- To explain important disclosures about the way we use information that you share with us as Visitors, Platform Users, and End Users.
- To ensure that you understand what information we collect with your permission, and what we do and, most importantly, do not do with that information.
- To hold us accountable for protecting your rights and your privacy under this policy.
Highlights of what you’re consenting to:
- The transfer of your information outside of the country where you live.
For purposes of this policy:
“Personal Data” for non-residents of the European Economic Area (other than California residents) means any information that can be used to identify, contact, or precisely locate a person, including name, email, address, and telephone number.
“Personal Data” for residents of the European Economic Area means any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person. This includes IP address and advertising ID (IDFA/AAID).
“Personal Data” for residents of California means information that identifies a particular California consumer or household, including, without limitation, name, unique personal identifier, online identifier, geolocation data, professional or employment-related information, or other information as defined in the CCPA. This includes IP address and advertising ID (IDFA/AAID).
“Non-Personal Data” means information not included in the definition of Personal Data, such as pages or ads visited, time spent on pages, browser and device type, and referring and exit pages. For non-residents of the European Economic Area, IP address and advertising IDs (IDFA/AAID) are Non-Personal Data.
1. Information We Collect/Receive and How We Use that Information
In general, there are three categories of information we collect: (1) information that we can use to provide additional features and improved experiences if you choose to share that information; (2) information that we must have for you to use the Celtra Services; and (3) information collected from your interaction with the Celtra Services as an End User of a digital advertisement (hereinafter referred to as “ad” or “ads”).
When you provide Personal Data directly to us, this information is used by Celtra solely for the purposes identified at the point you provide it. Information we collect may be transferred, stored, used, and/or processed as follows:
I. Contact Information. When you contact us through the “Contact Us” page on the Website, register for a Celtra-sponsored marketing event either using a landing page or event management provider, or become a Platform User of the Celtra Services, you will be asked to provide us with certain Personal Data about yourself which may include your name, email address, job title, name of your organization, mailing address, or telephone number.
Consistent with any permissions you may have communicated to us, we may use this information to directly communicate with you for marketing and promotional purposes via emails, notifications, or other messages, and to communicate with you for research purposes including via emails, notifications, or other messages. Platform Users may also receive communications concerning Celtra product updates, training sessions, or events or webinars. If you want to stop receiving such materials from Celtra, you can change your profile settings within the Celtra Services or follow the unsubscribe instructions at the bottom of each email.
II. Billing Information. In certain circumstances, to use the Celtra Services, you may be required to provide additional information which may include a credit card number, expiration date, billing zip code, activation code, and similar information (“Billing Information”).
Celtra uses this information to process payments. In certain circumstances, Celtra uses third-party service providers to manage credit card processing. These service providers are not permitted to store, retain, or use Billing Information except for the sole purpose of credit card processing.
III. User Activity Data. In an ongoing effort to improve the Website and the Celtra Services, we automatically collect certain information when Visitors visit the Website and when Platform Users use the Celtra Services (collectively, the “User Activity Data”). This information may include IP address, browser and device type and language, referring and exit pages and URLs, date and time, amount of time spend on pages, what sections of the Website Visitors visit, and other, similar aggregate user data concerning your use of the Website and the Celtra Services.
We may use this data to manage and improve your experience using the Website and the Celtra Services. In some areas of the world, certain User Activity Data may be Personal Data. Where this is the case, we comply with applicable laws regarding our use and processing of Personal Data.
IV. Service Data. In connection with providing the Celtra Services and serving ads to End Users, Celtra collects system connection information, such as the incoming IP address for each End User (“Service Data”). In locations where Service Data constitutes Personal Data, Celtra acts a Data Controller and utilizes this data for legitimate business purposes, including, without limitation, maintaining platform security and availability, fraud detection, and resolving ad serving errors.
V. Ad Interaction Data. When End Users interact with ads generated using the Celtra Services, we may collect information on behalf of Celtra’s customers which may be the advertiser, publisher, advertising agency, and/or their agents. Data collected through interaction with the Celtra Services may include time spent viewing an ad, page views, video views, number of ads clicked, IP address, device ID, GPS coordinates, advertising identifiers (IDFA/AAID), Personal Data that you affirmatively elect to share with us through text field forms, and other information about your interaction with the ads (“Ad Interaction Data”).
With respect to Ad Interaction Data, Celtra is acting as a “Data Processor” on behalf of our customers, which may include the advertiser, publisher, and/or their agents who are the Data Controller of your data who may use this information for their lawful advertising purposes to provide you with a more tailored online advertising experience. We may also use the information internally to improve the functionality of the Celtra Services.
2. Sharing and Disclosure of your Personal Data
We may share your information at your direction or as described below at the time of sharing.
I. Customers. We share User Activity Data and Ad Interaction Data with our customers who may use this information for their lawful advertising purposes to provide you with a more personalized online advertising experience. We follow customer instructions concerning sharing and disclosing this data, including any applicable terms in our customer agreement or customer’s use of the Services.
II. Third-Party Service Providers. Celtra may share your information with Third-Party Service Providers that support us in delivering the Celtra Services to our customers. We may also share your information with companies that help us operate and market the Celtra Services, such as to bill our customers, analyze our Website Visitors, provide customer and technical support, database, analytics, and hosting services, and other operational support. We ensure that such service providers are contractually required to protect your Personal Data at all times.
III. To Comply with the Law. Celtra may disclose your information to courts, law enforcement or governmental authorities, or authorized third parties, if and to the extent we are required to do so by law, regulation, or legal process.
V. To Enforce Our Rights, Prevent Fraud, and for Safety. Celtra may use Personal Data to protect and defend the rights, property, or safety of Celtra or its customers, including enforcing contracts or policies, or in connection with investigating and preventing fraud or security issues.
VI. Corporate Affiliates. Celtra may share data with its corporate affiliates, parents, and/or subsidiaries.
VII. Other. Celtra may also may disclose your information under circumstances not mentioned here with prior consent of the person or third-party that submitted the information to us.
3. Your Choices
In some areas of the world, cookies and other identifiers may be Personal Data. Where this is the case, we comply with applicable laws regarding our use and processing of Personal Data. Except in the case of residents of the European Economic Area, by accessing and using our Website, you consent to the use of the cookies and other technologies described above. Residents of the European Economic Area will be able to accept or reject cookies each time they access the site.
II. Marketing Communications. You may choose to sign-up for marketing or other communications from Celtra on the Website. Should you choose to unsubscribe from any lists for which you registered, you may do so by following the instructions on how to unsubscribe provided in all Celtra communications or by emailing firstname.lastname@example.org.
4.Your Rights & the EU General Data Protection Act (“GDPR”)
We are committed to GDPR compliance when enforcement begins on May 25, 2018. If you are a resident of the European Economic Area, you have the following rights with respect to data for which Celtra is the Data Controller:
- The right to request access to, or ask us to provide you with copies of, Personal Data that we hold about you at any time, which may be subject to a fee specified by law for processing your request (but not for making a request for access). If Celtra is the Data Controller with respect to your data, we will respond to your request within a reasonable period, and if Celtra is the Data Processor with respect to your data, we may redirect your request to Celtra’s customer acting as the Data Controller with respect to your data. We may decline a request for access to Personal Data in circumstances prescribed by relevant privacy laws. If we decline a request, we will provide you with a written notice that sets out the reasons for the refusal (unless it would be unreasonable to provide those reasons) and provide you with a statement regarding the mechanisms available to you to make a complaint;
- The right to ask us to delete any Personal Data that we hold about you free of charge, unless we are required to maintain a copy of this data pursuant to applicable law;
- The right to ask us to update and correct any out-of-date or incorrect or inaccurate Personal Data that we hold about you free of charge. We will take reasonable steps to correct the information so that it is accurate, complete and up to date. If we refuse to correct your Personal Data, we will provide you with a written notice that sets out the reasons for our refusal (unless it would be unreasonable to provide those reasons) and provide you with a statement regarding the mechanisms available to you to make a complaint;
- The right to opt out of any marketing communications that we (or any third-party to whom we have disclosed your Personal Data with your consent) may send you or to withdraw your prior consent or object to any further processing of your Personal Data;
- The right to request information about any automated decisions made using your Personal Data that have legal consequences for you or which significantly affect you; and
- The right to lodge a complaint with your local Data Protection Authority concerning Celtra’s processing of your Personal Data.
If you wish to exercise any of the above rights, send us an email at email@example.com headed “Data Subject Request.” Before we process any request, we may ask you for certain Personal Data to verify your identity, and in situations where Celtra is the Data Processor, consult with the Data Controller of your data. Where permitted by local law, we may reject requests that are unreasonable or impractical. Please allow us a reasonable time to respond to your inquiries and requests.
5. Security of your Personal Data
Celtra uses reasonable technical and organizational security measures to safeguard Personal Data that is submitted to us voluntarily through our Website or the Celtra Services or collected through interactions with the Celtra Services. However, no security measures are perfect or impenetrable. We cannot control the actions of third-parties with whom you elect to share your Personal Data and we cannot accept liability for improper access to that data. We cannot guarantee that only authorized persons will view your Personal Data. We cannot ensure that information you share on our website and/or through the Celtra Services will not become publicly available.
6. Important Notice to All Non-U.S. Residents
Our servers are located in the US. If you are located outside of the US, please be aware that any information provided to us, including Personal Data, will be transferred from your country of origin to the US. Your decision to provide data to us, or to allow us to collect such data through our Website or the Celtra Services, constitutes your consent to this data transfer. If you do not consent to this data transfer, do not submit Personal Data to Celtra. If you would like Celtra to access, correct, amend, delete, or export any Personal Data that you have shared with Celtra, please email firstname.lastname@example.org.
7. California Privacy Rights
This section provides additional details about the personal information we collect about California consumers and the rights afforded to them under the California Consumer Privacy Act (“CCPA”).
Subject to certain limitations, the CCPA provides California consumers the right to request to know more details about the categories or specific pieces of personal information we collect (including how we use and disclose this information), to delete their personal information, to opt out of any “sales” that may be occurring, and to not be discriminated against for exercising these rights.
California consumers may make a request pursuant to their rights under the CCPA by contacting us at email@example.com or toll free at 1-833-457-0177. Celtra will verify your request using the information associated with your account (if any) or any other information you provide to Celtra to facilitate this search. Government identification may be required. Consumers can also designated an authorized agent to exercise these rights on their behalf.
8. Australia Privacy Rights
In addition, the following information applies to you:
I. Anonymity and Pseudonymity. If you are making a general enquiry only, you may deal with us on an anonymous basis or through the use of a pseudonym. However, we will not be able to provide you with any specific information about your Celtra account if you fail to identify yourself to us.
II. Overseas Disclosure. Personal Data provided to us by Visitors, Platform Users, and End Users in Australia may be disclosed to third party service providers located outside Australia, including in the US, including providers of cloud or other types of networked or electronic storage.
Although these third parties are subject to privacy and confidentiality obligations imposed by contract or the regulatory frameworks of the jurisdiction in which those third parties are located, you acknowledge that:
- they may not always comply with those obligations, or those obligations may differ from the obligations imposed by privacy and data protection legislation in your jurisdiction; and
- the third party may be subject to foreign laws which might compel further disclosures of personal information (e.g. to government authorities).
IV. Queries, Concerns and Complaints. If you have any queries, concerns or complaints about the manner in which we have collected, stored, used or disclosed your personal information, please contact the Privacy Officer using the details below:
Celtra AUS Pty Ltd
545 Boylston Street, 11th Floor
Boston, MA 02116
We will treat your complaint confidentially and, after investigating your complaint, discuss the ways in which we can remedy the situation. We will ensure that we respond to your complaint within a reasonable time (and in any event within the time required by the Privacy Act).
9. Third-Party Social Media Features
10. Children’s Privacy
The Website is not intended for children under 13 years of age. You must be at least 13 years old to use the Website and/or the Celtra Services. We do not knowingly collect Personal Data from any child under 13 years of age. If you are under 13 years of age, do not use the Celtra Services and do not provide any Personal Data to us. If you are a parent of a child under 13 years of age and become aware that your child has provided Personal Data to Celtra, please contact us at firstname.lastname@example.org and you may request access, correction, deletion, and/or objection rights.
11. Links to Other Sites
Our Website and the ads we serve on behalf of customers may, from time to time, contain links to external websites. Celtra encourages you to review the privacy and security policies of any externally linked websites whose information practices may be different from ours. Celtra assumes no responsibility or liability for the information, collection, and disclosure practices of any external websites that a Visitor can access through the Website or the Celtra Services. Please check the privacy policies of these external websites before you submit any Personal Data or other information to them.
12. Contact Information
545 Boylston Street, 11th Floor
Boston, MA 02116
Kongresni trg 3
1000 Ljubljana, Slovenia
Toll Free: 1.833.457.0177
A note to data subjects residing in the European Economic Area: If you are not satisfied with our response, or believe we are processing your personal data not in accordance with the law, data subjects covered under the GDPR framework have the right to lodge a complaint with a supervisory authority in the Member State of their habitual residence, place of work, or place of the alleged infringement.