Updated: November 29, 2018
Nielsen Marketing Cloud (“Nielsen,” “we,” or “us”) is committed to protecting users’ privacy and handling their data in an open and transparent manner. This Privacy Statement describes the services that we provide to our clients and how we use, share, and protect the data that we gather about users in connection with our services. This Privacy Statement also describes users’ choices and legal rights in relation to their personal data.
The practices described in this Privacy Statement are undertaken by Nielsen companies providing Nielsen Marketing Cloud Services around the world. Learn more about Nielsen’s family of companies or contact Nielsen’s Privacy Department (see the “Contact Us” section below for our contact details) for more information.
This Privacy Statement does not apply to the data handling practices of website publishers and other parties who share data with Nielsen or those parties’ use of users’ data for interest-based advertising and other purposes. We encourage users to review the privacy statements of each platform, website, and mobile application (“mobile app”) that they access or use to learn how these parties may use their data.
Nielsen collects data from multiple sources about users’ online activity across websites, mobile apps, and devices (including laptops, smartphones, and televisions); sorts it into categories based on users’ demographics, interests, and preferences; and makes it available to advertisers, website publishers, and content providers (collectively, our “Clients”) in order to facilitate interest-based advertising and provide a more relevant advertising experience to consumers. We do not collect directly-identifiable data, such as names, email addresses, phone numbers, or social media user names from users in connection with our services.
We collect data from our own sources and from third parties, such as website publishers, mobile app developers, smart TV operators, and other providers of advertising technology and services in a variety of ways, including through the use of browser cookies, pixel tags, application software development kits (“SDKs”), and server-to-server connections with our partners. Additional details about our data collection practices and the different technologies we use to facilitate these activities can be found below.
As part of our efforts to comply with the EU General Data Protection Regulation (&lquo;GDPR”) when processing personal data or accessing and/storing data on users’ devices using cookies and similar technologies (e.g., pixel tags and device identifiers), the Nielsen Marketing Cloud signed up as a vendor under the IAB Europe’s Transparency & Consent Framework in May 2018. For additional information about the Framework, please visit http://advertisingconsent.eu. (http://advertisingconsent.eu/vendor-list/).
Generally, we and our Clients use the data collected in order to gain better insights on users and allow our Clients to deliver more effective and relevant advertising and content to users. For example, data about a user’s visits to different websites may be used to make inferences about the types of ads and content that may interest the user. We and our Clients also may use the data collected in browsers for advertising, analytics, or ad reporting purposes or to improve our services.
We may use and combine data collected from different sources, including data from third-party sources, to help our Clients create a more personalized advertising and online experience for users.
We may also use data about a user’s activity across multiple, unaffiliated third-party mobile apps to predict the types of ads that may interest the user. We share this data and data about a user’s visits to different websites with our Clients to identify an ad, a group of ads, or content to be displayed on a particular computer or device. We may combine the data collected with a user’s mobile device advertising identifier and retain it for up to 120 days from the date of the user’s last online activity.
We may receive and create non-sensitive health/lifestyle-related segments (i.e., categories of users grouped by common traits or preferences) to enable our Clients to deliver interest-based ads to users in web browsers and mobile apps. Examples of such segments include: Cycling, Diet and Fitness, Diet and Weight Loss, Digestive Health-Yogurt, Fitness and Exercise, Health and Beauty, Health Food, Running, Skin Care, and Yoga.
We may use data we collect or receive from advertising technology partners and our Clients, including smart television providers, website publishers, and mobile app providers, to make a deterministic or statistical match of mobile device advertising identifiers and cookie identifiers. For example, we or our partners may match a user’s devices if the user logs in to the same online service on multiple devices or web browsers or if the user’s devices share similar attributes that support an inference that they belong to the same user. We also may use such data to match a user’s interests across devices, as well as for analytics, ad reporting, or to improve our services.
We may retain information about device matches for up to 13 months from a user’s last online activity.
Applicable law in certain countries requires us to set out in this Privacy Statement the legal basis upon which we rely in order to process users’ personal data.
For personal data collected about users in the European Union (“EU”)/European Economic Area (“EEA”), we rely on one of the legal bases below in order to process such data.
Users that have questions or concerns about the legal basis upon which we collect and use their personal data can contact us at email@example.com.
We are committed to providing users with choices with respect to how we process their personal data. This section describes how users can exercise these choices.
We provide users with multiple ways to opt out of our use of their data, as described below.
After opting out, users will no longer be included in the ad and content targeting activities that are conducted online or via smart television platforms via our services. Users will still receive online and television ads and content, but these ads and content may not be as personalized or relevant to the users. Nielsen makes efforts to work with different ad platforms to ensure opt out requests are communicated and addressed in a timely manner, but changes may not take immediate effect, depending on the platform.
If a user changes devices or browsers, uses multiple devices or browsers, or deletes their cookies, they will need to repeat the opt-out process for each device and each browser. Users may download a browser plugin that will help them maintain their opt-out choices even if they delete certain cookies from their browser by visiting http://www.aboutads.info/PMC. Please note that ongoing changes by browser manufacturers to their default settings may interfere with our opt-out functionality.
Nielsen Marketing Cloud is a member of several interest-based advertising self-regulatory groups, including the Digital Advertising Alliance (“DAA”), European Interactive Digital Advertising Alliance (“EDAA”), and Network Advertising Initiative (“NAI”), and adheres to the self-regulatory principles and/or codes of conduct of each organization. Users may opt out of our processing of their data by using the opt-out tools and consumer choice mechanisms provided by each of these interest-based advertising self-regulatory groups by following the links below:
Please note that Nielsen Marketing Cloud’s participation in these organizations may appear under the “eXelate” name.
We honor “Do Not Track” signals set in certain browsers by not tracking a user’s web viewing data while “Do Not Track” is turned on in the user’s browser settings. We currently honor signals set in Chrome, Firefox, Safari, and certain versions of Internet Explorer.
Because mobile app environments do not accept cookies, the opt-out methods described above may not work when a user is in the mobile app environment. Users who would like to exercise opt-out control while in the mobile app environment, may, therefore, want to download the AppChoices App provided by the DAA relevant for their mobile platform using the links below on each of their mobile devices and by setting their preferences within each app.
Note: Users that have reset their mobile device advertising identifiers will also need to reset their preferences within the AppChoices App.
Users who wish to opt out of our cross-device matching, may do so by using the tools identified in each of the “Web Browsers” and “Mobile Apps” sub-sections above.
Once a user has opted out using the tools for web browsers and mobile apps, we will disassociate the data collected on the user’s browser or device from which the user has opted out from the other browsers or devices that we may have matched to it. Similarly, we will disassociate the data collected on other browsers or devices from the device from which the user has opted out. In order to opt out on all browsers and devices that we may have matched, the user will need to opt out separately on each device and each browser that they use.
Depending on their country of residence, under applicable law users may also have the right to:
Users that are interested in exercising one or more of the rights described above should fill out a form here.
Note: We may require proof of an individual’s identity before we can give effect to the above-listed rights.
Additional information for users residing in the EU/EEA
Users that have questions or concerns about our collection or use of their personal data can contact our EU Data Protection Officer at firstname.lastname@example.org.
Users that are unsatisfied with the way in which we have handled their personal data or any privacy query or request that they have raised to us have the right to complain to the Data Protection Authority (“DPA”) in their country of residence or the location where the issue that is the subject of their complaint occurred. Users can find the contact details of all national DPAs by visiting: http://ec.europa.eu/newsroom/article29/item-detail.cfm?item_id=612080.
We may disclose data collected through or in connection with our services with various parties for certain purposes, as described below.
All of these disclosures may result in the transfer of personal data to countries or regions with data protection laws that differ from those in a user’s country of residence. In cases where users’ personal data is transferred outside of their country of residence, we will ensure that there are adequate safeguards in place to protect their data.
Additional information for users residing in the EU/EEA
Where EU/EEA-based users’ personal data will be transferred to a country that has not been recognized by the European Commission as providing an adequate level of protection, the safeguards put in place by us might include a data transfer agreement with the data recipient based on standard contractual clauses approved by the European Commission for transfers of personal data to countries not providing an adequate level of protection. Further details relating to the transfers described above and the safeguards used with respect to such transfers can be requested by contacting us at email@example.com.
We retain pseudonymized log file data, including cookie data, web browsing data, and mobile browsing and app usage data for up to 120 days from the date of a user’s last online activity for ad targeting purposes. Aggregated data may be retained for other purposes, including analytics, for up to 13 months.
We use generally-accepted industry security standards including physical, electronic, and administrative safeguards that are designed to help protect the data that we collect, use, and retain. However, please note that no security measures are perfect, and there can be no absolute assurance of security.
We understand the importance of protecting the privacy of children, especially in the online environment. Our products and services are not designed for or directed at children under the age of 13. We do not knowingly solicit, collect, or maintain personal data from children under the age of 13. Similarly, we prohibit our third-party data providers from providing us with personal data from websites and mobile apps directed at children under the age of 13 or from knowingly sharing with us data relating to children under the age of 13. If we become aware that we have collected or received personal data relating to a child, we will take reasonable steps to delete it.
We may update or revise this Privacy Statement as needed from time to time in light of, for example, changing business or personal data processing practices, technology, or legal requirements. When we make changes to this Privacy Statement, we will amend the “Last updated” date at the bottom of this page. We encourage users to visit this page periodically to review any updates and remain informed about how we are processing and protecting personal data.
Should you have questions relating to this Privacy Statement or Nielsen Marketing Cloud’s privacy practices, please email us at: firstname.lastname@example.org or write us at:
For EEA residents:
Oxford Business Park South
John Smith Drive
Oxford OX4 2WB
Attn.: Legal Dept.
For residents in all other countries:
85 Broad Street
New York, NY 10004
Attn.: Legal Dept.