OpenX AD EXCHANGE PRIVACY POLICY

Last updated: October 22, 2021

1. Introduction

OpenX (“OpenX“, “we“, “us” or “our“) runs an advertising exchange. This means that we connect companies that offer advertising space on their websites, mobile applications, or connected television applications with companies looking to purchase that advertising space in order to advertise their products or services to consumers like you.

In other words, we connect “Publishers” of advertisements with “Advertising Partners” (including brands, advertising agencies, and demand side platforms), and ultimately help them serve you relevant advertisements as you browse websites, use apps, or otherwise interact with the world online.

We know that you may have questions and concerns about who is collecting your data, how your data is used, and how Publishers and Advertising Partners seem to know which products and services you may be interested in as you engage online. We’ve designed this Privacy Policy to help answer those questions with respect to the data that flows through our systems, and to make sure you know how to take action to prevent or limit our collection and use of your data for interest-based advertising (sometimes called “targeted advertising” or “behavioral advertising”) if you choose to do so.

We encourage you to read the whole Privacy Policy, because it provides important information about how we may process your data, and the choices or rights you may have with respect to our processing of your data. In the meantime, here are some key takeaways:

We collect certain data about you from Publishers and other third parties. This data may include basic information about you, such as your internet service provider and browser, as well as information such as your location, browsing history, purchase history, demographic information, and specific interests.
We collect this data about you from a variety of Publishers who send it to us when you visit their websites or use their apps. For example, we may collect it from dating and health-related websites and apps that you visit or use if the Publishers who operate those websites or apps partner with us to serve you advertisements. It is important that you read the privacy policies published on those websites or in those apps if you are concerned about us receiving the kind of data they may provide.
Using cookies and other persistent identifiers that track your online activity, we are able to collect this data about you across different websites and apps, and across different devices over time. For example, we may be able to tell if you visited a website on Monday from your desktop computer and then returned to the same website on Tuesday from your mobile phone. We may also be able to tell which advertisements you were served on these different days and devices, and whether you clicked on them or ended up buying or using the advertised products or services.
We use all of this data to learn about your interests, understand what products and services may be most relevant to you, and keep track of the advertisements you are being served. We also share this data, and the information we learn from it, with the Advertising Partners that use our advertising exchange to help them decide whether, where, and how to serve (or re-serve) advertisements for particular products or services to you.
None of the data we collect or share about you is connected to your name, contact information, or other information that could directly identify you as an individual. But, it is connected to the cookies and other persistent identifiers that are affiliated with your unique online activity. This means that, while we (and the Advertising Partners who use our exchange) may know about the interests and online activity of Internet user ABC123 and use it to serve that user ads as described above, we don’t actually know that Internet user ABC123 goes by your name; all of the data we collect, use, and share about you is pseudonymized.
We think there is real value in our services, and are proud that our exchange helps keep the Internet accessible while allowing you to connect to new products and services as you engage online. For example, by allowing Publishers to better understand their audiences, our exchange facilitates many Publishers’ ability to keep their websites and apps low cost, accessible, and independent. Our exchange also helps our Advertising Partners of all sizes market their products and services to you in a more efficient way, facilitating their ability to operate, grow, and compete with one another. And, in the process, our exchange also allows you to receive a controlled amount of advertisements that are relevant to you.
For all of these reasons, we strongly believe that our services not only foster a healthy Internet and a strong economy, but also enhance your online experience. We also take seriously our responsibility to take care of your data, and have implemented a number of measures to protect it (including by making sure that it is pseudonymized, as described above).
Still, we understand that not everyone wants to receive interest-based advertisements or have their data collected, used, and shared as described above. We want to make sure you know that you are in control of your data and, in many circumstances, you can prevent or limit our collection and use of it. To request to do so, we encourage you to use this form to contact us. If you would like to learn more about how to opt out of interest-based advertising, including on certain platforms other than our exchange, we’ve also provided you with information on how to do so in this section, and encourage you to read more there.
If you take one or more of the actions referenced above to prevent or limit our collection and use of your data, you should understand that you may still receive the same amount of advertisements from Advertising Partners using our exchange (or other ad exchanges) as you engage online. But, at least for advertisements served via our exchange to the device(s) or browser(s) you have specified, those advertisements will not be tailored to you or your specific interests. In other words, since we will no longer be using information about your aggregated online activity to make inferences over time about the products or services that may be most relevant to you, you may receive more randomized advertisements that have nothing to do with your interests.
To learn more about our collection, use, and disclosure of your data, and your choices or rights with respect to our processing of your data, please scroll down to read the rest of this Privacy Policy. If you have any questions as you do, you can always contact us here.
Please also remember that the Publishers or Advertising Partners you interact with as you engage online may have their own policies that govern how they collect and use your data, including when they may share your data with advertising partners like us. In certain circumstances, Publishers or Advertising Partners may also export data from our exchange for their own use – for example, to understand how well their advertising campaigns are working. These policies and practices may differ from what you read in our Privacy Policy. To fully understand how your data is being collected, used, and shared, you should always carefully read the privacy policy of any website you access, any app you use, and any social network page through which you share information.

2. What personal data do we collect?

When you visit a website or app belonging to a Publisher that uses the OpenX web-based marketplace (“Ad Exchange”) and the Publisher sends us a request to show you an ad, we collect certain information about the ad space, you, and your device to help inform an Advertising Partner’s decision to serve the ad. We also collect information through Advertising Partners that use our services, as well as from other third-party partners. This information we collect can identify your device over time. We do not know your name or contact information, or any other information that would directly identify you as an individual. However, information we collect may be used to indirectly identify you, as a unique user of electronic communications and other internet services who may be distinguished from other users, and as such it would still be considered “personal data” or “personal data” under applicable data privacy or data protection laws.

In particular, we may collect the following categories of information:

Unique online identifiers (e.g., IP address, cookie IDs and other unique identifiers, including those to allow cookie syncing or syncing of mobile advertising identifiers such as Apple’s Identifier for Advertisers (“IDFA”) and Android’s Advertising IDs (“AAID”) or third party IDs);
Information about your browsing behavior on a Publisher’s website or app (e.g., domain or app store URL or bundle ID, contextual taxonomy of a website / section of a website / app (e.g., ‘movies’, ‘music’, ‘buying/selling cars’), type of content being used or consumed on a website or app in which the impression will appear (e.g., ‘video stream’, ‘interactive software game’, internet radio broadcast’), content language, referring website address, search string that caused navigation to the current page, date/time of visit);
Browser information (e.g., browser type, version, language, and operating system);
Device information (e.g., device type (e.g. tablet, connected television, phone, personal computer), screen dimensions, device brand, model and operating system, hardware version of the device (e.g., “5S” for iPhone 5S), hashed hardware device IDs (e.g., International Mobile Equipment Identities (“IMEIs”)) and hashed platform device IDs (e.g., Android IDs));
Internet service information (e.g., Internet Service Provider, device connection type (e.g., Ethernet, WiFi, 3G, 5G));
Derived user and device location data (as derived from IP address or GPS (for mobile));
Precise location data (if you have enabled location services on your device and not otherwise indicated that you would not like your precise location information to be shared, and if a Publisher passes that precise location information to us);
Country and region code, Google metro code city, zip or postal code, and local time;
Ad reporting or delivery data (e.g., size/type of ad, ad impressions, location/format of ad, data about interactions with the ad);
Interest segments (i.e., inferred information about the behavior, preferences, or likely interests associated with you) and other information about you, such as your purchase history or demographic information;
Retargeting data (i.e., data indicating previous interest in a product or website).

We primarily recognize your devices through the following identifiers:

Cookies and Similar Technologies – see cookie section below;
Mobile Advertising IDs – we and our partners use standard mobile advertising identifiers (e.g., the “IDFA” advertising identifier used on Apple’s iOS devices and the “AAID” advertising identifier used on Android devices) to track your use of mobile apps on your device(s);
Other persistent identifiers – we may also use other persistent identifiers (e.g., your email address in a hashed form) in certain circumstances where our partners provide such identifiers.

Should you visit our website or contact us for any reason, we will collect and process your personal data. Please view our Website Privacy Policy for more information.

3. Why do we collect, use, and store this personal data?

We collect, use and store your personal data for the reasons set out below.

Where you give us or one of our Publishers consent or we are otherwise permitted to process your data after we or one of our Publishers gives you notice of our processing.

OpenX, our Publishers, and our Advertising Partners may store and access information on your device in accordance with the cookies section below and certain additional information that may be provided to you when cookies are used. This information may then be exchanged through the OpenX Ad Exchange. On other occasions where we ask you for consent, we may use the data for the purpose which we explain at that time.

Additionally, our Publishers and Advertising Partners may use the OpenX Ad Exchange to:

Use real-time information about the context in which an ad will be shown in order to show the ad, including information about the content, the device, and your location (i.e., to help make sure you are being shown relevant ads).
Control the frequency of ads shown to you (i.e., to help make sure you are being shown a reasonable amount of ads).
Sequence the order in which ads are shown to you (i.e., to help make sure you are not receiving the same ads too frequently).
Prevent an ad from serving in an unsuitable editorial (brand-unsafe) context (i.e., to help make sure you are being shown safe ads).

OpenX, our Publishers, and Advertising Partners may also exchange personal data to measure ad performance, including to:

Measure whether and how ads were delivered to and interacted with by you.
Provide reporting about ads, including their effectiveness and performance.
Provide reporting about the interactions with ads using data observed during the course of your interaction with that ad, including whether you clicked on or engaged with the ad.
Provide reporting to publishers about the ads displayed on their properties.
Measure whether an ad is serving in a suitable editorial environment (brand-safe) context.
Determine the percentage of the ad you had the opportunity to see and the duration of that opportunity.
Combine this information with other information previously collected, including from across websites and apps to make inferences about you and your interests.

In addition to the above, OpenX will make use of personal data supplied by Publishers and Advertising Partners to:

Improve its existing products with new features and to develop new products.
Create new models and algorithms through machine learning.

Wherever we rely on your consent to process your data, you will always be able to withdraw that consent, although we may have other legal grounds for processing your data for other purposes, such as those set out above. Also, depending on a jurisdiction applicable to you, you may have a right to opt-out of direct marketing, or profiling we carry out for direct marketing. You can do this by contacting us using this form.

As required to conduct our business and pursue our legitimate interests and the legitimate interests of Publishers and Advertising Partners, in particular in operating the Ad Exchange:

OpenX, Publishers, and Advertising Partners will exchange personal data to:

Use your IP address to deliver an ad over the internet.
Respond to your interaction with an ad by sending you to a landing page.
Use information about your device to deliver ads or content, for example, to deliver the right size and creative or video file in a format supported by the device.

OpenX will also make use of data supplied by Publishers to take actions beneficial to all parties, including to:

Securely transmit data.
Detect and prevent malicious, fraudulent, invalid, or illegal activity.
Facilitate the correct and efficient operation of systems and processes, including to monitor and enhance the performance of systems and processes engaged in permitted purposes.
Process data as necessary in connection with legal claims or compliance (e.g., in connection with legal processes or litigation or to relevant law enforcement bodies).

For purposes which are required by law:
- In response to requests by government or law enforcement authorities conducting an investigation.

4. How and to whom do we share your personal data?

We may disclose the information that we collect about you in the following ways:

Ad Transactions – as described throughout this Privacy Policy, we pass data to Advertising Partners so that they can combine this information with other information they have independently collected to determine whether to serve (or re-serve) you an ad, and so that they can understand how well their advertising campaigns are working. We may also pass data to Publishers and to third party data partners to facilitate the serving of advertisements and the collection of data across devices.
Business Transfers – we may share the data we collect in connection with an actual or proposed sale or transfer of all or a part of our business or assets, corporate merger, consolidation, or bankruptcy. Your details may be disclosed to our advisers and any prospective purchaser’s adviser and will be passed to the new owners of the business.
Compliance with Regulatory Authorities and Laws – we may share the data we collect with law enforcement, regulatory authorities, courts with competent jurisdictions, emergency services or other necessary third parties for legal, protection, security and safety purposes, including:

To comply with laws or regulatory requirements, including to meet national security requirements, and to respond to lawful requests and legal process;
To protect the rights and property of OpenX, our agents, customers, and others, including enforcing our agreements, policies, and terms of use and protecting our network and physical assets; and/or
To protect the safety of our employees and agents, our partners, or any person.

Service Providers – we share certain data we collect with partners who perform functions on our behalf. Examples include: fraud and malware prevention, identifying invalid traffic, and hosting data. A list of the Service Providers we use for our services is available here.
Other companies in the OpenX group for the purposes described in this Privacy Policy. A list of our affiliates is available here.

International transfers

In the event that personal data is otherwise transferred outside of the UK or the EEA to an organization in a country which is not subject to an adequacy decision by the EU Commission or considered adequate as determined by applicable data protection laws, we will take steps to ensure your personal data is adequately protected (e.g., by way of EU Commission approved Standard Contractual Clauses or by relying on such other data transfer mechanisms as available under applicable data protection laws). We are also committed to conducting data transfer impact assessments and adopting any supplementary measures required to mitigate any risks to you identified in such an assessment. A copy of the relevant mechanism can be obtained for your review on request by using the contact details below.

Privacy Shield information

While we are aware that Privacy Shield no longer constitutes a valid data transfer mechanism between EEA and US, OpenX remains compliant with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal data from EEA member countries and Switzerland to the U.S. OpenX has certified to the Department of Commerce that it adheres to the Privacy Shield principles as listed here (“Privacy Shield Principles”), and is subject to the investigatory and enforcement powers of the Federal Trade Commission. In cases of onward transfer to third parties of data of EEA or Swiss individuals received pursuant to the EU-U.S. Privacy Shield or the Swiss-U.S. Privacy Shield, respectively, OpenX is potentially responsible under the Privacy Shield Principles. If there is any conflict between the terms in this Privacy Policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification page, please visit https://www.privacyshield.gov/.

OpenX commits to resolve complaints about our collection or use of your personal data. EEA or Swiss individuals with such complaints should contact OpenX here. OpenX has further committed to refer unresolved privacy complaints under the Privacy Shield Principles to an independent dispute resolution mechanism, the BBB EU PRIVACY SHIELD. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit this link for more information and to file a complaint. This service is provided free of charge to you. A binding arbitration option may also be made available to you in order to address Privacy Shield complaints not resolved by any other means.

5. How can you opt out of interest-based advertising?

OpenX adheres to the Digital Advertising Alliance (“DAA”) Self-Regulatory Principles in the United States (“U.S.”) and to the European Digital Advertising Alliance (“EDAA”) Principles in the European Economic Area (“EEA”) and the IAB Europe OBA Framework. These principles and framework address interest-based advertising, which our services facilitate. OpenX collects the types of data described in Section 2 across multiple devices and across websites and apps over time, in order to use and transfer such data to our partners for interest-based advertising.

You can request to opt out of our interest-based advertising services – and the the interest-based advertising services of other companies that adhere to the principles and framework listed above – by taking the steps listed below. Please remember that even if you take some or all of these steps, some information may still be collected about you as you engage online, and you may still receive the same number of advertisements. The difference will be that the data collected and advertisements received will not be aggregated over time and connected or tailored to you or your interests (at least for data collected and advertisements received via our Ad Exchange).

You’ll see that there are multiple steps listed. That’s because, as described throughout this Privacy Policy, interest-based advertising services involve the collection of your data across multiple devices and via multiple mechanisms. As a result, because cookies or other persistent identifiers cannot be read between different browsers or devices, you will need to opt out on each device and browser you use, and may need to take special steps to opt out of the collection of certain kinds of data.

To opt out on a browser (e.g., as you engage on websites):
- Cookies. Cookies may be used to collect data about you as you browse the web. If you live in the EEA, you can learn more about and opt out of this kind of data collection by companies, including OpenX, that adhere to the European DAA Principles at www.youronlinechoices.com. If you live outside of the EEA, you can learn more about and opt out of this kind of data collection by companies, including OpenX, that adhere to the DAA’s self-regulatory programs at www.aboutads.info/choices.
  - Please note that in order for your opt-out choice to be effective using these tools, you must ensure that your browser is set to accept third-party cookies such as the OpenX opt-out cookie. Some browsers block third-party cookies by default, and you may need to change your browser settings to accept third-party cookies before opting out. Additionally, if you later use a different device or browser, or erase cookies from your browser, you may need to renew your opt-out choice.
- Non-Cookie Identifiers. Companies may use the local storage or cache in your browser to collect information about you as you browse the Internet. In certain countries, you can opt-out of this kind of data collection by (1) using any tools provided by your browser to clear local storage and the browser cache, and (2) turning on any “Do Not Track” header setting offered by your browser. Please note that you must complete both of these steps in order to complete the opt out process.
To opt out on a cell phone or mobile device (as you use mobile apps): You can opt out of the collection of data for interest-based advertising on your mobile device, for OpenX and other companies participating in industry self-regulation, by downloading the DAA’s AppChoices application from the Android or iOS app store. If you live outside of the United States, you may not have access to this application; instead, you can turn off the “Allow Apps to Request to Track” setting in your iOS settings or “opt out of interest-based ads” in your Android settings to limit the collection of your data for interest-based advertising.
To opt out of the collection of precise location data (as you use your mobile device): You may wish to opt out of the collection of your precise location data. This would mean that certain data related to your online activity and general location (such as your city) could be collected, but data indicating your precise location (such as your GPS coordinates) could not be collected. You can do this by using the “location services” controls in your mobile device’s settings.
To opt out on a connected television (as you watch TV on apps): You may be able to opt out of the collection of data for interest-based advertising on your connected or “smart” TV or set up box by visiting your device’s settings menu.

6. What are cookies and how do we use them?

What are cookies?

A cookie is a very small text document, containing a string of characters that uniquely identifies your web browser. Cookies are created when your browser loads a particular website. The website sends information to the browser which then creates a text file. This allows the browser to remember the websites you visit, and that information is shared with other parties such as our Advertising Partners. This also allows us to collect information about your browsing habits over time in order to facilitate interest-based advertising and make advertising more relevant to you and your interests, as described throughout this Privacy Policy.

In other words, when you visit a website or a digital property owned by a Publisher we work with, we assign a random, unique identifier, specific to OpenX, to your browser or device. Using that OpenX identifier, our Ad Exchange can automatically recognize your browser or device the next time it visits another website or digital property owned by a Publisher we work with. This means that, over time, our Ad Exchange can track your online activity to learn about your online browsing behavior and preferences. The Publishers and Advertising Partners we work with can also map their own unique identifiers against our OpenX identifier via a process called “cookie syncing,” so that they can use data they have collected independently on our Ad Exchange. In the case of Advertising Partners, the aggregated insights cookie syncing facilitates may influence their decision to bid (or not bid) on opportunities to advertise products or services to you. For example, certain Advertising Partners may be more willing to serve you an advertisement for a particular product if they know, via insights learned from cookie syncing, that you have seen and clicked on advertisements for the same or similar products in the past.

We also use cookies for frequency capping, meaning that we may use data they collect to limit the number of times you see an advertisement, as well as to help measure the effectiveness of our Advertising Partners’ advertising campaigns. Find out more about the use of cookies on www.allaboutcookies.org.

What cookies do we use?

Cookie ‘i’ – this is the user / market cookie. It is a random string created to recognize your end device for the purpose of delivering advertisements and the timestamp of creation separated by |. By matching this cookie with data collected by Advertising Partners, those Advertising Partners can deliver more relevant ads to you. This cookie is stored on your device for the period of 1 year and is refreshed for the next year on each bid request.
Cookie ‘pd’ – this cookie stores information about which other 3rd parties the user cookie (‘i’ cookie) has been synced with (list of partners with which sync was triggered) to reduce the amount of user matching done on the user’s device. This cookie is stored on your device for the period of 15 days.
Cookie ‘OX_dnt’ – this cookie acts as a flag which we set if you indicate that you want to opt-out of interest-based advertising. Please see the information above on opting out of interest-based advertising. This cookie is stored on your device for the period of 5 years.

Third parties

Third parties, such as our Advertising Partners, may serve cookies on your computer or mobile device to serve advertising through Ad Exchange, or for analytics or other purposes. Our Advertising Partners may also use information about your visits to Publishers’ websites using our technology to provide relevant advertisements about goods and services that you may be interested in. They may also deploy technology that is used to measure the effectiveness of advertising campaigns. Similar to that, our Publishers may deploy their own cookies on their websites that you visit. We do not have access or control over these cookies. You should review the privacy and cookie policies of these third parties to find out how they use cookies.

7. What choices and rights do you have with respect to the data we process?

UK/EEA based individuals

UK- and EEA-based individuals have the right to ask us for a copy of your personal data; to correct, delete or restrict processing of your personal data; and to obtain the personal data you provide in a structured, machine readable format. In addition, you can object to the processing of your personal data in some circumstances (in particular, where we don’t have to process the data to meet a contractual or other legal requirement).

These rights may be limited, for example if fulfilling your request would reveal personal data about another person, or if you ask us to delete information which we are required by law or have compelling legitimate interests to keep. If you have unresolved concerns, you have the right to complain to a data protection authority where you live, work or believe a breach has taken place. You’ll find contact details for your data protection authority here if you are an EEA based individual or here if you are a UK based individual.

If you would like to exercise any of the rights listed above, please reach us here.

US based individuals

California Privacy Rights

California residents have certain rights under California Consumer Privacy Act of 2018 (“CCPA”) with respect to the personal data collected by businesses. If you are a California resident, you may exercise the following rights regarding your personal data, subject to certain exceptions and limitations:

The right to know the categories and specific pieces of personal data we collect, use, disclose, and sell about you, the categories of sources from which we collected your personal data, our purposes for collecting or selling your personal data, the categories of your personal data that we have either sold or disclosed for a business purpose, and the categories of third parties with which we have shared personal data.
The right to request that we delete the personal data we have collected from you.
The right to opt out of our sale(s) of your personal data.

To exercise any of the above rights, please reach us here. You may be asked to submit verifying information in certain circumstances. Under the CCPA, you have a right not to receive discriminatory treatment when you exercise the above rights.

Verification Process and Required Information: Because most of the information we store can only identify a particular browser or device, and cannot identify you individually, we may need to request additional information from you to verify your identity or understand the scope of your request. Such additional information may include your online identifier (i.e. cookie or mobile advertising ID) and some proof that the devices that have the cookie or mobile advertising ID you provide are yours, such as a screenshot of the applicable cookie or of a screen that displays the mobile advertising ID or other documentation that can verify you.

Authorized Agent: You may designate an authorized agent to make a CCPA request on your behalf by verifying your identity and providing written permission to your agent to make the request for you.

Minors’ Right to Opt In: We do not sell the personal data of consumers that we know to be under 16 years of age.

Collection, Disclosure or Sale of personal data:

In the last 12 months, we collected the categories of personal data about California residents described above in the “What personal data do we collect?” section of this Privacy Policy, which correspond to the following categories of personal data in the CCPA: (1) personal and online identifiers; (2) commercial or transactions information; (3) Internet or other electronic network activity information; (4) geolocation information; (4) inferences about your predicted characteristics and preferences; and (5) other information about you that is linked to the “personal information” we collect.
In the last 12 months, we collected categories of personal data about California residents from Publishers, Advertising Partners, service providers (e.g., fraud prevention services), and third party data providers (e.g., consumer data resellers).
In the last 12 months, we collected personal data about California residents for our commercial and business purposes, as described in more detail above in the “Why do we collect, use, and store this personal data?” section of this Privacy Policy.
In the last 12 months, we sold, shared, or disclosed personal data about California residents to third parties as described above in the “How and to whom do we share your personal data?” section of this Privacy Policy. In particular, to the extent our disclosure of personal data constitutes a “sale” under the CCPA, we have “sold” each category of data we collected to Publishers, Advertising Partners, and third party data providers (e.g., consumer data resellers). We also shared each category of data we collected with our service providers, affiliates, and governmental entities for our business purposes.
We do not sell personal data about our business customers and former customers.

Information About Past Year’s CCPA Requests: In 2020, with respect to CCPA requests from California residents, OpenX:

Received 62 requests to know, complied with all of them in an average of 23 days, and denied none of them.
Received 79 requests to delete, complied with all of them in an average of 34 days, and denied none of them.
Received 137 requests to opt-out of data sales, complied with all of them in an average of 13 days, and denied none of them.
Received 32 requests that did not provide a specific type of request and were denied because they could not be verified or were otherwise invalid.

8. How long do we retain your personal data?

We may keep each data point we collect about you for a maximum of 90 days from the last date that we received it. For example, if we collect data indicating that you visited a particular website on day 0, we may keep that data until day 90 (at the latest) unless we collect data indicating that you visited that particular website again within that initial 90 day period (in which case, the 90 day clock would reset). For most categories of data, this is limited to 14 days.

Additionally, OpenX has set retention limits on the cookies that are set on user devices. In particular, the market cookie (“i”) used for OpenX’s device recognition is set for the maximum of one year, while a 5-year span is implemented to recognize a user’s opt-out from interest-based advertising.

9. What if we update this privacy policy?

We reserve the right to update this Privacy Policy at any time. If we do so, we will post the updated policy here and update the effective date. We may also notify you in other ways from time to time about the processing of your personal data.

10. How can you contact us?

If you are a UK or EEA based individual, the data controller for your personal data will be OpenX Poland Sp. z o.o .

If you are a U.S. based individual, the business, data controller or equivalent entity that controls how your data will be processed will be OpenX Technologies Inc.

If you have questions about this Privacy Policy or wish to contact us for any reason in relation to our personal data processing, you can contact us here.

If you are a UK or EEA based individual, you can also reach us at:

OpenX Poland sp. z o.o.

Attention: Legal Department

Aleja 29 Listopada 20

31-401 Krakow

Poland

If you are an U.S. based individual, you can reach us at:

OpenX Technologies Inc.