Last Updated November 20, 2020
We, at the Tremor Group Companies (Tremor International Ltd, Tremor Video LLC, RhythmOne, LLC d/b/a Unruly, Unruly Group Ltd, “Company” or “we”, “us” or “our”), understand that your privacy is important to you. This privacy policy (the “Privacy Policy”) explains how we collect, use, and disclose information collected through our web-based and mobile-based advertising services, as well as the Company corporate websites. This policy does not apply to any entities that the Company does not own or control. For information about how we collect and use information through our corporate websites, including www.tremorinternational.com, www.tremorvideo.com, www.unruly.co and www.rhythmone.com, please scroll down to Section 9 titled “PRIVACY INFORMATION FOR THE COMPANY CORPORATE WEBSITES.” If you’d like to opt-out from having ads tailored to you by Company (whether through web or mobile delivery mechanisms), please follow the instructions in the “Your Choices” section below.
1. The Company Platform
Company operates several platforms and services that comprise our “Services.” These include the Unruly Platform, Tremor Video DSP, Unruly DMP and RhythmOne Platform.
As further described below, through our Services we work with websites, web services, content publishers, mobile applications, and various platforms that provide services for those types of organizations, in particular to help them display ads on their properties and to subsidize the cost of their content – often, allowing them to provide consumers with some or all of their content for free. We also work with advertisers (and their service providers) – brands, retailers, entertainment companies, non-profits and others – to help them advertise in a way that is efficient and relevant to both them and the consumer. We use data in a variety of ways to help support these businesses, and likewise provide a variety of ways for consumers to control how data is used to market to them. The purpose of this Privacy Policy is to explain what that data is, how it is used, and what those choices are.
2. The Information We Collect and Use In Providing Our Services
We are able to help advertisers as well as publishers provide more relevant content and targeted advertising by collecting certain information about you, including when you interact with our Services. This may include your interactions with (a) marketers, their websites, apps, advertisements and other content (collectively “Marketers”), or (b) publishers, app developers and other CTV, web and mobile services (collectively “Publishers”). In this Privacy Policy, when we use the term “Customers” we are referring to both Marketers and Publishers. Sometimes we work with other marketing, service providers or data platforms who provide services to us as well as Customers: we refer to these companies as “Partners.”
We (or our Customers or these Partners) may provide relevant content and targeted advertising to consumers by using automated technologies such as cookies, including non-HTTP cookies, pixel tags, mobile identifiers and SDKs, each of which we describe below, and in Section 3 titled, “Cookies, Pixel Tags, SDKs and Similar Technologies.” These technologies often generate or collect unique identifiers, such as cookie IDs or mobile advertising IDs.
We describe below these and other categories of information that we receive from consumers operating systems, browsers and devices, as well as from Customers, Partners, advertising platforms and networks, and data resellers. (Some companies may fit into more than one such category.) We have tried to describe the information in a way that is easy to understand:
a. Identifiers collected from website and app sources
whether directly or through other content and information platforms, including:
- Online cookie IDs
- Mobile advertising identifiers (e.g., IDFAs, Ad IDs) and other mobile device or browser identifiers
- IP addresses
- Identifiers related to other devices, such as connected TVs
We refer to all of the above as “IDs“
b. Online usage information or “log” information
Generally related to the above IDs
- Data related to or describing a web browser, operating system, and device, such as the name and version of your browser
- connection data, including (as described above) current IP address, from which location may be inferred
- online usage data including websites visited, websites visited prior to a web visit, date/time stamp
- Information related to interactions with ads and marketing, such as consumer engagement with an ad
- Information related to interactions with websites, such as whether a consumer was “referred” through another website or a shared link.
- We may link any of the above to our own or our Partners’ and Customers’ IDs.
We receive the above information from Customers and Partners, advertising platforms and networks, and data resellers. (Some companies fit into more than one of those categories.)
c. Demographic and Interest-Based Information
- We may collect, use, or create “audience segments” (also referred to as “data segments), which are generally used to tailor advertising and marketing to consumers and to analyze consumer interaction with such ads. Audience segments are interest-based or demographic-based groupings of large numbers of users, generally in aggregated form, tied to the above IDs. For instance, an inference that Ad ID X35%979J is interested is “Sports” might be drawn from the fact that the browser often views sports-related content. Or, an inference that Cookie ID 4Qj7e9!x may be interested in a new car may be drawn from the corresponding browsers frequent search of new automobile reviews. (Actual IDs are generally much longer strings of code; the above are simply used for illustration.)
- Sometimes these inferences are made from “offline data” that is coded and linked to cookies and IDs (and further linked to our own cookies and IDs) by Partners that create “hashed” (coded) values to replace “real-world” identifiers such as email addresses.
- Sometimes these inferences are made from demographic information (“protected classifications” for purposes of the California CCPA), such as gender or age, or inferred income level.
- Sometimes, these audience segments are associated with the likelihood to have a particular health condition. A list of our standard health segments is here. (We endeavor to update the list frequently, but the list may not be current to the precise date.) In addition, we may sometimes create “custom” health-related segments, or work with advertisers or partners who use such segments. Those “custom” segments change over time, but a representative sample is included. Note that such information is only collected/processed at an aggregate level and solely in the U.S. and Canada.
d. Transactional information from our Customers
Our Customers may provide us with their own proprietary or licensed information, including “audience segments” described above, to help us better perform or deliver our Services.
e. Geolocation Information
The mobile information we collect or receive from our Partners and Customers also may include geolocation information, which may be precise, that may help us or our Customers to target ads or tailor content to your precise location. For instance, if we believe that you are often near a particular store in Northern New Jersey, we might send you an ad targeted to that store, rather than another store in the general area.
f. Further Description of Technologies
For additional explanation of the technologies through which IDs and other data are collected, please see Section 3 further below regarding cookies, pixel tags and SDKs. We may use cookies, pixel tags, SDKs and similar technologies to collect the above information, or to associate certain types of information with each other.
3. Cookies, Pixel Tags, SDKs and Similar Technologies
The Company (along with our Partners and Customers) uses a variety of technology to collection information. These are listed and described below.
a. Pixels
A tracking “pixel” is a transparent graphic image (usually a 1 x 1 pixel) that is placed on a web page and allows for the collection of information regarding the use of the web page that contains the tracking pixel. Company collects technical and usage information through the use of tracking pixels.
b. Cookies
A “cookie” is a string of stored code used by a website to send some data to a user’s device. Depending on the settings of the device or web browser this data may be stored on the user’s device so that the device can later return that data to the same website. Cookies can be used with online services, such as websites, email deliveries or advertising technologies, to recognize an Internet or mobile-connected device that they have encountered before. We use cookies to, among other things, “remember” you, track user trends, and collect information about how you use our Customer’s sites or interact with the advertising we (or others) deliver on their behalf. We likewise use cookies to provide relevant content to you and replace non-relevant ads with ads that better match your interests. We also use cookies when you visit our corporate website.
c. Mobile Device Identifiers and SDKs
We also sometimes use, or partner with Publishers or Publisher-facing and app developer platforms that use mobile SDKs to collect information, such as mobile identifiers (e.g., IDFAs and Android Advertising IDs), and information connected to how mobile devices interact with our Services and those using our Services. A mobile SDK is the mobile app version of a pixel tag or beacon (see “Pixels,” above). The SDK is a bit of computer code that app developers can include in their apps to enable ads to be shown, data to be collected, and related services to be implemented. We may use this technology to deliver certain advertising through mobile applications and browsers based on information associated with your mobile device. If you’d like to opt-out from having ads tailored to you in this way on your mobile device, please follow the instructions in the “Your Choices” section below.
d. Third Party Suppliers and Vendors
The Company works with third party technology or service providers that provide us with hosting, serving, general campaign or site analytics, ad serving data, or demographic and other audience data about the use and viewership of our Customers’ advertising, or websites that display that advertising on Publishers we work with. Such third-party providers may utilize pixels, cookies, flash cookies, web beacons and/or similar technologies that may be activated when Our Customers advertisement is encountered on a Publisher. In all instances where the use, collection and disclosure of information is by one of these third-party providers, their privacy policies shall govern and this Privacy Policy does not apply.
e. Disabling Cookies
Most Web browsers are set up to accept cookies. You may be able to set your browser to warn you before accepting certain cookies or to refuse certain cookies. However, if you disable the use of cookies in your web browser, some features of our Services may be difficult to use or inoperable. In addition, we may use (or work with certain third-party companies that use) techniques other than or in addition to HTTP cookies to recognize your computer or device and/or to collect and record information about your web surfing activity, including those integrated with our Services. These technologies may rely on the collection and analysis of “non-cookie” information from your browser or device, such as, your operating system, plug-ins, system fonts, resolution and other data, for purposes of creating a unique profile or “fingerprint” of your browser or device. We (or other third parties) may use this profile to understand and analyze how you interact with the Services, to customize content or advertising to you through the Services, to monitor against fraud or misuse of the Services, or in other ways consistent with this Privacy Policy. Please keep in mind that your web browser may not permit you to block the use of these techniques, and those browser settings that block conventional cookies may have no effect on such techniques.
4. The Business Purposes For Which We Use and Share the Information We Collect
a. Our Purposes Generally
Principally, we use the information described in Section 2 to operate, provide, develop and improve our Services. This involves facilitating various types of advertising and marketing to make them more effective, more relevant, and (we believe) more likely to engage and interest (and less likely to annoy) consumers.
b. Personalized Advertising
This includes facilitating and providing behavioral advertising, i.e., tailoring advertising and content using the types of “audience segments” or “data segments” (and other, related types of information) we describe in Section 2. As we also describe in Section 2, these audience segments may be based on your activity across multiple websites or mobile apps over time, on your transactions, on your location, or on coded or “hashed” data derived from offline demographic and interest data. Generally, the tailoring of ads to devices and browsers (and sometimes through other channels) based on this type of data is called “interest-based” or “personalized” advertising. (Please go to Section 6 to learn about what choices you have, in control how you are marketed to in this way.)
c. Other Advertising and Analytics Purposes
We also use the information to analyze, measure the effectiveness of, frequency-cap or sequence advertising. For instance, we may use the information we collect to compare how many “clicks” the recipients of one ad campaign receives vs. a different ad campaign. Or, we may track which users have seen which ads, to avoid a user being shown the same ad repeatedly.
d. Syncing Identifiers
We sometimes integrate our information with Partners, to allow advertisers to access our information across other platforms (and their information across our platform), in order to allow advertisers to reach more consumers across various channels. This may include online, offline, social media or television advertising.
e. Identity Graphing
We may also create or help our Customers or Partners to create “identity” graphs, to help locate users across various channels, such as based on common personal, device-based, or network-based identifiers (e.g., IP address, email address).
f. Other Business Purposes
We also may also use the information we collect for internal research, internal operations, auditing, detecting and preventing security incidents, anti-fraud purposes, debugging, short-term and transient use, quality control, and legal compliance.
5. Why And With Whom We Share the Information We Collect
a. To Provide our Services
Generally, we share the information that we collect in order to perform our Services, including for purposes of targeting advertising, performing analytics on ads, and measuring ad performance.
- We share the information we collect with our Customers, who are a wide range of businesses, retailers, content publishers, non-profit entities, business-to-business service companies and other consumer brands, as well as their ad agencies and service providers.
- We also share the information we collect with Partners.
b. For Legal Purposes
We may share any information we have with third parties in order to: (a) comply with legal process or a regulatory investigation (e.g. a subpoena or court order); (b) enforce our Terms of Service, this Privacy Policy, or other contracts, or to investigate of potential violations thereof; (c) protect the rights, property or personal safety of us, our platform, our customers, our agents and affiliates, its users and/or the public. We likewise may provide information to other companies and organizations (including law enforcement) for fraud protection, and spam/malware prevention, and similar purposes.
c. In the Event of a Corporate Transaction
We may also share personal information in the event of a corporate transaction, including for example a merger, investment, acquisition, reorganization, consolidation, bankruptcy, liquidation, or sale of some or all of our assets, or for purposes of due diligence connected with any such transaction.
d. With Service Providers
6. Your Choices: How To Opt-Out of Tracking (Interest-Based Advertising) on Web Browsers and Mobile Devices
a. Opting Out of Interest-Based Advertising
The Company adheres to the DAA principles and Tremor Video, Inc adheres to the DAAC principles. To learn more about interest-based advertising or to opt-out of this type of interest-based advertising by those third parties that are members of DAA’s opt-out program, please go to https://www.aboutads.info/. RhythmOne LLC dba Unruly is a member of the NAI and adheres to the (current) NAI Code of Conduct. To learn more about the NAI and its members, or to opt out of interest-based advertising facilitated by NAI members, please go to http://optout.networkadvertising.org/?c=1. You may also opt out of our own interest-based advertising on those same web pages, or you can simply visit our Opt-Out page. (We make no representation about the accuracy or effectiveness of other providers opt out mechanisms, including those listed on the above industry websites.)
You can opt-out of receiving our Cookies. Persistent Cookies may be removed by following your Internet browser help file directions. If you choose to disable Cookies, some areas of our Website may not work properly. If you opt out, your web browser will be associated with a generic “opt-out” cookie, which will prevent us from associating any non-personally identifiable information with your browser.
You can also opt-out of targeted advertising based on data collected via your browser by using (i) the NAI’s opt-out tool, which can be found here; (ii) the DAA’s opt-out tool, which can be found here; (iii) the DAAC’s opt-out tool, which can be found here; or (iv) the EDAA’s opt-out tool, which can be found here.
When you opt out, we will stop (a) collecting information about your interests via your browser and (b) serving you targeted advertising based on the data collected via your browser.
We will subsequently place a piece of data in your browser’s cookie that tells us that you have opted out – it does not contain any data about you except for the fact that you have opted out. We need this cookie in place so that we know not to collect information about your interests and serve you targeted advertising based on your interests in the future. Our “opt-out” cookie has a 13 month expiration date.
Keep in mind that participating in our opt-out program does not prevent you from seeing advertising served by us, instead, the ads we serve to you will be generic and not be targeted to
b. In-App Data Opt-Out
You may opt out of mobile app interest-based advertising through your mobile device settings, as applicable to most (but not necessarily all) mobile devices. Please go to the NAI “Mobile Choices” web page for further information about how to do this. When you do this, we will no longer use information collected through your mobile apps to deliver behaviorally targeted advertising to your device. Please note that you will continue to receive advertising after you opt-out, but it may not be tailored to your interests.
c. Viewed Content Advertising and Smart-TVs
We may sometimes receive data from connected or “smart” TVs or OTT devices or other internet-connected devices used with televisions) in order to target or help our customers target personalized advertising on those devices, other devices, or browsers. To learn how to opt out from the collection or use of that data for Personalized Advertising, please refer to the privacy settings for your OTT device, or go to the NAI “Connected TV Choices Page” here.
7. Do Not Track
Although certain of our technology honors “do not track” (DNT) signals and similar mechanisms transmitted by web browsers or mobile device operating systems, we are not responsible, and shall not be liable, for the acts of third parties, such as ad networks, with respect to such third parties’ tracking policies. (We make no representation about the accuracy or effectiveness of other providers’ opt out mechanisms, including those listed on the above industry websites.)
8. Children
Our websites and Services are neither developed for, nor directed at, children under the age of 16. We do not knowingly collect personal information from nor employ or offer targeting towards children under the age of 16. If you believe your child, who is under the age of 16, has provided us with personal information or registered at one of our websites, please contact us at and we will use reasonable efforts to remove that information from our records.
9. Privacy Information for the Company Corporate Websites
The below provides information about how information is collected and used on our corporate websites, including our websites at www.tremorinternational.com, www.tremorvideo.com, www.unruly.co, www.rhythmone.com and any website on which this Privacy Policy is posted.
a. Collection of Personal Information
The Company’s customers are businesses and other organizations, groups and institutions, not individuals, and our corporate website collects contact information from our customers and prospective customers who request information from us. We may also sometimes collect information through business channels such as trade shows, or through marketing platforms that help us identify new customers. In addition, we and advertising and data platforms we work with may use cookies, pixels, device identifiers or other tracking methods to collect and retain “identifiers” such as cookie IDs, IP addresses to recognize you and to target or retarget ads to you when you visit our website, visit other sites across the internet, or visit other applications and services.
b. How We Use This Personal Information
Generally, we use the information we collect to provide customers and potential customers with information that they requested, to correspond about any questions or concerns brought to our attention, to notify such persons of new services or updates to our existing Services or more generally to market and promote our Services. We also use this information as follows:
- For Legal Purposes: We may share any information we have with third parties in order to: (a) comply with legal process or a regulatory investigation (e.g. a subpoena or court order); (b) enforce our contracts, this Privacy Policy, or other contracts, or to investigate of potential violations thereof; (c) protect the rights, property or personal safety of us, our platform, our customers, our agents and affiliates, its users and/or the public. We likewise may provide information to other companies and organizations (including law enforcement) for fraud protection, and spam/malware prevention, and similar purposes.
- In the Event of a Corporate Transaction: We may also share personal information in the event of a corporate transaction, including for example a merger, investment, acquisition, reorganization, consolidation, bankruptcy, liquidation, or sale of some or all of our assets, or for purposes of due diligence connected with any such transaction.
- With Service Providers: We may share personal information we collect with our service providers, which may include (for instance) providers involved in tech or customer support, operations, web or data hosting, billing, accounting, security, marketing, data management, validation, enhancement or hygiene, or otherwise assisting us to provide, develop, maintain and improve our Services. (We do not, on the other hand, “sell” our customer information.)
c. Your Marketing Choices
Anyone who has provided personal contact information through Company’s corporate websites may e-mail us at to update, delete, and/or correct their personal contact information, or contact us at the information provided in Section 16. You may likewise request access or “deletion” of your information through the same means: however, if you are an entity we have done business with, we will likely need to retain your data for business purposes such as accounting, billing, auditing and fulfilling other legal requirements. To “opt out” of advertising platforms we may work with for our own corporate purposes (e.g., to “retarget” our customers or potential customers from this website), you may generally rely on the consumer choice mechanisms we set out in Section 6.
10. For California Residents: Information About Your CCPA Rights
The California Consumer Privacy Act of 2018 (“CCPA”) provides certain rights to residents of California. This section of the Privacy Policy applies if you are a natural person who is a resident of California (“California Consumer”) in the capacity as a business partner of the Company and uses the Services, or are a consumer whose information is collected or used by us in providing the Services. This section of the Privacy Policy is intended solely for and is applicable only to California Consumers: if you are not a California Consumer (or a resident of California), this does not apply to you and you should not rely on it.
a. The right to access and disclosure
You may have the right to request, twice during a twelve-month period, the following information about the personal information we have collected about you during the past 12 months:
- the categories and specific pieces of personal information we have collected about you;
- the categories of sources from which we collected the personal information;
- the business or commercial purpose for which we collected or sold the personal information;
- the categories of third parties with whom we shared the personal information; and
- the categories of personal information that we sold or disclosed for a business purpose, and the categories of third parties to whom we sold or disclosed that information for a business purpose.
b. The right to deletion
You may have the right to request that we delete the personal information we have collected from you. Certain information may be exempt from such requests under applicable law. We need certain types of information so that we can provide our Services to you, and may retain certain information for important business purposes, such as fulfilling our legal obligations, or for security, auditing or de-bugging purposes.
c. How to exercise your access and deletion rights
California residents may exercise their California access or deletion rights by accessing our Do Not Sell link or, by sending an email to .
For security purposes, we will verify your identity – in part by requesting or automatically capturing certain information from you — when you request to exercise your California privacy rights. For instance, you may need to provide your email address. To request that we provide you with the specific pieces of personal information we have from you or to delete personal information we have collected from you, we may also need to ask you for additional information to verify your identity. Once we have verified your identity (and your agent, as applicable), we will respond to your request as appropriate:
- Where you have requested the categories of personal information that we have collected about you, we will provide the information you have requested, except where not permitted under applicable law or otherwise exempted by the CCPA.
- Where you have requested specific pieces of personal information, we will provide the information you have requested, except where not permitted under applicable law or otherwise exempted by the CCPA.
- Where you have requested that we delete personal information that we have collected from you, we will delete any information about you that is not necessary for the purposes indicated above or another permissible business, security or legal purpose. Certain information may be exempt from such requests under applicable law.
If we are unable to complete your requests fully for any of the reasons above, we will provide you additional information about the reasons that we could not comply with your request.
d. The right to nondiscrimination
We will not deny, charge different prices for, or provide a different level of quality of goods or services if you choose to exercise these rights.
e. The right to opt-out of the sale of your personal information
You have the right to opt out of the sale of your personal information. California law broadly defines sale such that it may include, for example, allowing third parties to receive and use certain information, such as cookies IP address and/or browsing behavior, to deliver targeted advertising.
If you wish to “opt out” of our “sale” of your information, i.e., for purposes of personalized advertising, we recommend employing the options we provide and explain in Section 10 c. (as we believe those methods are the easiest and most efficient). However, you may also visit the interactive form that we make available at our opt-out location.
f. Authorized Agents
You may also designate an agent to make requests to exercise your rights under CCPA as described above. We will take steps both to verify the identity of the person seeking to exercise their rights as listed above, and to verify that your agent has been authorized to make a request on your behalf through providing us with a signed written authorization or a copy of a power of attorney.
11. Where Company Stores Personal Data
The data that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area (“EEA”). It may also be processed by staff operating outside the EEA who work for us or for one of our suppliers. Such staff may be engaged in, among other things, the fulfillment of your order or the provision of support services. We strive to transfer your information where there are appropriate measures and controls in place, and we strive to ensure that all information you provide to us is stored on secure servers.
12. For European Residents: About your GDPR Privacy Rights
If you are located in Europe, you may have certain right under European privacy law, principally the General Data Protection Regulation (GDPR). This section of the Privacy Policy is intended solely for, and is applicable only as to, such consumers, i.e., “data subjects”: if you are not an EEA resident (or otherwise located in an EEA country), this does not apply to you and you should not rely on it.
a. Our legal bases for using personal information
All organizations need a legal reason to use your personal information. There are a number of legal grounds that enable data processing. Below are the most relevant grounds you should be aware of.
With your consent
There are some activities where we process personal information with your consent. For example, where we want to send you marketing messages by email, we would ask your permission first and you could opt out at any time.
For a legitimate interest
We may use your information where there is a legitimate interest to do so. For example, we may use your information where it would help achieve our business objectives or to facilitate a benefit to you or someone else. Our legitimate interests in processing personal data include:
- to develop, deliver and maintain relevant and engaging products, services and advertising;
- understanding when audiences engage with our clients’ ads;
- to build a clearer understanding of who our clients’ audiences are in order to better serve more relevant advertising to those audiences, for the benefit of both individuals and our clients;
- to maximize advertising revenues for publishers and therefore help to maintain a diverse ecosystem of online independent publishers of content for users to enjoy and educate themselves;
- to support individual and societal rights to receive information;
- to improve user website experience by delivering brand safe, high quality advertising to all of the publishers of online content with which we work;
- to carry on the business of a commercial organization;
- to demonstrate that we provide services and products to agreed industry standards;
- sharing information with the Tremor International group companies for analysis, audience insights, business efficiencies, content personalization and to deliver relevant advertising.
To comply with legal obligations
There may be situations where we need to use your information to comply with legal and regulatory obligations or defend claims.
b. Exercising Your Data Subject Rights Under the GDPR
If you are a resident of the European Economic Area, you have the following data protection rights:
- If you wish to access, correct, update or request deletion of your personal data, you can do so at any time by contacting us at or you may visit our [your data page], where you may make an “access” or “right to know” request, or request that we “opt out” your personal information from our active database.
- In addition, you can object to processing of your personal data, ask us to restrict processing of your personal information or request portability of your personal information. Again, you can exercise these rights by contacting us at .
- You have the right to opt-out of marketing communications we send you at any time. You can exercise this right by clicking on the “unsubscribe” or “opt-out” link in the marketing e-mails we send you. To opt-out of other forms of marketing (such as postal marketing or telemarketing), then please contact us at .
- Similarly, if we have collected and process your personal data with your consent, then you can withdraw your consent at any time, by contacting us at or (as to information that we use in our Services), by going to [your data page]. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your personal data conducted in reliance on lawful processing grounds other than consent.
- You have the right to complain to a data protection authority about our collection and use of your personal information. For more information, please contact your local data protection authority.
13. Updates to this Privacy Policy
We may update this Privacy Policy from time to time in response to changing legal, technical or business developments. When we update our Privacy Policy, we will take appropriate measures to inform you, consistent with the significance of the changes we make. We will obtain your consent to any material Privacy Policy changes if and where this is required by applicable data protection laws.
You can see when this Privacy Policy was last updated by checking the “last updated” date displayed at the top of this Privacy Policy.
14. Data Retention
The Company retains information it uses for its Services for no more than 7 years, and expires certain cookies, including cookies directed to European users, after 13 months. Except as permitted by law, we may aggregate de-identified or non-identified user information (e.g., to create group-level data), which we may keep for an indefinite period.
15. Information Security
We take measures to protect against unauthorized access to or unauthorized alteration, disclosure, or destruction of data we collect and store. These may include internal reviews of our data collection, storage, firewalls and processing practices and security measures. Of course, no security system is perfect. Thus, while we do take measures to safeguard against unauthorized access to, or alteration of data we collect and store, we cannot guarantee that it will not be disclosed or accessed inadvertently or through the unauthorized acts of others.
16. How to Contact Us
If you have any questions, concerns or requests please contact us by email at or 1177 Avenue of the Americas, 9th Floor, New York, NY, 10036.