smartclip Privacy Goals
Online advertising is currently in the focus of the public discussion. Recent press about the manipulation of elections and political decisions of internet users on social media sites like Facebook have shown, that the threat of user data being abused for particular interests of unnamed actors is real. Unfortunately we also observe, that while born as a medium of free and unlimited information exchange, the internet is now turning into a means of user superveillance and governmental control in a growing number of countries. Therefore it is our strong believe at smartclip, that any usage of user data for commercial purposes (like online advertising) has to follow strict ethical standards to avoid any abuse by third parties.
We still think, that online advertising is an important pillar to maintain a free and open internet for everybody. We do not think, that an internet, where all relevant and high quality content is hidden behind paywalls is something we should aim for. Therefore keeping online marketing attractive for advertisers, while at the same time ensuring a pleasant and safe advertising experience for the end user remains our main goal.
To be able to keep online advertising attractive, the usage of personal data from end users who are visiting the websites of our publisher partners is required. Basic functionality, e.g. avoiding that you see the same advertisement all the time, but also more sophisticated functionality, e.g. showing only relevant and interesting advertisements to you, requires the usage of cookies - which are currently demonized to some degree. Unfortunately, the public discussion here lacks differentiation. It is a myth, that using user information for online advertising inevitably means to stalk users on every step they take or every click they do. Technically, it is absolutely feasible to strictly limit the usage of information about users to a degree, which makes it completely impossible for any third party to abuse this data or to relate it to any real world individual.
And this is exactly what we are aiming for at smartclip:
We want to enable an attractive online advertising experience for both end users and our advertising clients for the benefit of a free and open internet. To do so smartclip will make usage of personal data, but only with regards to anonymous identifiers (e.g. stored in cookies) and only to an extent, that makes it impossible to relate this information to any real world person. smartclip does not and will not process or use data like email addresses, names, phone numbers, etc, which directly refers to named individuals.
Overview smartclip Technology Platforms & Applications
smartclip is operating a proprietary technology platform (usually referred to as SmartX or ATVx) which helps publishers and broadcasters to monetize their offerings by displaying interactive advertising.
Advertising on Web & Mobile Devices
Here is the the general functionality for serving advertisements on web and mobile devices:
The key workflow is triggered by a user, who is visiting the publisher’s website by requesting the website URL through the browser.
When the website is displayed in the browser an ad tag from smartclip is executed, which triggers a request (“adrequest”) to the smartclip adserving SSP / adserving system (“platform”) to receive an advertisement from smartclip.
smartclip is cooperating with different 3rd parties to ensure a sufficient amount of campaigns and thus monetization for the publisher:
If there is no eligible campaign in the smartclip platform, smartclip is forwarding the adrequest to Demand Side Platforms (“DSP”) which are aggregating advertiser campaigns for delivery on 3rd party websites.
If a creative from a 3rd party DSP has been selected and delivered to the user by the platform the DSPs again might trigger other 3rd party services (e.g. for audience or brand safety measurement).
For any creative shown, smartclip is also triggering requests to 3rd party brand safety measurement vendors, which are measuring the compliance of the website and the creative displayed with the expectation of the advertisers.
Furthermore, smartclip is synchronizing anonymous user IDs with 3rd party Data Management Platforms (DMPs) and also with the DSPs to be able to match users to user information on that 3rd party systems.
After the ad delivery process smartclip is aggregating the amount of delivered creatives incl. certain standard KPIs (e.g. click through rates, view through rates etc.). This information is used to invoice the advertisers and DSPs and to distribute the collected revenue share to the publishers.
Advertising & Analytics on Smart TVs
Business Model (applies for Germany, Italy)
smartclip is cooperating with TV broadcasters to offer two main services:
Reach & activity measurement of TV consumption of the broadcaster operated channels (only on SmartTV sets, connected to the internet with activated HbbTV services).
Delivery of graphical or video advertising on top of the linear TV signal.
smartclip is cooperating with advertisers to offer two main services:
Delivery of graphical or video advertisements on the aggregated channels of smartclip’s broadcaster partners.
Targeting & selling digital advertising on web & mobile devices, which can be associated with a TV set with digital advertisements related on TV viewing information of the TV set (household targeting).
When a TV set (HbbTV activated & connected to the internet) is switching the broadcaster channel which is cooperating with smartclip, the broadcasting signal contains a URL, which is triggering the TV set to load an application from a smartclip server.
The application allows smartclip to steer the delivery of advertising (by triggering the adrequest with the process described above). The application also triggers a signal, when the user switches in or away from the channel and every two minutes a heartbeat signal, as long as the channel is switched on.
Broadcasters can send the eligible time frames, in which smartclip is allowed to deliver advertisements, via an API to smartclip.
After an anonymization process smartclip is storing the times a TV set has been switched in to a channel and merges this information with the EPG information of the broadcasters. This enables smartclip to select & target anonymized TV devices based on viewing behavior.
Differentiation to the SpotX Technology Platform
smartclip is proud to have been merged with SpotX - the world biggest independent platform for digital video advertising. Still smartclip and SpotX are operating two different technology platforms which are closely integrated to each other. Although SpotX and smartclip are following a unified privacy protection approach and philosophy, all descriptions, policies, processes etc. are solely referring to the smartclip platform, which is operated in Europe.
For more information about privacy related to the SpotX technology, SpotX has set up its own privacy information page under https://www.spotx.tv/privacy-policy.
SpotX and smartclip have furthermore formed a privacy guild, which is fully focused on a sustainable implementation of strict privacy protection within the whole company. You can find more general information about our GDPR activities on the SpotX corporate blog https://www.spotx.tv/resources/blog (search for the keyword GDPR).
Purpose of Data Collection - why do we collect personal data?
The usage of audience data is to one part technically mandatory to achieve a good advertising experience for you as a website visitor, but it also supports the efficient usage of marketing budgets by advertisers. Hence, not only publishers but also advertisers have a commercial interest in online marketing supported by audience targeting algorithms.
Storing anonymous identifiers
Anonymous identifiers are stored by your browser in cookies which are small files created in a specific directory on your device. Cookies are usually created automatically, but you can adjust the behaviour and even delete your cookies manually if needed.
Usage of anonymous identifiers
Data collection for steering the displaying of advertisements to website visitors, app users or TV viewers
The most important purpose of using anonymous identifiers is to be able to control and count the amount of advertising which is shown to the users on their web, mobile and TV devices. We use identifiers for:
Controlling the frequency of how often the user is seeing the same advertisement (frequency capping)
Counting impressions, clicks and viewing completion rates of advertisements
Counting the unique number of users / devices who have seen a certain advertisement within a certain frequency
Being able to prefer users in advertising delivery who are likely to interact or fully view an advertisement
Being able to prefer users for ad display who seem to belong to a certain age range or gender based on websites these user prefer. Goal is to show more relevant advertisements.
What you can see from all those purposes of data collection, is that you as a user benefit from it, especially by not being bothered by the same advertisement dozens of times or seeing irrelevant ads, e.g seeing an ad for diapers while being a silver haired single. This is directly contributing to a positive internet usage experience for you.
Being able to count impressions, clicks and to measure ad consumptions are important functionalities for advertisers as well. They are paying publishers for every ad they show and need to have reliable numbers for this. Also advertisers need to understand how users are interacting with their creatives, because also advertisers want to present entertaining advertisements which are able to gain the user’s attention.
How does that work?
Do you think this sounds scary? Well, the technology behind it is really simple and harmless. The only thing we do, to enable all these purposes mentioned above, is to set a cookie on your browser or by using the advertiser ID which is created by your mobile device.
The reason why we need this ID is very simple: since we do not know who you are, we still need to be able to recognize you, when you are having contacts to smartclip ads to understand, if you have seen an advertisement already.
Storing an anonymous number in your browser or using the replaceable Advertisement ID of your device is a very simple way to do that. Since the number does not tell us anything about your name, email address etc. it is also a user and privacy friendly way to enable this. These IDs are just randomly generated numbers, which are completely unrelated to any data, which would allow us (or anyone else) to identify you as person. No one can use the ID to figure out who you really are.
Building interest profiles on user contacts with certain websites, apps or TV shows (only used at smartclip Germany)
Now it is time to talk about the scary stuff - building user profiles based on their surfing behavior. Exactly that stuff casts dark shadows on online advertising. The nightmare scenario related to that, is usually a dark vision of soulless intelligent machines, which are tracking every step the users takes and every action they do on their devices and use this information to build the fully transparent human being - influenced by secret algorithms to make them to will-less consumers …
You think, that this is a nightmare? Well, we completely agree! Therefore, we have a chosen a very careful approach to building behavioral profiles. We strictly limit this to the absolute minimum we need to be able to accomplish that advertising opportunities are used efficiently and not wasted for showing irrelevant ads. We have spend a lot of thinking in finding a way to build these individual profiles, but to make sure that they remain irreversibly anonymous. We will describe in the following paragraphs what we do and how the data is used.
The idea and algorithm behind this profiling activity is very simple. We try to guess your general interests by remembering, on which websites you have seen an advertising from us. A simple example: let us assume our system has observed, that you have seen three times an advertisement from us on the website “cars.com” within the last 30 days. In this case it is likely, that you are interested in cars and to some degree it is more likely that you are male than a female. In this case it might be interesting for a car advertiser to preferably display ads to users, who share this behavior. These users are assigned to a so-called segment by the campaign manager at smartclip. Later on this segment can be used to show advertisements by this car advertiser.
The same mechanism is applied for TV shows viewed by the users on Smart TVs which are enabled for HbbTV. smartclip is also creating anonymous user IDs for TV devices, which are stored in cookies as well. Whenever a device is switched to a broadcaster station, which is cooperating with smartclip, we know which program is shown and can build segments of users, who e.g. like cooking shows or news.
It is very important to note, that these segments are created advertiser-specific by manually defined rules. We do NOT permanently try to put you into behavioral “baskets”. Instead we only do this, if it is relevant for a certain advertiser. Furthermore, we do not know for sure, if you e.g. are a male for a female. If you are surfing sites about beer frequently, there is a higher chance, that you are male. But still this prediction is only a guess. Also, these segmentations are only temporary and usually “forgotten” after 30 days. We only keep segment information for longer periods, if needed for long running or repeating campaigns.
How does segmentation work technically?
Actually the technical approach again is based on anonymous user IDs. I.e. we just use the randomly generated number to recognize a device and put it into a specific segment basket for typical one time use. For us the only information we know about “you” is in fact a cryptic user ID as shown above, with cryptic segment IDs, which your user ID has been qualified for. None of these IDs could be used to resolve your name, email address or anything else.
Are anonymous identifiers really ensuring anonymity of your data?
Yes, there is practically no way, we could find out who you are by looking at the anonymous user ID. It would require us to have physical and software access to all devices which have been in contact to smartclip ads and to identify who is owning and using them. Then we would need to read the device IDs stored on all of them to finally find out, which one of those is yours. We hope you agree, that this is practically impossible. That is also the reason, why you should be skeptical, when cookies are demonized in the public discussion about online marketing. If cookies are used in a responsible manner, there is absolutely no privacy risk attached to it for the end user.
However, there is an Achilles heel in the game, which is the IP address, from which your device is calling the ads from our servers. The IP address is required in any internet communication and therefore transferred in adrequests to our systems. Since IP addresses of users normally are provided by ISPs or telecommunication companies to you, it would be possible to use the IP address to find out who you are. To do so, we would still need to force the ISP company by legal means to disclose your name to us. However this scenario is much more likely than smartclip employees breaking into millions of houses. Therefore the IP address needs to be treated with special care to make sure, you anonymity is safely protected. How we make use of IP addresses and what we do to protect your anonymity is described in the next section.
Usage of the IP address
As described above the IP address is transferred to the smartclip systems in the moment where an advertisement is requested from a user device. smartclip is using the IP addresses for four different purposes.
Resolving the geographic location from the user’s device
Some advertisers are selling their products only in certain countries regions or cities. For this reason advertisers want to avoid, that advertisements are shown in regions, where their products are not sold, because this would be a waste of money. The IP address can be used to roughly determine the geographic location of a user. By this users can be targeted on country, state and (with limited accuracy) also on a city level/postal code level. For this purpose smartclip resolves the IP address to a geographic location by using an external geographical database. The IP address is also forwarded to sub-processor and buying partners for this purpose.
Unfortunately, advertising fraud has become a serious problem in online marketing. Ad fraud usually means, that advertisements are displayed on artificial websites, where impressions are artificially generated and not by real human beings. The damage from fraudulent advertising is serious and estimated to be in the range of hundreds of million USD per year. To detect such fraudulent sites, the IP address plays a vital role. Botnets, which are inducing ad fraud are usually working with a limited range of IP addresses. For this reason IP addresses are so important for fraud prevention. Also buying partners and smartclip sub-processors are relying on the IP address for fraud detection.
Building group of devices associated with a TV set
One of the unsolved problems in digital marketing is the ability to optimize advertising frequencies for individuals across different device groups (like TV, web and mobile devices). I.e. it is currently not reliably possible to optimize ad delivery to the same individual on the TV set and other devices at the same time.
To give a simple example - let us assume an advertiser knows, that his ads for a certain product should be seen by a user 5 times to make him aware of the advertised product. With the current state of technology this cannot be achieved across TV and web devices at the same time. Since ad delivery systems for TV and web devices usually are different technologies, an overall optimization so far has not been possible. I.e. up to now the system for the delivery on the TV system could not “know”, that a user with a particular user ID has already seen the specific ad 3 time on his web device and therefore only needs 2 additional ad contacts on TV. This led to substantial inefficiencies for advertisers, since they could not reliably plan their campaigns and often reached not enough users or had too many ad contacts per user because of this technical shortfall.
smartclip has developed a technology which supports the delivery of advertisements on TV and web devices through the same platform. With this it became possible to optimize campaign delivery across TV, web and also mobile devices. However to be able to identify which web or mobile device belongs to a TV set, smartclip needs to match the different devices. For this purpose smartclip is using the IP address as well. When a TV and a mobile or web device are reaching the smartclip system from the same IP address smartclip assumes, that these signals are coming from the same household and establishes a connection between the TV set and the web or mobile device.
How do we make sure that data remains anonymous when using IP addresses?
The potential vulnerability of user privacy by processing the IP address has been addressed early on by smartclip. We have built several layers of protection to make sure, that anonymity is granted for users, who are getting in contact with smartclip advertisements.
Protection Layer 1: IP address anonymization service
smartclip has separated the processing of the IP address for geographic location and device matching from the ad delivery system. I.e. before the IP address reaches smartclip’s core system, where data is stored, it is shortened and hashed by an anonymization service. This service only determines the geographic information. Afterwards the service truncates and encrypts the IP address, before it is passed on to the smartclip core system. The original address is not stored and dropped after the encryption. By this the only information stored on smartclip servers cannot be restored anymore to the original IP address. Hence, the only piece of information, which could be used to identify you as a real world person is irreversibly destroyed.
Protection Layer 2: Grouping of IP addresses before matching devices
Since building connections between devices is nothing a user would naturally expect to happen, when surfing the internet or watching smart TV, smartclip has put specific attention on the full anonymization of any device matching. Again the IP address is is the critical data point. Since the IP address is used to do the matching, it would be relatively easy to assign a household to real world persons and to conclude on their interests and behaviors. Therefore smartclip has built in a safety mechanism, which completely prevents that.
Again the mechanism is quite simple - we are not matching devices based on single IP addresses, but only based on groups of five IP addresses at the same time.
Let’s explain that in more detail - assume we would live in a world of only 5 TV sets and 5 mobile devices (with each mobile device belonging to exactly one TV set) and with only 5 IP addresses (e.g. like 120 / 121 /122 / 123 / 124). If we now would use a single IP address for matching the TV set with a mobile devices, we would get scaringly precise information. We could exactly determine, which real world TV set is belonging to which mobile device and to which IP address. I.e. we would build exact profiles per person. However, we are in a totally different game, if we are not using single IP addresses, but instead do the match on 5 IP addresses at the same time (i.e. here we would count all IP addresses which start with 12x as a match). Now the matching is totally vague. We are not anymore able to determine which device group is coming from which IP address. And this exactly is, what an anonymization mechanism has ensure: that no conclusion to a determinable individual is possible.
Protection Layer 3: Minimizing the usage of the remaining data
For building these cross device profile we are again minimizing the usage of your data. We are also only matching devices around TV sets and do NOT try to find out if e.g. a mobile and a PC are connected without the reference to a TV set. I.e. if we are building TV usage profiles like described above, we are only building them for a group of devices, as a whole, but not for you individually. By this we are making the collected information even more fuzzy, which again prevents, that anybody could conclude on you as an individual from our data. You again remain completely anonymous.
No usage of smartclip data for user scoring or automated contract decisioning
Just for the sake of clarity: None of the anonymous user profiles, which smartclip is generating is used for any decision making or scoring related to automated decision making processes (e.g. online loans, ecommerce transactions etc.). The data we are collecting is fully anonymized and cannot be related to you as a real world individual.
Legal Base for Processing User Data
Cookie Opt in / Opt Out in accordance with the national implementation of the ePrivacy Regulation of 2008 (Directive 95/46/EC)
Cookies set by websites or apps from publishers or broadcasters who are working with smartclip
The ePrivacy Regulation from 2008 determined the currently valid regulations for the usage of cookies for online marketing. This regulation has been implemented differently within the countries belonging to the European Union. Some countries are still considering an opt out possibility to be sufficient, while in many countries so-called “Cookie banners” or “Cookie walls” have become the market standard for the usage of cookies. Although with the new GDPR many privacy regulations have been changed, the current ePrivacy guidelines remain valid legislation. Therefore, you should still see cookie walls or being offered opt out opportunities when surfing the web.
For most of the data smartclip is handling, smartclip is acting as a processor, i.e. the data is sent to smartclip from websites, apps or smart TVs which are operated by other companies (referred to as “publishers” in the following). smartclip is only processing data from these companies if a valid data processing agreement is in place, which also foresees the obligation of the publisher to only send data to smartclip, for which the publisher has requested a cookie opt in or opt out possibility, in accordance with the regulations and practices in your country.
If you feel, that information about you is stored without your consent or sufficient information, we recommend you to check your browsing history, if websites or apps you have visited are providing sufficient information or cookie guidance (in line with the regulations for cookie consent in your country). In cases, where publishers do not provide sufficient cookie information, please address that with the publisher directly. You can also notify us in these cases, if such a publisher is displaying advertisements from smartclip by sending an email to the following email address: firstname.lastname@example.org.
It is pretty easy for you to check, if you have been in contact with advertisement from smartclip. You just need to open the browser you are using for surfing the internet and look for the browser settings. There should be a “privacy” or “browser data” section, where you can find which internet domains are storing cookies on your device. If you find a cookie originating from “smartclip.net” this points to a contact to a smartclip advertisement. You can easily delete this (and all other cookies) in your browser. Once you delete your cookies, the formerly provided user ID is gone and cannot be related to information stored at smartclip anymore. If you should see cookies from smartclip.com, then those are just session cookies you have obtained, when visiting our website or our privacy portal, which is hosted in Germany.
Cookies which are set on TV devices are based on the permission to set them obtained by the broadcaster directly from you. This is usually the case when you are using so-called “red button applications” on your smart TV. Usually you are invited to use them, when you are switching to a broadcast station, which is offering these services. They should point you to the terms and conditions and their privacy statement, when using them. Usually here you will find all informations where and why cookies are set.
In some cases smartclip is integrated directly into the broadcaster channel to display advertising and to do TV consumption analytics as described above without any red button application involved. In these cases smartclip has informed you when switching in to the channel, the first time our application is launched or is pointing to the privacy terms when presenting an advertisement to you (in Germany). You can still open up our privacy terms on your TV set any time when switched in to these channels by pressing the blue bottom of your remote control. From there you can also opt out from our measurement service any time you want. Furthermore, we are pointing at our privacy terms every time, we are presenting an advertisement to you.
Behavioral segmentation and IP address usage based on legitimate interest according to Article 6.1 lit. f GDPR
smartclip is cooperating with website owners or website aggregators (“publishers”) to sell digital video advertising on the publisher’s website. For doing this smartclip is usually receiving a certain share of the advertising revenue, which has been generated for a publisher. These activities are important pillars for publishers to refinance the production of video and website content you mostly can consume free of charge.
Online advertising has become an established marketing channel, meanwhile accounting roughly for 20% of all advertising spendings. Therefore, it is not only an important means of advertisers to reach audiences with marketing messages, it also became a very important income stream for publishers to monetize their content and provide internet services free of charge for their users. That means smartclip and all involved business partners have a comprehensible and legitimate interest to make use of the personal data.
smartclip is processing anonymous identifiers and IP addresses solely for the purposes, which have been described above. For every data point smartclip is using, the relevant use cases have been defined and an assessment has been conducted if the interest of smartclip in using that data point is in balance with the user interest in privacy. This assessment has been discussed and audited by external privacy experts and auditors. smartclip is not processing name, email addresses or sensitive data categories according to Article 6.1 lit. f GDPR. smartclip is not consciously or specifically collecting data from children.
It is smartclip’s explicit goal to limit the usage of personal data to such a minimum, that the anonymity of the end user remains protected at all times. Therefore, smartclip’s usage of personal data does not create any potential threat to our data subjects. Even in the case of data leaks or data losses in smartclip’s system, the affected data could not be reassigned to identifiable individuals. We strongly believe, that with this “privacy by design” approach, we are fully respecting and protecting the interest of our users in their privacy.
Which data is stored, where and how long?
smartclip is storing personal data only when necessary and only as long as reasonably needed to conduct its regular business. smartclip is not storing IP addresses, but only their truncated and encrypted hashes.
IP address hashes and anonymous identifiers related to advertising contacts (i.e. adrequest, bidrequest, impression and click data) are stored in log files. Log files are required for smartclip’s advertising and publisher partners in cases of disputes. Log files contain the user ID, browser, date, time, website url, hashed IP address, operating system and device type on which the advertisement has been shown. If advertisers or publishers are counting deviating numbers of ad impressions, this can lead to disputes about the payments to make to or from smartclip. In such cases log files are the only means of proof to validate the accuracy of smartclip invoices or credit notes. Log files are also required to generate aggregated reports about advertising campaign delivery on websites, which are provided to smartclip’s clients. In cases, where the data aggregation fails, server log files are needed to restore this information. We are storing log files for a term of four months. Usually reporting issues or invoice disputes are not occurring later than that period.
Anonymous identifiers and their assignment to segments are stored in a key value database and for TV analytics within specialized analytical databases. User IDs stored in cookies and the related information are deleted 30 days after the last contact. Cookies on TV devices are set for a lifetime of 1 year. We are using longer expiration periods, because we need the cookies on TV sets to manage opt in or opt out information. Cookies which are storing opt out information are set for a lifetime of 10 years. Raw data in our TV analytics database is stored for 45 days. As written above segmentation cookies are set for campaign specific periods usually in the range of 30 to 90 days.
Data Processing outside the European Union
smartclip itself is not processing personal data outside the European Union. smartclip is hosting its infrastructure on Amazon Webservice only in data centers in Germany and Dublin. However smartclip is working with sub-processors and companies, who are processing data on servers within the United States. This processing is happening based on appropriate safeguards and binding corporate rules according to Articles 46/47 GDPR. For more information please visit the sub-processor web pages as listed in our privacy portal below.
Recipient categories of personal data from smartclip and purposes of processing
smartclip is cooperating with different 3rd parties to ensure a sufficient amount of campaigns on our publishers and broadcaster inventories.
Agencies and direct advertisers
Agencies and direct advertisers are booking campaigns to run on inventory sold by smartclip. Partly, agencies and advertisers are using 3rd party technology to deliver the advertisements on the pages of smartclip publishers (so-called agency adservers). In these cases the adrequest is forwarded from the user’s device to the agency adserver, which is then serving the ad to this user.
When the adrequest is forwarded to the agency adserver, the IP address of the users device is also transferred to this system. Furthermore the agency adserver can also set cookies on the user device. The creative which is served to the user can also contain links to other third party systems. Therefore adserving through agency adservers can be a door opener for the undesired leakage of personal data to third parties.
smartclip is applying three different approaches to prevent this kind of data leakage:
Whitelisting of 3rd party adservers and measurement systems by closing own data processing agreements with these companies
Here smartclip is entering into direct relationships with relevant third parties and agrees with them if and to which extent personal data coming from smartclip systems is used. This provides a contractual framework and control rights for smartclip to avoid undesired data usage. smartclip will then generally allow adserving from and using these 3rd parties within creative code.
Direct agreement with agencies or direct advertisers with an agreed framework for personal data usage
Here smartclip is entering into direct relationships with the agency or the advertisers and agrees with them if and to which extent personal data coming from smartclip systems is used. In this case the agencies or advertisers are agreeing on a list of 3rd party partners the agency will use. In this case all advertisements from the agency will be served by smartclip. Also here smartclip establishes a contractual framework with control rights for smartclip to avoid undesired data leakage.
Blocking of 3rd party trackers and links from unknown companies
If smartclip is having no contractual agreement with the 3rdy party or the agency, smartclip will mask links to and trackers coming from unknown third parties. The smartclip masking service prevents that IP addresses are transferred or cookies can be set by unknown or not whitelisted 3rd parties.
Demand Side Platforms (DSP)
Demand Side Platforms are important partners of smartclip. DSPs are used by agencies or advertisers (in the following referred to as buyers) to buy inventory for running their online campaigns. smartclip is selling advertising opportunities with an auction mechanism through these DSPs, i.e. if smartclip receives an ad opportunity from a web page or an app of a publisher, smartclip is forwarding this information to multiple DSPs in form of a bidrequest. The bidrequest carries all relevant information about the ad opportunity and is analyzed by the DSPs. If the DSPs are interested in the ad opportunity, they submit a bid for that ad opportunity to smartclip including a price offering. smartclip is then running an auction and will forward the ad opportunity to that DSPs, which has offered the highest bid price.
Within the bidrequest smartclip is transferring the anonymous user ID and the IP address to the DSPs. DSPs are using the information for the same purposes as described above and to optimize their bid price decisions.
To secure the data transfer to DSPs smartclip is closing data transfer or data processing agreements with the DSPs. These agreements foresee control and audit rights for smartclip and also are defining a framework to which extent the DPSs are using the personal data used by smartclip. Many of these DSPs are voluntarily undergoing external audits to confirm their compliance with the privacy legislation. It is worthwhile to note, that many of these DSPs are headquartered in the USA and therefore personal data can also be transferred outside the European Union. Please see our sub-processor and data partner list for more information.
As already described above agency adservers are used by buyers to deliver online advertisements through their own technology. The agency adserver comes into play, when smartclip has selected a campaign from the buyer, who is using it. In this case smartclip is forwarding the adrequest to the agency adserver and the adserver is displaying the creative on the device of the user.
The reason why buyers are using their own adserving technologies is mostly, that they want to be able to measure the campaign and creative performance by themselves to not solely rely on the reportings provided by smartclip or their DSPs.
As described above the agency adservers can set cookies on the user device and the creative code or configuration can contain links to unknown third parties. To avoid this kind of data leakage smartclip is entering into direct agreements with the agency adserving vendors to secure the data processing to their systems, but also to oblige these partner to only allow links in their creatives to third parties which have been whitelisted by smartclip.
Data Management Platforms
Data Management Platforms (DMPs) are serving two different purposes.
Enabling the segmentation of users based on behavioral information
This purpose has already been described above. Here DMPs only create segment definitions (e.g. “mark users which have visited a car website at least three times in the last three months”) and then allow the smartclip adserver to show ads to these users. Hence, here the DMP is acting as a pure technical enabler of user segmentation.
Aggregating users and user information from different sources and allow data sharing between different buyers
Here DMPs are doing more than pure technical enablement, but also serve as marketplaces for user segments. In this scenario DMPs are gathering user data from different sources (e.g. online shops, credit card companies, apps providers etc.) where users have agreed to the usage of their data. Either the DMPs then just enable the data sources to sell the user information to other buyers or the DMPs build overarching profiles for those users by merging the information from the different sources.
While the first purpose seems to be uncritical with regards to privacy, the bundling and reselling of data appears to be more sensitive. It is worthwhile to note here, that the trading of data is also completely anonymous, i.e. DMPs are not selling information about named individuals but only related to anonymous identifiers like smartclip is doing. Furthermore, if smartclip is using data from data partners this is limited to high level demographic criteria like age and gender and estimated income ranges. Therefore any data buying from smartclip is also following the principles of low profiling depth and strict anonymity. smartclip is also only working with a handful of selected partners - covered by data processing or data transfer agreements - where we can assume reliability and seriousity in the handling of any user data. If you should be worried about DMP partnerships, you should always have in mind that DMPs only know a fraction about you compared to Google or Facebook if you should be using them frequently.
Brand Safety and Viewability Measurement Providers
Unfortunately, advertising fraud has become a serious problem in online marketing. Ad fraud usually means, that advertisements are displayed on artificial websites, where impressions are artificially generated and not by real human beings. The damage from fraudulent advertising is serious and estimated to be in the range of hundreds of million USD per year. A softer form of ad fraud is to charge for online advertisements which have never been viewable for a user (e.g. at the bottom of a web pages where the user never scrolled to).
To detect fraudulent sites, the IP address plays a vital role. Botnets, which are inducing ad fraud are usually working with a limited range of IP addresses. For this reason IP addresses are so important for fraud prevention and used by these vendors. Other than that, these vendors do not build their own user profiles or are making any other use of the personal data transferred by smartclip.
Your rights as a Data Subject
The new GDPR has equipped you with substantial rights to prevent us (and anybody else) from making undesired use of your data. These are your rights as foreseen in the Art. 12-19 of the new GDPR:
You have the right to obtain information about if and which personal data from you is processed by smartclip.
You have the right to demand deletion of any personal data from you stored by us.
You have the right to request limiting the extent to which personal data from you is used by us.
You have the right to revoke any consent, which you have given in the past to process your data .
You have the right to receive any personal data from you, which is stored by us in a structured, commonly used and machine readable format and/or to have it transmitted directly from one controller to another one where technically feasible.
You have the right to submit complaints directly at the privacy supervisory authority which is responsible for smartclip in case you are having the opinion, that our data processing practices are violating relevant privacy legislation.
Please note, that for online marketing purposes we are not storing any information related to named individuals. All information we store are anonymous identifiers as well as hashed and truncated IP address information. Therefore, the correction or modification of data is not possible for us. In case of a limitation, rectification or change request we will simply delete your data.
How to get in contact with us for privacy matters?
If you have any personal questions you want to address via phone you can contact your local smartclip office during business hours. Please find the contact information here.
You can also reach our central privacy support team via email at email@example.com.
Submitting requests with regards to personal data from you stored by smartclip
Please note, that there are no formal requirements for submitting an information request to us. This can be done verbally or in writing. We still recommend to use our online contact form to do this. Here you can register with your email address and send us your questions, comments or complaints. Logging in will require an email validation, which gives us a minimum of certainty about the person who is requesting the information. In cases, where we do not have any data stored about you, we will respond to your submitted email address directly.
If we should find personal data about you in our systems, we will reach out to you, to receive a further verification of your identity before we are disclosing the information to you. This process is also protecting you from any of your data being disclosed to unauthorized and unknown persons.
We will store information requiries and our responses for 10 years in case of those being required for legal disputes.
Become forgotten / Opt Out
If you do not want your data to be used by smartclip anymore, please follow this link or click on the Out Opt menu item.
If you are using different web browsers and devices for surfing the internet, for a fully working opt-out, you need to visit this link from every browser and every device you are using.
To trigger an opt out from your TV device, press on the blue button of your TV remote control. If your are using a red button application on your smart TV or an advertisement is displayed, you should see a hint on how to open up the privacy section. There you will find instructions how to opt out on your TV device.
smartclip is also part of the EDAA youronlinechoices.eu initiative. Here you can manage your opt in/opt out preferences globally for all major European online marketing companies.
Important Legal Contact Information
Controller for data processing at smartclip
(also acting as a Processor on behalf of local smartclip entities)
smartclip Holding AG
Kleiner Burstah 12
Telefon: +49-40-6887 687 - 0
Telefax: +49-40-6887 687 - 20
Jean-Pierre Fumagalli, Roland Schaber, Thomas Servatius
Chairman of the supervisory board:
Processors / Sub-Processor
Address & Representation Local smartclip Entities
Contact Information Data Protection Officer
Represented by Prof. Dr. Christoph Bauer
Große Bleichen 21, 20354 Hamburg
This is the contact information of ePrivacy GmbH who is acting as external Data Protection Officer for the European smartclip Holding. ePrivacy GmbH has also been appointed as the Data Protection Officer for all smartclip subsidiaries across Europe. Please note, that ePrivacy GmbH is located in Germany. You can still submit privacy related questions in local language at your local smartclip office. Please find the contact information here or centrally at the email address: firstname.lastname@example.org.
Contact Information Privacy Supervisory Authority
Der Hamburgische Beauftragte für Datenschutz und Informationsfreiheit
Klosterwall 6 (Block C), 20095 Hamburg
Tel.: (040) 4 28 54 - 40 40
E-Fax: (040) 4 279 - 11811
Privacy Seals from external Auditors
smartclip has undergone voluntarily external audits by external accredited privacy auditors. smartclip has obtained multiple external certification so far.
Trusted Privacy Seal by ePrivacy Consult GmbH for the smartclip ATVx Platform (last renewal April 2018)
List of Subprocessor or Data Transfer Partnerships
Here is a list of all Data Partner which are either directly connected to the smartclip platforms. The vendor type and processing purposes have been described here. Please note, that not all of these partnerships may only be active for limited timeframes and can be paused in-between.
|Name of Data Partner||Services||More Information|
|smartclip Holding AG||smartclip Holding AG is the operator of the Adserving/SSP technology on behalf of the local smartclip entity||https://www.privacy-portal.smartclip.net|
|SpotX Inc||Smartclip is buying on SpotX inventories. SpotX is a processor on behalf of it’s publisher partners. Therefore smartclip is acting a sub-processor on behalf of SpotX||https://www.spotx.tv/privacy-policy|
|AWS is the hosting service for the Adserving/SSP technology. Datacenters are only located within the EU (Ireland /Germany)||https://aws.amazon.com/de/privacy|
|DBM (Google)||Connected DSP||https://policies.google.com|
|The Tradedesk||Connected DSP||https://www.thetradedesk.com/general/privacy-policy|
|Delta Projects||Connected DSP||http://www.deltaprojects.com/app/uploads/2018/03/gdpr-2018-2-1.pdf|
|Bid Theatre||Connected DSP||https://www.bidtheatre.com/privacy-policy|
|Active Agent||Connected DSP||http://www.active-agent.com/de/unternehmen/opt-out|
|Liquid M||Connected DSP||https://liquidm.com/privacy-policy|
|Tubemogul (Adobe)||Connected DSP||https://www.adobe.com/de/privacy/marketing-cloud.html|
|Exelate (Nielsen Marketing Cloud)||Connected DMP for EU traffic (Direct Integration)||http://exelate.com/privacy/opt-in-opt-out|
|Nugg Ad (Zalando)||Connected DMP for EU traffic (Direct Integration)||https://www.nugg.ad/de/datenschutz/allgemeine-informationen.htm|
|Neustar||Connected DMP for EU traffic (Direct Integration)||https://www.home.neustar/privacy|
Agency Technology Partners
|Brand Safety & Viewability||https://www.meetrics.com/datenschutz|
Smartclip has subscribed to the IAB Consent & Transparency Framework - a new standard for a market wide homogenous handling of User rights under the new GDPR. The new framework allows user to manage opt in and opt out preference for all vendors connected through this framework. Consent management at one of these partners will apply for all other partners as well. All vendors which are part of the framework can be found here: