.png)
Privacy Policy
These privacy rules (hereinafter referred to as the "Privacy Statement") pertain to the handling of Personal Data by Affinovo B.V. and/or its associated entities (hereinafter referred to as "Companies," "we," or "us"). Personal Data means information about any identifiable person (hereinafter referred to as "Data Subject(s)"). Processing Personal Data includes activities such as collecting, storing, recording, editing, accumulating, requesting, consulting, or deleting Personal Data.
From 25 May 2018, the General Data Protection Regulation (GDPR) became applicable as European legislation with direct effect in the European Economic Area.
We comply with privacy legislation requirements in our data processing activities. This means, among other things, that:
We clearly state the purposes for processing Personal Data through this Privacy Statement;
We limit our collection of Personal Data to only what is necessary for legitimate purposes;
We implement appropriate security measures to protect Personal Data and require the same from parties processing Personal Data on our behalf;
We respect Data Subjects' rights to offer, correct, or delete their Personal Data upon request.
We are responsible for specific processing of Personal Data, both as data controller and data processor on behalf of client companies. This Privacy Statement explains which Personal Data we process, for what purposes, and by what means. We recommend that our customers and visitors read this Privacy Statement carefully.
This Privacy Statement was last updated on June 9, 2024.
Processing of Personal Data
We may act as either a data controller or data processor on behalf of client companies to deliver our services. As a data controller, we determine the purposes and means of processing Personal Data and are ultimately responsible for compliance with all applicable laws and regulations regarding Personal Data protection. We maintain a data processing register as part of our information security policy, ensuring it is regularly reviewed and updated.
When processing Personal Data on behalf of client companies, these companies act as data controllers, and we act as data processors following their instructions. The client companies determine the purposes and means of processing Personal Data and are responsible for compliance with applicable laws and regulations.
As data processors, we will process Personal Data only as necessary to provide our services and according to client company instructions, except when a legal obligation requires us to act otherwise.
We treat all Personal Data with strict confidentiality and ensure that our employees and sub-processors involved in processing Personal Data sign adequate confidentiality agreements.
Data Collection and Use
We process Personal Data to provide digital media services to advertisers and publishers across various channels, including distributing, promoting, and displaying advertisements (text-based, graphical, interactive, rich media, video, and other digital formats) for Data Subjects visiting web, mobile, or other digital sites. We also deliver performance marketing software that helps media buyers and affiliate networks track, manage, analyze, and optimize media campaigns.
We may collect Personal Data directly from Data Subjects when they use our services, post on our blog, contact our support team, or visit our website. The collected Personal Data may be used for purposes related to our services, such as:
Verifying Data Subjects’ identity;
Administering our services;
Notifying Data Subjects of new or changed services;
Conducting marketing or training related to our services;
Resolving technical support or other issues related to our services;
Complying with applicable laws and regulations;
Addressing dispute resolution and anti-fraud issues;
Communicating with Data Subjects.
The types of Personal Data and categories of Data Subjects processed include:
Types of Personal Data: User IP-address, device ID, HTTP referer, User-agent string, unique identifier for bid requests.
Categories of Data Subjects: Internet visitors, customers of publisher/affiliate partners.
By using our services, Data Subjects consent to their Personal Data being collected, held, and used in this manner and for any other authorized use. We guarantee that Personal Data processing will be based on one of the legal grounds set forth in article 6 GDPR.
Legal Basis
The processing of Personal Data is necessary for providing our services and/or based on individual consent. We also conduct statistical research with Personal Data to improve our services.
Retention Periods
We store Personal Data under a legal retention obligation according to its duration. For example, Personal Data in statutory basic administration is retained for five to seven years after the termination of the relevant commercial agreement. In other cases, Personal Data is kept for a maximum of one year after the end of the relevant commercial agreement, unless otherwise specified by an affiliated company's privacy statement.
Sharing with Third Parties
As a data controller, we may engage other parties as data processors to perform aspects of our services. We ensure these third parties implement the correct security measures and process Personal Data solely for intended purposes. We do not share Personal Data with other parties without Data Subjects' permission unless legally required or permitted.
When sharing Personal Data with third parties considered separate data controllers, each party will determine the purpose and means of processing Personal Data under its control according to its privacy notice. We enter into partner agreements with such data controllers, defining the principles and responsibilities for sharing Personal Data.
Security
We have implemented security measures to protect Personal Data, including:
Restricting system access to our network and via secure VPN;
Using secure connections (HTTPS) for data transfers;
Taking organizational and physical access measures;
Implementing a reversed proxy to manage DDoS attacks.
Data Subjects' Rights
As a data controller, Data Subjects can contact us in writing to:
Access Personal Data: Request confirmation of whether we process their Personal Data and obtain a copy if applicable;
Correct Personal Data: Request correction or supplementation of incorrect or incomplete Personal Data;
Delete Personal Data: Request deletion of their Personal Data under certain conditions;
Limit Processing: Request limitation of Personal Data processing under specific circumstances;
Data Portability: Request a copy of their Personal Data for transfer.
Data Subjects can object to our processing of their Personal Data and submit complaints to the Dutch Data Protection Authority if unresolved.
To exercise these rights, Data Subjects can contact us using the details provided in this Privacy Statement. We will respond within four weeks.
Third-Party Websites
This Privacy Statement does not apply to third-party websites linked to our website. We recommend that visitors read the applicable privacy notice before using third-party websites.
Changes to Privacy Statement
We reserve the right to modify this Privacy Statement. Visitors should regularly review this statement to stay informed about changes.
Cookie Policy
We use cookies on our websites and apps. Visitors can deactivate cookies in their browser settings.
What are cookies? Cookies are small text files sent to a visitor’s device when visiting a website, enhancing user experience.
Why do we use cookies? To monitor site usage anonymously and optimize our websites and apps.
Turning off cookies: Visitors can disable cookies in their browser settings.
Contact Information
Affinovo B.V.
Keizersgracht 520
1017 EK Amsterdam
The Netherlands