Marketing Platform Privacy Notice
Last updated: 1 September 2020
Crossover Consulting Limited (Crossover) is a marketing company that helps organisations to deliver more relevant communications to consumers.
Crossover is registered with the ICO under the Data Protection Act, with registration number ZA700092
This policy applies to Crossover Consulting Limited, it’s subsidiaries and affiliates (referred to as ‘we’, ‘our’ or us).
We are committed to maintaining the highest standards of privacy compliance including compliance with the GDPR. This notice explains the nature of the personal data that we process and the associated rights of consumers.
TYPES OF DATA THAT WE COLLECT
Our marketing products rely on various forms of data collected from apps that are installed on user’s mobile devices as well as websites that have been visited.
Precise and relative location data
Unique device identifiers known as ‘Mobile Advertising ID’s’
Time and date information
Partner audience segments (i.e. interest profiles based on location and app/website usage)
In doing so, we do not collect any Personally Identifiable Information such as name, email address, telephone number etc.
We do not collect or process any ‘special category data’ as defined by the GDPR, for example personal data that relates to ethnicity, religion, political opinions, health, sexual orientation etc.
Nor do we knowingly collect data from those aged under 16.
HOW WE USE THIS DATA
The data described in this policy is used for the following purposes:
Creating ‘interest-based audience segments’ - this allows us to serve more relevant advertising to particular devices.
Measuring marketing effectiveness - we analyse aggregated groups of users who have been served particular messages to understand whether overall behaviours have changed.
Creating traffic based insights such as store catchment area analysis or aggregated store visitation patterns.
These purposes may involve combining and/or matching data with other sources where legally permissible.
We do not sell personal data to third parties.
We receive data from third parties on the contractual basis that data has been lawfully obtained and that the device user has granted consent for such data to be transmitted to Crossover. Such partners are responsible for obtaining all applicable consents from device users.
Our lawful basis for processing the above data is consent and Crossover acts as a data controller.
You have the right to withdraw your consent at any time. Please see sections titled ‘Data Protection Rights’ and ‘Opting Out’ for further details.
We may also disclose data if required by law or a valid and effective subpoena.
DATA STORAGE AND INTERNATIONAL TRANSFERS
We store data in the United Kingdom and the European Union. If personal data is transferred outside of the EEA or Switzerland such transfers are safeguarded by European Standard Contractual Clauses and Data Processing Agreements where this is required by European Data Protection Law.
Data is stored in Amazon Web Services and Google Cloud Platform and we adhere to generally accepted industry security standards during transmission and once it is received.
We retain personal data for as long as necessary to provide our Services or for legal and contractual purposes. Ordinarily, Mobile Advertising IDs will only be stored for 12 months from the date on which we received such data. After this date, ID’s may be hashed and de-identified.
DATA PROTECTION RIGHTS
If you are a resident of the European Economic Area and wish to access, correct, update, request deletion, restrict processing, withdraw consent or request portability of your personal data you can contact: email@example.com
You also have the right to object to processing and such requests should be sent to: firstname.lastname@example.org
Please also see the section titled ‘Opting Out’ for more details of how to opt-out of data collection by Crossover, interest based advertising from various providers or to prevent your device from sharing certain types of information.
OPTING OUT & LIMITING TRACKING
You may limit the use of certain information by submitting an opt-out request to: email@example.com. Please also see ‘Data Protection Rights’ section for more details.
You may limit the disclosure of certain information by your mobile device to app publishers and ourselves by adjusting the settings on your mobile Device. For iOS mobile devices, go to “Settings” from your Device’s home screen; scroll down to “Privacy”; select “Advertising”; and turn on “Limit Ad Tracking.” For Android mobile devices, go to “Google Settings” on your device; select “Ads”; and check the box labeled “Opt Out of Interest-Based Ads.”
To opt-out of advertising from companies participating in the Digital Advertising Alliance self-regulatory programme please visit: www.aboutads.info/choices
Please note, if you use a different browser or device, reset your Mobile Advertising ID or delete cookies then you may need to resubmit your opt-out.
Crossover Consulting Limited, 26 Britton St, London EC1M 5UB
Data Protection Officer: James Davies, James@crossovercomms.com
If you have any concerns with how Crossover processes your personal data please contact us at: firstname.lastname@example.org
We respond to all requests. If you are still dissatisfied then you have the right to submit a complaint to the relevant data protection authority. You can find a list here: https://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm