WHAT WE COLLECT
Information you give us
Optoro (“Optoro” or “We”) collects and stores information you provide through Optoro.com.
The information We collect from you includes things like:
- Mailing address
- Email address
- Phone number
In certain situations, we may also collect things like:
- IMEI/UDID (a numeric identifier for your mobile device)
- MAC Address (another kind of numeric identifier for your mobile device)
Information from other sources
We may receive information about you from other sources, including third parties that help us update, expand, and analyze our records and identify new users, and provide products and services that may be of interest to you.
Information collected automatically online
We collect information about your interactions with Optoro, including the type of device or browser you’re using, your IP address, your browsing behavior while on our website, and the URLs of the websites you were at before you visited Optoro.com (these are called “referring URLs”).
We may permit third party service providers to collect and process some information from Optoro.com. We may share personal information with those providers. For more information please see https://www.adrollgroup.com/privacy and https://www.adrollgroup.com/trust-center.
Optoro.com is not designed to respond to “do not track” requests from browsers.
Information For California Residents Only
This section supplements the information contained in this Service Privacy Notice and applies solely to visitors, users, and others who are residents of the State of California, as defined in Section 17014 of Title 18 of the California Code of Regulations. This section is effective as of January 1, 2020, to comply with the California Consumer Privacy Act of 2018 (“CCPA”).
Any terms defined in the CCPA have the same meaning when used in this section.
Information We Collect and the Purposes for Which this Information is Used
We collect information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or device (“personal information”). This collection of information is listed in What Data We Collect.
We set out below the CCPA categories of personal information we have collected from consumers within the last twelve (12) months in respect of our Services. Please note that personal information in certain categories may overlap with other categories.
|A.||Identifiers||Yes||Device IP address, email address, cookie string data, pseudonymous data (e.g. hashed emails), operating system, and (in the case of mobile devices) your device type, and mobile device’s identifier (such as the Apple IDFA or Android Advertising ID) and any other unique identifier that may be assigned to any device by third parties and cross-referenced to recognize a device.||Directly and indirectly from consumers, third party data providers and Advertising Partners. In the case of business email addresses, RollWorks B2B Services may infer a business email address.|
|B.||Personal information listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e))||Yes||In respect of RollWorks B2B Services:|
Name, business address, business telephone number, education, employment and employment history.
In respect of AdRoll D2C Services:
The perceived general education level of consumers may be collected for D2C marketing, advertising and analytics to the extent relevant for providing marketing or advertising.
|Directly from third party data providers.|
|C.||Protected classification characteristics under California or federal law||Yes||Limited to age ranges such as 35-44, 45-54, 55-64 and 65+ and male/female gender categories are sometimes collected for use of AdRoll’s D2C Services that do not carry a risk of unintended discrimination.||From third party data providers.|
|D.||Commercial Information||Yes||Records of products or services purchased, obtained or considered, or other purchasing or consuming histories or tendencies.||Directly from consumers and Advertiser.|
|F.||Internet or other similar network activity||Yes||Browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement. For example, which pages you visited and when, what items were clicked on a page, how much time was spent on a page, whether you downloaded a white paper on a B2B website, what items you placed into your online shopping cart, what products were purchased and the price of the products purchased.||Directly from cookie browsing history on Advertisers’ Digital Properties. |
Non-personal information about one of our ads e.g. the third party who served the ad, and the name of the ad) may be connected with browsing history or activity on our websites for the purposes of determining attribution information (e.g. whether particular ad led to a consumer visiting our website, and, if so, which particular ad campaign).
|G.||Geolocation Data||Yes||Non-precise geolocation derived from IP address.||Directly from consumers and Advertising Partners.|
|I.||Professional or employment-related information||Yes||In respect of RollWorks B2B business only:|
Current or past job history, including details about the employer (industry, name, company location, company domain or URL), and employee (positions held, duration of employment, and office location of the company where the employee worked).
|Third party data providers.|
|J.||Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R Part 99))||No||–||–|
|K.||Inferences drawn from other personal information||Yes||Creating profiles that reflect consumer preferences and interests.||Third party data providers.|
For clarity, under CCPA personal information does not include:
- Publicly available information from government records;
- De-identified or aggregated consumer information; and
- Information excluded from the CCPA’s scope such as:
- health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA) or clinical trial data; and
- personal information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FRCA), the Gramm-Leach-Bliley Act (GLBA) or California Financial Information Privacy Act (FIPA), and the Driver’s Privacy Protection Act of 1994.
Purposes for Which Personal Information is Collected
NextRoll is a marketing and advertising technology company. All data we collect is for the business purpose of providing services primarily for our marketing, advertising or analytical Services. However, as part of performing these Services, we also use data collected (as identified above) for the following additional business purposes:
- Auditing Interactions with Consumers: count ad impressions and verify the quality of ad impressions served to unique visitors identified by cookie id or other unique identifier;
- Debugging and Repair: the identification and repair of impairments to intended and existing functionalities in our Services and NextRoll Technology, perform debugging and related activities to repair errors that impair the functionality of our Services;
- Security: detect security incidents and protect against malicious, deceptive, fraudulent or illegal activity, including, when necessary, to prosecute those responsible for such activities;
- Internal Research and Development: conduct internal research for technological development of our Services and demonstration of the performance of these Services; and
- Quality and Safety Maintenance and Verification: verify the quality or safety of our Services and improve, upgrade or enhance our Services and NextRoll Technology we provide.
For more information on how we use this data, please refer to How We Use the Data We Collect.
Sharing Personal Information
We may disclose your personal information to a third party for a business purpose (as set out above) or sell your personal information, subject to your right to opt-out of those sales (See Personal Information Sales Opt-In Rights).
The Data Sharing section sets out the personal information that we share with third parties.
Disclosure of Personal Information for a Business Purpose
With the exception of our RollWorks B2B Contact Data, NextRoll’s Services do not amount to a sale of personal information. Instead, NextRoll discloses personal data for business purposes, primarily to perform its advertising, marketing and analytical Services, but also for the purposes set out as items (1), (2) and (3) in the Purposes for which Personal Information is Collected above.
In the preceding twelve (12) months, we have disclosed the following categories of personal information for our business purposes:
- Category A: Identifiers;
- Category B: California Customer Records personal information categories;
- Category C: Protected classification characteristics under California or federal law;
- Category D: Commercial information;
- Category F: Internet or other similar network activity;
- Category G: Non-precise geolocation derived from IP address;
- Category I: Professional or employment-related information; and
- Category K: Inferences drawn from other personal information.
We disclose your personal information for a business purpose to the categories of third parties set out in Data Sharing.
Sales of Personal Information
In the preceding (12) twelve months, pursuant to our RollWorks B2B Contact Data Service, we have sold personal information in the form of business emails from Category A (Identifiers).
Other than our RollWorks B2B Contact Data Service, we do not consider that our Services constitute a ‘sale of personal information’ under the CCPA. Instead, in the course of providing our Services, we disclose personal information for business purposes.
However, we aim to provide consumers with control over the collection and use of their personal information. Consistent with this goal, we will honor requests from consumers to “opt-out” of the collection and disclosure of their personal information. Your Rights and Choices section below provides instructions on how to opt-out of our collection and disclosure of personal information.
Your Rights and Choices
The CCPA provides California residents with specific rights regarding their personal information. This section describes the rights of California residents under CCPA and provides information on how to exercise those rights.
Right to Know and Data Portability Rights
You have the right to request that we disclose certain information to you about our collection and use of personal information over the past 12 months. Once we receive and confirm your verifiable consumer request, we will disclose to you:
- The categories of personal information we collected about you;
- The categories of sources for the personal information we collected about you;
- Our business or commercial purpose for collecting or selling that personal information;
- The categories of third parties with whom we share that personal information;
- The specific pieces of personal information we collected about you (otherwise known as a data portability request); and
- Two separate lists where we have sold or disclosed your personal information for a business purpose:
- Sales: identifying the personal information categories that each category of recipient purchased; and
- Disclosures for a business purpose: identifying the personal information categories that each category of recipient obtained
Right to Delete
You have the right to request that we delete any of your personal information that we collect from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request (seeExercising Right to Know, Data Portability and Right to Deletion), we will delete (and direct our services providers to delete) your personal information from our records, unless an exception applies.
We may deny your deletion request if retaining the information is necessary for us or our service provider(s) to:
- Complete the transaction for which we collected the personal information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relations with you or otherwise perform our contract with you;
- Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity or prosecute those responsible for such activities;
- Exercise free speech, ensure the right of another consumer to exercise their free speech rights or exercise another right provided by law;
- Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 et. seq.);
- Engage in public of peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent;
- Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us;
- Comply with a legal obligation; and
- Make other internal and lawful uses of that information that are compatible with the context in which you provided it.
Exercising Right to Know, Data Portability and Right to Deletion
To exercise the access, data portability, and deletion rights described above, please submit verifiable consumer request to us by either:
- Calling us at 1-844-740-7126; or
- Visiting this webpage.
Only you, or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable consumer request related to your personal information. You may also make a verifiable consumer request on behalf of your minor child.
You may only make a verifiable request for access of data portability twice within a 12-month period. The verifiable consumer request must:
- Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative; and
- Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.
We cannot respond to your request or provide you with personal information if we cannot: (i) verify your identity or authority to make the request; and (ii) confirm the personal information relates to you.
We will only use personal information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.
As mentioned above in Sales of Personal Information, we have elected to honor sale opt-out rights. Please see Personal Information Sales Opt-Out and Opt-In Rights.
Response Timing and Format
We will deliver our written response to you electronically unless you indicate delivery to be by mail.
Any disclosures we provide to you will only cover the 12-month period preceding the verifiable consumer request’s receipt. The response we provide will also explain the reasons we cannot complete a request, if applicable. Please note that personal information deleted during this period as set out in Data Retention will not be provided.
The format of our responses to you concerning personal information collected, disclosed or sold will be provided in a readily useable format that should allow you to transmit the information from one entity to another entity without hindrance.
We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.
Personal Information Sales Opt-Out Rights
To exercise the right to opt-out of our sale of your Contact Data or to opt out of interest-based advertising, you (or your authorized representative) may submit a request to us by visiting the Do Not Sell My Personal Information webpage.
We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not:
- Deny you goods or services;
- Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties;
- Provide you a different level or quality of goods or services; or
- Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.
However, we may offer you certain financial incentives permitted by CCPA that can result in different prices, rates or quality levels. Any CCPA-permitted financial incentive we offer will reasonably relate to your personal information’s value and contain written terms that describe the program’s material aspects. Participation in a financial incentive program requires your prior opt in consent, which you may revoke at any time.
Optoro.com properties may collect your location.
We may retain your information for as long as needed to provide you services, comply with our legal obligations, resolve disputes, and enforce our agreements.
HOW WE SHARE YOUR INFORMATION
Optoro does not sell, rent, or trade your personal information to third parties.
We may combine or share information among current or future Optoro companies, including affiliates and subsidiaries.
Sometimes we may be required to share personal information for legal reasons, for example, if We are required to do so by a regulation, court order, subpoena or other legal process. We may also share information when we believe it’s necessary to comply with the law or to respond to a government request, or when We believe disclosure is necessary or appropriate to protect Optoro, our customers, or others.
We may share personal information in the event of a corporate sale, merger, acquisition, dissolution, or similar event. If such an event takes place, we’ll notify you through e-mail (if we have your email address) and/or a prominent notice on our applicable website(s) of any change in ownership, as well as any choices you may have regarding your personal information.
HOW WE PROTECT YOUR INFORMATION
We use a variety of information security measures to protect your online transactions with us.
- We use reasonable security measures to protect the confidentiality of personal information under our control and appropriately limit access to it.
- We use encryption technology to protect your personal information.
You may at any time:
- Stop receiving marketing or promotional e-mails, direct mail, phone, and mobile marketing communications
- Update and correct your personal information
To do any of these, let us know by one of these methods:
- Follow the directions in marketing e-mails you receive from us
- Provide your request and current contact information through one of the contact methods listed under “Contact Us” below.
Please note: Even if we are able to anonymize or make your content or information no longer visible, this does not ensure complete or comprehensive removal of your content or personal information from the Internet.
PROTECTING CHILDREN’S PRIVACY
We are committed to protecting children’s privacy on the internet and we do not knowingly collect personal information from children under the age of 13. Use of our website is restricted to visitors 18 and older.
LINKS TO OTHER WEBSITES
SOCIAL MEDIA FEATURES
1001 G St. NW Suite 1200
Washington, DC 20001
Last Updated: December, 2019
Optoro, Inc. © 2019 all rights reserved