Last updated: 1 April 2021
Ringside Data Ltd (“Ringside“, “we“, “us“) offers analytical tools to advertisers, advertising networks and agencies to help them understand the performance of their marketing activities. Please know that you must be over 18 to access and use our Website and services.
This policy will go through and describe how we collect, store, use and disclose data and information we gather about you through our “Website” ringside.ai, our marketing data platform and other platforms where we directly reference this policy operated by us where we act as “controller” for the purpose of Data Protection Legislation (we’ve defined this below).
Whilst this policy applies where we act as a “controller”, we think it’s also important to let you know that under Data Protection Legislation, we are generally a “processor” of any personal data that we process on behalf of our Customers (i.e. our paying customer of the Ringside platform). This broadly means that they decide what we can do with it and are responsible for providing you with any information in relation to how your personal data is processed. Please know that we can’t answer any questions about your personal data where we are acting as “processor”. This is the responsibility of our Customers (acting as “controller”) – so please check out their privacy policies for further detail as to how they use personal data.
As mentioned above, this policy will apply wherever we act as “controller”, for example:
Two important definitions for this policy (and apologies for the legal jargon but these are important) are “pseudonymisation” and “Data Protection Legislation“:
If you have any questions, you can always contact our Data Protection Officer, Matthew, at firstname.lastname@example.org, who would love to talk to you, or you can email our legal team (email@example.com) and we will get back to you.
When you contact us, such as if you have requested to learn more about our services or are thinking about becoming a Customer, whether online, submitted through the forms available on our Website, via telephone, via email, in writing, or otherwise, or when instructing us, you may provide personal data about yourself, including your name, address, telephone number, date of birth, job title and function, and other personal data concerning your preferences relevant to our services. On occasion, it may be that a colleague of yours may provide us with your information in this process – such as where you might be our ongoing contact at your organisation.
If you or your organisation are a Customer, we will likely provide you with a login to access our Customer platform, which may involve taking your email address and generating an initial password for you. We may also track your experience or get your feedback on our Customer platform so that we can assess how useful it is to you and think about areas for improvement.
We capture certain information about your device, browser and usage of the Website and Customer Platform using the Ringside tags and certain third party platforms (please see the section on Cookies and third party platforms below). We also capture the IP addresses of visitors to our Website to allow for a blacklist of IP’s so we can keep our Website and systems secure. Please know that we do not store any IP addresses – we only keep what’s called “salted” and “hashed” versions, which broadly means we add a random extra piece of information and then scramble it so that we can identify if you visit our Website again, but we cannot see the IP address itself. Certain of our third party partners may capture other information about your usage of our Website (please see the section on Cookies and third party platforms below).
If you or your organisation become a Customer or are one of our suppliers or other business partners, you or your organisation may provide us with further personal data in the ordinary course to administer our relationship, such as business contact details to discuss your or our requirements, administer your iteration of our Customer Platform or to otherwise contact you. Some of this personal data may be collected from public sources, such as your/your organisation’s website.
When instructing us, or if you or your organisation provide services to us, you may provide personal data including your bank account and other data necessary for processing payments and fraud prevention, including credit/debit card numbers, security code numbers and other related billing information.
We may also collect information relating to when you visit our premises, such as access times and requirements.
We may use certain pseudonymised/anonymised and aggregated data (that we obtain in connection with the provision of services to our Customers) to assess and improve our services. This may be provided to us by Customers or collated from providing our services to our Customers, such as through their website, direct data access or via APIs. For example, this could include historic data on product and sale performance which can help guide our machine learning to understand past trends and product performance. We and/or our Customers always anonymise or pseudonymise this data.
We may also process certain personal data in connection with our legal rights or obligations, such as holding a copy of our signed engagement with you or your organisation.
Our Customers may sometimes put us in contact with their other service providers to better support the services we provide to them. In these circumstances we may also receive certain aggregated data to build up an overview of the impact of our services over time. On occasion we may also share the resulting information with the relevant Customer’s service provider. For example, keyword performance can be aggregated for a period of time so that an attributed CPA is aggregated in our dashboard and made available to our partners.
We sometimes ask our colleagues to provide details of their next of kin for the purpose of our emergency scenario planning or in case an incident occurs at work. We may also ask for details of their dependents, spouses and/or other people in relation to their employee benefits and pensions arrangements. We will only ever use this information for the benefit of our staff and for the purpose it was provided.
We may also process certain personal data where you have made such personal data public (such as through social media or business contact information sites).
We sometimes receive business contact information from our Customers, business partners and other third parties that help us generate leads. For example, our Customers sometimes love us so much that they tell their customers about us or put us in touch with their contacts at other businesses.
You must be over 18 to access and use our Website and services. Generally, we do not knowingly collect or retain any personal data relating to individuals under 13. On occasion, we may be asked by our Customers to process such information, such as where the Customer is a children’s toys retailer or provides services for children. In such instances we ask our Customers to help us identify information relating to children to meet our obligations under Data Protection Legislation. Once our services to those Customers end, we will anonymise and/or delete such information. If you are aware of any cases where we would hold any personal data relating to children please let us know at legal (firstname.lastname@example.org).
Under Data Protection Legislation we have greater obligations in relation to processing special category and criminal offence data. When we act as controller, we will only ever process any such information in very limited circumstances, such as set out below. Please know that we take our responsibilities in relation to such sensitive data very seriously and will only retain it for as long as strictly necessary and then delete such information.
We will use the personal data we collect to provide our services and run our internal business affairs, including internal record keeping and the protection and security of our communications and other systems and to prevent and detect security threats, frauds or other criminal or malicious activities.
On occasion we may also use your contact information to congratulate you on work or personal accomplishments and events or to invite you to celebrate the holidays seasons with us, such as to send you a card to wish you a Happy Christmas!
Where we have your permission (or otherwise have the right to do so) we may use website visitors’, Customers’ and other business contacts’ and leads’ contact details to send emails, SMS, push notifications or just say hello and let you know about the types of things that we’re doing. Recipients can opt-out at any time from marketing or promotional messages by emailing legal (email@example.com).
Where we have your permission to do so, if you or your organisation are a prospective, current or former Customer and you have provided us with a review or reference, we may publish that information together with your name, photo, role and organisation on our Website to help other prospective customers to find our services.
Where a Customer has provided us with their permission, we may share certain pseudonymised or anonymised aggregated datasets between Customers to better provide our services to those Customers. If you are a data subject of such datasets, it is the Customer’s responsibility to obtain any necessary permissions and provide any relevant information. We would therefore ask you to review their privacy policies for further information. We and/or our Customers always anonymise or pseudonymise this data.
As with every business, certain of our service providers may also process personal data on our behalf, such as our hosting, email and maintenance and support service providers.
In addition, as we said above, we may share the results of our analysis of aggregated data with 3rd parties to support their services to our Customers.
We may disclose information about you: (i) if we are required to do so by law, regulation, or legal process, such as a court order or subpoena or request from a competent regulator; (ii) in response to requests by government agencies, such as law enforcement authorities; (iii) when we believe disclosure is necessary or appropriate to protect against or respond to physical, financial or other harm, injury, or loss to property; or (iv) in connection with an investigation of suspected or actual unlawful activity such as a breach of our terms of service. For more information on this please email Matthew, our Data Protection Officer, on the email below or our legal team (firstname.lastname@example.org).
We reserve the right to transfer your information to service providers, advisors, potential transactional partners, or other third parties in connection with the consideration, negotiation, or completion of a corporate transaction in which we are acquired by or merged with another company, as part of an internal reorganisation or if we sell, liquidate, or transfer all or a portion of our assets.
We may also disclose your information with your permission or where you have requested us to do so, such as where you ask us to put you in contact with a third party.
If you’re one of our Customers or another of our business contacts, sometimes we may put you in touch with another business partner whose services we think would be a great fit for you or your organisation. We hope the two of you hit it off, however, we appreciate that sometimes the inboxes can get a bit full so please let us know if you would rather we didn’t do this. (Please know that we make sure that we only do this where we have you or your organisation’s permission, (or another legal basis for doing so).)
In addition, we may share anonymous and aggregated reports and information on Customer users’ demographics and traffic patterns with third parties or for marketing purposes.
We may also process certain aggregated and anonymised data to analyse and improve our services, including to train machine learning algorithms to deliver those services, and to compile and produce insights into different marketplaces and trends. Sometimes we might also provide these aggregated and anonymised datasets to other businesses to help them do the same or improve their services.
The legal basis on which we hold your personal data is primarily for the purpose of pursuing our legitimate interests as a business which offers analytical tools to advertisers, advertising networks and agencies to help them understand the performance of their marketing activities. In some instances we may rely on your express consent to use your personal data, but we will let you know (and give you the chance to withdraw consent) if we do. In some instances we may use your personal data in order to enable us to perform a contract which we have in place with you or to comply with our legal obligations.
In the limited circumstances where we might process special category data, we will only process it where (i) we have your consent, (ii) to protect your vital interests (where you are physically or legally incapable of giving your consent), (iii) where it is necessary for establishing, exercising or defending a legal claim, (iv) where it is necessary in connection with our employment and social security obligations and rights, or (v) where it is necessary for reasons of substantial public interest.
We hold all our data in the Google Cloud Platform and comply with all their advised security advisories. We have implemented technical and physical safeguards that are designed to protect and secure our systems that hold personal data, including our continued work towards ISO 27001 compliance.
As we are an internet based service, please note that we cannot guarantee the security of information and communications that you transmit to us over networks that we do not control and therefore cannot be held responsible for any such transmission of information.
We will only keep your personal data for as long as we reasonably require and, in any event, only for as long as Data Protection Legislation and our own internal rules and policies allow.
We hold all our data in the Google Cloud Platform on Google’s servers located in the EU. We will make such transfers pursuant to the UK’s adequacy decision in favour of the EU.
Where we do transfer personal data from our systems in the UK to our systems or third parties located outside the UK, we will only do so in accordance with Data Protection Legislation and where one of the following applies (in each case according to which Data Protection Legislation might apply in the relevant situation):
You have certain rights in relation to your personal data – for example the right to request that we erase your personal data (or part thereof) at any time, which we will comply with unless we have a lawful reason to keep your information (for example, to comply with our legal obligations).
You also have the rights, subject to certain exemptions, to:
If you wish to exercise any of these rights, please contact us at the email address set out below. Please do ensure that any personal data you provide us with is accurate and complete and notify us of any changes to your personal data as soon as possible so that we can update our records.
We believe that pseudonymising personal data is an important step to keeping our data secure and protecting your privacy as it makes it very difficult to attribute any information we hold to a specific individual. Please know that because almost all of the personal data we hold is pseudonymised, we may not be able to identify your personal data without you providing certain further information, such as your cookie ID or the userID that was generated by the relevant Customer who holds your personal data. We may therefore need to request further information from you before we can fulfil your request. We are really proud of our technology and how our approach protects you – if you have any questions, please do get in touch with Matthew email@example.com as we’d love to talk you through it.
If you feel we haven’t handled your personal data correctly, we really do hope you contact us first (Matthew is always willing to chat), however, if we aren’t able to sort the problem, you also have the right to make a complaint to the Information Commissioner’s Office, the data protection regulator in the UK, or, in cases where the EU GDPR applies, one of the competent European data protection regulators (https://edpb.europa.eu/about-edpb/board/members_en).
Please know that we only receive pseudonymised information from our Customers. We may sometimes link pseudonymised personal data we collect from different locations to build up certain pseudonymised user profiles. For example, we may link information you provide to us when accessing our Website to certain information that is provided to us about you by our Customers.
We use a number of 1st and 3rd party cookies and other platforms on our Website. We will only store any such cookies on your web browser if (i) they are strictly necessary for the functioning of our Website, or (ii) you have provided your consent for us to do so.
We also use a number of 3rd party cookies and platforms on our Website to enable its functionalities and which allow us to understand the performance of our activities and provide support services to both new visitors and Customers alike. These platforms may be capturing information on your browser, browser settings, Customer marketing campaign details and Website usage for our purposes.
We may also integrate 3rd party advertising pixels in our Website and marketing communications.
For a complete list of the cookies and similar technologies that we use and to provide or withdraw your consent to such cookies, please see our cookie banner here.
We may also use our 1st and 3rd party cookies and other platforms in the provision of Services to our Customers. Please note that the relevant Customer is obliged to obtain your consent and provide you with any relevant information in respect of these cookies – so please do get in touch with them if you have any questions.
Please note that we do not currently integrate with “Do Not Track” settings on web browsers.
The relevant network advertiser providing such 3rd party platform, cookie or pixel may use the information gathered via these devices and other information they have collected about you to deliver targeted advertisements for products and services in which you might be interested on their and their other clients’ behalf. For example, Google Analytics may collect your IP address and certain information with how you interact with their platform on our Website. If you want to find out more about the way they capture information and how to opt out visit their site found at https://tools.google.com/dlpage/gaoptout.
If you prefer not to receive targeted advertising, you can opt-out of some network advertising programs that use your information. To do so, please visit the Digital Advertising Alliance (DAA) Opt-Out Page: http://www.aboutads.info/choices
If you have any questions or concerns we would love to speak to you. You can always contact our Data Protection Officer, Matthew, at firstname.lastname@example.org, who would love to talk to you or you can email our legal team (email@example.com) and we will get back to you.
In case you missed it at the top of this policy, please note that this policy only applies where we act as “controller” of personal data. Where we act as “processor” (i.e. we only process personal data on the instruction of another party, such as a Customer), we are required to direct any questions you may have to the relevant Customer for them to answer such questions.