Last updated: February 25, 2021.
Our Services are not intended for individuals under the age of 18 and we do not knowingly collect data relating to individuals under the age of 18.
1. Collection of Information and Your Privacy Rights
What information we collect and how we collect it.
1.1 Personal Data. Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data). All personal data that you provide may be transferred or accessed by any Amply Media entity in any jurisdiction. In operating our Services, we may collect and process different kinds of personal data about you which we have grouped together as follows:
- Identity Data includes first name, maiden name, last name, username or similar identifier, and title.
- Contact Data includes email address and telephone numbers.
- Transaction Data includes requests for our Services you have made to us, or in relation to Services that we have supplied to you.
- Technical Data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access our Services.
- Profile Data includes your interests, preferences, and feedback.
- Usage Data includes information about how you use our Services.
- Marketing and Communications Data includes your preferences in receiving marketing from us and our third parties and your communication preferences.
We do not collect any Special Categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.
Categories of information collected within the last twelve (12) months includes:
|Category of Information||Examples||Information Collected|
|Identifiers||A unique personal identifier, online identifier, Internet Protocol address, or other similar identifiers.||Yes|
|Categories of personal information described in subdivision (e) of Section 1798.80 of the California Civil Code.||A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card, or any other financial information, medical information, or health insurance information.||No|
|Characteristics of protected classifications under California or federal law||Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran military status, genetic information (including familial genetic information).||No|
|Commercial Information||Records of products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.||Yes|
|Biometric information||An individual’s physiological, biological or behavioral characteristics, including an individual’s deoxyribonucleic acid (DNA), that can be use, singly or in combination with each other or with other identifying data, to establish individual identity, including but not limited to, imagery of the iris, retina, fingerprint, face, hand, palm, vein patterns, and voice recordings, from which an identifier template, such as a faceprint, a minutiae template, or a voiceprint, can be extracted, and keystroke patterns or rhythms, gait patterns or rhythms, and sleep, health, or exercise data that contain identifying information.||No|
|Internet or other electronic network activity information||Browsing history, search history, and information regarding a consumer’s interaction with an Internet Web site, application, advertisement.||Yes|
|Geolocation data||City and state (as derived from IP address)||Yes|
|Sensory information||Audio, electronic, visual, thermal, olfactory, or similar information.||No|
|Professional or employment-related information||Present and past employment data.||No|
|Education information||Education records maintained by educational institutions or third parties on behalf of these institutions.||No|
|Inferences drawn from any other information||Data reflecting a consumer’s preferences, characteristics, habits, attitudes, predispositions, intelligences, and abilities.||Yes|
The categories of information described above are collected from the following categories of sources:
- Directly from you or your agents, such as through your submissions to the Services.
- Directly and indirectly from activity through the Services, such as through your interaction with the Services.
- From third parties that work with us to provide the Services.
1.2 User Information; Use of Services. We collect information from you when you voluntarily provide it to us or access or use our Services.
1.3 Vendor List Information. We may obtain information about you after you provide information to a third party and you permit that party (the "Seller") to share the information, which we subsequently purchase, license, or otherwise lawfully acquire. Such information may include, but is not limited to, your name, street address, zip code, telephone numbers, birth date, gender, salary range, education, marital status, occupation, industry of employment, personal and online interests, and other information which you provided to the Seller (together, "Vendor List Information"). When acquiring Vendor List Information, we require assurances from the Seller that the Seller has a right to transfer the Vendor List Information to us and that we may lawfully use the Vendor List Information to transmit offers from advertisers.
1.4 Technology Information; User Behaviors Collected with Cookies, Web Beacons, and Other Information. We use cookie and web beacon technology to associate certain Internet-related information about you, such as your Internet Protocol address and what Web browser you are using, with certain of your online behaviors, such as opening or clicking on a particular online advertisement (“Technology Information”). Additionally, we may use other new and evolving sources of Technology Information and information gathering in the future. If you agree to allow browser-enabled push notifications (“Notifications”), we may send you Notifications that include messages, updates, and advertisements or links to other Web sites that contain advertisements. To provide the Notifications, we may need to collect your device information, mobile carrier information, and your device location, postal code, or geographic area to which the Notification pertains.
- Web beacons. A web beacon is programming code used to display an image on a web page and can also transfer an individual's user identification to a database and associate the individual with previously acquired information about the individual. Web beacons enable us to track certain Web sites you visit or advertisements you view online. Web beacons help determine products or services in which you may be interested and help track online behaviors for marketing purposes. More information about web beacons is available at http://www.webopedia.com/TERM/W/Web_beacon.html.
Where Technology Information is Collected. Technology Information is collected directly from advertisements delivered through the Services or indirectly through third parties that we contract with to display advertisements (“Publishers”). Such advertisements will usually be displayed within one of the following advertising vehicles:
- Websites and Notifications. We may set a cookie on your computer or device when you view advertisements delivered on our websites, through Notifications, or on Publisher websites. After a cookie is set, we may track how you interact with the advertisement and the websites (for example, browsing) and Notifications.
- Software Programs. The Services may display banner advertisements in your browser or software programs that you may use.
1.5 Outside Information. We may lawfully receive information about you from third parties, such as information located in public databases and technical data from analytics providers such as Google.
1.6 No Information Collected from Minors. If we are notified that we have personal information about a minor under the age of 18, that information will be promptly deleted from our database.
2. Use of Information and User Data
How we use and share the information we collect.
2.1 Discretion to Use Information. Information voluntarily provided to us or lawfully obtained by us may be used by us for any lawful purpose, including the sale, lease or transfer of the information to Publishers, advertisers and data aggregators for marketing purposes. If you wish to end an email subscription with us, you may follow the instructions at the end of each email message to unsubscribe or follow the instructions detailed at Section 6 below.
2.2 General Uses of Information. Information collected by us is used to:
- Fulfill the purpose for which the information was provided by you.
- Perform our legitimate interests (or those of a third party) where your interests and fundamental rights do not override those interests.
- Perform activities described to you when collecting your information or as set forth in the California Consumer Privacy Act (“CCPA”).
- Provide you with information, products, or services that have been requested.
- Perform internal and external marketing, including delivery of targeted advertisements and information.
- Perform the contract we are about to enter into or have entered into with you, carry out obligations, and enforce contractual rights.
- Improve the Services, such as through testing, research, analysis, and development.
- Respond to requests from law enforcement and government organizations as required by law, court order, or government regulation. Generally, we do not rely on consent as a legal basis for processing your personal data.
- Evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, sale, or other transfer of some or all of our assets whether on an ongoing basis or as part of a discrete transaction in which collected information is among the assets transferred.
2.3 Targeted Advertising and Information. We may use your personal data to target advertising and other information such as, for example, business, weather, entertainment, sports, and general news alert content, more effectively. When you are online, we may use Technology Information to associate you with your personal data and attempt to show information and advertising for products and services to which you may respond. We may use data collected from a response to one type of advertising or information for targeting advertisements or other information through a different venue. For example, we may notice that you responded to a baseball banner advertisement and use that response to deliver a baseball-related advertisement and other information to you.
2.4 Legal Process. We may disclose personal data to respond to subpoenas, court orders and other legal process as required by law.
2.5 Summary Data. We may sell or transfer non-individualized information, such as summary or aggregated anonymous information about all persons or sub-groups of persons.
2.6 Disclosure and Sale of Information. We may sell or disclose your personal data for a business purpose. For example, we may provide your information to third party service providers who perform services on our behalf or to advertisers and professional advisors including lawyers, bankers, auditors, and insurers who provide consultancy, banking, legal, insurance, and accounting services. In the past twelve (12) months, the following categories of information have been sold or disclosed for a business purpose:
- Inferences drawn from any other information
2.7 Where we need to collect personal data by law, or under the terms of a contract we have with you and you do not provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with our products or services).
3. How we Store and Protect the Information we Receive.
3.1 Storage of Personal Data. We store personal data on servers or other equipment that have data security measures designed to protect against the loss, misuse, and alteration of the information under our control. We also maintain physical and procedural safeguards designed to protect your personal data. Notwithstanding such measures, we cannot guarantee that any security measures will prevent your personal data from being illegally accessed, stolen, or altered.
3.2 Data Retention. We will only retain your personal data for as long as necessary to fulfil the purposes for which we collected it, including to comply with our legal, accounting or reporting requirements. We may keep business contacts and information on your account, until you inform us you no longer want us to be in touch or we have determined that your information should be deleted or rectified because it is no longer relevant.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
You can request details of retention periods for different aspects of your personal data by contacting us.
4. Privacy Practices of Third Parties
4.3 Affiliated Companies that are not Publishers. We may disclose or transfer your personal data to entities wholly owned or controlled by us, in our discretion.
5. Your Rights in Information and User Data
5.1 Privacy Rights. You have several rights regarding information collected by us. These include:
- The right to know what categories and specific pieces of information are collected, disclosed for a business purpose, or sold by requesting this information from us.
- The right to request deletion of information collected or maintained by us.
- The right to opt-out of the sale of collected information.
- The right not to receive discriminatory treatment by us for choosing to exercise your privacy rights.
- The right to designate an authorized agent for making requests under the CCPA on your behalf.
6. How You May Exercise Your Rights
6.1 Websites. To prevent the display of Publisher or our advertising on a website, do not visit the website. To only prevent us from tracking your behavior on a website, turn off cookies from that website and do not click on or interact with any advertisements. Please note that we do not have a mechanism or process to respond to any “do not track” signals which a web browser may send or receive, other than as described in this section.
6.2 Email Databases. To unsubscribe from our email lists, click the link included in the footer of any message delivered by us and follow the instructions provided.
6.5 Notifications. If you no longer wish to receive Notifications you may opt-out by turning them off within the settings of your mobile device or browser. These settings may vary depending upon the brand and type of device and/or browser you are using. If you have enabled Notifications on more than one device (such as your phone and your laptop), you will need to opt-out on each device.
6.6 Targeted Advertising. If you no longer wish to receive targeted advertisements you may opt-out of such by clicking on the Unsubscribe link at the bottom of this page, and your device will no longer receive Notifications.
6.7 Collected Information. Due to the nature of information collected, we cannot verify your identity to the degree of certainty required to fulfill requests to know or delete your collected information. We cannot fulfill these requests because information collected from you is associated with no more than two static identifiers, which are captured or created on a website-by-website basis and cannot be linked to other information collected from you. All other information collected from you does not provide a reliable method for verifying your identity. Any requests for deletion of your information will instead be treated as requests to opt-out of the sale of your information. You may opt-out of the sale of personal information by (i) visiting our homepage at https://pennypositive.com and submitting requested information through the “Do Not Sell My Info” link, (ii) emailing us at firstname.lastname@example.org or (iii) indicating that you do not wish to have your information sold prior to submitting it through the Services.
6.8 Designating an Agent. To designate an authorized agent to exercise rights on your behalf, please email us at email@example.com. We may request information from you in order to verify your identity when designating an authorized agent. We may also ask for your authorized agent to provide a written permission from you giving them authorization and verify their own identity by submitting information requested by us.
7. Data on Requests Received
7.1 The table below contains information on the requests received through the Services related to your rights under Section 5 above, in the previous calendar year and the actions taken:
|Type of request||Received||Complied with in whole or in part||Denied|
8. Additional Information for EU Visitors
If you are a resident of a European Economic Area (“EEA”) country, Amply Media is the controller and responsible for any personal data it collects regarding EEA residents, and may access such personal data in the United States, subject to our compliance with our obligations under applicable data protection law (including the General Data Protection Regulation in ensuring adequate safeguards in relation to such transfer). Publishers may use our Services to process data that they collect for their own purposes. Where Publishers use our Services to process data that they collect for their own purposes, we act as a data processor for the Publisher.
8.1 Transferring Your Personal Data Outside the EU under the General Data Protection Regulation. We may transfer data that we collect from you to locations outside of the European Economic Area for processing and storing. Also, it may be processed by staff operating outside the European Economic Area who work for us or for one of our suppliers.
Whenever we transfer your personal data out of the EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:
- We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission. For further details, see European Commission: Adequacy of the protection of personal data in non-EU countries.
- Where we use certain service providers, we may use specific contracts approved by the European Commission which give personal data the same protection it has in Europe. For further details, see European Commission: Model contracts for the transfer of personal data to third countries.
8.2 Purposes for which we will use your Personal Data. We have set out below, in a table format, a description of all the ways we plan to use your personal data, and which of the legal bases we rely on to do so. We have also identified what our legitimate interests are where appropriate.
Note that we may process your personal data for more than one lawful ground depending on the specific purpose for which we are using your data. Please contact us if you need details about the specific legal ground we are relying on to process your personal data where more than one ground has been set out in the table below.
|Purpose/Activity||Type of Data||Lawful basis for processing including basis of legitimate interest|
|To register you as a new user of our Services||
||Performance of a contract with you|
|To manage our relationship with you which will include responding to a request to you for information||
|To administer and protect our business and our Services (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data)||
|To deliver relevant website content and advertisements to you and measure or understand the effectiveness of the advertising we serve to you.||
||Necessary for our legitimate interests (to study how users use our Services, to develop them, to grow our business and to inform our marketing strategy)|
|To use data analytics to improve our Services, user relationships and experiences||
||Necessary for our legitimate interests (to define types of users for our Services, to keep our website updated and relevant, to develop our business and to inform our marketing strategy)|
|To make suggestions and recommendations to you about goods or services that may be of interest to you||
||Necessary for our legitimate interests (to develop our Services and grow our business)|
8.3 Your Legal Rights under the General Data Protection Regulation.
Under certain circumstances and in the event you are a data subject based in the EU, you have rights under the General Data Protection Regulation in relation to your personal data.
In particular, you have the right to:
Request access to your personal data (commonly known as a “data subject access request”). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.
Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.
Request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal data to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.
Object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your personal data for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.
Request restriction of processing of your personal data. This enables you to ask us to suspend the processing of your personal data in the following scenarios: (a) if you want us to establish the data’s accuracy; (b) where our use of the data is unlawful but you do not want us to erase it; (c) where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims; or (d) you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.
Request the transfer of your personal data to you or to a third party. We will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.
Withdraw consent at any time where we are relying on consent to process your personal data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent.
If you wish to exercise any of the rights set out above, please contact us at the contact details set out below.
No fee usually required. You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
What we may need from you. We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
Time limit to respond. We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
8.4 EU Representative for EU Data Subjects.
We have appointed IT Governance Europe Limited to act as our EU Representative. If you wish to exercise your rights under the General Data Protection Regulation (GDPR) or have any queries in relation to your rights or privacy matters generally please email firstname.lastname@example.org. Please ensure to include our company name in any correspondence you send to our Representative.
8.5 UK Representative for UK Data Subjects.
We have appointed GRCI Law Limited to act as our UK Representative. If you wish to exercise your rights under the UK General Data Protection Regulation (GDPR) or have any queries in relation to your rights or privacy matters generally, please email our Representative at email@example.com. Please ensure to include our company name in any correspondence you sent to our Representative.
9. More Information
4600 Madison Avenue, Suite 300
Kansas City, Missouri 64112