Last modified: May 25, 2018
- 1. Who does this policy apply to?
- 2. What do we collect from End Users?
- 3. What do we collect from Clients?
- 4. How we work with third parties
- 5. Why are we collecting personal information of Clients through the Platform?
- 6. How we protect and retain your information
- 7. Group companies
- 8. Law Enforcement
- 9. International Transfers
- 10. How do you exercise your rights?
- 11. Changes to this Platform Policy
- 12. Contacting Us
- 13. Accreditations
SuperAwesome delivers compliant, kid-safe ad campaigns globally through AwesomeAds, our digital advertising platform. Our business was created specifically to develop kidtech – technology solutions for the compliance requirements of the digital kids’ market. We create software and set standards to enable advertisers, publishers and intermediaries to be compliant with GDPR-K (the provisions of General Data Protection Regulation protecting under-16s) and COPPA, the Children’s Online Privacy and Protection Act.
For publishers of websites and apps, AwesomeAds delivers advertising revenue and our dashboard provides clear and detailed information of AwesomeAds activity. For advertisers, we offer contextual advertising delivery through the AwesomeAds marketplace.
1. Who does this policy apply to?
2. What do we collect from End Users?
2.1 AwesomeAds serves advertising that is targeted using contextual information, including broad-based (i.e., country or U.S. State-level, as applicable) geo-targeting based on current location, and content on the current website or app.
2.2 Platform Ads viewed on websites. When an End User views one of our Client’s ads on a website, we create a custom identifier for purposes of broad-based geographic identification, for frequency capping advertisements, and for identifying non-human traffic and eliminating fraud. The custom identifier is created from a truncated version of the End User’s IP address (which means the End User can only be identified as someone in a particular country, or a particular U.S. State (as applicable)) and a hashed version of the End Users’ device advertising identifier. This custom identifier allows AwesomeAds to recognise the same device per ad request for the purpose of capping the number of times an End User sees the same ad. At the end of the advertising campaign, the custom identifier is deleted.
We also collect the following non-personal information from the End User’s browser:
(1) the name of the domain or app that a Client’s ad was served on;
(2) the time the ad was visible on the website;
(3) whether the End User clicked on or otherwise engaged with the ad;
(4) browser name (e.g. Safari/Firefox/Chrome); and
(5) type of device (e.g. iPhone).
This information is aggregated as statistical data which we share with our Clients
2.3 Platform Ads viewing on mobile applications. When an End User views one of our Client’s ads within a mobile app, a custom identifier is created from a hashed version of the End User’s device advertising identifier in combination with a random number and the application package or application identifier. This custom identifier is used for purposes of broad-based geographic identification, for frequency capping advertisements, for identifying non-human traffic and eliminating fraud. At the end of the advertising campaign, the custom identifier is deleted.
2.4 Ad Tracking. If an End User has configured their device to “limit ad tracking”, then we do not create the custom identifier and the End User may see the same ad more often. Nonetheless, a truncated version of the End User’s IP address is still created for purposes of broad-based geographic identification (which means the End User can only be identified as someone in a particular country, or a particular U.S. State (as applicable).
3. What do we collect from Clients?
3.1 In order to be able to access and use the Platform, Clients need to provide SuperAwesome with the following information:Username, password, first name, last name, email address & company URL. If a Client has volunteered additional information or alternate contact information for the purpose of receiving customer support services (e.g. telephone number) we will also process that information in order to fulfil the request.
|_ga||2 years||Google Analytics||Used to distinguish users|
|_gid||24 hours||Google Analytics||Used to understand user session activity journey.|
|_gat||1 minute||Google Analytics||Used to throttle requests to Google Analytics.|
|_hj*||1 year||Hotjar||Used to analyze visitor behaviour patterns.|
|__cfduid||1 year||Cloudflare||Used to identify trusted web traffic.|
3.3 We also collect the following non-personal information from Client devices when using the Platform: (a) browser name; (b) type of device; and (c) country or U.S. State in which the Platform is being accessed.
3.4 Your browser may allow you to set a Do Not Track (DNT) signal indicating that you do not wish your online activity to be tracked. Currently, our system does not support and does not act on DNT signal headers that we may receive.
4. How we work with third parties
Amazon Web Services: https://aws.amazon.com/compliance/data-privacy/
We use Amazon Web Services to host the Platform.
We use Amplitude’s analytics solutions to understand how our Clients use the Platform.
We use DoubleVerify to measure the viewability of advertisements.
Google Analytics: https://tools.google.com/dlpage/gaoptout
We use Google Analytics to understand how our Clients use the Platform.
We use HotJar to better understand how our Platform dashboard is being used by Clients and to improve its features.
Integral Ad Science: https://integralads.com/uk/privacy-policy/
We use Integral Ad Science to measure the performance of advertising campaigns.
We use Moat to measure the performance of, and verify the delivery of advertisements.
5. Why are we collecting personal information of Clients through the Platform?
5.1 When Client personnel register to use the Platform, we will collect and process their personal information to fulfil our contractual obligations to Client, to respond to requests regarding use of the Platform, and to comply with our own legal obligations as a Platform provider.
5.2 We will also collect, and process personal information, where necessary, for our legitimate interests, which includes our interests in providing kid-safe compliance technologies to our Clients unless those interests are overridden by your interests or fundamental rights and freedoms where personal information needs to be protected. For example, we will use your personal information:
To provide the Platform and information about it. Information you provide and that we collect will ensure that we can provide and you can use the Platform correctly and efficiently.
To deal with your requests. Information you provide and that we collect helps us respond to your customer service requests and support needs more efficiently.
To personalize your user experience. We may use information in the aggregate to understand how our Clients as a group use the services and resources we provide.
To improve our Platform. We may use feedback you provide to improve our products and services and for our internal operations.
To communicate with you. We will need to let you know about Platform service updates, account performance or other relevant operational information regarding usage of the Platform. Clients can log into the Platform to see this information or opt-in to also receive updates by email – e.g. a new campaign is in the queue waiting for Client approval. We will use the Client email address you have provided for this purpose. Clients can unsubscribe from receiving email updates by clicking on the ‘unsubscribe’ link at the bottom of an email, via account settings in the Platform, or by contacting us.
6. How we protect and retain your information
6.1 We adopt and implement appropriate and industry-standard security practices regarding the collection, storage and processing practices of your data, including using SSL-secured communication channels, firewall-protected servers and 128-bit encryption for personal information provided via the Platform. We also take reasonable steps to protect against loss, misuse, or unauthorized access, disclosure, alteration, or destruction of the information you provide via the Platform. We have also put in place manual safeguards such as limited employee access and confidentiality agreements. Despite our best efforts, no security measure is ever perfect or impenetrable. In the event that we experience a data breach involving unencrypted personal information, we will notify users by email and/or by posting notice on the Platform.
6.2 We will keep your personal information only for long as it is necessary for the purposes described above (to provide you with access to the Platform) for our legitimate interests as described above and in order to detect and prevent fraud and to comply with our legal and regulatory obligations. We may also keep a record of correspondence with you relating to the Platform, for example if you have made a complaint, for as long as is necessary to protect us from a legal claim. In all cases, where we no longer have a need to keep your information, and we are legally required, we will delete or anonymise it. AwesomeAds has been designed and operates with the principle of data minimization. Moreover, AwesomeAds by default disables interest-based advertising, cross-app advertising or retargeting. For this reason SuperAwesome does not retain personal information – such as user IDs, advertising IDs or cookie IDs – for purposes of such activities.
7. Group companies
We may share your information with our affiliate companies in order to provide you with the Platform, and to help better tailor our services to you.
8. Law Enforcement
We may disclose your personal information: (a) in the good faith belief that we are required to do so by law; (b) if doing so is reasonably necessary to comply with legal process; (c) to permit us to pursue available remedies, including commencing or responding to any claims; (d) to enforce the terms and conditions of the Platform; (e) to protect the rights or property of SuperAwesome or the personal safety of End Users, Clients or the public; or (f) to protect against fraud or other illegal activity or for risk management purposes.
9. International Transfers
We operate globally and may need to transfer your personal information outside the European Economic Area to our affiliate companies, partners or third party service providers in locations around the world for the purposes described in this Platform Policy. We do so in order to provide you with our services and for the other purposes outlined above. Please be aware that the data protection laws in some of these countries may not offer the same level of protection as those in your country of residence. Before transferring your information in this way, we will take reasonable steps to ensure that suitable safeguards are put in place aimed at ensuring that an appropriate level of protection applies to the privacy of your personal information and we will comply with all applicable laws. For further information on these safeguards, please contact us.
10. How do you exercise your rights?
10.1 Where you have given us consent to use your personal information for the purposes set out in this Platform Policy, you have the right to withdraw that consent at any time. You may also have a right to object to our use of your personal information where we are relying on a legitimate interest and there is something about your particular situation that makes you want to object to our processing on this ground. Clients may exercise their rights, including editing their details any time by logging into their account on the Platform and adjusting their account settings, or by contacting us. For those in Europe, you also have the right to lodge a complaint with a supervisory data protection authority should you have any concerns about the manner in which we use your information. Before doing so, however, we would encourage you to first contact us directly to allow us an opportunity to resolve any concerns you may have. We do not collect personal information on End Users, however if you wish to contact SuperAwesome regarding this Platform Policy, our contact details are in Section 12 below.
10.2 Under California Civil Code § 1798.83, California residents are entitled once a year to request and obtain certain information regarding our disclosure, if any, of personal information to third parties for their direct marketing purposes during the immediately prior calendar year. We do not share your personal information with any unaffiliated third parties for their own marketing purposes. Nonetheless, you may make one request per year if you are a California resident. In your request, please attest to the fact that you are a California resident and provide a current California address for our response. You may request this information in writing by contacting us.
11. Changes to this Platform Policy
12. Contacting Us
AwesomeAds is operated by SuperAwesome Trading Limited, our contact details are:
Attn: Privacy Team
SuperAwesome Trading Limited
4th Floor, 8 Duncannon St,
London, England WC2N 4JF
+ 44 (0) 203 668 6677
Entertainment Software Rating Board’s Privacy Certified Program (“ESRB Privacy Certified”). ESRB Privacy Certified is designed to ensure that our information collection, use and disclosure practices are responsible and appropriate. To protect your privacy, we have voluntarily undertaken this privacy initiative, and our Platform has been reviewed and certified by ESRB Privacy Certified to meet established online information collection, use and disclosure practices. As a licensee of this privacy program, we are subject to audits of our Platform and other enforcement and accountability mechanisms administered independently by ESRB Privacy Certified. ADVISORY: Although ESRB Privacy Certified reviews the process behind the functionality of the Platform, please note that they do not review the individual ads of our Clients that are submitted through the Platform and displayed to our End Users. However, SuperAwesome regularly consults ESRB Privacy Certified and makes all best efforts to ensure that ads adhere to applicable data collection guidance and principles set forth by ESRB Privacy Certified, including but not limited to adherence to the COPPA Rule and the Digital Advertising Alliance’s Principles.
ESRB Attn: VP, Privacy Certified Program
420 Lexington Ave., Suite 2240
New York, NY 10170
If you believe that we have not responded to your privacy-related inquiry or your inquiry has not been satisfactorily addressed, please contact ESRB Privacy Certified at https://www.esrb.org/privacy/contact.aspx, or:
Furthermore, AwesomeAds is certified as COPPA-compliant by the kidSAFE Seal Program. The kidSAFE Seal Program is an independent safety certification service and seal-of-approval program designed exclusively for children-friendly websites and technologies, including child-targeted game sites, educational services, virtual worlds, social networks, mobile apps, connected products, and other similar interactive services and technologies. kidSAFE is also an FTC-Approved COPPA Safe Harbor Program. Click on the seal or go to www.kidsafeseal.com for more information.