LAST UPDATED: 7/1/2020
Privacy at 33Across
33Across, Inc. and its corporate group affiliates (collectively, “33Across”) provides online publishers and marketers (our “Clients”) with a suite of products and technologies (“Products”, or “Technology”) that provide insights into how content is consumed and shared on their web sites, monetize this content, and drive incremental traffic.
Privacy Practices For Our Technology
Overview of How We Use and Protect Information
33Across provides Products that enable Clients to gain insights into how their content is being consumed and shared by end-users. Using browser cookie technology, end-user data is collected across multiple websites to provide these insights and consists of behavioral information regarding the web pages they visit and/or the actions they take on websites, such as copying or sharing content, clicking on hyperlinks or advertising on the page, or signing up for products or services offered by our Clients. We use the collected information to target and display advertisements that may be of interest to users.
Some of our Products insert advertising from our partners on our Client websites. We record information that an ad was requested or shown, and any user interactions with the ad or the page where the ad appears. This information is used for analysis, reporting and troubleshooting. We categorize website visitors with similar characteristics or interests into non-personally identified data segments and offer these segments to our Clients, improving their ability to deliver more relevant advertising or analytics. For example, if a person expresses an interest in comedy films by visiting a page with related content, our Technology would help our Clients characterize other people who are likely to enjoy comedy films based on similarities in browsing or sharing behavior.
We do not knowingly use information that comes from what we consider to be sensitive health information. We may use health-related segments that are inferred from data we collect but are not derived from sensitive health data. Click here for a list of the standard health-related segments that may be used by our platform.
Data Our Technology Collects through Client Websites
Personally Identified Information
When we refer to Personally Identified Information (“PII”) in this policy, we mean any information used or intended to be used to directly identify a particular individual, including name, address, telephone number, email address, financial account number, and government-issued identifier. We do not collect PII through Client websites via our Technology.
33Across collects only Device-Identified Information (“DII”) from the web pages where our Clients deploy our Products. When we refer to DII in this policy, we mean information that is linked to a browser, device, group of devices, but is not used or intended to be used to directly identify a particular individual. DII includes, but is not limited to, the Internet Protocol (IP) address that your device uses to connect to the internet, browser type (for example Internet Explorer or Mozilla), operating system (for example Windows or Macintosh) and the URL of Client website pages or sections visited, as long as that data is not linked to PII. Keep in mind that in certain contexts and jurisdictions, some information that we in this policy regard as DII, such as IP addresses, may nevertheless be regarded as “personal information” under privacy legislation in California and elsewhere. We do not, however, record IP addresses for visitors to Client websites from European Economic Area (EEA) countries.
Privacy Practices For Our Website
Personally Identified Information
We collect PII exclusively on the 33Across Websites: our main company site (33across.com) and our publisher portal (platform.33across.com), when you choose to provide it to us. For example, you may choose to provide us PII about yourself by sending us an email, by completing an online form, or by registering for a login and password for the Products we offer. We use this information only to contact you to respond to your inquiry or manage your registered account.
Device Identified Information
33Across automatically receives and records certain DII from all visitors to our Websites, including your IP address, pages viewed, browser type, the time/date of your visit to this Website, and the referring URL and your computer’s operating system. 33Across uses this DII to help diagnose problems with its server, analyze trends and administer the Website. However, keep in mind that some of this DII could be regarded as “personal information” under the privacy laws in California and elsewhere.
We use DII browser session cookies and persistent cookies in our Products and on our Website to provide, monitor, analyze, and improve our services. For more information about cookies please visit allaboutcookies.org.
We try and set cookies for first-time visitors to any of the sites that deploy our Technology or Products. If our cookie is already set on your browser, we know you are a returning visitor and log data using your existing cookie. You are always free to configure your browser to decline to receive cookies or clear your cookies, which will result in us treating you as a new visitor every time you encounter our Products on our Client websites. However, in order to stop data collection by 33Across, you have to explicitly opt-out, as described in the next section of this document.
We do not combine information collected through cookies with PII you may have provided to us when you registered for our Products or submitted a form through our Website.
Some of our business partners (for example, Google Analytics) or Clients may set or use their own cookies on our Website or through the Products we provide. However, we have no access to or control over these cookies. Some of our business partners may engage in cross-device mapping. In other words, our business partners may link the cookie data we gather to device identifiers concerning the same user. Our business partners may then share the cross-device mapping or other user data with us, for the purpose of personalized advertising.
Notification About Other Parties
The following disclosure is made pursuant to the California Online Privacy Protection Act: When you use our Website or websites of our Clients, other parties, such as Google, may collect DII about your online activities over time and across different websites or online services.
We use persistent cookies to manage your opt-out status.
You may visit http://optout.33across.com to opt-out of data collection from 33Across. The 33Across Opt-out Tool is cookie-based. In order for the Tool to work on your computer, your browser must be set to accept cookies. Be advised that if you use multiple computers or browsers, you will need to repeat this process for each computer and each browser. If you buy a new computer, change web browsers or clear your 33Across cookies, you will need to perform the opt-out task again. Opting out does not mean you will no longer receive online advertising. It does mean that 33Across will no longer collect any data associated with your activities on any of our Clients’ websites.
Additionally, 33Across is a member of the Network Advertising Initiative (NAI) and adheres with the NAI’s Code. You may visit optout.networkadvertising.org to find out more about the NAI’s Self-Regulatory Program and to opt out of 33Across and other NAI member company advertising programs.
33Across is a participating company in the European Digital Advertising Alliance and adheres to the Interactive Advertising Bureau (IAB) Europe’s EU Framework for Online Behavioral Advertising. Learn more about online behavioral advertising, additional choices regarding the collection and use of data for online behavioral advertising, and how to file any consumer feedback or complaints with the national advertising Self-Regulatory Organization at http://www.edaa.eu and http://www.youronlinechoices.com.
Additional Information for Data Subjects
in the European Economic Area
The General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) gives data subjects who are in the EEA the right to review, rectify, or delete their personal information.
However, as of July 1, 2020 33Across’ Products and Technology no longer collect new personal data from data subjects in the European Economic Area. We continue to process Personal Data we previously collected from data subjects in the European Economic Area only until September 30, 2020. Upon that date, we will have fully discarded all personal data we have from data subjects in the European Economic Area and will no longer process it.
However, as of September 30, 2020 33Across’ Products and Technology no longer collect or otherwise processes personal data from data subjects in the European Economic Area. Consequently, 33Across has no personal data of data subjects in the European Economic Area (EEA) for which GDPR rights apply or may be exercised.
General Privacy Information
The security of your information is important to us. We take security measures to protect against unauthorized access to or unauthorized alteration, disclosure or destruction of data. These include firewalls and encryption, internal reviews of our data collection, storage and processing practices and security measures, as well as physical security measures to guard against unauthorized access to systems. We restrict data access to a subset of 33Across employees, contractors and agents who need to know that information in order to operate, develop or improve our Products and services. These individuals are bound by confidentiality and data security obligations and may be subject to discipline, including termination, if they fail to meet these obligations.
No method of transmission over the Internet, or method of electronic storage, is 100% secure, however. Therefore, while we strive to use commercially acceptable means to protect your information, we cannot guarantee its absolute security.
We retain contact information submitted by Clients as long as they are actively registered for our Products. Data about users who contact us via our Website is retained as long as their interaction with us is active. Data about inactive Publishers or Website users may be deleted as space requires or in the normal course of business. You can request that your data be removed from our records by contacting us at firstname.lastname@example.org.
We retain non-personally identifiable user activity data collected through our Products for 90 days. Statistical summaries and data aggregations across many users’ activities may be kept for longer periods.
The Website and Products are hosted in the United States. If you access the Website or Products from the European Union, Asia, or any other region with laws or regulations governing personal data collection, use, and disclosure that differ from United States laws, please be advised that through your continued use of the Website or Products, you are transferring your PII and DII to the United States and you consent to that transfer. Additionally, you understand that your PII and DII may be processed in the United States.
Information Relating to Children
Protecting the privacy of children is very important to us. We do not knowingly collect any information from anyone under the age of 13 and no part of our Website or Products are designed specifically to attract people under the age of 13. If we are made aware that we have received any information from anyone under the age of 13, we will use reasonable efforts to remove that information from our records.
Disclosure of Information to Third Parties
We do not rent or share your PII with non-affiliated third parties without your consent. We may, however, share your PII with trusted third-party contractors who provide services for us. These third-party contractors are prohibited from using the information we provide for purposes other than performing services for us.
We may share DII collected on the Website or via our Technology with unaffiliated third parties. For example, we may disclose that our online advertisements offering ‘sports car’ test drives receive more clicks than those offering ‘Mini Van’ test drives.
We may disclose your information to third parties when we reasonably believe we are obligated to do so by law, and in order to investigate, prevent, or take action regarding suspected or actual prohibited activities, including but not limited to, fraud and situations involving potential threats to the physical safety of any person.
Finally, in the event we are acquired by or merged with a third-party entity or undergo another change of control, we reserve the right to transfer information, including any PII and DII, to a successor entity. You understand that we may not be able to control how your information is used in the event of such a change of control.
Conditions of Use
Questions or Comments?
Attn: Privacy Officer
229 West 28th Street, 12th Fl.
New York, NY 10001
Effective date of policy: [July 1, 2020]
Attn: Privacy Officer
229 West 28th Street
New York, NY 10001