graph generation. It’s machine-learning algorithms predict that various identifiers represent one person, and group them together so that marketers can reach the people they want to wherever they are consuming ad supported content, including through targeted advertising.

How We Protect Your Personal Data

Roqad has implemented numerous technical, administrative and organizational security measures designed to protect personal data processed through this website as well as through the various data collection methods Roqad uses in connection with providing its Services. However, Internet-based data transmissions may in principle have security gaps, so absolute protection is not guaranteed and no website, application or platform is 100% secure.

Data Protection Officer

ePrivacy GmbH represented by Prof. Dr. Christoph Bauer Burchardstrasse 14, 20095 Hamburg For all requests concerning the security of your data you can contact our privacy team and data protection officer at privacy@roq.ad.

Name and Address of the Controller

Controller for the purposes of the General Data Protection Regulation (GDPR), other data protection laws applicable in Member states of the European Union and the United Kingdom are:

Roq.ad GmbH Karl-Liebknecht-Str. 32, 5th floor 10178 Berlin, Germany +49 172 589 7954 privacy@roq.ad www.roq.ad

Overview

I. Personal Information We Collect II. How We Collect Personal Information III. How We Use Personal Information We Process IV. Who We Share Information With V. Your Rights and Choices VI. Information for EU Users VII. Additional Information a. On Subscriptions to our Newsletters b. On Job Applicants c. On Third Party Technologies VIII. Storage and Retention IX. Changes to this Privacy Notice X. California Privacy Addendum

I. Personal Information We Collect

Collection of General Data and Information

You do not need to provide your personal information in order to access the Roqad website. However, use of our special enterprise services via our website may require us to process your personal data.

When you interact with Roqad website, we collect the following information:

  • Internet or other electronic network activity information, including, but not limited to, browser types and versions used, the operating system used by your computer, mobile or other device (“Device”), the Internet service provider of the accessing system, your browsing history, search history, and information (such as time and date of access) regarding your interaction with an internet website, application, or advertisement, including the Roqad website.
  • Identifiers, such as your name, email address, digital identifiers like first and third party cookies, mobile advertising identifiers, connected television identifiers and IP address, including the identifiers assigned by a third-party that represent a specific web interaction, application usage, device, or pseudonymized information.
  • Any other similar data and information that may be used in the event of attacks on our information technology systems.
  • Demographic information, such as your age and gender (in the U.S. only)
  • Commercial information, including records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
  • Geolocation data.
  • Professional or employment-related information.
  • Inferences drawn from any of the information above to create a profile about a consumer reflecting the consumer’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.

This general data and information are stored in the server log files.

II. How We Collect Information

Cookies

The Internet pages of Roqad uses cookies. Cookies are text files that are stored in a computer system via an Internet browser.

Many Internet sites and servers use cookies. Many cookies contain a cookie ID. A cookie ID is a unique identifier of the cookie. It consists of a character string through which Internet pages and servers can be assigned to the specific Internet browser in which the cookie was stored. This allows visited Internet sites and servers to differentiate the individual browser of the data subject from other Internet browsers that contain other cookies. A specific Internet browser can be recognized and identified using the unique cookie ID.

Through the use of cookies, Roqad can provide the users of this website with more user-friendly services and customized advertising that would not be possible without the cookie setting.

You may, at any time, delete or prevent the setting of cookies through our website by adjust the settings in your Internet browser. If you deactivate the setting of cookies in the Internet browser used, not all functions of our website may be entirely usable.

Our cookies are set for 365 days. Internally we remove all data after 90 days. We stop using user’s data after 30 days.

Tracking mechanism and the data types used

Roqad technology may track users visiting websites with simple js script that allows it to save common HTTP request data including: a browser’s cookie ID, a browser’s user agent, an IP address of the browser, the visited URL, browser’s language, referrer URL.

For more information on our Identity Graph please see: https://roq.ad/identity-graph.

We may also use tracking technologies in our newsletter. For more information, please see here.

Website Forms

We collect your information when you submit it us on our website contact forms or when you email us.

III. How We Use Information We Collect

We use the personal information we receive through our Services to generate cross-device graph, and to generate targeted advertising on behalf of our advertiser customers. The graph includes only IDs (including IP addresses) connected into clusters indicating our predictions for specific user identifiers that are representative of the same person.

Roqad also uses information we collect to: (1) deliver the content of our website and Services, (2) optimize the content of our website as well as its advertisement, (3) ensure the long-term viability of our information technology systems and website technology, and (4) provide law enforcement authorities with the information necessary for criminal prosecution in case of a cyber-attack.

Roqad participates in the IAB Europe Transparency & Consent Framework and complies with its Specifications and Policies. Roqad’s identification number within the framework is 4.

IV. Who We Share Information With

Roqad shares information, including identifiers that represent individual users (including those with corresponding referring websites or applications where the Identifier was developed) with clients, which includes publishers, advertisers, other ad technology companies and advertising agencies, and prospects to its enterprise onboarding and identity graph services.

V. Your Rights and Choices

You may have the rights below, depending on the applicable laws in your jurisdiction.

Right to Opt-Out

Right to Opt-Out (Cookie IDs)

Mobile applications, connected televisions, web browsers, and even specific applications and websites (“Publishers”) on those devices operate with different identifiers even though they may be on the same device. This is similar to how different websites might see you logged in as different versions of yourself (one may have a middle initial, one may have an older email, etc.). You have the right to opt out of Roqad’s use of your identifiers, including for data sharing and sales, targeted advertising and profiling in accordance with applicable laws.

Note that you will need to contact each Publisher separately to exercise any right to opt out you may have with these Publishers. You can request a list of the identifiers we have connected to your, so that you may opt-out individually with other providers, including those who created the identifier.

If you are interested in opting out on your computer or mobile web browser, please visit the “Web Browser Opt-out” section below.

Web Browser Opt-out

Web Browser Opt-out Roqad’s opt-out information can be found in our Privacy page here.

PLEASE NOTE:

The Roqad web browser opt-out works by replacing your unique cookie ID with a generic opted-out value or by flagging your cookie ID so that we know that you have opted-out of future processing. If you clear your cookies or delete your device’s content cache, we will no longer have the information needed to recognize your device as having opted-out.

Right to Know

You have the right to know whether or not Roqad is processing your personal information and the right to know the specific pieces of personal information Roqad has about you.

Right of Access

You have the right to access the personal information that Roqad processes about you, including: the purposes of the processing; the categories of personal information collected, the recipients or categories of recipients to whom the personal information have been or will be disclosed, in particular recipients in third countries or international organizations; where possible, the period for which the personal information will be stored, or, if not possible, the criteria used to determine that period.

Right to Correction

You have the right to request that we correct any inaccurate personal information we may have about you.

Right to Erasure (Right to be Forgotten)

You have the right to request that we delete your personal information if that information is no longer necessary for the purposes for which they were collected or otherwise processed, where you have withdrawn consent or where there is no other legal ground for the processing.

Right of Restriction of Processing

You have the right to request that we restrict the processing of your personal information in certain circumstances:

  • If you object to a processing based on our legitimate interest, we will restrict all processing of that information pending the verification of the legitimate interest.
  • If you have claim that your personal information is incorrect, we must restrict all processing of such data pending the verification of the accuracy of the personal data.
  • If the processing is unlawful, you can request the restriction of the use of your personal information.
  • If the information is no longer needed for the purpose for which it was collected, but is required to comply with our legal obligations.

Right to Data Portability

You have the right to request a copy of your personal information that is collected by automated means based on your consent or based on an agreement with us. You may also request that this information be transferred to another controller, where technically feasible and when doing so does not adversely affect the rights and freedoms of others.

Right to Object to Processing Based on Legitimate Interests

You have the right to object to processing of your personal information that is based on our legitimate interests. We will not continue to process your personal information unless we can demonstrate legitimate grounds for the process which overrides your interest and rights or due to legal claims.

If Roqad processes personal data for direct marketing purposes, you shall have the right to object at any time to processing of personal data concerning you for such marketing. This applies to profiling to the extent that it is related to such direct marketing. If you the Roqad to the processing for direct marketing purposes, Roqad will no longer process the personal data for these purposes.

Right to Withdraw Data Protection Consent

You have the right granted to withdraw your consent to processing of your personal data at any time.

Exercising Your Rights

If you want to exercise any of the rights above, please contact privacy@roq.ad.

Verifying Your Identity

In order to process your request, we may need to verify your identity to ensure you request is authentic by asking for reasonable data necessary for your response to your request.

VI. Information for EU Users

Legal Basis for Processing

Consent

We rely on consent for the processing of personal information collected for use in connection with our Identity Graph.

Performance of a Contract For our customers, we also process personal information when necessary to do so for the performance of a contract to which you are a party, for example, when processing operations are necessary for the supply of goods or to provide any other service.

Compliance with Legal Obligations We process personal information based on our need to comply with our legal obligations when necessary to do so for tax and other related purposes.

Protection of Vital Interests In rare cases, the processing of personal data may be necessary to protect the vital interests of the data subject or of another natural person. This would be the case, for example, if a visitor were injured in our company and his name, age, health insurance data or other vital information would have to be passed on to a doctor, hospital or other third party.

Legitimate Interests We rely on our legitimate interests for processing personal information related to our collection and use of personal information in our enterprise sales and marketing efforts and in relation to the personal information of our employees, contractors, vendors, partners, prospective employees, and others with whom Roqad may endeavor to have a business relationship.

Location of Information

Roqad stores all EU data it collects in the EU.

UK data is transferred to the EU and processed based on an ongoing equivalency agreement between the UK and EU member states.

Roqad may transfer cookie IDs or MAIDs, hashed email addresses, IP Addresses, Connected TV IDs, and such other data that represents a user or household to its enterprise customers (advertisers, MarTech firms, brands, eCommerce providers, ad agencies, or publishers,.) as part of the generated cross-device graph and onboarding services. Those customers may be located outside of the EU. Whenever we share personal information with customers located outside of the EU, we do so pursuant to Standard Contractual Clauses.

VII. Additional Information

A. On Subscription to our Newsletters

On the website of Roqad, users are given the opportunity to subscribe to our company’s newsletter. You may be asked to provide your name, company name and email address when you sign-up.

You may only receive our newsletter if you:(1) have a valid email address and (2) register for the newsletter.

During the registration for the newsletter, we also store the IP address of your device, as well as the date and time of the registration. The collection of this data is necessary in order to understand the (possible) misuse of the email address of a data subject at a later date.

The personal information collected as part of a registration for the newsletter will only be used in connection with your newsletter subscription. You may terminate your subscription to our newsletter at any time by clicking the unsubscribe link in the newsletter or by unsubscribing on our website.

Newsletter Tracking

The newsletter of Roqad contains tracking pixels. A tracking pixel is a miniature graphic embedded in such emails, which are sent in HTML format to enable log file recording and analysis. This allows a statistical analysis of the success or failure of online marketing campaigns. Based on the embedded tracking pixel, Roqad may see if and when an email was opened by a data subject, and which links in the email were called up by data subjects.

Personal information collected in the tracking pixels contained in the newsletters are stored and analyzed in order to optimize the newsletter communication and design, as well as to adapt the content of future newsletters even better to your interests. This personal information will not be passed on to third parties. You are at any time entitled to revoke consent by [insert the opt-out procedure, e.g. “click unsubscribe in the email.”). After a revocation, this personal information will be deleted by us. Roqad automatically regards a withdrawal from the receipt of the newsletter as a revocation.

B. On Job Applicants

We collect and process the personal information of job applicants in order to process your job application and to execute an employment agreement with you in the event you are hired. Once you are hired, the collection and use of your personal information shall be treated in accordance with our employee privacy notice. If no employment contract is concluded, the application documents shall be automatically erased two months after notification of the refusal decision, unless we are required to retain that information to comply with our legal obligations (e.g. for compliance with the General Equal Treatment Act (AGG)).

C. On Third Party Technologies

We include third party digital tracking technologies on our website and receive this data through our enterprise services, this section provides you more information about these technologies.

Data Protection Provisions about the Application and Use of Meta (formerly known as Facebook)

On this website, the controller has integrated technologies provided by Meta. Meta is a social network. For more information on Meta’s privacy practices see https://www.facebook.com/privacy/policy/.

The operating company of Meta is Meta Platforms, Inc., 1601 Willow Road, Menlo Park, CA 94025, United States. If a person lives outside of the United States or Canada, the controller is the Meta Platforms Ireland Ltd., Merrion Road, Dublin 4, D04 X2K5 Ireland.

We use a Facebook plug-in on our website. An overview of all the Facebook Plug-ins may be accessed under https://developers.facebook.com/docs/plugins/. When you interact with Facebook’s plug-in, and you are also logged-into Facebook, Facebook will receive information about your use of our site.

Facebook always receives, through the Facebook component, information about a visit to our website by the data subject, whenever the data subject is logged in at the same time on Facebook during the time of the call-up to our website. This occurs regardless of whether the data subject clicks on the Facebook component or not. If such a transmission of information to Facebook is not desirable for the data subject, then he or she may prevent this by logging off from their Facebook account before a call-up to our website is made.

The data protection guideline published by Facebook, which is available at https://facebook.com/about/privacy/, provides information about the collection, processing and use of personal data by Facebook. In addition, it is explained there what setting options Facebook offers to protect the privacy of the data subject. In addition, different configuration options are made available to allow the elimination of data transmission to Facebook. These applications may be used by the data subject to eliminate a data transmission to Facebook.

Data Protection Provisions about the Application and Use of Google Analytics (with anonymization function). To understand more about Google’s privacy practices see https://policies.google.com/privacy.

On this website, Roqad has integrated Google Analytics (with the anonymizer function). Google Analytics is a web analytics service. Web analytics is the collection, gathering, and analysis of data about the behavior of visitors to websites. A web analysis service collects, inter alia, data about the website from which a person has come (the so-called referrer), which sub-pages were visited, or how often and for what duration a sub-page was viewed. Web analytics are mainly used for the optimization of a website and in order to carry out a cost-benefit analysis of Internet advertising.

The operator of Google Analytics is Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, United States.

For the web analytics through Google Analytics the controller uses the application “_gat. _anonymizeIp”. By means of this application the IP address of the Internet connection of the data subject is abridged by Google and anonymised when accessing our websites from a Member State of the European Union or another Contracting State to the Agreement on the European Economic Area.

The purpose of the Google Analytics component is to analyze the traffic on our website. Google uses the collected data and information, inter alia, to evaluate the use of our website and to provide online reports, which show the activities on our websites, and to provide other services concerning the use of our Internet site for us.

Google Analytics places a cookie on your device. The cookie is used to store personal information, such as the access time, the location from which the access was made, and the frequency of visits of our website by the data subject. With each visit to our Internet site, such personal data, including the IP address of the Internet access used by the data subject, will be transmitted to Google in the United States of America. These personal data are stored by Google in the United States of America. Google may pass these personal data collected through the technical procedure to third parties.

The data subject may, as stated above, prevent the setting of cookies through our website at any time by means of a corresponding adjustment of the web browser used and thus permanently deny the setting of cookies. Such an adjustment to the Internet browser used would also prevent Google Analytics from setting a cookie on the information technology system of the data subject. In addition, cookies already in use by Google Analytics may be deleted at any time via a web browser or other software programs.

In addition, the data subject has the possibility of objecting to a collection of data that are generated by Google Analytics, which is related to the use of this website, as well as the processing of this data by Google and the chance to preclude any such. For this purpose, the data subject must download a browser add-on under the link https://tools.google.com/dlpage/gaoptout and install it. This browser add-on tells Google Analytics through a JavaScript, that any data and information about the visits of Internet pages may not be transmitted to Google Analytics. The installation of the browser add-ons is considered an objection by Google. If the information technology system of the data subject is later deleted, formatted, or newly installed, then the data subject must reinstall the browser add-ons to disable Google Analytics. If the browser add-on was uninstalled by the data subject or any other person who is attributable to their sphere of competence, or is disabled, it is possible to execute the reinstallation or reactivation of the browser add-ons.

Further information and the applicable data protection provisions of Google may be retrieved under https://www.google.com/intl/en/policies/privacy/ and under https://www.google.com/analytics/terms/us.html. Google Analytics is further explained under the following Link https://www.google.com/analytics/.

Data Protection Provisions about the Application and Use of Google Remarketing

On this website, the controller has integrated Google Remarketing services. Google Remarketing is a feature of Google AdWords, which allows an enterprise to display advertising to Internet users who have previously resided on the enterprise’s Internet site. The integration of Google Remarketing therefore allows an enterprise to create user-based advertising and thus shows relevant advertisements to interested Internet users.

The operating company of the Google Remarketing services is the Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, United States.

The purpose of Google Remarketing is the insertion of interest-relevant advertising. Google Remarketing allows us to display ads on the Google network or on other websites, which are based on individual needs and matched to the interests of Internet users.

Google Remarketing sets a cookie on your Device. With the setting of the cookie, Google can recognize you when you visit our site. Google receives personal information, such as the IP address or the surfing behaviour of the user, which Google uses, inter alia, for the insertion of interest relevant advertising.

The cookie is used to store personal information, e.g. the Internet pages visited by the data subject. Each time we visit our Internet pages, personal data, including the IP address of the Internet access used by the data subject, is transmitted to Google in the United States of America. These personal data are stored by Google in the United States of America. Google may pass these personal data collected through the technical procedure to third parties.

You may object to the interest-based advertising by Google by clicking here: https://www.google.de/settings/ads and updating your settings on each browser.

Further information and the actual data protection provisions of Google may be retrieved under https://www.google.com/intl/en/policies/privacy/.

Data Protection Provisions about the Application and Use of Google-AdWords

On this website, the controller has integrated Google AdWords. Google AdWords is a service for Internet advertising that allows the advertiser to place ads in Google search engine results and the Google advertising network. Google AdWords allows an advertiser to pre-define specific keywords with the help of which an ad on Google’s search results only then displayed, when the user utilizes the search engine to retrieve a keyword-relevant search result. In the Google Advertising Network, the ads are distributed on relevant web pages using an automatic algorithm, taking into account the previously defined keywords.

The operating company of Google AdWords is Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, UNITED STATES.

The purpose of Google AdWords is the promotion of our website by the inclusion of relevant advertising on the websites of third parties and in the search engine results of the search engine Google.

If a data subject reaches our website via a Google ad, a conversion cookie is filed on your device. A conversion cookie loses its validity after 30 days and is not used to identify the data subject. If the cookie has not expired, the conversion cookie is used to check whether certain sub-pages were called up on our website.

The data and information collected through the use of the conversion cookie is used by Google to create visit statistics for our website. These visit statistics are used in order to determine the total number of users who have been served through AdWords ads to ascertain the success or failure of each AdWords ad and to optimize our AdWords ads in the future. Neither our company nor other Google AdWords advertisers receive information from Google that could identify the data subject.

The conversion cookie stores personal information, e.g. the Internet pages visited by the data subject. Each time we visit our Internet pages, personal data, including the IP address of the Internet access used by the data subject, is transmitted to Google in the United States of America. These personal data are stored by Google in the United States of America. Google may pass these personal data collected through the technical procedure to third parties.

The data subject may, at any time, prevent the setting of cookies by our website, as stated above, by means of a corresponding setting of the Internet browser used and thus permanently deny the setting of cookies. Such a setting of the Internet browser used would also prevent Google from placing a conversion cookie on the information technology system of the data subject. In addition, a cookie set by Google AdWords may be deleted at any time via the Internet browser or other software programs.

The data subject has a possibility of objecting to the interest based advertisement of Google. Therefore, the data subject must access from each of the browsers in use the link https://www.google.de/settings/ads and set the desired settings.

Further information and the applicable data protection provisions of Google may be retrieved under https://www.google.com/intl/en/policies/privacy/.

Data Protection Provisions about the Application and Use of LinkedIn

We use the Linked-In plug-in on our website. For Linked In’s privacy notice see https://www.linkedin.com/legal/privacy-policy.

The operating company of LinkedIn is LinkedIn Corporation, 2029 Stierlin Court Mountain View, CA 94043, UNITED STATES. For privacy matters outside of the UNITED STATES LinkedIn Ireland, Privacy Policy Issues, Wilton Plaza, Wilton Place, Dublin 2, Ireland, is responsible.

When you interact with LinkedIn’s plug-in, LinkedIn gains knowledge of what specific sub-page of our website you visited. If you are logged into LinkedIn when using our website, LinkedIn will receive information about your visit regardless of whether you click on the LinkedIn button or not. If such a transmission of information to LinkedIn is not desirable, you can log out of LinkedIn before visiting our website.

LinkedIn provides under https://www.linkedin.com/psettings/guest-controls the possibility to unsubscribe from email messages, SMS messages and targeted ads, as well as the ability to manage ad settings. LinkedIn also uses affiliates such as Eire, Google Analytics, BlueKai, DoubleClick, Nielsen, Comscore, Eloqua, and Lotame. The setting of such cookies may be denied under https://www.linkedin.com/legal/cookie-policy. The applicable privacy policy for LinkedIn is available under https://www.linkedin.com/legal/privacy-policy. The LinkedIn Cookie Policy is available under https://www.linkedin.com/legal/cookie-policy.

Data Protection Provisions about the Application and Use of X (formerly known as Twitter)

On this website, the controller has integrated components of X.

The operating company of X, Corp. formerly known as Twitter, 1355 Market Street, Suite 900, San Francisco, CA 94103, UNITED STATES.

With each call-up to one of the individual pages of this Internet site, which is operated by the controller and on which a X component was integrated, the Internet browser on the information technology system of the data subject is automatically prompted to download a display of the corresponding X component of X. Further information about the X components is available under https://about.twitter.com/de/resources/buttons. During the course of this technical procedure, X gains knowledge of what specific sub-page of our website was visited by the data subject. The purpose of the integration of the X component is a retransmission of the contents of this website to allow our users to introduce this web page to the digital world and increase our visitor numbers.

If the data subject is logged in at the same time on X, X detects with every call-up to our website by the data subject and for the entire duration of their stay on our Internet site which specific sub-page of our Internet page was visited by the data subject. This information is collected through the X component and associated with the respective X account of the data subject. If the data subject clicks on one of the X buttons integrated on our website, then X assigns this information to the personal X user account of the data subject and stores the personal data.

X receives information via the X component that the data subject has visited our website, provided that the data subject is logged in on X at the time of the call-up to our website. This occurs regardless of whether the person clicks on the X component or not. If such a transmission of information to X is not desirable for the data subject, then he or she may prevent this by logging off from their X account before a call-up to our website is made.

The applicable data protection provisions of X may be accessed under https://twitter.com/privacy?lang=en.

VIII. Storage and Retention

Routine Erasure and Blocking of Personal Data

Roqad shall process and store the personal data of you only for the period necessary to achieve the purpose of storage, or otherwise in compliance with our legal obligations.

Period for Which the Personal Data Will Be Stored

The criteria used to determine the period of storage of personal data is the respective statutory retention period. After expiration of that period, the corresponding data is routinely deleted, as long as it is no longer necessary for the fulfillment of the contract or the initiation of a contract.

IX. Changes to this Privacy Notice

From time to time, we may update this Privacy Notice. If we make changes that are material or if they could have an impact on the choices, you made or your marketing preferences, we will notify you.

X. CALIFORNIA PRIVACY ADDENDUM

If you are a California resident, the California Consumer Privacy Act (“CCPA”) provides you with certain rights regarding your personal information, including the right to know about personal information collected, disclosed, collected, shared or sold; the right to request that we delete personal information that we have collected from you; the right to correct your inaccurate personal information, the right to opt-out of the sale or sharing of your personal information; and the right not to be discriminated against for exercising your rights. These rights are subject to certain exceptions. You may also review our general privacy policy to learn more about how we protect your information.

Collection of Personal Information

Through direct connections to consumers, a network of publisher partners, and via data brokers and aggregators, we may collect information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household (“personal information”). We have collected the following categories of personal information about you over the past 12 months:

  • Internet or other electronic network activity information, including, but not limited to, browser types and versions used, the operating system used by your computer, mobile or other device (“Device”), the Internet service provider of the accessing system, you browse history, search history, and information (such as time and date of access) regarding your interaction with an internet website, application, or advertisement, including the Roqad website.
  • Identifiers, such as your name, email address, digital identifiers like first and third party cookies, mobile advertising identifiers, connected television identifiers and IP address, including the identifiers assigned by a third-party that represent a specific web interaction, application usage, device, or pseudonymized information.
  • Any other similar data and information that may be used in the event of attacks on our information technology systems.
  • Demographic information, such as your age and gender (in the U.S. only)
  • Commercial information, including records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
  • Geolocation data.
  • Professional or employment-related information.
  • Inferences drawn from any of the information above to create a profile about a consumer reflecting the consumer’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.

We collect the personal information listed above from the following sources:

  • From you directly.
  • Service providers and contractors who collect information on our behalf.
  • Your operating device (such as your computer or mobile device) and your web browser.
  • Analytics providers.
  • Third-party advertising networks.
  • Data brokers and aggregators.

Disclosure, Sharing or Sale of Personal Information

In the last 12 months, we have disclosed, shared or sold the following categories of personal information subject to the CCPA:

  • Identifiers, such as your name, email address, digital identifiers like cookies, mobile advertising identifiers, connected television identifiers and IP address.
  • Characteristics of protected classifications under California or federal law, such as your age and gender.
  • Commercial information, including records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
  • Internet or other electronic network activity information, including, but not limited to, browsing history, search history, and information regarding a consumer’s interaction with an internet website, application, or advertisement.
  • Geolocation data.
  • Professional or employment-related information.
  • Inferences drawn from any of the information above to create a profile about a consumer reflecting the consumer’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.

We may have shared or sold any of the information listed above with:

  • Advertising and analytics providers.
  • eCommerce Providers.
  • Digital Publishers.

We disclose your personal information to the entities listed above for the following purposes:

  • To provide our customers with our services.
  • To improve our services.
  • Compliance with our legal obligations.
  • Any other purpose described in our privacy policy.

Your Rights

If we maintain personal information about you that is subject to CCPA, you may exercise certain rights in connection with this data if you are a California resident. In addition to the rights described above, you may also have the right to:

Right to Know

California residents have the right to request that we disclose certain information about our collection and use of your personal information over the past twelve months (“Right to Know”). Once we receive and confirm your verifiable consumer request, we will disclose to you:

  • The categories of personal information we collected about you.
  • The categories of sources for the personal information we collected about you.
  • The categories of personal information that we have disclosed for a business or commercial purpose.
  • Our business or commercial purposes for collecting or selling personal information.
  • The categories of third parties with whom we share that personal information.
  • The specific pieces of personal information we collected about you (i.e., a data portability request).

Right to Opt-Out of Sale

The CCPA provides California residents with the right to opt-out of the sale of their personal information. You may opt-out of the right to sale by clicking here.

Right to Delete

California residents have the right to request that we delete the personal information that we collected from you and retain, subject to certain exceptions (“Right to Delete”). Once we receive and verify your request, we will delete (and direct our service providers/vendors to delete) your personal information from our records, unless an exception applies.

Right of Correction

The CCPA provides California residents with the right to correct your inaccurate personal information that we have.

Right to Nondiscrimination

The CCPA provides California residents with the right not to receive discriminatory treatment for the exercise of their privacy rights conferred by the CCPA. We will not discriminate against you for exercising any of your CCPA rights.

Shine the Light

California’s Shine the Light law permits you to request what personal information is shared with third parties by us and our affiliates, if that personal information is shared for direct marketing purposes.

Exercising Your Rights

If you are a California resident and wish exercise your privacy rights, you may submit a request by us by email at privacy@roq.ad.

When you submit a request, we will verify your identity by asking you to provide reasonable information that could include your name, the email address, and applicable digital identifiers. We will verify your identity by matching the information you provide with what we have on file for you. We may ask you for additional information to verify your identity or to comply with your request.

Authorized Agent

You may authorize an agent to make a request on your behalf. To designate an agent, please provide a written and signed document by both you and the agent that authorizes the agent to act on your behalf. You may also use a power of attorney. We will still require you to provide information to allow us to reasonably verify that you are the person about whom we collected personal information.

Contact for More Information

ePrivacy GmbH represented by Prof. Dr. Christoph Bauer Burchardstrasse 14, 20095 Hamburg, Germany

If you wish to contact us regarding this California Privacy Notice, you may do so through the following methods:

  • By email at privacy@roq.ad

Privacy Notice Date Updated: 7th of June, 2024.

2023 consumer requests metrics

Request Type Total Received Complied (Whole) Complied (Part) Denied Median Days Mean Days
Requests to delete 16 16 0 0 1 5
Requests to know 9 9 0 0 4 5
Requests to know what personal information was sold/shared 0 0 0 0 0 0
Requests to opt out of sale/sharing 25 25 0 0 7 7
Requests to limit use/disclosure of sensitive data 0 0 0 0 0 0

2024 consumer requests metrics

Request Type Total Received Complied (Whole) Complied (Part) Denied Median Days Mean Days
Requests to delete 13 13 0 0 10 12
Requests to know 3 3 0 0 16 14
Requests to know what personal information was sold/shared 0 0 0 0 0 0
Requests to opt out of sale/sharing 821 821 0 0 7 7
Requests to limit use/disclosure of sensitive data 0 0 0 0 0 0

ZEOTAP DATA SERVICES PRIVACY POLICY

Important Notice: The following privacy policy applies to Zeotap Data services that may be used as part of our platform. For any questions, requests, or to exercise your rights regarding Zeotap Data services, please contact Roqad at privacy@roq.ad

Zeotap Data GmbH (“Zeotap Data,” “us,” “we,” or “our”) is a company that offers the next-generation Customer Data Platform. It empowers brands to unify, enhance and activate customer data in a cookieless future, all while putting consumer privacy and compliance front-and-centre. Our services either solely use Zeotap Data’s proprietary technology or use its proprietary technology in combination with customer data (“User Data”) received from third parties (“Data Partners”), including but not limited to, customer data unification, identity extension, data onboarding, data matching, data insights, custom audience building, analytics/modelling, audience targeting in web and mobile advertising, and transfer of data into activation systems (including marketing ecosystem partners) (“Services”). Please note that, as mentioned above, our Services are comprised of two types: (i) software products (“Software Products”), as part of which we are using solely Zeotap Data’s proprietary technology to process and arrange the customer data shared by our Clients (as defined below), and (ii) data products (“Data Products”), as part of which we use User Data either alone or in combination with the customer data shared by our Clients. You can learn more about our Services on our website.

Zeotap Data participates in the IAB Europe Transparency & Consent Framework and complies with its Specifications and Policies. Zeotap Data’s identification number within the framework is 301.

Our Data Partners are mobile network operators, mobile application providers, media, technology platform providers, owners of media properties (“Publishers”), brands, agencies and others that have access to certain User Data that they wish to monetize by using our Services.

Our clients (“Clients”) are businesses, including brands and agencies (“Advertisers”), Publishers, and other companies that send targeted digital advertising to consumers. By using our Services, our Clients can address a particular audience and tailor advertisements to the likely interests and preferences of such audience.

We work to ensure that our Services respect users’ privacy rights. To accomplish this goal, we adhere to privacy-by-design and privacy-by-default principles throughout the process of designing, building, and delivering our Services.

By law, we are required to provide you with information regarding:

  • how and on what legal basis we use and disclose your personal data;
  • how we take care of your privacy rights specific to your personal data;
  • how you can reach us in case you have any concerns regarding this privacy policy (“Policy”) or the way we are handling your personal data.

The terms of this Policy apply to all User Data to the extent it contains your personal data as defined in the applicable laws and regulations.

For questions about this Policy or to exercise your rights, please contact Roqad at privacy@roq.ad

This Policy does not apply to personal data collected by the website roq.ad. To access our website privacy policy, see the main Roqad privacy notice above.

This Policy also does not apply to information collected by our Data Partners, Clients or other third parties who may provide personal data to us, as their personal data handling practices are covered by their own privacy policies.

This Policy may change from time to time, so please check back periodically to ensure that you are aware of any changes in our processing of your personal data.

DATA CATEGORIES WE RECEIVE AND USE

As part of the Data Products, we receive the following categories of User Data from our Data Partners:

  • mobile advertising device IDs such as Apple’s Identifier For Advertisers (IDFA) and Google Android Advertising ID (“Ad IDs”);
  • cookie IDs;
  • hashed email addresses and hashed telephone numbers;
  • demographic information like age, gender, city/region, income, language and mobile contract data such as prepaid/postpaid (“Demographic Data”);
  • mobile app usage data about apps installed/accessed on a user’s device and app events and browsing data such as browsing URLs (Uniform Resource Locators) (“App Usage and Browsing Data”);
  • purchase data, such as interest in and intent to purchase certain products or services;
  • geolocation data
  • TC String

We do not receive any ‘special categories of personal data’ (i.e., information about your race, ethnicity, religious or philosophical beliefs, sexual orientation, sex life, political opinions, health, trade union membership, or genetic/biometric data) or, knowingly, any personal data about children under the age of 16.

Our Data Partners may collect data directly from users (both online and offline) or receive data from third parties.

We request that our Data Partners provide users with all required information about the use of their personal data and allow users to exercise their rights according to applicable laws and regulations.

We may also use cookies, pixels and similar tools to collect users’ Ad IDs or cookie IDs ourselves. These tools also automatically collect and send us information such as referral URLs, user agent string, and IP addresses. This information is a normal part of the log file information that is routinely exchanged as part of communication between operating systems.

When we obtain different User Data pertaining to the same device from multiple Data Partners, we aggregate such User Data and store it against the same Ad ID (advertising identifier, associated with a device) or Cookie ID (a string of characters that websites and servers associate with the browser on which the cookie is stored). Zeotap Data also maintains a separate ID inventory, which connects the User Data into a common ID (“zeoID”) and is an internal pseudonymous identifier.

We enhance User Data to create de-identified data segments and aggregate such segments into segment lists or Ad ID / Cookie ID lists based on our Clients’ preferences. We then share such lists with our Clients to enable them to effectively target the relevant users.

We do not process information that directly identifies a particular individual such as an unencrypted name, address or government-issued ID number. However, whether or not User Data we receive are considered personal or personally identifiable data depends on, among other factors, the definition that applies in a user’s physical location. For example, in some locations, a user’s IP address may be deemed to be personal data, while in others it is not.

We do not interact directly with users or their devices, unless a user sends us a deletion request, as described below under “YOUR RIGHTS WITH RESPECT TO YOUR PERSONAL DATA (INCLUDING OPT-OUT OPTIONS)”

Please note that as part of our Software Products we may receive various additional categories of User Data from our Clients (including directly identifiable data).

Below we describe the User Data categories in more detail.

A. ONLINE IDENTIFIERS:

ADVERTISING IDS

Ad IDs are user-resettable, unique, anonymized identifiers for advertising. Ad IDs identify a specific device and are implemented both on IDFA and Google Android Advertising ID.

We obtain Ad IDs associated with de-identified User Data from our Data Partners. Ad IDs are then used by our Clients to identify advertising requests and to deliver relevant advertisements. We may also use Ad IDs to establish a relationship between different User Data attributes pertaining to the same user. For example, if we obtain User Data that indicates a certain user is between 25 and 30 years old, and later learn from another Data Partner that the user of the same device is interested in a healthy lifestyle, we combine this information against the same Ad IDs or cookie ID.

COOKIE IDS

An HTTP cookie (also called web cookie, Internet cookie, browser cookie or simply a cookie) is a small piece of data sent from a website and is stored in the user’s web browser while the user is browsing.

We set third party cookies on behalf of Publishers who provide space for the display of advertising within websites. We may use cookies to establish a relationship between devices or data pertaining to the same user. If we already have information about a device’s user, we may link the information stored in cookies to the device’s Ad ID. We call this activity of linking information “mapping.” We use this information to facilitate the delivery of our Clients’ targeted ads.

B. BROWSING DATA:

LOG FILE INFORMATION

In the course of the mapping activity described in the above paragraph, we receive such information as referral URLs, user agent string, and IP addresses.

When you come to the website where Zeotap Data cookies are set, the log file we automatically receive includes the referral URL, which is the address of the website that you came from. We do not use and discard referral URLs within a reasonable time in compliance with our data retention period.

We use IP addresses to derive information such as country and carrier. Afterwards, we discard IP addresses within a reasonable time in compliance with our data retention period.

We use user agent string information contained in the log file to determine your device operating system and device model. Afterwards, we discard user agent string within a reasonable time in compliance with our data retention period.

C. OFFLINE IDENTIFIERS:

HASHED EMAIL ADDRESSES AND HASHED PHONE NUMBERS

Some Data Partners or Clients may provide their offline data, such as hashed email addresses and hashed phone numbers. We require that such data are hashed using secure hashing algorithms prior to sharing with Zeotap Data.

We use hashed emails or hashed phone numbers to establish a relationship between offline and online user profiles pertaining to a certain user and enrich the profiles pertaining to those online users. For example, our Client would like to run an advertising campaign on mobile devices targeting users whose hashed email addresses and/or hashed phone numbers the Client already has. However, without respective Ad IDs, the Client cannot target the desired audience. By comparing hashed email addresses and hashed phone numbers provided by the Client with the User Data we have from our Data Partners, we can match hashed email addresses or hashed phone numbers to Ad IDs corresponding to the same user. As a result, we have a list of Ad IDs corresponding to the list of users the Client would like to target. Additionally, we can also enrich those lists with additional profile data, such as the ones described below.

Hashed emails would also serve as a basis for the creation of ID+, our tokenized individual pseudonymous identifier and specific to a user. You can learn more about ID+ by contacting Roqad at privacy@roq.ad.

D. PROFILE DATA:

DEMOGRAPHIC DATA

We may obtain demographic User Data from our Data Partners, such as:

  • user demographics (e.g., age or age range and gender);
  • general geographic area of the user address and zip code;
  • predicted or actual income tier;
  • other demographic information that was received or collected by our Data Partners.

Zeotap Data uses this information to create demographic segments about users, for example, users who are “males, 30 to 34, living in Brooklyn.” We connect segments with Ad IDs so that our Clients can reach their target audiences on mobile devices.

APP USAGE AND BROWSING INTEREST DATA

We may obtain App Usage and Browsing Data from our Data Partners, such as:

  • apps installed/accessed on a user’s device;
  • app events such as purchases or sign-ins;
  • browsing data such as URLs.

URLs are web addresses, a specific character string that constitutes a reference to a resource. Most web browsers display the URL of a web page above the page in an address bar.

We transform App Usage and Browsing Data into aggregated segments based on interests or purchase intent (such as Sports Enthusiast, Health & Fitness Buffs) which are of interest to our Clients.

PURCHASE DATA

We may obtain purchase data from our Data Partners, such as:

  • items you have bought in stores;
  • items you have bought online;
  • items you have put in a shopping basket online.

E. GEOLOCATION DATA

We may receive data from Data Partners about the physical location of a specific device, including latitude-longitude coordinates obtained through GPS tools, Wi-Fi or cell tower triangulation techniques.

The location data we receive from Data Partners may be generalized, non-precise location data, or we may render the location data non-precise, in order to provide generalized location data to our Clients. Our Clients may use inferences from this information to send localized ads or targeted ads. We do not process precise location EU and UK data.

F. TC String

A TC String’s primary purpose is to encapsulate and encode all the information disclosed to a user and the expression of their preferences for their personal data processing under the GDPR. Using a Consent Management Platform (CMP), the information is captured into an encoded and compact HTTP-transferable string. This string enables communication of transparency and consent information to entities, or “vendors”, that process a user’s personal data. Vendors decode a TC String to determine whether they have the necessary legal bases to process a user’s personal data for their purposes. The concise string data format enables a CMP to persist and retrieve a user’s preferences any time they’re needed as well as transfer that information to any vendors who need it.

For further details, please refer to the IAB Europe policies.

LEGAL BASIS FOR PROCESSING PERSONAL DATA

Our Services enable our Clients to, among other things, tailor advertising you see on your internet browser or mobile device to your interests and preferences. As a result, the number of ads that are not relevant or of interest to you will be reduced. To achieve this goal, we need to process your personal data. Such processing operations, including the use of cookies or other tracking technologies, are covered by your consent, which especially enables our Clients to use customized audience segments to improve and enhance their marketing activities and marketing reach.

Under Data Products, our Data Partners who provide User Data to us collect users’ consent to process their personal data and share it with us according to their respective privacy policies. The consent collected by our Data Partners complies with the applicable laws requirements and enables Zeotap Data and its Clients processing activities. Any processing of your personal data by Zeotap Data is subject to your rights of choice and control as explained below. In accordance with the IAB Europe policies, we may process TC Strings. As TCF Vendor, we have conducted and documented a legitimate interest assessment for the processing of TC String. This assessment has shown that data subjects’ interests and fundamental rights do not override the legitimate interests pursued.

Under Software Products, our Clients are acting as data controllers and are responsible for ensuring that an appropriate legal basis is in place.

Please note that under Data Products, in case we combine our Client data with User Data, our Clients and us act as joint data controllers. With respect to the joint process, we and our Clients jointly determine the purposes and means of processing of User Data. In an agreement on joint controllership pursuant to Article 26 GDPR, we and our Clients have determined how the respective tasks and responsibilities in the processing of personal data are structured and who fulfils which data protection obligations. In particular, it was determined how an appropriate level of security and your rights as a data subject can be ensured, how the information duties under the applicable laws can be fulfilled jointly and how potential data protection incidents can be monitored. This also includes ensuring that reporting and notification obligations are fulfilled.

WITH WHOM DO WE SHARE USER DATA

We share User Data with the following categories of third parties for the following purposes:

  • Advertisers and Agencies – we share Online Identifiers, Browsing Data, Offline Identifiers, Profile Data and Geolocation for the purposes of targeting, analytics, measurement;
  • Publishers and other companies that send targeted advertising to mobile consumers – we share Online Identifiers, Profile Data and Geolocation for the purposes of targeting, analytics, measurement, audience insights;
  • Third party data platforms such as Demand Side Platforms (DSPs), Data Management Platforms (DMPs), advertising marketplaces, ad networks etc. (“Data Platform”) – we share Online Identifiers and Profile Data, for the purposes of data activation (i.e a transfer of data to be used to run managed targeted advertising campaigns), targeting, analytics, measurement, cookie syncing (i.e we may exchange Online Identifiers and Profile Data to synchronise them with data held by others to help our customers ensure that their online advertising campaigns, which are delivered based on these Online Identifiers, are only shown to the users that are most relevant to them);
  • Ad measurement companies – we share Online Identifiers, Browsing Data, Offline Identifiers, Profile Data and Geolocation for the purposes of analytics, measurement;
  • Our hosting provider Google Cloud EMEA Limited (“Hosting Providers”) – we share Online Identifiers, Browsing Data, Offline Identifiers, Profile Data and Geolocation for the purposes of storage;
  • Our affiliates – we share Online Identifiers, Browsing Data, Offline Identifiers, Profile Data and Geolocation for the purposes of providing technical support and helping Zeotap Data operationally perform the Services.

The Advertisers we work with operate in the following businesses: Arts & Entertainment, Automotive, Health & Fitness, Food & Drink, Hobbies & Interests, Home & Garden, News, Finance & Insurance, Science, Pets, Sports, Style & Fashion, Technology & Computing, Tourism & Travel, Real Estate, Shopping, Health & Personal care, Information & Communication Technology (ICT), Energy, Transportation. Marketing Agencies we work with include: Dentsu UK Limited and Dentsu affiliate entities.

Publishers we work with include: MediaMond S.p.A., Triboo Media S.r.l., NetAddiction S.r.l., Edizioni Piemme S.p.A., Teads Italia S.r.l., Viralize S.r.l., AdKaora S.r.l., WebAds S.r.l., Instal S.r.l., Smartclip Italia S.r.l., MovingUp S.r.l., ZETA Gestion de Medios, WebAds Interactive SL, VLN Servicios Publicitarios Integrales S.L. (Sunmedia), Blue Media Comunicacion, S.L., RichAudience International SL, Smartclip Hispania SL, Teads S.A.

Data Platforms we work with include: A.C. Nielsen Company Limited, adsquare GmbH, Xandr Inc., Inmobi Ltd., Maiden Marketing PTE Ltd. (d.b.a. POKKT), Amobee Inc., Widespace AB, Google Ireland Ltd., The Trade Desk Inc., Adform A/S, Adobe Systems Inc., TAPTAP Networks S.L., Videology Media Technologies B.V., Teads Italia S.r.l., Teads S.A. (global), Smartclip Italia S.r.l., LiveRamp Inc., TabMo SAS (Hawk), Pocket Math Pte Ltd, Bidstalk Technologies Pte Ltd, Mediasmart Mobile S.L., AppLift GmbH, salesforce.com EMEA Limited, Yahoo AdTEch LLC, Meta Platforms Ireland Limited, Narrative I/O Inc., Adex GmbH, Smart Adserver, Lotame Solutions, Inc., Ventes Avenue Pvt Ltd, Neustar Inc., A.MOB SAS, Oracle, Amazon Europe Core SARL, Twitter International Company, Snap Group Limited, Taboola.com Ltd, Weborama SA, FreeWheel Media Inc, PubMatic Inc, Index Exchange Inc, Platform161 BV, Dynamic Yield GmbH, Permutive Limited, TikTok Technology Limited (Ireland), Braze Inc, Microsoft Corporation, Magnite, Inc., Eyeota Pte Ltd, Neodata Group s.r.l, ID5 Technology Limited, Zeotap GmbH, Roqad GmbH

We will also disclose your User Data in response to valid legal processes, for example, in response to a court order, a subpoena or other legal request for information, and/or to comply with applicable legal and regulatory reporting requirements. We also may disclose your information where we believe it is necessary to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, or to verify or enforce compliance with the policies governing our products and/or services and with applicable laws, or as otherwise required or permitted by law or consistent with legal requirements. We are required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

In addition, we may transfer your information to an entity or individual that acquires, buys, or merges with us, or our affiliates. In these cases, we will require the acquiring company to carry on the material terms of this Policy, including the requests for account deletion.

WHEN WE TRANSFER USER DATA INTERNATIONALLY

When we share User Data with the recipients described above, such sharing may constitute a transfer to a third country outside of the European Economic Area, for which the European Commission has not determined an adequate level of protection for your personal data. By law, we are required to ensure that the level of protection guaranteed for your personal data by the European and UK laws is not undermined by such transfer. We enter the EU Standard Contractual Clauses with respective User Data recipients, which you can access upon request to privacy@roq.ad. Please note that User Data is stored in the following locations: Germany, Belgium and United Kingdom.

HOW WE PROTECT PERSONAL DATA

We have implemented appropriate technical and organizational safeguards to protect any personal data we receive from theft, loss, and unauthorized access. We follow generally accepted standards to protect personal User Data throughout the entire use cycle starting from the initial transfer until deletion. In addition, we limit internal access to your personal data to our employees, agents, contractors, and other third parties who have a legitimate business need to know. They will only process your personal data on our instructions, and they are subject to a duty of confidentiality.

We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable supervisory authority of a breach where we are legally required to do so.

YOUR RIGHTS WITH RESPECT TO YOUR PERSONAL DATA (INCLUDING OPT-OUT OPTIONS)

Your personal data belongs to you. You have the following rights – in part under certain conditions – with respect to your personal data:

  • right to request confirmation as to whether or not we process any of your data, and, where that is the case, right of access to your data;
  • right to request rectification of inaccurate or incomplete personal data;
  • right to request the erasure of your personal data;
  • right to restrict processing of your personal data if certain conditions are met, e.g., if you believe the personal data we hold about you is not accurate;
  • right to object to us processing your personal data;
  • withdraw your consent at any time with effect for the future;
  • right to data portability, which only applies, however, if you provided us with your personal data directly.
  • Right to lodge a complaint with a supervisory authority: You must exercise this right directly with your local data protection authority. For example, in Germany, you can contact the Berliner Beauftragte für Datenschutz und Informationsfreiheit, whose contact details can be found here: https://www.datenschutz-berlin.de/

HOW TO EXERCISE YOUR RIGHTS

To opt-out from the processing or exercise your other rights with respect to your personal data, please contact Roqad directly at privacy@roq.ad or 

You can also contact your mobile operator or another Data Partner with whom you shared your personal data (please refer to their respective privacy policy). It is the responsibility of the respective Data Partner to ensure that your request is fully honoured.

The data we store is encrypted and stored against either (i) an Ad ID or (ii) a Cookie ID. This means that we need your Ad ID and/or Cookie ID in order to find all your data that are present in our system.

Alternatively, we can check whether the data attribute that you sent us in your request (e.g. a telephone number or e-mail address) is stored in our system in a hashed format, however, if the hashed telephone number or hashed e-mail address is not stored in our system, and you did not provide us with your Ad ID and/or Cookie ID, we will not be able to find other related data that might still be stored in our system.

Therefore, in order to be able to process and respond to your request properly and fully, we provide you with the following different channels to exercise your rights:

  • You can ask for access and/or deletion of your data stored against a Cookie ID, through our website portal at roq.ad
  • You can ask for access and/or deletion of your data stored against an Ad ID, through our proprietary mobile App (“Data Protection Rights App”) that can be downloaded via Google Play and/or the Apple Store
  • You can also submit your requests by contacting privacy@roq.ad

Apart from all the above rights, you can also lodge a complaint with a supervisory authority if you believe we or our Data Partners infringed upon your rights.

Moreover, you can always use the following mechanism to opt-out from targeted advertising:

  • you may select “Limit Ad Tracking” on iOS or “Opt-out of interest-based ads” on Google Android. In this case, we will keep your User Data until you request us to delete it, but we will not use it for targeted advertising purposes, and activity on your mobile device will be effectively invisible to us. You may reset the Ad ID by selecting the option “Reset Advertising Identifier” on Apple iOS or “Reset Advertising ID” on Google Android. This will delete your current Ad ID from your device and replace it with a new Ad ID. As a result, we will not receive any Bid Requests containing the old Ad ID anymore. After a certain amount of time, we will delete the old Ad IDs and related User Data. However, we may receive access to your new Ad ID and match it with other User Data we might receive from our Data Partners over time.
  • you can clear or block our cookies in the settings of your mobile browser. In this case, we will keep your data, but we will not be able to use it to target your device when you are browsing mobile websites. However, regardless of the deletion of cookies, your device can still be targeted when you are using apps on the basis of your Ad ID.
  • you may also visit the webpage http://youradchoices.com/appchoices and/or download the mobile AppChoices app. For more information about targeted advertising and opt-out options, you may visit for example the webpage of Network Advertising Initiative’s at http://www.networkadvertising.org/choices and/or Your Online Choices at www.youronlinechoices.com/uk.

Please also note that using the above options does not mean you will block mobile advertising, but it means that the ads you receive will not be personalized for you.

Regarding users from the United States:

This section applies solely to visitors or users who reside in the United States.

Your browser may offer you a “Do Not Track” option, which allows you to signal to operators of websites and web applications and services (including behavioural advertising services) that you do not wish such operators to track certain online activities, over time and across different websites. We do not honour “Do Not Track” signals.

Under the California Privacy Rights Act (‘CPRA’):

  • Categories of Personal Information: The categories of Personal Information that we collect and/or share are described in the section “DATA CATEGORIES WE RECEIVE AND USE” of this notice
  • Purposes: We do share Personal Information for specific business purposes, described in section “WITH WHOM DO WE SHARE USER DATA”.
  • Your rights: you have certain rights regarding the Personal Information that we collect and process about you. This includes the rights to request access or deletion of your Personal Information, as well as the right to submit a request to stop selling or sharing your Personal Information. Please contact Roqad at privacy@roq.ad to exercise these rights.
  • DO NOT SELL MY DATA: You have a right to direct us not to sell or share your Personal Information. We do not sell or share the Personal Information of consumers who are under 16 years of age. To exercise this right, please contact privacy@roq.ad.

INFORMATION ON DATA RETENTION

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for.

We retain data until the occurrence of the following events:

  • request from a Data Partner to delete certain User Data; or
  • the users submit their Ad ID to us for deletion of associated data; or
  • expiration of the Zeotap defined retention period with a deletion of unused profiles after 3 months.

Please note that our cookies have the following storage durations:

  • zc: Cookie dropped against .zeotap.com domain. Purpose: User identification. Expiry: 365 days
  • zsc: Cookie dropped against .zeotap.com domain. Purpose: Frequency capping for cookie syncing. Expiry: 1-day
  • zi: Cookie dropped against site domain as first-party cookie. Purpose: User Identification. Expiry: 365 days
  • idp: Cookie dropped against site domain as first-party cookie. Purpose: User Identification. Expiry: 365 days
  • zuc: Cookie dropped against .zeotap.com domain to store the consent value. Purpose: User Identification. Expiry: 365 days

Definitions

The data protection declaration is based on the terms used by the European legislator for the adoption of the General Data Protection Regulation (GDPR). Our data protection declaration should be legible and understandable for the general public, as well as our customers and business partners. To ensure this, we would like to first explain the terminology used.

In this data protection declaration, we use the following terms:

Consent Consent of the data subject is any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.

Personal Data/Personal Information Personal data means any information relating to an identified or identifiable natural person (“data subject”). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Processing Processing is any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

Processor Processor is a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.

Profiling Profiling means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location or movements.

Pseudonymisation Pseudonymisation is the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.

Contact Information for All Privacy Matters:

ePrivacy GmbH represented by Prof. Dr. Christoph Bauer
Burchardstrasse 14, 20095 Hamburg, Germany
Email: privacy@roq.ad

Privacy Notice Date Updated: 7th of June, 2024