White Ops prioritizes data protection and the privacy of its customers. Please be advised our General Data Protection Regulation ("GDPR") compliance guidelines will be coming soon.
Updated February 1, 2018
WHITEOPS, INC. AND THE EU-U.S. and SWISS-U.S. PRIVACY SHIELD
White Ops, Inc. (“White Ops”) has certified to the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework (collectively, “Privacy Shield Frameworks”) with the U.S. Department of Commerce regarding the collection and processing of personal data from our advertisers, customers, or business partners in the European Union and, where a Swiss data controller uses White Ops as a data processor, Switzerland (“Partners”) in connection with the products and services described below. To learn more about the Privacy Shield program please visit www.privacyshield.gov.
The EU-U.S. and Swiss-U.S. Privacy Shield Frameworks were designed by the U.S. Department of Commerce, and the European Commission and Swiss Administration, respectively, to provide companies with a mechanism to comply with data protection requirements when transferring personal data from the European Union and Switzerland to the United States. Both the European Commission and Swiss Government have deemed the Privacy Shield Frameworks as adequate to enable data transfers under EU and Swiss law. White Ops has joined both of the Privacy Shield Frameworks to benefit from these adequacy determinations; and has publicly declared its commitment to comply with the Framework’s requirements.
Scope: The Privacy Shield Principles (set out in each of the Privacy Shield Frameworks) relates to the collection of personal data, which is information that can be used to uniquely identify you, such as your name, telephone number, address, and e-mail address hereinafter referred to as “Personal Information”). The only Personal Information White Ops may collect is as follows:
- Dashboard. White Ops may collect Personal Information from clients and prospective clients for its Dashboard, but which will require a User ID and password to use. We use this information in order to create and maintain business records, billing information, and for other purposes essential to our client relationships. We generally store this information for so long as we maintain a business relationship with a given client and for a reasonable time after the termination of the business relationship, for billing and compliance purposes. Our Dashboard also collects certain non-personally identifiable information. For example, we log reporting transactions for the purposes of monitoring and improving our quality of service and the overall performance of the Dashboard and our client reporting in general.
- To the extent White Ops may transfer data to third parties, including any service providers and other partners, White Ops will make reasonable commercial efforts to ensure that any processing of personal data by such third parties is not inconsistent with the Privacy Shield Principles. Personal data that is transferred to us by our Partners may be subject to disclosure pursuant to legal requests or other judicial and government process, such as subpoenas, warrants, or orders, or in response to national security or law enforcement requests. It is possible that White Ops can be held liable for unlawful transfer of personal data to third parties.
Enforcement. White Ops’ compliance with the Privacy Shield Principles is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission.
Opting Out. Upon request, White Ops will provide you with information about whether we hold any of your Personal Information. If you provide us with your Personal Information, you have the following rights with respect to that information:
- To review the user information that you have supplied to us
- To request that we correct any errors, outdated information, or omissions in user information that you have supplied to us
- To request that your user information not be used to contact you
- To request that your user information be deleted from our records
To exercise any of these rights, please contact us by email at firstname.lastname@example.org or by regular mail at 7 West 22nd Street, 9th Floor, New York, NY 10010. We will respond to your request to change, correct, or delete your information within a reasonable timeframe and notify you of the action we have taken.
White Ops will not knowingly or intentionally share Personal Information with any third party absent your consent. Presently, White Ops does not transfer Personal Information to any third parties. In the event it later determines the need to transfer Personal Information to any third party acting as a data controller, While Ops will comply with the Notice and Choice Privacy Shield Principles; and will enter into a contract with the third party controller limiting the purposes for which the data may be processed, ensuring that the recipient will provide the same level of protection as White Ops. Any such transfer of information will be for a limited and specified purpose, and only after White Ops ascertains that the agent agrees to provide at least the same level of privacy protection as required by White Ops. White Ops will further take reasonable steps to ensure that the agent effectively processes this data in a manner consistent with White Ops who will, upon notice, take reasonable steps to stop and remediate any unauthorized processing; and upon request, provide a summary or copy of privacy provisions of its contract with the agent to the Department of Commerce.
Without limiting the foregoing, White Ops will take reasonable and appropriate measures to protect Personal Information from loss, misuse and unauthorized access, disclosure, alteration, and destruction. It will further take reasonable steps to limit processing to the purposes for which the Personal Information was collected, and to ensure that the Personal Information it collects (i.e. not through a third party) is reliable for its intended use, accurate, complete, and current. White Ops will otherwise retain personal information for as long as needed for the purpose of collection; and adhere to the Privacy Shield Principles for as long as it retains such information.
Recourse. White Ops has chosen to cooperate with the EU Data Protection Authorities (DPA) under the EU-U.S. Privacy Shield Framework and the Swiss Federal Data Protection and Information Commissioner under the Swiss-U.S. Privacy Shield Framework and elects to have TrustArc as its independent recourse mechanism. If you have an unresolved privacy or data use concern that has not been addressed herein, please contact our U.S.-based third party dispute resolution provider (free of charge) at TrustArc website. Under certain conditions, more fully described on the Privacy Shield website you may be entitled to invoke binding arbitration when other dispute resolution procedures have been exhausted.
- Various parts of the HTTP Header (including IP Address, HREF, Referrer, and User Agent)
- Various technical aspects of the browser
- Generalized user interaction data
Our customers can pass parameters and information from Third-Party Digital Media Services (or any other integrated web service) to White Ops for reporting (i.e. campaign id, placement id, ad id, etc.). Some web services offer macros that allow their Cookie ID, Unique Id or identified Mobile Device ID to be passed to other companies involved in the measurement and delivery of the asset. White Ops customers may elect to have that Cookie Id, Unique ID or Device ID passed to White Ops for reporting on non-human activity and other fraud behaviors.
In general, our technology does not utilize cookie data or mobile Device ID in the detection and prevention of fraudulent online activity; and therefore, White Ops does not send nor collect cookie data through the browser’s http header elements, nor directly collect the Device ID through mobile applications.
We may work, alone or with our Partners, to anonymously integrate analytic data with data that those partners have independently collected to deliver enhanced anti-fraud services.
Use of Information. White Ops collects no personally identifiable information via our Services. We do collect non-personally identifiable information such as IP address, browser type, referring URL, and information on the click behavior of the visitor during a browser session. We use this information in order to provide our Services, and we may share that information with our clients to help them ensure fraud-free advertising campaigns and eCommerce transactions, and to ensure the security of online Enterprise business products and services. We also use the information for analytics that aid us in building an historic record of behavior patterns in order to enhance future Services, without collecting any personally identifiable information.
Data Security and Integrity. White Ops makes every reasonable effort to protect the information in our care from loss, misuse, alteration or destruction. Only authorized employees and clients have access to the data that we gather and that access is limited by need. All employees who have access to client data are enjoined to maintain the confidentiality of such information. No method of transmission over the Internet or method of electronic storage is 100% secure; therefore, while we strive to use all commercially reasonable means to protect client information, we cannot guarantee absolute security.
Use Of Collected Data. Except as otherwise stated herein, White Ops does not share information gathered by the Services except: (1) as is necessary to execute the Services; (2) in aggregated formats for general corporate marketing and industry benchmarking; (3) for sharing with official affiliates and/or partners of White Ops or service providers of White Ops (where the service providers are required to use the information only to perform services for White Ops); (4) as required by law or to comply with legal process; or (5) to a third party in the event of any reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business, assets or stock (including in connection with any bankruptcy or similar proceedings).
- Data Reporting. White Ops shares collected information with our clients, affiliates and partners to perform and deliver the antifraud services that we have been contracted to provide. The primary means by which we provide information to our customers is in aggregated reports provided as part of the White Ops Services, including but not limited to our customer dashboard, which is password-protected. Use of the dashboard provides each client only with access to their own company's information, and provides potential clients only with access to sample reports within the Dashboard. We may also provide aggregate, anonymized data in our marketing and promotional materials.
- Contacting Us. If you have questions regarding our privacy practices, please submit a privacy inquiry, or send us an email at email@example.com.