Cadent Services Privacy Policy

1. Introduction

Cadent, LLC and its subsidiaries and affiliates (collectively, “Cadent,” “we,” “us,” or “our”) have designed this Cadent Services Privacy Policy (this “Services Privacy Policy”) to help you understand how our advertising technology platform and related services (collectively, our “Platform”) collect, use, share, and otherwise process information to help provide advertising and marketing services to our clients, such as to target ads through various channels (e.g., websites, apps, OTT/CTV devices) and measure their effectiveness. It also explains your “data rights” in relation to your information (e.g., requesting information access or deletion), including opt-out rights regarding targeted advertising or having your data “sold” or “shared.”

In this Services Privacy Policy, “users” (or “you” or “your”) means anyone who views or otherwise interacts with an ad served through a website, app, or other device, or whose information is otherwise collected through our Platform, whether directly or via clients or data partners.

2. Overview of Our Platform

Cadent works with “demand-side” and “supply-side” clients and data partners. In other words, we work with brands and advertising agencies that are interested in buying ads on properties, such as websites, apps, OTT/CTV devices (e.g., streaming devices, “Smart TVs”), and linear TV, the partners (e.g., vMVPDs) that provide the ad space on such properties (also known as advertising “inventory”), and related adtech companies like ad servers, sell-side and demand-side platforms, and exchanges. We also work with data providers that disclose user segments or other information to us to help target an audience with ads or measure the effectiveness of such ads.

These ads are typically targeted based on inferred interests or preferences as associated with a user device identifier or at a household level (this includes “retargeting,” such as where a user views a certain item and then receives ads for that item on third-party digital properties). However, in some cases, ads may be based on contextual information, such as the time of day, type of browser/device, or TV channel, or demographic information, such as breakdowns of age/gender/household income within a certain geographic area.

In order to understand whether the ad campaign was effective or not, our Platform provides “reporting” directly or allows the ability to use a third-party measurement partner, which, in either case, will include analytics on interactions with ads served, clicks, downloads, or other ad interactions.

To carry out the above, our Platform comprises different service offerings, each of which are interconnected. Primarily, this includes our:

• Sell-Side Platform (SSP)‍
  • Allows clients to sell their advertising inventory to advertisers/agencies and other demand-side partners, such as exchanges and DSPs.‍
• Demand-Side Platform (DSP)‍
  • Allows clients to buy and serve targeted advertising (or other types, such as contextual advertising) on digital properties and measure effectiveness via reporting.‍
• Audience Builder Service‍
  • Allows clients to onboard their data (also known as “audience matching”) and combine with other data in order to create and export targetable “segments” or otherwise receive analytics and insights on their audiences (e.g., inferred interests).‍
• Identity Mapping Solution‍
  • Primarily, an internal mapping of device IDs to households.‍
• Addressable TV Service‍
  • Use of demographics, viewership data (content viewed on TV), and data “segments” to plan, execute, and measure the effectiveness of these TV advertising campaigns (e.g., cable, broadcast) via reporting.

In summary, through our Platform, we help our clients reach consumers with greater efficiency and relevance across various channels, including web, mobile, and OTT/CTV. We reach these consumers typically through their device IDs as associated with their household.

To do this, we collect and use the information that we’ve described in this Services Privacy Policy. We also provide convenient opt-out mechanisms, as we’ve described below under How to Opt-Out of Platform Targeting.

3. Information We Collect

We collect and use several types of information from you or from our data partners that help us (or our data partners) serve ads that are better tailored to your interests and to provide reporting and analytics services, such as inferring ads that performed better or worse based on user behavior. 

This information includes:

• Device identifiers‍
  • E.g., mobile advertising IDs like iOS IDFA and Android AAID, IP address, OTT/CTV IDs, gaming console IDs, cookie IDs, or proprietary IDs.‍
• ZIP +4 and ZIP +11 postal codes‍
  • Publicly available household postal codes; used to identify a household address, which devices and segments are associated to for “household-level” targeting.‍
• Household identifiers‍
  • Pseudonymous IDs for ZIP+4/ZIP+11 above.‍
• Household addresses‍
  • A master address list used for purposes such as address verification and appending ZIP11 and latitude/longitude.‍
• Device metadata‍
  • E.g., device type, browser type, operating system type, and settings.‍
• Geolocation Data‍
  • E.g., latitude/longitude coordinates or other precise or coarse geolocation information (e.g., based on IP address).‍
• Segments/demographics and interests‍
  • A group of household IDs or device IDs that may share a common interest, trait, or preference, such as “auto intenders” or “guitar players”. These can be either our own segments or segments from data partners.
  • We may receive demographic information or use data science to understand general demographics or interests purposes (e.g., household income, number of household members, geographic area, retail interests, gender, age or age range, education level), whether on a household, user, or general population level (e.g., city, county, or borough), which can be used to make inferences for segment purposes or to understand the value of a certain advertising opportunity presented in a bid request. ‍
• Ad interaction data‍
  • E.g., interactions with or in relation to an ad, such as clickthroughs, actions taken on landing page where ad takes you, app downloads, and purchases. This helps understand ad campaign effectiveness and what ads you respond more favorably to.
  • This interaction data and other ad analytics can sometimes be provided to data partners for measurement/attribution purposes, described below, in the form of a document called an “impression log.”‍
• Other ad analytics‍
  • E.g., TV content viewed, viewership data, which ads were shown to which devices or households, where and what they were shown, and at what time.‍
• Email addresses/phone numbers‍
  • Email addresses/phone numbers that are either uploaded in “plain text” and then matched with a hashed email or hashed by us or our clients/data partners (i.e., utilize one-way cryptography such that it is a random string of characters).‍
• Business contact or similar information‍
  • E.g., name, business, title, and contact information (e.g., email/phone, postal addresses) of professionals, NPI numbers for healthcare providers (HCPs), educational level.‍
• Client information‍
  • Clients can upload their own information, such as their customer data, to our Platform (e.g., email addresses, postal address, device IDs) which we can then “match” with our own data and use for enhanced targeting.

4. Source of Information We Collect‍

The above information is collected through various sources, including:

• Clients‍
  • As mentioned above, clients can upload their own information to our Platform for matching and targeting purposes.‍
• Bid requests‍
  • “Bid requests” contain information describing advertising space that is available for purchase on that particular digital property (e.g., website, app, CTV/OTT device) and are typically sent by ad exchanges/sell-side platforms (SSPs). The fields within a bid request can depend on the specification (e.g., OpenRTB) but bid requests typically contain information about the particular user or device, such as device ID, geolocation information, content or URL being viewed, device metadata, and demographic or interest information.‍
• CTV/OTT Platforms and App Providers‍
  • These entities may send similar information as those described in bid requests but can also send information regarding what video content is being watched on a device or app or viewership data more broadly.‍
• Pixels/Cookies/Macros‍
  • Cookies are essentially small files of data that can be stored within a device to collect information across websites. Pixels are pieces of code that are inserted onto pages or ads, which can collect information from a device or read/write cookies.
  • Ad macros operate similar conceptually to pixels and also collect similar information in relation to ads that we have served.‍
• Mobile SDKs‍
  • These are usually placed by our partners within apps, which collects information that can be provided to us, such as device IDs or geolocation information.‍
• Data Partners and Other Sources‍
  • We use a variety of partners that provide the information described in this Services Privacy Policy to us, such as consumer panel providers (i.e., provides insights from consumers based on surveys), geolocation providers, ad exchanges/SSPs mentioned above, other DSP or data management platforms (DMPs), measurement partners, address verification providers, point-of-interest (POI) data providers, viewership data partners, demographics providers, and segment providers. We may also utilize social media networks, such as profile pages, or other sources that may be considered public information such as public registries or databases.

5. How We Use Information We Collect

We use the information we collect to help clients and data partners better target ads to you or to others like you, analyze trends and create reports about how users react to such ads, and generally optimize the Platform. Our uses include the following:

• Ad delivery and personalization‍
  • Delivery of an ad based on your or others’ interests, the interests of a household, or demographics (e.g., general traits, population-level analyses). We may also retarget you or use your data as an input for “look-a-like audience” creation (e.g., find people similar to you).‍
• Audience matching/onboarding‍
  • Matching client-uploaded information, such as device IDs, with household information stored within our identity map to provide a broader range of targetable device IDs.‍
• Device mapping‍
  • Inferring whether a device is associated to a household or other general location.
  • Also includes making correlations between actions on one device (such as a browser on a computer) with actions on another device (such as an app on a phone) to determine whether they belong to the same household or whether devices belong to the same user.‍
• Segment creation‍
  • Creation of segments, as further described below.‍
• Measurement‍
  • Measuring whether a user clicked on an ad, took some action afterwards (e.g., downloaded something, went to a retail store), ad viewability, and other analytics to determine how well an ad performed.‍
• Attribution‍
  • Inferred determination of whether a user took an action due to seeing an ad (e.g., saw an ad and then purchased something). In other words, trying to reasonably correlate whether an ad prompted the user action, however such action is defined.‍
• Reporting‍
  • A report on the performance of an ad campaign, based on measurement and attribution and associated analytics.‍
• Frequency capping and ad analytics‍
  • Tracking how many times an ad was shown to a particular user (and how many times a particular user should be seeing an ad in general), where the ad was displayed, and when.‍
• Fraud detection‍
  • Preventing invalid or fraudulent ad traffic or malicious activity, such as those caused by bots or malware.‍
• Optimization‍
  • Optimization of the Platform, such as by further improving the use cases described herein (e.g., refining our bidding algorithm for better personalization of ads or our other models) or creating new services/features.
  • Development or improvement of services/products/features more generally (whether with respect to the Platform or otherwise),‍
• Anonymization‍
  • Information collected may be de-identified or anonymized and used for any purpose, including marketing or research purposes.

More about “segments”: In some cases, we make certain inferences about you or about your household generally, in either case, based on the information collected above.

For example, we may analyze information associated with your mobile device ID, such as what apps you’ve viewed, what ads you’ve seen and clicked on (and actions you’ve taken afterwards), and where you are located, to determine whether that device, along with other devices, share certain interests, traits, or other demographics. Where we have found these common interests, traits, or other demographics, we put those devices into “segments” (e.g., “interested in clothes,” “auto-intender,” “travel enthusiast”).

In many cases, we will look at these device-level characteristics to determine interests traits, or other demographics at the household level and roll those devices into these household-level segments (e.g., this household contains people interested in clothes, musical instruments, or fashion or have a certain income  education level). We also receive segments from our data partners, including those of the nature described herein and other segments. Some segments may be sensitive, such as those related to health or race/ethnicity, to the extent our processing of such segments is permitted by applicable privacy laws in your state of residence. 

Our segments, along with segments from our data partners, are made available within our Platform for clients to use to improve the targeting of their ad campaigns. We also make available our own segments to other data partners, such as other DSPs or data management platforms (DMPs), for use by those partners’ clients.

More broadly, we may use demographic information upleveled to a broader geographic level to better understand general population trends and select more relevant bid requests based on these trends (as opposed to creating or receiving particular ID-based segments for targeting purposes). 

6. How We Share Information We Collect

The information may be shared as follows:

• To clients/data partners‍
  • In some cases, clients can export information they have uploaded or matched on our Platform, such as to themselves in some cases or to their (or our) partners. Further, clients may wish to receive the reports described above or similar information, such as information collected through macros or other technologies within the ads we serve.
  • Our clients or data partners (e.g., segment providers, data marketplaces) may want to license our segments or other information we collect or create, such as the information contained within our identity graph (e.g., ZIP+4/+11, device IDs).
  • We may disclose certain data to facilitate “matching” with our clients or data partners, such as household IDs or ZIP+4/ZIP+11 or other identifiers, for communication of segments or other information (e.g., measurement data), whether directly or through an intermediary such as a “clean room.” Relatedly, we may send data to social media networks or other publisher platforms to retarget those who have seen our ads (or to target others that are similar to such people). 
  • We may disclose bid request data to data partners (e.g., exchanges, SSPs, DSPs, ad servers) for the purpose of selling advertising inventory. We may also make data, such as identifiers or details about an ad or the content on which such ad is displayed (e.g., underlying webpage), available to anti-fraud, viewability, or brand safety vendors.  
  • Measurement providers may receive “impression logs” (e.g., information about campaign, timestamp, household ID, user ID) or similar information to help measure the effectiveness of ads..‍
• To our service providers that store or process data or otherwise perform services on our behalf, such as technical or operational services.‍
  • These companies are authorized to use your personal information only as necessary to provide these services to us to assist us in our business activities.
  • Examples include technical or customer support, operations, web or data hosting, billing, accounting, security, marketing, measurement, data management, validation, enhancement or hygiene, or otherwise assisting us to provide, develop, maintain and improve our services.‍
• To investigate or prevent potential or actual fraud, fake traffic, malicious activity, or other similar harmful activity.
• In response to lawful requests by public authorities, including to meet national security, law enforcement requirements, or otherwise complying with legal process or regulatory investigations (e.g., a subpoena, court order).
• Where we believe in good faith it is necessary to comply with applicable law, enforce or apply our Terms of Service and other agreements, or protect the rights, property, or safety of Cadent and its employees or others.
• In the event of a merger, dissolution, reorganization, or similar corporate event, or the sale of all or substantially all of our assets, or any due diligence relating thereto.‍
  • In such a case, the information that we have collected may be transferred to, acquired by, or otherwise controlled by a third party.‍
• In aggregate or otherwise anonymized form to third parties or publicly.

7. Your Data Rights

Note: We provide the below rights to all U.S. residents only (as relevant data is tied to U.S. devices and households). However, subject to applicable law, we may limit or otherwise qualify how and to what extent we provide certain rights depending on the state of the U.S. resident in our discretion (e.g., reasonable fees that may be charged in the case of repeat requests within a twelve (12) month period, exceptions where consent may not be required, methods for submitting requests) and reserve the right to make further limitations or qualifications.

Right of Access

You may request access to the personal information that we have collected and maintained about you on a device-by-device basis and, in some cases, information about the third parties who may receive such personal information.

For purposes of the California Consumer Privacy Act (CCPA), for the personal information we collect from users within the preceding twelve (12) months, and the business and commercial purposes for use of this information (including related disclosures), please see the relevant sections above. The personal information described in such sections generally correspond to the following categories of personal information under the CCPA: Identifiers, commercial information, internet or other electronic network activity, geolocation data, electronic, visual, or similar information, inferences, and “sensitive” personal information.

Right to Correction

You have the right to request that any inaccuracies in your personal information be corrected, taking into account the nature of the personal data and the purposes of processing your personal information. 

Right of Deletion

You have the right to request that we delete the personal information collected and maintained about you on a device-by-device basis. Note that the deletion of your personal information may be subject to certain exceptions (e.g., required for legal purposes, may infringe our or a third party’s rights, have legitimate business reasons to keep, an exception set forth under applicable U.S. state privacy laws).

Right to Opt-Out of “Sales,” “Shares,” “Targeted Advertising,” and Processing of “Sensitive” Personal Information 

Certain U.S. state privacy laws provide a right to opt-out of “sales,” “shares,” “targeted advertising,” and certain processing of “sensitive” personal information. Though the scope of these rights differs depending on the state privacy law, you can exercise these rights collectively for your convenience as set forth under Exercising Your Rights below.

We “sell”/“share” personal information, process personal information for “targeted advertising.” We also process “sensitive” personal information to the extent permitted by applicable privacy laws in your state of residence. Our services disclose the following categories of information to buy-side or sell-side clients (e.g., advertisers, vMVPDs) or data partners (e.g., segment providers) for purposes of ID matching/resolution, facilitating ad inventory purchases (e.g., sending bid requests), measurement, segment export, and licensing of our data: Device identifiers and associated ZIP+4/+11 and household IDs, along with segments relating thereto. For purposes of the CCPA, these categories of personal information would be considered “identifiers,” “commercial information,” “internet or other network information,” “electronic, visual, or similar information,” “inferences,” and “sensitive” personal information. We also process such information for our internal advertising platform-related purposes, as further described in detail within this Privacy Policy. 

Note that, after opting out, we may still be able to process your “sensitive personal information” for purposes as permitted under applicable law. More broadly, we may disclose personal information to recipients where we have appropriately limited their use of your personal information.

We do not have actual knowledge of “selling” or “sharing” any personal information of anyone under eighteen (18) years of age.

Exercising Your Rights

As a U.S. resident, to make requests for access or deletion, as such rights are described above, please submit a request to us by either:

• Submitting a request form or
• Under the CCPA, Colorado, Nebraska, and Texas’ state privacy laws only, emailing us at privacy@cadent.tv.

For “correction” requests, please email a request to us at privacy@cadent.tv and specify that you are making such request pursuant to this Services Privacy Policy.

For opt-out of “sales”/“shares,” “targeted advertising,” and certain processing of your “sensitive personal information” (as these rights are further described above), please use the “Your Privacy Choices” link in this website’s footer or, under the CCPA, Colorado, Nebraska, or Texas only (to the extent such rights are applicable in such states), send us an email at privacy@cadent.tv requesting these opt-out rights pursuant to the Services Privacy Policy. 

We do not use any information that you submit for your data rights request for any other purpose besides our verification and fraud prevention process and to otherwise resolve your request (described below). A record of your request may be kept for legal compliance purposes. 

Verifying and Resolving Your Request

For Access, Correction, and Deletion Requests: You must provide your household address and one or more device IDs that belong to you. To the extent we have associated a device ID with that household address, we will provide access or deletion rights in relation to each such associated device ID.

Note that device IDs include mobile advertising IDs (e.g., iOS IDFA, Android AAID), IP addresses, OTT/connected TV device IDs, gaming console IDs, etc. Please consult your device’s documentation for more information on how you may obtain such IDs.

For Opting Out of “Sales”/“Shares,” “Targeted Advertising,” and Certain Processing of “Sensitive” Personal Information: You must provide your household address, after which we will opt-out that household accordingly. You do not need to provide an associated device ID for these requests.

For any of the requests set forth above (e.g., access, correction, deletion, opt-out requests), we reserve the right to require additional proof of your identity and residency as permitted by applicable law, or to reject requests that we reasonably believe are fraudulent or otherwise invalid (e.g., where you have submitted a household address or device identifier that does not belong to you or otherwise are not permitted to make such a request). Further, we may withhold any information where we reasonably believe verification has not been achieved to a sufficient degree of reliability or that release of the information may pose too great a risk of security to the user to whom the data may pertain.

Authorized Agents: Under California, Connecticut, Colorado, Delaware, Maryland, Minnesota, Montana, Nebraska, New Hampshire, New Jersey, Oregon, and Texas’ respective state privacy laws only, you may designate an agent to make requests to exercise your right to opt-out described above. Under California’s state privacy law, you may also designate an agent to make requests to exercise your rights for access, correction, and deletion described above. To the extent permitted under these state laws, we will take steps to verify the identity of the person seeking to exercise their rights and to verify that the corresponding agent has been authorized to make a request on that person’s behalf, such as by providing us with a signed written authorization. Agents must provide information demonstrating that they have been duly authorized to our email address above before submitting any request to us.

Response Timing: We aim to resolve any request described herein in forty-five (45) days or less (unless otherwise required by applicable law), though we may extend for another forty-five (45) days when reasonably necessary and as permitted under applicable law. Please note that we may charge a reasonable fee or refuse to act on a request if such request is excessive, repetitive, or manifestly unfounded.

Non-Discrimination and Appeals: You have the right to not receive discriminatory treatment for exercising the rights set forth above.

In the event we decline to take action on a request exercising one of your rights set forth above, you may have the right to appeal our decision under Colorado, Connecticut, Delaware, Iowa, Maryland, Minnesota, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Texas, Tennessee, and Virginia’s respective state privacy laws only. 

8. How to Opt-Out or Limit Platform Targeting

Cadent supports industry self-regulation and endorses best practices and self-regulatory requirements that apply to our Platform. Cadent participates in the Digital Advertising Alliance (DAA) Self-Regulatory Program and licenses the “AdChoices” advertising icon within ads that it serves through mobile and online channels. Learn more at http://www.aboutads.info.

You may opt-out of receiving certain targeted advertising from us across various channels or limit the data that may be available for such targeting as explained below. Please keep in mind that even after you opt-out, you may continue to receive ads but those ads may no longer be based on your interests or activity. Besides the opt-out mechanisms described in this Privacy Policy, we do not honor any “do not track” or similar mechanisms or signals in the context of our Platform.

• Website Opt-Out:

You may opt-out of certain interest-based targeting on the web conducted by Cadent or other member companies of the Digital Advertising Alliance (DAA) by visiting the DAA website here.

1. This opt-out is browser-based and you will need to opt-out on each browser (and for each user that has a separate log-in on the same computer).
2. Further, this opt-out is cookie-based. If you delete your cookies (which can happen if you clear or delete your browser history), then you will need to repeat the process. Additionally, an opt-out cookie may not be able to be set if your browser is set to block third-party cookies.

You can also control the use of third-party cookies at the individual browser level but, if you choose to disable cookies, it may limit your use of certain features or functions on our website or other websites. To manage Flash cookies, please click here. More detailed information about cookie management or other passive transmissions by specific web browsers can be found at the browser's respective websites, documentation, or settings pages.

• Mobile Opt-Outs:

• Certain mobile device operating systems provide a control that restricts publishers or advertisers’ ability to send device IDs, such as through Apple’s App Tracking Transparency Framework (Apple ATT) or Android’s ad personalization settings. This may result in less personalized ads, primarily in the Apple context.

For more information, or to opt-out using these mechanisms, consult your device settings. If you prefer to not have your precise geolocation data collected, you can also make this selection within your mobile device settings.

• OTT/CTV Opt-Out:

• Some OTT/CTV device providers offer a choice mechanism with respect to targeted advertising. To the extent these mechanisms entail sending a signal to Cadent regarding an opt-out preference, Cadent will honor these signals pursuant to those providers’ rules. For more information, including device-specific instructions, please visit https://www.networkadvertising.org/internet-connected-tv-choices/.

9. Children’s Information

We do not knowingly collect personal information from those under eighteen (18) years of age via our Platform. 

10. Security and Retention

We have implemented security measures intended to protect the information in our care, both during transmission and once we receive it. This includes, but is not limited to, the use of firewalls and encryption. No method of transmission over the Internet, or method of electronic storage, is 100% secure, however. Therefore, while we use commercially acceptable means to protect your information, we cannot guarantee its absolute security.

We will retain your information as long as it reasonably serves the purposes for which it was collected as such purposes are stated in this Services Privacy Policy. This information may also be stored in backups.

‍

11. Changes to This Services Privacy Policy

From time to time, we may revise this Services Privacy Policy to reflect changes to the services or for other reasons. Therefore, it is important to check this Services Privacy Policy periodically. It is the obligation of those visiting this website to learn of changes to this Services Privacy Policy since their last visit. Any change to this Services Privacy Policy shall be effective once the modified Services Privacy Policy is made available on this website, and we will update the “Effective Date” accordingly.

12. Contact Us

If you have any inquiries regarding privacy at Cadent, please send a message to privacy@cadent.tv with the subject line, “Services Privacy Policy”.