f
- Offer for direct advertisers found at http://target.my.com/help/advertisers/offer-juridical-advert/en,
- Rules for rendering of advertising services for direct advertisers found at https://target.my.com/help/advertisers/rulesjuridicaladvert/en,
- Offer for advertising agencies found at https://target.my.com/help/agency/offer-juridical-agency/en,
- Rules for rendering of advertising services for advertising agencies found at https://target.my.com/help/agency/rules/ru,
- Offer for publishers found at https://target.my.com/partners/doc/offer-for-nonresidents,
- Terms and conditions for publishers found at https://target.my.com/partners/doc/terms-for-nonresidents (hereinafter together referred to as "myTarget Agreements" and applied to Contractor depending on contractual relationship with My.com).
Parties subject to offline agreements may receive a version of these addenda for execution and incorporation to such offline agreement if such offline agreement does not include similar data protection language already.
IF YOU DO NOT AGREE TO ALL TERMS AND CONDITIONS OF THIS ADDENDUM, DO NOT USE myTARGET SERVICES and/or download mytarget sdk.
0.1. DSA is considered as the Data Sharing Addendum between Company and Contractor (Publisher or Advertiser), which is incorporated into and part of myTarget Agreements. This DSA applies only to the European Union-based users and personal data shall mean personal data of such European Union-based users.
0.2. Company (myTarget, My.com) means My.com B.V, registered address: Barbara Strozzilaan 201, 1083 HN, Amsterdam, the Netherlands.
0.3. Contractor means an individual or legal entity who has entered into an myTarget Agreement with the Company as an Advertiser or an Publisher. If the term "Contractor" is used when describing the rights and obligations of users myTarget system, both, the Advertiser and the Publisher, are meant, unless specifically stated otherwise.
0.4. Publisher means an individual or legal entity having accepted the Terms and conditions for Publishers and entered into Offer for Publishers (collectively "Publisher Agreement") with the Company by accepting the Offer.
0.5. Advertiser means the person who have accepted Rules for rendering of advertising services for direct advertisers and entered into Offer for direct advertisers (collectively "Advertiser Agreement") with the Company for its own Advertising materials and/or the Advertising materials of the third parties placement through the Company's System.
0.6. myTarget System (Company's System, myTarget) shall have the meaning ascribed to it in the respective myTarget Agreement.
0.7. myTarget Services means the services provided under myTarget Agreement(s).
0.8. The terms Personal Data (Data), processing, data subject, shall bear the meaning ascribed under the Data Protection Act 1998 or the Regulation (as applicable), and the term "process" shall be construed accordingly.
0.9. Data Protection Law means the Directives (as amended or replaced from time to time), guidance, directions, determinations, codes of practice, circulars, orders, notices or demands issued by any supervisory authority and any applicable national, international, regional, municipal or other data privacy and data protection laws or regulations in any other territory in which the Services are provided or which are otherwise applicable, including the Regulation.
0.10. Directives means the European Data Protection Directive (95/46/EC) and the European Privacy and Electronic Communications Directive (Directive 2002/58/EC).
0.11. Regulation means, on and from 25 May 2018, Regulation (EU) 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data as and when it becomes applicable.
0.12. Controller means the entity that determines the purposes and means of the processing of personal data.
0.13. Model Clauses means the Standard Contractual Clauses for the Transfer of Personal Data available at https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/model-contracts-transfer-personal-data-third-countries_en.
0.14. Processing has the meaning set forth under the Regulation.
0.15. Permitted purposes of processing means the following terms and purposes of data processing by Company: Contractors using myTarget services or installing myTarget SDK acknowledge, agree and permit the disclosure of the personal data relating to their end users that should be described in the terms and conditions and documentation for the services of Contractors (the "Data") to Company to process (including collecting or otherwise receiving Data, including by using tracking technologies) as a separate and independent Controller of the Data for the purposes described in Company’s privacy policy as applicable by myTarget Services, including but not limited:
(a) accessing or calling the Publisher's apps or websites, or the servers that make them available, to cause the routing, serving, displaying, targeting, and tracking the performance of Advertiser's ads on the Publisher's apps or websites; (b) using Data for Company’s internal business purposes, including to develop and improve the myTarget SDK and myTarget System; (c) for any other purposes identified in the Company’s Privacy Policy; and/or (d) disclosing Data (i) to third parties (including Advertisers and/or Publishers) as reasonably necessary in connection with the operation of myTarget Systems, (ii) if required by any court order, process, law or governmental agency; and/or (iii) generally when it is aggregated, such that the specific information relating to Contractor or any underlying end user is not directly identifiable (e.g. in marketing materials made available to the industry at large about myTarget System); and/or (e) for other purposes defined in Company’s privacy policy or agreed to in writing by the Parties, provided such processing strictly complies with Applicable Data Protection Law.
Specifically, and notwithstanding anything to the contrary in any prior Data Sharing Addendum, Company shall use the Data in identified format to make targeting decisions within its services, provide monetization services to its Contractors, assist its Contractors with maintaining their services, improving their services, and analysing the marketplace for their services as well as the performance of their services. Notwithstanding the foregoing, data obtained by Company independent of any such Contractors using myTarget Services that is the same or similar to the Data described herein shall not be restricted by this Addendum, any license agreement, or any terms or conditions for such services.
Other terms, whereof the definitions are absent in this section shall be interpreted in accordance with the respective myTarget Agreement, if applicable, or usual and customary business practices as well as in accordance with the laws of England and Wales in force.
1.1. This DSA is an integral part of the terms and conditions for myTarget Services. This DSA supersedes such terms of service in case of discrepancy. The Parties agree that this DSA is designed to state the Parties' obligations resulting from the General Data Protection Regulation, and all local implementing legislation within the European Economic Area and, as necessary, to state the obligations of the Parties with respect to legislation of countries following similar regulatory rules to protect data to the extent such laws are subject to an adequacy finding under European laws.
2.1. The parties acknowledge that Contractor is a controller of the Data it discloses to My.com, and that My.com will process the Data as a separate and independent controller for the Permitted Purposes and/or for purposes described in its Privacy Policy and myTarget Agreement provided that it has a legal basis for such additional processing and can comply with all aspects of applicable Data Protection Laws.
2.2. The parties acknowledge that My.com is a controller of the Data it discloses to Contractor, and that Contractor will process the Data as a separate and independent controller for purposes described its Privacy Policy provided that it has a legal basis for such processing and can comply with all aspects of applicable Data Protection Laws.
2.3. Nothing in this DSA shall limit or prevent My.com from collecting or using data that My.com would otherwise collect and process independently of Contractor's use of the myTarget System and myTarget SDK.
In no event will the parties process Personal Data under this Agreement as joint Controllers.
3.1 Each Party shall process the personal data in compliance with and for the purposes described in this DSA and myTarget Agreement(s) and/or otherwise agreed the Parties.
3.2. Each Party shall be individually and separately responsible for complying with the obligations that apply to it as a controller under Applicable Data Protection Law. Without limitation to the foregoing, each party shall maintain a publicly-accessible privacy policy on its website that satisfies the transparency disclosure requirements of Applicable Data Protection Law. Contractor shall list My.com as a third party that is collecting Data within providing myTarget Services in its publicly available privacy policy, including providing a link to My.com’s privacy policy.
Publisher agree to keep up to date versions of myTarget SDK and services installed in their applications as My.com identifies as necessary to permit My.com to maintain its compliance with law. By way of example and without limiting the generality of the foregoing, My.com relies on Publisher updating their applications with software changes made to provide certain opportunities for end users to exercise their rights to disclosure and deletion requests; however, updates unrelated to compliance with law may occur from time to time which are not subject to this paragraph nor governed by this DSA. To the extent required by Applicable Data Protection Law, the Parties agree that they will specifically identify to the other Party when they require that the Party obtain from the relevant individuals their explicit consent pursuant to Applicable Data Protection Law, thereby permitting the use of his or her Personal Data by the receiving Party as contemplated by that Party. The foregoing does not create a general requirement related to Consent, and a Party requiring Consent must provide adequate notice to the other Party of this requirement.
To the extent Contractor processes any such data, Contractor agrees to provide the same level of protection for such Personal Data as is required by the Privacy Shield Principles. Contractor shall notify My.com if it makes a determination that it can no longer provide such protection and in such event, shall cease processing or take other reasonable and appropriate steps to remediate (if remediable) any processing until such time as the processing meets the level of protection as is required by the Privacy Shield Principles.
3.3. Each Party shall implement appropriate technical and organisational measures to protect the Data (i) from accidental or unlawful destruction, and (ii) loss, alteration, unauthorised disclosure of, or access to the Data (a "Security Incident"). In the event that a party suffers a confirmed Security Incident, it shall notify the other party without undue delay and both parties shall cooperate in good faith to agree and action such measures as may be necessary to mitigate or remedy the effects of the Security Incident. Nothing herein prohibits either party with moving forward to notify regulatory authorities as may be required by law prior to notification of the other party so long as the notifying party provides notification to the other party without undue delay.
3.4. The Parties shall, on request, provide each other with all reasonable and timely assistance (at their own expense) to enable the other to comply with its obligations under the Data Protection Law, specifically in order to enable the other to respond to: (i) any request from a data subject to exercise any of its rights under EU Data Protection Law (including its rights of access, correction, objection, erasure and data portability, as applicable) in relation to the Data ("Data Subject Rights"); and (ii) any other correspondence, inquiry, or complaint received from a data subject, regulator, or other third party in connection with the processing of the Data. Each party shall promptly inform the other if it receives any request directly from a data subject to exercise a Data Subject Right in relation to the Data.
3.5. Each Party is entitled to appoint Processor for the purposes set forth herein provided that such Processor agrees to process personal data in compliance with the provisions of this DSA and myTarget Agreements, as applicable, comply with the Data Protection Law, including implementation of security measures to protect personal data as required by Article 32 of the Regulation or provide other sufficient guarantees that processing of personal data by such Processor will be compliant with the Data Protection law.
3.6. Contractor represents and warrants to Company that it comply with Data Protection Law in respect of the data subject's notice and consent receipt mechanism in order to ensure that such consent is freely given, informed, specific and unambiguous in regard to personal data, processed by Company for Permitted purposes.
3.7. Contractor will not provide Company with personal data which is not received in compliance with the requirements of Data Protection Law or which data subject has used its opt-out option. Company expressly denies receiving of such personal data.
3.8. Contractor will provide to Company upon its request any documentation reflecting Contractor’s compliance with Data Protection Law and implementation of its provisions, including as regards receipt of data subject's consent.
3.9. For clarity, Advertisers agree that to the extent they require Company to present data to a third party install tracker that they have such parties under a valid data processing agreement clearly directing the install tracker as to its usage instructions, duties, and liabilities for processing such data.
3.10. Parties acknowledge and agree that neither Contractor nor Company shall process special categories of personal data, as referenced in Article 9 of the GDPR.
3.11. Publisher shall not share with My.com any Data that allows users of apps or websites of Publisher to be directly identified (for example, by reference to their name or email address).
3.12. Contractor shall not pass to My.com any personal data of children (as such term is defined under applicable Privacy Requirements), unless expressly agreed in writing and as permitted under Data Protection Law.
4.1. The Parties agree that personal data of the European Union-based users shall not be transferred outside the European Union unless the following requirements are met:
4.1.1. the recipient of the personal data is located in the European Union or another country that the European Commission or Swiss Federal Data Protection Authority (as applicable) has decided provides adequate protection for personal data, or
4.1.2. the recipient of the personal data complies with binding corporate rules authorization in accordance with the Data Protection Law or has executed Model Clauses with the exporter of personal data; or
4.1.3. the recipient of the personal data received personal data according to another approved transfer mechanism which is compliant with Data Protection Law.
4.2. In case the Model Clauses shall be executed under clause 4.1.2 above, you agree to such Model Clauses which are hereby incorporated by reference into this DSA.
4.2.1. Controller to Controller Model Clauses (in process execution Advertiser Agreement): For the purposes of clause II(h): We select option (iii) and agree to be governed by and comply with the data processing principles set out in Annex A of the Controller-to-Controller Model Clauses. For the purpose of Annex B: (i) users viewing ads by Advertiser which run through myTarget or clients of the Advertiser; (ii) the purpose of the transfer is to permit use of the data in accordance with Advertiser Agreement; (iii) the data transferred is as described in this DSA and Advertiser Agreement; (iv) the recipient of the personal data is My.com B.V.; (v) no sensitive data is or shall be transferred; (vi) there is no applicable data registration information; (vii) there is no additional useful information; and (viii) the contact points for data protection queries are your and our usual contacts under Advertiser Agreement.
4.2.2. Controller to Controller Model Clauses (in process execution Publisher Agreement): For the purposes of clause II(h): We select option (iii) and agree to be governed by and comply with the data processing principles set out in Annex A of the Controller-to-Controller Model Clauses. For the purpose of Annex B: (i) the data subjects are end users of the mobile applications and/ or websites in which you use myTarget Services; (ii) the purpose of the transfer is to permit use of the data in accordance with your Publisher Agreement; (iii) the data transferred is as described in this DSA and your Publisher Agreement; (iv) the recipient of the personal data is My.com B.V.; (v) no sensitive data is or shall be transferred; (vi) there is no applicable data registration information; (vii) there is no additional useful information; and (viii) the contact points for data protection queries are your and our usual contacts under your Publisher Agreement.
In case of any discrepancies or inconsistencies between the text of this DSA and the text of the respective Model Clauses, the Model Clauses shall prevail.
5.1. Subject to clauses 6.1-6.2 herein, each party (the "Indemnifying Party") shall indemnify and hold harmless the other, including its officers directors, employees, contractors, and agents (the "Indemnified Party") from and against all claims, losses, costs, liabilities, damages, and expenses, including reasonable attorneys' fees ("Claims") brought by data subjects, supervisory authorities under the Data Protection Law, or other third parties, suffered or incurred by the Indemnified Party to the extent arising from the Indemnifying Party's breach of this DSA.
5.2. Indemnification under this Section is conditioned upon (i) the Indemnified Party providing the Indemnifying Party (x) prompt notice of any circumstances of which it is aware that give rise to an indemnity claim under this myTarget DSA and (y) reasonable cooperation as to such claim, including provision of all relevant materials to it; (ii) the Indemnified Party taking reasonable steps and actions to mitigate any ongoing damage it may suffer as a consequence of the Indemnifying Party's breach.
5.3. The Indemnifying Party reserves the right, at its expense, to assume the exclusive defense and control of any matter for which it is required to indemnify the Indemnified Party, and the Indemnified Party shall have the right to participate with counsel of its own choosing at its own expense. The Indemnifying Party will not enter into any settlement of any claim without the prior written consent of the Indemnified Party, such consent not to be unreasonably withheld or conditioned.
6.1. Each of our respective liability, whether in contract, tort or under any other theory of liability, is subject to the 'Limitation of Liability' section of your applicable myTarget Agreement(s), and any reference in such section to the liability of a party means the aggregate liability of that party and its affiliates under the myTarget Agreement including this DSA together.
6.2. To the extent that a party has an entitlement under Data Protection Law to claim from the other party (breaching party) compensation paid by that first party to a data subject as a result of a breach of Data Protection Law by the breaching party, such breaching party shall be liable only for such amount as it directly relates to its responsibility for any damage caused to the relevant data subject. For the avoidance of doubt, breaching party shall only be liable to make payment only as compensation of direct damages to the other party under this Clause 7.2 upon receipt of evidence, which shall be to breaching party's reasonable satisfaction, that clearly demonstrates breaching party:
6.2.1. has breached Data Protection Law;
6.2.2. that such breach contributed (in part or in full) to the harm caused entitling the relevant data subject to receive compensation in accordance with Data Protection Law; and
6.2.3. the proportion of responsibility for the harm caused to the relevant data subject which is attributable to breaching party.
7.1. Contractors agree that this DSA does not enlarge any rights provided for in their Terms of Service whether such rights are provided in online Terms of Service or in offline Agreements and they continue to be limited to the use rights and restrictions provided for therein. For clarity to the Advertiser Terms of Service, Advertisers agree that to the extent they require My.com to present data to a third party install tracker that they have such parties under a valid data processing agreement clearly directing the install tracker as to its usage instructions, duties, and liabilities for processing such data.
8.1. Nothing in this DSA shall confer any benefits or rights on any person or entity other than the parties to this DSA; the foregoing shall not limit third-party beneficiary provisions of the Model Clauses.
8.2. Except as modified by this Addendum, myTarget Agreement(s) remain in full force and effect.
8.3. In case of any discrepancies or inconsistencies between the text of this DSA and the text of the respective myTarget Agreement(s), this DSA shall prevail.
8.4. Company and you mutually represent and warrant that we each, respectively, have the right, power, and authority (a) to enter into this DSA, (b) to make the representations and warranties contained herein, and (c) to perform our respective duties, obligations and covenants set forth in this DSA.
8.5. This DSA is co-terminus with myTarget Agreement(s) concluded between the Parties, terminating automatically with last myTarget Agreement(s).
8.6. This DSA in no way alters the limitations of liability or other legal terms set out in any terms and conditions for service or any services agreement entered between the Parties.
9.1 This DSA shall survive termination or expiry of any terms of service or other agreement to permit Company to comply with its legal obligations. Upon termination or expiry of the Contractor relationship, Company may continue to process the Data for the Permitted Purpose provided that such processing complies with the requirements of this DSA and Applicable Data Protection Law.
