Privacy Policy

1. Who We Are

Adverteks is a programmatic advertising platform operating a Supply-Side Platform (SSP), Demand-Side Platform (DSP), and Real-Time Bidding (RTB) exchange. We connect publishers who want to monetize their digital inventory with advertisers who want to reach target audiences.

For the purposes of data protection law, Adverteks acts as a data controller for personal data of publishers and advertisers, and as a data processor (and in some contexts, controller) for end-user data processed in connection with ad serving.

2. Data We Collect

2.1 Publisher Data

When you register as a publisher, we collect:

• Name, email address, and account credentials
• Website URLs and domain information you submit
• Payment information (bank account or PayPal details)
• Tax identification information (where required)
• Ad placement and inventory configuration data
• Earnings, impressions, and performance analytics

2.2 Advertiser Data

When you register as an advertiser, we collect:

• Name, email address, and account credentials
• Company name and billing address
• Payment information (credit card or bank account)
• Campaign configuration, ad creatives, and targeting parameters
• Campaign performance data (impressions, clicks, conversions, spend)

2.3 End-User Data (Ad Serving)

When ads are served on publisher sites, we may automatically collect the following data from end users (website visitors):

• IP address — used for geo-targeting and fraud detection (hashed/truncated for storage)
• Device and browser information — user agent string, device type, operating system, browser version
• Geographic data — country, region, city (derived from IP)
• Ad interaction data — impressions served, clicks, time of interaction
• Referrer URL — the page on which the ad was displayed
• Cookie identifiers — for frequency capping, attribution, and targeting (see Section 7)

2.4 Technical Data (All Users)

We collect technical data when you use the Platform:

• Log files (access times, pages viewed, actions taken)
• API request data
• Session tokens and authentication data

3. How We Collect Data

Method	Description
Registration forms	Data you provide when creating an account
Ad tags / JavaScript	Ad serving code placed on publisher sites collects end-user data
Cookies & pixels	Tracking cookies set by our ad serving infrastructure
OpenRTB bid requests	Data sent in real-time bidding requests from publishers to advertisers
Server logs	Automatically collected when you interact with our Platform
Third-party data	We may receive data from third-party data providers for targeting purposes

4. How We Use Data

We use the data we collect for the following purposes:

• Platform operation: Creating and managing accounts, processing transactions, delivering ads
• Ad targeting: Matching ads to relevant audiences based on geography, device, interests, and behavior
• Fraud detection: Identifying and preventing invalid traffic, click fraud, and policy violations
• Analytics and reporting: Providing performance reports to publishers and advertisers
• Billing and payments: Processing advertiser payments and publisher payouts
• Platform improvement: Improving our algorithms, products, and user experience
• Communications: Sending account notifications, payment confirmations, and product updates
• Legal compliance: Complying with applicable laws, regulations, and legal processes

5. Ad Targeting & Geo-IP

Adverteks uses several targeting methods to serve relevant advertising:

5.1 Geographic (Geo-IP) Targeting

We use IP address geolocation to determine the approximate geographic location (country, region, city) of end users. This data is used to serve geographically-targeted advertisements. We use MaxMind or similar IP intelligence services. IP addresses are hashed or truncated before storage and are not stored in their complete form beyond 90 days.

5.2 Contextual Targeting

We analyze page content (URL, category, keywords) to serve contextually relevant ads without requiring user identification.

5.3 Behavioral Targeting

Where permitted by applicable law and with appropriate consent, we may use cookie-based data to target ads based on browsing behavior and interests.

5.4 Device Targeting

Ads may be targeted based on device type (desktop, mobile, tablet), operating system, and browser.

6. OpenRTB & Data Sharing in the Bidding Ecosystem

Adverteks operates an OpenRTB-compliant exchange. When a publisher page loads, we send bid requests to demand-side platforms (DSPs) and advertisers. These bid requests may contain:

• Truncated IP address (last octet removed)
• User agent string
• Geographic data (country, region, city)
• Site/app information (domain, page URL, content category)
• Device type and operating system
• Cookie-based segment IDs (where consent obtained)
• Impression opportunity details (ad slot size, position)

Bid requests do not include full names, email addresses, or other directly identifying information of end users. We require all DSP partners to comply with applicable data protection laws and our data processing agreements.

7. Cookies & Tracking Technologies

We use cookies and similar technologies for ad serving, measurement, and fraud detection. For full details, see our Cookie Policy.

Key cookie uses include:

• Frequency capping: Preventing the same ad from being shown too many times to the same user
• Attribution: Tracking conversions from ad clicks to advertiser websites
• Fraud detection: Identifying invalid traffic and suspicious behavior patterns
• Personalization: Serving relevant ads based on inferred interests (where consent is given)

Where required by law (e.g., EU ePrivacy Directive, GDPR), we obtain appropriate consent before setting non-essential cookies on publisher sites.

8. Third-Party Services

We share data with third parties only as necessary to operate the Platform:

Category	Purpose	Data Shared
Payment processors	Processing payments and payouts	Billing information, transaction amounts
Cloud infrastructure	Hosting and data storage	All Platform data (encrypted at rest)
DSP/SSP partners	RTB bid requests	Pseudonymous end-user data per Section 6
Fraud detection	Invalid traffic detection	IP addresses, user agents, click patterns
Analytics	Platform performance monitoring	Aggregated, anonymized usage data
Legal/compliance	Responding to legal requests	As required by law

We do not sell personal data of publishers or advertisers to third parties for their own marketing purposes.

9. Data Retention

Data Type	Retention Period
Account data (publishers/advertisers)	Duration of account + 3 years
Financial/billing records	7 years (legal requirement)
Ad serving logs (with full IP)	90 days
Aggregated analytics	3 years
Fraud investigation records	5 years
Cookie-based data	90–365 days (per cookie lifetime)

10. Security

We implement industry-standard security measures to protect your data:

• TLS/HTTPS encryption for all data in transit
• AES-256 encryption for sensitive data at rest
• Role-based access controls limiting staff access to personal data
• Regular security audits and vulnerability assessments
• Incident response procedures for data breaches

If we become aware of a data breach affecting your personal data, we will notify you in accordance with applicable law (typically within 72 hours for GDPR-regulated breaches).

11. GDPR — European Union Users

If you are located in the European Economic Area (EEA), you have the following rights under the General Data Protection Regulation (GDPR):

• Right of access: Request a copy of the personal data we hold about you.
• Right to rectification: Correct inaccurate or incomplete data.
• Right to erasure: Request deletion of your data where there is no compelling reason for us to keep it.
• Right to restriction: Request that we restrict processing of your data in certain circumstances.
• Right to data portability: Receive your data in a machine-readable format.
• Right to object: Object to processing based on legitimate interests, including for direct marketing.
• Rights related to automated decision-making: Not be subject to solely automated decisions with significant effects.

Legal Bases for Processing (GDPR)

Processing Activity	Legal Basis
Account creation and management	Contract performance (Art. 6(1)(b))
Payment processing	Contract performance (Art. 6(1)(b))
Fraud detection and security	Legitimate interests (Art. 6(1)(f))
Behavioral ad targeting	Consent (Art. 6(1)(a))
Analytics and reporting	Legitimate interests (Art. 6(1)(f))
Legal compliance	Legal obligation (Art. 6(1)(c))

To exercise your GDPR rights, contact us at privacy@adverteks.com. We will respond within 30 days.

12. CCPA — California Users

If you are a California resident, the California Consumer Privacy Act (CCPA) grants you the following rights:

• Right to know: Request disclosure of personal information we have collected about you, the sources, purposes, and third parties we share it with.
• Right to delete: Request deletion of your personal information (subject to certain exceptions).
• Right to opt-out of sale: Opt out of the "sale" of your personal information. Note: Adverteks does not sell personal information of publishers or advertisers. End-user data shared in OpenRTB bid requests may constitute a "sale" under CCPA — see our opt-out below.
• Right to non-discrimination: We will not discriminate against you for exercising your rights.

To exercise CCPA rights, contact us at privacy@adverteks.com or submit a request via our website. We will verify your identity before processing requests.

Do Not Sell My Personal Information: End users on publisher sites can opt out of behavioral advertising by contacting us or via the opt-out link in ads we serve.

13. Your Rights (All Users)

Regardless of your location, you may:

• Access: Request a copy of the data we hold about you.
• Correct: Update inaccurate data in your account settings or by contacting us.
• Delete: Close your account and request deletion of your data (subject to legal retention requirements).
• Opt out of marketing: Unsubscribe from marketing emails using the unsubscribe link in any email.
• Opt out of behavioral ads: Use the opt-out link in our ads or contact us directly.

Submit requests to: privacy@adverteks.com

14. Children's Privacy

The Platform is not directed to children under 13 years of age. We do not knowingly collect personal data from children under 13. If we become aware that we have collected personal data from a child under 13, we will delete it promptly. Publisher sites using our ad tags must not knowingly serve our ads on content primarily directed at children under 13 without appropriate COPPA compliance measures.

15. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or prominent notice on the Platform. The "Last Updated" date at the top reflects the most recent revision. Continued use of the Platform after changes constitutes your acceptance.

16. Contact & Data Protection Officer

For privacy-related questions, data requests, or to reach our Data Protection Officer:

• Privacy requests: privacy@adverteks.com
• General support: support@adverteks.com
• Legal: legal@adverteks.com

If you are in the EEA and are unsatisfied with our response, you have the right to lodge a complaint with your local data protection authority (supervisory authority).