What We Do
Through its proprietary Device Graph™ and device unifying technology, Tapad establishes connections between a user’s devices. The result is a holistic view for marketers across multiple, related devices: smartphones, computers, tablets and connected TVs.
- Provide Notice. We explain what information we’re collecting and why.
- Offer Meaningful Choice. Consumers have access to tools to easily opt-out of our Device Graph and behavioral advertising by Tapad.
- Protect Data. We follow reasonable practices to ensure all user data is secured.
- No Children. Tapad does not create or use audience segments targeted at children under the age of thirteen.
1. Provide Notice
In order to establish connections between devices, to provide insights and reporting to partners, and to provide more relevant ads to users, we collect and store select information about devices directly from the device. We may also receive additional information about the device or the individual from partners with an existing relationship with the individual or from other third parties. For example, we may receive inferred demographic data, user-declared demographic data, or obfuscated user login data.
The technologies we use to collect information include browser cookies, pixels, application software development kits (SDKs), or server-to-server connections with our partners.
- A cookie is information that is stored on your computer that can uniquely identify your browser
- A pixel is a piece of code which is used by a website or third party to assign online activities to a computer or browser. The use of a pixel allows websites and us to record, for example, that a user has visited a particular web page or clicked on a particular ad.
- We may collect information (as specified in the section below “What may be collected by Tapad”) about select user behavior (e.g., when a user opens an application or interacts with that application) in an application on behalf of that partner. In this case, we may use an application SDK or a server-to-server connection with our partners to collect that information. An application SDK is a library of code that is embedded directly in partner applications. We may also use a server-to-server connection to exchange the same data when an SDK integration is not feasible or practical for the partner. While Tapad uses these technologies to track select activities within an application, including whether or not the user is accessing certain pages or features or is responding to marketing messages, Tapad does not track the emails a user sends or the individuals a user communicates with, or any sensitive financial or health related data.
- We may also collect information (as specified in the section below “What may be collected by Tapad”) when we receive ad requests from our partners. In this case, we may use an application SDK or a server-to-server connection with our partners to collect that information.
We use these technologies across platforms including websites, mobile applications, email and TV applications so that we provide the best cross-platform targeting technology possible. Examples of how we deploy these technologies include: (1) when we deliver ads and (2) when we integrate with our partners’ websites and applications to provide cross-device analytics.
We do not use “zombie cookies” or “history sniffing.” We do not use local storage and Flash cookies for any other purpose other than to maintain a persistent opt-out.
What may be collected by Tapad for Device Graph™ management, analytics, and ad targeting:
- Time stamp
- User agent string that specifies device and browser information
- IP address
- Unique device identifier, stored in a browser cookie
- Hardware or operating system device identifier. For example, IDFA for iOS and Android ID for Android.
- Web page or application where an ad may be placed
- Web page or application that the individual is using when a Tapad pixel fires
- Anonymous data that can be extrapolated from an IP address. For example, we may be able to determine a user’s general location and therefore infer demographic information.
- Obfuscated user identifier, such as email address, but only to evaluate the probability and nature of connections between devices, never to identify the individual
What is not collected by Tapad for Device Graph™ management, analytics, and ad targeting:
- Phone number
We do not use or permit our customers to use precise location data, such as your exact location at any given time, to connect devices in our Device Graph, to infer user interests for online behavioral advertising (which we define to mean advertising to consumers based on activities across websites or apps over time), or to deliver advertisements to you at a precise location (which we define to mean an area with a radius of less than one half mile), without your express consent to Tapad.
Collected information is used to:
- Evaluate the probability and nature of connections between devices (a key attribute of our Device Graph)
- Infer eligibility of device for interest and demographic-based segments
- Provide targeted advertising to users based on the information collected by Tapad unless the user has opted out
- Provide insights, facilitate ad delivery, and provide reporting back to customers (such as advertisers and publishers) and partners, including statistical reporting in connection with the activity on a website, optimization of location of ad placement, ad performance, reach and frequency metrics, billing, and logging ads served on a particular day to a particular website
- Provide Device Graph information and inferences about user interests to customers and partners that allow them to target advertising, personalize content, analyze behaviors and engage in other similar services
- Share aggregate information with third parties
- In addition, such information may be used by Tapad for internal analysis in order to perform and improve the Services and associated technologies, and to operate and improve the Tapad site (www.tapad.com)
We supplement our user segment data and device graph with information from other data partners. The information these data partners provide typically consists of demographic and inferred interest data. Tapad does not collect or use any data, including inferred interest data, that we consider sensitive, such as precise information reflecting a user’s past, present or potential future health or medical condition or treatment, including genetic, genomic and family medical history; certain aspects of a user’s personal life or financial situation; or use of, or interest in, gambling, alcoholic beverages, or “adult” products or services. Tapad partners with Blue Kai, eXelate and other companies to receive information about non-sensitive health and wellness categories. You can view representative lists of such categories available from Blue Kai by clicking here and from eXelate by clicking here.
2. Offer Meaningful Choice
Mobile applications and web browsers operate with different identifiers even though they may be on the same device. This is similar to how different web browsers on your computer have independent identifiers. Because mobile apps and web browser have different identifiers, you will need to opt-out of each environment separately. At this time we do not respond to browser ‘do not track’ signals, as we await the work of interested stakeholders and others to develop standards for how such signals should be interpreted and to evaluate how they work in practice.
If you are interested in opting out on your computer or mobile web browser, please visit the “Web Browser Opt-out” section below. If you are interested in opting out on your mobile app, please visit the “Mobile Application Opt-out” section below. When you opt out, there may be a limited delay in some of our customers’ ability to update their information and honor your choice.
Web Browser Opt-out
If you would like for Tapad to stop collecting device data for our Device Graph and for targeted advertising in your web browser, click below to opt-out.
We make best effort to provide a persistent opt-out for online display and, independently, for mobile web. This opt-out must be performed on each device and browser that you want to be opted out on. For example, if you want to opt-out on your computer browser as well as your mobile device browser, you will need to click on the link above in both your computer browser as well as your mobile device browser.
PLEASE NOTE: In the web browser environment, do not just delete cookies from your browser. The Tapad web browser opt-out works by replacing your unique cookie ID with a generic opted-out value. This happens both on the cookie in your browser as well as on our server side. Thus, if you attempt to opt-out by clearing cookies, or deleting your device’s content cache Tapad will not be able to recognize your device as having opted-out, and if you subsequently visit one of Tapad’s website partners, you may then get a new Tapad cookie.
Mobile Application Opt-out
If you would like Tapad to stop collecting device data for our Device Graph and for targeted advertising in your mobile applications, please download the Ghostery application for your phone operating system and opt-out through the application.
Please keep in mind that if you opt-out, you will still receive ads though they will not be tailored to your interests. To opt-out from other companies that provide online behavioral advertising services, you can opt-out at the following online advertising industry website: The Digital Advertising Alliance Website, www.aboutads.info.
3. Protect Data
Tapad takes significant steps to protect the security of the information that we collect. To that end, we have designed and deployed hardware, software and networking solutions in an effort to reasonably secure and protect access to our systems and data.
Please be aware, however, that no data security measures can be guaranteed to be completely effective. Consequently, we cannot ensure or warrant the security of any Device Graph data or other information. In particular, we cannot guarantee that Device Graph data or other information will not be disclosed, altered, or accessed in accidental circumstances or by unauthorized or unlawful acts of others.
We do not deliver ads based on individual level data that is more than fourteen (14) months old. We retain the information that is reasonably linkable to a device and collected for ad targeting and/or ad delivery and reporting only as long as is legitimately necessary for running advertising campaigns and in no event longer than fourteen (14) months. We keep opt-out information for longer than this period so that we can continue to honor opt-out requests. Aggregate reports generated from this information may also be kept longer.
4. No Children
Tapad does not create or use audience segments targeted at children under the age of thirteen (13).
Personal information you explicitly provide to the Tapad Sites (www.tapad.com):
In addition to collecting data for the purposes listed above, we may also collect user registration information from Tapad Sites (www.tapad.com). Some of Tapad’s services request voluntary user registration or sign-up that, when given, could be classified as Personally Identifiable Information (PII), such as our email newsletter. This might include our business customers’ or prospects’ names, postal addresses, email addresses, and phone numbers. We do not sell or rent data collected from our websites, but we may provide it to third-party service providers as necessary to conduct our business operations and for the performance of our Services with our customers. We also receive and store non-personally identifiable information from these website visits so that we can better target our own ads for Tapad Services and to analyze our own customer base.
Personal information we collect on behalf of advertisers:
In addition to collecting data for the purposes listed above, we may also collect user registration information on behalf of our advertisers. Users may choose to manually and voluntarily enter information that could be classified as PII as part of their interaction with an advertisement or landing page, and we may collect this PII on behalf of those advertisers. Because we are collecting this information on behalf of an advertiser, we may transfer this information to them. We do not sell or rent this information to any third parties for their own use.
Legal and Other Disclosures
We may share personal information when we believe such action is appropriate to comply with the law (e.g., legal process or a statutory authorization); to enforce or apply our customer agreements; to initiate, render, bill, and collect for Services; to protect our rights or property, or to protect users of those services from fraudulent, abusive, or unlawful use of, or subscription to, such services; or if we reasonably believe that an emergency involving immediate danger of death or serious physical injury to any person requires disclosure of communications or justifies disclosure of information without delay.
Change of Control
If we undergo a sale, merger, transfer, exchange or other disposition (whether of assets, stock or otherwise) of all or a portion of our business, information we have collected or otherwise acquired may be one of the assets transferred.
- Amended November 17, 2014 to describe how we use precise location data and non-sensitive health information and how we share information regarding users’ inferred interests
- Amended May 14, 2014 to reflect re-branding of Evidon to Ghostery
- Amended April 10, 2014 to clarify that some customers who receive data from us may be unable to honor opt-out requests immediately
- Amended March 31, 2014 to remove reference to the TRUSTe Ad Preferences Manager