Privacy Policy
Rosburn provides a InformDMP technology platform designed to help website operators manage and protect consumer data. Our overarching goal is to make digital media less creepy and more productive for consumers, publishers, and advertisers. That's why we take data privacy and data piracy very seriously. This privacy policy applies to Rosburn websites, including https://www.rosburn.com/informdmp/ (the “InformDMP Site”) and to our technology platform (the “Platform”). This privacy policy describes how we collect, receive, use, and share personal information on the InformDMP Site and our Platform, as well as choices regarding use, access, and correction of personal information.
InformDMP is not in the business of setting industry standards, but we do all that we can to advance industry dialogue and improve standards of practice. We provide a Platform that enables our customers to manage their digital data subject to their own privacy policies. In that way, we enable our customers to manage their data in a responsible way, and we empower consumers to better understand what data is collected via the Platform and how it is used.
We are members of the Network Advertising Initiative (“NAI”) and adhere to the 2018 NAI Code of Conduct. We also adhere to the Self-Regulatory Principles of the Digital Advertising Alliance (“DAA”) in the U.S. and Canada (“DAAC”), and to the standards regulated by the European Interactive Digital Advertising Alliance (“EDAA”). We seek to maintain alignment with standards established by industry groups such as the Interactive Advertising Bureau (“IAB”), NAI, and DAA, and we are members in good standing of the IAB, NAI, and EDAA.
Rosburn Website
The Rosburn Site is primarily directed to our customers (our “Customers”) and prospective customers, which are generally businesses. We don’t collect non-pseudonymized personal data such as email addresses or telephone numbers from the Rosburn Site unless it is provided to us. For example, a user may choose to send us an email that contains their personal data, or download a white paper, in which case we’ll ask for contact information such as their name, company name, email, and telephone number in order to process the user’s request. Our Customers typically provide non-pseudonymized personal data in order to set-up an account with us, including their name, home or business address, email address, and/or telephone number. We use the non-pseudonymized personal data we’re provided to answer questions, send requested information, and/or to service our Customers’ accounts. We also collect pseudonymized personal data from the Rosburn Site. Pseudonymized personal data is information that cannot by itself be used to directly identify a particular person or entity, and may include an IP host address, pages viewed, browser type, Internet browsing and usage habits, Internet Service Provider, domain name, the time/date of a visit to a website, the referring URL, and a computer or device’s operating system. We do not enable our Platform on the sections of the Rosburn Site that enable our Customers to login and manage their accounts, nor is the technology employed within the Platform (e.g., the user interface).
InformDMP Technology Platform
InformDMP is an agent working under the direction of our Clients which are generally website and/or mobile application owners or operators that use our Platform. We offer a data management Platform that collects Non-PII from Internet users when they visit the website or mobile applications of one or more of our Clients (the "Client Site" or “Client App”, collectively, the “Client Site(s) and App(s)”). We don’t place PII on the Platform nor do we allow our Clients to do so. We may set additional rules for our Clients regarding how information is collected and used on the Platform, but such data is collected and used subject to the individual privacy policy for each Client. We use a number of different technologies to maintain user state, collect data, and to help us operate the Platform and describe some of them below.
HTTP Cookies
InformDMP uses cookies in connection with the Platform, including on the InformDMP Site and Customer Sites. Cookies are small, often encrypted text files, located in browser directories. All InformDMP cookies other than the InformDMP Opt-Out cookie expire automatically if the user has not visited the Customer Site of any of our Customers for six (6) months. When a user visits one of our Customer Sites, the user is assigned a unique, pseudonymized InformDMP user ID that is placed into an HTTP cookie which is then placed on that user’s computer or device.
HTML5 Cookies
InformDMP uses HTML5 cookies in connection with the Platform, including on the InformDMP Site and Customer Sites. An HTML5 cookie is also known as HTML5 Web storage and is an alternative to the commonly used HTTP browser cookie. InformDMP uses HTML5 cookies as a backup storage mechanism to HTTP cookies; storing both ad targeting data (such as pages viewed and browsing habits) as well as user opt-outs in both HTTP and HTML5 cookies.
Statistical Identifiers
InformDMP is experimenting with the use of statistical identifiers in connection with the Platform, including on the InformDMP Site and some Customer Sites where requested by Customers. Statistical identifiers are created using pseudonymized personal data about computers and mobiles devices such as the operating system, user-agent string, IP address, Internet browser, installed fonts, and similar information. This information makes your computer or device distinct enough for our systems to determine within a reasonable probability that they are encountering the same computer or device. Statistical identifiers enable users to be uniquely identified via the Platform, enabling the Platform to store ad targeting, analytics, and other data. If you want to see whether InformDMP is using a Statistical Identifier on the browser you are currently using, please visit http://optout.networkadvertising.org/#/.
Pixel Tags
We also use pixel tags in connection with the Platform, including on the InformDMP Site and Customer Sites. Pixel tags (also known as web beacons) are small strings of html or JavaScript code that provide a method for delivering a graphic image on a Web page or other document. Pixel tags may be used to obtain information about the computer or device being used to view a particular Web page such as the IP address of the computer or device to which the pixel tag is sent, the time it was sent, the computer or device’s operating system and browser type, and similar information.
Mobile Device Identifiers
InformDMP uses and stores mobile device identifiers such as the Android Advertising ID and Apple iOS IDFA in connection with the Platform only in the event Customers ask InformDMP to collect and store information via Customer Apps. Mobile device identifiers enable users to be uniquely identified via the Platform, enabling the Platform to store ad targeting data.
How we Collect and Use De-identified and/or Pseudonymized Personal Data via our Technology Platform
InformDMP offers a technology Platform for website and mobile application operators, and we utilize the Platform when users visit the InformDMP Site. When a user visits the website or mobile application of one of our Customers (the “Customer Site” or “Customer App,” collectively, the “Customer Site(s) and App(s)”), the Customer collects and transfers to InformDMP and/or enables InformDMP to collect pseudonymized personal data related to that user’s visits to the website or mobile app (our Customer’s “Session Data”). It is entirely under Customer’s control whether and to what extent the Platform collects Session Data. This Session Data may include information about how the user came to the Customer Site and App, which search engines they use, the search terms used to find the Customer Site, their experience on the Customer Site and App, information about how they interact with the Customer Site and App, demographic information that the Customer has collected from that user and other visitors, data from third-party data providers, and information regarding how users interact with advertisements on the Customer Site and App. Additionally, browsers automatically send certain standard information to every website a user visits, such as an IP address, browser type and language settings, access times, and referring website addresses. This information is collected during visits to each Customer Site and App, including the InformDMP Site. We make Session Data accessible only to each individual Customer. The Customer typically uses this data on our Platform to deliver targeted advertising campaigns both on the Customer Site and App as well as off their sites and apps. For example, Customers may use the Platform to help them find interested users and to deliver ads that attempt to bring those users back to the Customer’s Site and App. Where our systems can reasonably infer that a particular computer and/or mobile device belong to the same user or household, we may store such information for use on the Platform. The data stored on our Platform may be combined with third-party data (for example, geolocation data provided by a vendor) in order to better target advertisements, to enable Customers to better understand users across multiple computers and devices, and for ad delivery and reporting purposes.
While InformDMP does not allow non-pseudonymized personal data directly onto the Platform, we do receive non-pseudonymized personal data from Customers outside of the Platform. Customers may submit the personal data as part of an onboarding process whereby Customer engages a third-party technology partner to pseudonymize the personal data prior to import onto the Platform.
InformDMP does not directly share pseudonymized personal data with either partners or third parties. Customers may choose to share their pseudonymized personal data with others at their discretion, and InformDMP may assist them to share user data collected on those Customer Sites and Apps. Reporting is done at the aggregate level, with no user-level information accessible.
How we Use and Share Personal Data
We aim to keep non-pseudonymized personal data off of our Platform and do not intentionally collect non-pseudonymized personal data via the Platform. As described above, we may obtain non-pseudonymized personal data when visitors to the InformDMP Site choose to provide it. For Customers who have set-up an account with InformDMP, we use the non-pseudonymized personal data we have to administer their account. When Customers terminate their accounts, InformDMP removes their pseudonymized personal data from our systems within a reasonable time following such termination, subject to our right to retain (i) copies of transactions between the Customer and InformDMP and related payment information, (ii) information relating to any dispute or potential fraud, (iii) any additional information that in InformDMP’s discretion we need to keep to protect our legal rights or the rights of others.
From time to time, InformDMP engages with partners to perform services on behalf of InformDMP or other Customers who use our services, in order to perform requested services. For example, we may provide information to corporate affiliates, or to third parties under contract with InformDMP (“Contracted Parties”) to provide services such as credit card verification and processing, fraud detection and prevention, or data hosting. In all cases, Contracted Parties are contractually required to maintain the confidentiality of personal data and may not use it for purposes other than performing the specific services on behalf of InformDMP. Other than such disclosures to Contracted Parties, InformDMP may also disclose personal data if such disclosure is required for InformDMP to comply with valid and binding legal requirements, to protect InformDMP's rights or property (or that of InformDMP Customers), and/or where needed to protect personal safety. For example, InformDMP may be required to disclose information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. We may also disclose your personal information as required by law, such as to comply with a subpoena or other legal process, when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request. In the event we are required to disclose information in response to legal process or a government request, we will attempt to notify affected users for which we have contact information, to the extent we are legally permitted to do so.
Finally, InformDMP may transfer information, including any pseudonymized personal data, to a successor entity in connection with a corporate merger, consolidation, sale of assets, bankruptcy, or other corporate change. If InformDMP is involved in a merger, acquisition, or sale of all or a portion of its assets, users will be notified via email and/or a prominent notice on the InformDMP Site of any change in ownership or uses of pseudonymized personal data, as well as any choices users may have regarding their pseudonymized personal data. We may disclose your personal information to any third party with your prior consent.
Children, Sensitive Data
In accordance with industry standards and law (e.g., the Children’s Online Privacy Protection Act (“COPPA”) regulations in the U.S.), we do not knowingly collect, administer, or enable the commercial use of personal data relating to children less than 13 years of age. If we become aware that a child under 13 has provided us with any information that would require compliance with the COPPA, then we will delete this information from our databases.
InformDMP does not knowingly collect, use, or store any sensitive information on our technology Platform. Sensitive information (“Sensitive Data”) includes certain types of information associated with a specific individual, such as Social Security Numbers or other Government-issued identifiers, financial account numbers, sexual orientation, religion, actual knowledge of an individual's past, present, or potential future health or medical conditions or treatments (such as diabetes, heart attacks, etc.) including genetic, genomic, and family medical history, and actual knowledge of or inferences based on certain sensitive health conditions (e.g., cancer, STDs). Sensitive Data also includes information deemed sensitive by a particular jurisdiction. For example, laws of the European Union, Australia, and Canada have additional restrictions on the use of Sensitive Data as defined by those jurisdictions. InformDMP imposes rules around delivering targeted advertisements via our Platform based upon knowledge of precise medical conditions or other Sensitive Data. Customers may request that InformDMP collect non-sensitive data for items such as skin care products, diet pills, allergies medications, and cold and flu treatments in order to target advertisements and as otherwise specified by each Customer’s privacy policy.