What Xandr is doing in response to COVID-19. Learn More.
xandr

Privacy Policy for Xandr Websites

Privacy Policy for Xandr Websites

 

Effective June 7, 2022

This privacy policy (“Policy”) applies to the websites for Xandr Inc. (“Xandr”) and information collected through those websites. By using these websites, you accept and agree to the terms of this Policy. If you do not agree to this Policy, please do not use these websites.

 

Information we collect through these websites

We automatically collect information about how you use these websites and what device or devices you use to do so through the use of cookies, web beacons, and other technologies. For example, these websites automatically record website usage information including your IP address, browser type, operating system, and device type used to access the website. Subject to the settings on your device or web browser, we may also collect limited information about your location. We do not use this information to track or record information about individuals through these websites.

 

How we use the information we collect

We use the data collected through these websites for a variety of purposes including to better understand how people use each website, to prevent fraud, and to improve the effectiveness, security and integrity of the website. Information about your location may be used to help customize the content you see. We may also use the data to provide you information about Xandr and its products and services and offers, to protect and enforce our agreements and property rights, to comply with court orders, legal processes or respond to regulatory or other similar requests.

 

We share the information with

  • Our subsidiaries and affiliates.
  • Vendors and agents performing or providing goods and services on our behalf (for example advisers, information service providers and data storage providers).
  • Other third parties but only in aggregate form or as may be required by law.

 

Data storage and retention

Data we collect through the Xandr websites may be processed and stored in the United States, or in other countries where we or our affiliates or service providers process data. We take steps to ensure that data is processed according to this Policy and to the requirements of applicable law of your country and of the additional countries where the data is subsequently processed.

We keep any information we collect through these websites as long as we need it for business, tax, or legal purposes. After that, we destroy it by making it unreadable or indecipherable.

 

Security of your data

We’ve established electronic and administrative safeguards designed to make the information we collect from these websites secure. However, no transmission or electronic storage of information is guaranteed to be secure. We therefore urge you to always use caution when transmitting information over the Internet.

 

Links to other websites

These websites contain links to other websites and servers that are not Xandr websites. This Policy does not apply to the privacy practices or the content of such linked sites. When you link to another site, you are subject to the privacy policy of the new site.

 

Changes in ownership or to the Policy

Information collected through these websites may be shared and transferred as part of any merger, acquisition, sale of company assets, or transition of service to another provider. This also applies in the unlikely event of an insolvency, bankruptcy, or receivership in which customer and user records would be transferred to another entity as a result of such a proceeding.

We may update this Policy as necessary to reflect changes we make and to satisfy legal requirements. Updates to this Policy will be posted to these websites.  We’ll post a prominent notice of material changes on these websites.

 

Information for our California customers

Website data collection: We don’t knowingly allow other parties to collect personally identifiable information about your online activities over time and across third-party websites when you use our websites unless we have your consent.

 

Do Not Track notice

We don’t currently respond to Do Not Track and similar signals.  Please go to All About Do Not Track for more information.

 

California Consumer Privacy Act (CCPA)

CCPA Personal Information (CCPA PI) is defined by California law as information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with California consumers or households.

THE INFORMATION WE COLLECT AND SHARE

We want to provide you with the information about how to exercise rights involving CCPA PI. Here is information about the CCPA PI we have collected from and shared about consumers over the past year.

 

Information We Collected From Consumers

The CCPA identifies a number of categories of CCPA PI. In the year before the date this policy was issued, we may have collected these categories of CCPA PI:

  • Unique and online identifiers – IP address, device IDs, or other similar identifiers
  • Internet, gaming or other electronic network activity information – such as browsing history, search history and information regarding an individual’s interaction with an internet website, application, or advertisement
  • Location Information
  • In Game or Online Viewing Activities (e.g., videos viewed, pages viewed)

We collected the above categories of CCPA PI for the following purposes:

  • Fraud and crime prevention
  • Debugging errors in systems
  • Marketing and advertising
  • Internal research, analytics and development – e.g., user preference analytics
  • Developing, maintaining, provisioning or upgrading networks, services or devices.

We may have collected the above categories of CCPA PI listed from the following sources:

  • Directly from you – such as contact information and customer service interactions
  • Generated by your use of our services – such as technical, equipment and usage information
  • Social media sites and other online platforms
  • Other companies – such as vendors and marketing firms
  • Publicly available sources – such as public records

 

Information We Shared About Consumers

In the year before the date this policy was issued, we may have shared these categories of CCPA PI with entities that provide services for us:

  • Unique and online identifiers – IP address, device IDs, or other similar identifiers
  • Internet, gaming or other electronic network activity information – such as browsing history, search history, and information regarding an individual’s interaction with an internet website, application, or advertisement
  • Location Information
  • In Game or Online Viewing Activities (e.g., videos viewed, pages viewed)

We may have shared each of the above categories of CCPA PI with the following categories of third parties who perform services on our behalf:

  • Product and services delivery companies
  • Marketing services companies
  • Cloud storage companies
  • Credit reporting agencies
  • Fraud prevention entities
  • Analytics companies

The CCPA defines sale very broadly and includes the sharing of CCPA PI for anything of value. According to this broad definition, in the year before the date this policy was issued, a ‘sale’ of the following categories of CCPA PI may have occurred:

  • Unique and online identifiers – IP address, device IDs, or other similar identifiers
  • Internet, gaming or other electronic network activity information – such as browsing history, search history, and information regarding an individual’s interaction with an internet website, application, or advertisement
  • Location Information
  • In Game or Online Viewing Activities (e.g., videos viewed, pages viewed)

We may have sold each of the categories of CCPA PI listed immediately above to the following categories of third parties:

  • Analytics and measurement providers
  • Companies involved in marketing and advertising
  • Xandr affiliates, including former affiliates prior to the Microsoft acquisition

 

YOUR RIGHT TO REQUEST DISCLOSURE OF INFORMATION WE COLLECT AND SHARE ABOUT YOU

 

We are committed to ensuring that you know what information we collect. You can ask us for the following information:

  • The categories and specific pieces of your CCPA PI that we’ve collected.
  • The categories of sources from which your CCPA PI was collected.
  • The purposes for collecting or selling your CCPA PI.
  • The categories of third parties with whom we shared your CCPA PI.

We are also committed to ensuring that you know what information we share about you. You can submit a request to us for the following additional information:

  • The categories of CCPA PI we’ve sold about you, the third parties to whom we’ve sold that CCPA PI, and the category or categories of CCPA PI sold to each third party.
  • The categories of CCPA PI that we’ve shared with service providers who provide services for us; like processing your bill; the categories of third parties to whom we’ve disclosed that CCPA PI; and the category or categories of CCPA PI disclosed to each third party.

To exercise your right to request the disclosure of your CCPA PI that we collect or share, click here. These requests for disclosure are generally free.

 

YOUR RIGHT TO REQUEST THE DELETION OF CCPA PI

Upon your request, we will delete the CCPA PI we have collected about you, except for situations when that information is necessary for us to: provide you with a good or service that you requested; perform a contract we entered into with you; maintain the functionality or security of our systems; comply with or exercise rights provided by the law; or use the information internally in ways that are compatible with the context in which you provided the information to us, or that are reasonably aligned with your expectations based on your relationship with us.

To exercise your right to request the deletion of your CCPA PI, click here . Requests for deletion of your CCPA PI are generally free.

 

YOUR RIGHT TO ASK US NOT TO SELL YOUR CCPA PI

You can always tell us not to sell your CCPA PI by clicking here.

Once we receive your request, we will not sell your CCPA PI unless you later allow us to do so. We may ask for your permission to resume sale of your CCPA PI at a later date, but we will wait at least 12 months before doing so.

 

Verification of Identity – Access or Deletion Requests

 

Former Accountholders, Non-Accountholders (without Password Protected Account). If you do not have a password protected account, we will ask to verify your identity using our mobile verification process. This process captures an image of your identity document, such as your driver’s license, and compares it to a self-photo you submit. We will only use this information to verify your identity. We will delete it after the time expires allowed by the CCPA to process and respond to your request.

If we cannot verify your identity, we will not be able to respond to your request. We will notify you to explain.

 

Authorized Agents

You may designate an authorized agent to submit requests on your behalf. Your agent will need a valid power of attorney or written permission signed by you. If the agent relies on written permission, we’ll need to verify the agent’s identity. We may also contact you directly to confirm the permission.
 

WE DON’T MIND IF YOU EXERCISE YOUR DATA RIGHTS

We are committed to providing you control over your CCPA PI. If you exercise any of these rights explained in this section of the Privacy Policy, we will not disadvantage you. You will not be denied or charged different prices or rates for goods or services or provided a different level or quality of goods or services.

 

CONSUMERS UNDER 16 YEARS OLD

As of the effective date of this policy, we do not have actual knowledge that we sell CCPA PI of consumers under 16 years of age. If we collect CCPA PI that we know is from a child under 16 years old in the future, we will not sell that information unless we receive affirmative permission to do so. If a child is between 13 and 16 years of age, the child may provide that permission.

Any customer who wishes to request further information about our compliance with these requirements, or who has questions or concerns about our privacy practices and policies, can email us as per the contact information below.

Information for Residents of European Countries

If you are located in the European Economic Area, the United Kingdom, or Switzerland (the “European Countries”), you have certain rights and protections under applicable law regarding the processing of your “personal data” as defined under applicable law. Some of the information that Xandr collects from you through its operation of the websites may constitute “personal data” under these laws.

Role of Xandr as Controller

If you are located in one of the European Countries, Xandr will act a “controller” (as defined under applicable data protection laws) when processing your personal data collected through its operation of the websites.

Legal Basis for Processing

Xandr’s legal basis for processing your personal data depends upon the specific context in which we collect or use it.

For personal data collected through the operation of our websites we normally rely on our legitimate interests, except where our interests are overridden by your data-protection interests or your fundamental rights and freedoms.

The legitimate reasons for which we use your personal data are described in greater detail in the “How We Use the Information We Collect” section of this policy. These legitimate interests include the operation of our websites and business, the promotion of our business, to undertake analytics on, and evaluation of, our business and our services, to contact you about our services or our websites and for any other purposes of which we notify you.

In addition, in some cases, we may rely on your consent as our legal basis for processing your personal data (for example, if we require your consent in order to store cookies on your browser). Where we rely on consent to process your personal data, we will obtain such consent in compliance with applicable laws. Where you have given your consent, you have the right to withdraw your consent at any time.

Additionally, in certain cases we may also be under a legal obligation to process your personal data.

Your Rights

If you are located in one of the European Countries, you may be entitled to exercise certain data-subject rights available under applicable laws. These rights include the right to request access to personal data we hold about you. You may also have the right to object to, or request that we restrict, processing of your personal data. You may also have the right to ask that your personal data be correctederased, or transferred to another party. Where we process your personal data on the basis that we have your consent, you have the right to withdraw that consent at any time.

If you would like to exercise any of these rights, you may do so by contacting us (see the “Contact Us” section below).

Data Transfers

Xandr is a global company headquartered in the United States with data centers located in the United States, Europe and Asia. When you use our websites, please be aware that your personal data may be transferred to, stored and processed by us and our affiliates in our facilities in the United States and other countries (including in Singapore, Japan, Australia and Brazil where our global affiliates have offices) and by those third parties with whom we may share your personal data.

When Xandr transfers your personal data to group companies or third-party service providers outside of the European Countries, we use appropriate legal mechanisms to help ensure all applicable laws, rights and regulations continue to protect your personal data. This may include the use of EU Commission approved standard contractual clauses. Where such standard contractual clauses are used, a copy is available on request.

Questions or Complaints

If you are in one of the European Countries and have a question or concern about how we process personal data, or wish to exercise any of the rights specified in the “Your Rights” section above, you can contact our Data Protection Officer here or at [email protected].

If we are not able to resolve your issue, you have the right to lodge a complaint with the data privacy authority where you reside. For contact details of your local Data Protection Authority, please see here.

Contact Us

If you have questions about privacy on the Xandr websites, you can send us a message here.

If you are located in the European Countries, you can contact our Data Protection Officer here.

You can also contact us by post using the details provided below:

Xandr Inc.
Attn: Privacy Office
28 West 23rd Street, Fl 4
New York, NY 10010
USA