Marketing Platform Privacy Notice

Last updated: 1 September 2020

 

INTRODUCTION

 

Crossover Consulting Limited (Crossover) is a marketing company that helps organisations to deliver more relevant communications to consumers.

 

Crossover is registered with the ICO under the Data Protection Act, with registration number ZA700092

 

This policy applies to Crossover Consulting Limited, it’s subsidiaries and affiliates (referred to as ‘we’, ‘our’ or us). 

 

We are committed to maintaining the highest standards of privacy compliance including compliance with the GDPR. This notice explains the nature of the personal data that we process and the associated rights of consumers.


 

TYPES OF DATA THAT WE COLLECT

 

Our marketing products rely on various forms of data collected from apps that are installed on user’s mobile devices as well as websites that have been visited.

 

This includes:

Precise and relative location data

Unique device identifiers known as ‘Mobile Advertising ID’s’ 

Time and date information

IP addresses

Partner audience segments (i.e. interest profiles based on location and app/website usage)

 

In doing so, we do not collect any Personally Identifiable Information such as name, email address, telephone number etc.

 

We do not collect or process any ‘special category data’ as defined by the GDPR, for example personal data that relates to ethnicity, religion, political opinions, health, sexual orientation etc.

 

Nor do we knowingly collect data from those aged under 16.


 

HOW WE USE THIS DATA

 

The data described in this policy is used for the following purposes:

 

Creating ‘interest-based audience segments’ - this allows us to serve more relevant advertising to particular devices.

 

Measuring marketing effectiveness - we analyse aggregated groups of users who have been served particular messages to understand whether overall behaviours have changed.

 

Creating traffic based insights such as store catchment area analysis or aggregated store visitation patterns.

 

These purposes may involve combining and/or matching data with other sources where legally permissible.

 

We do not sell personal data to third parties.


 

OBTAINING CONSENT


We receive data from third parties on the contractual basis that data has been lawfully obtained and that the device user has granted consent for such data to be transmitted to Crossover. Such partners are responsible for obtaining all applicable consents from device users.

 

Our lawful basis for processing the above data is consent and Crossover acts as a data controller.

 

You have the right to withdraw your consent at any time. Please see sections titled ‘Data Protection Rights’ and ‘Opting Out’ for further details.


 

DATA SHARING

 

We disclose data to affiliate and third party service providers who provide data processing services to Crossover, for example cloud storage providers or platforms that we use to serve ads including Google, Facebook, Snap, Twitter and Pinterest. We may also disclose data to those who otherwise process personal information for purposes that are described in this Privacy Policy or are notified to device users when personal information is collected. 

 

We may also disclose data if required by law or a valid and effective subpoena.


 

DATA STORAGE AND INTERNATIONAL TRANSFERS

 

We store data in the United Kingdom and the European Union. If personal data is transferred outside of the EEA or Switzerland such transfers are safeguarded by European Standard Contractual Clauses and Data Processing Agreements where this is required by European Data Protection Law.

 

Data is stored in Amazon Web Services and Google Cloud Platform and we adhere to generally accepted industry security standards during transmission and once it is received.

 

We retain personal data for as long as necessary to provide our Services or for legal and contractual purposes. Ordinarily, Mobile Advertising IDs will only be stored for 12 months from the date on which we received such data. After this date, ID’s may be hashed and de-identified.


 

DATA PROTECTION RIGHTS

 

If you are a resident of the European Economic Area and wish to access, correct, update, request deletion, restrict processing, withdraw consent or request portability of your personal data you can contact: privacy@crossovercomms.com

 

You also have the right to object to processing and such requests should be sent to: privacy@crossovercomms.com

 

Please also see the section titled ‘Opting Out’ for more details of how to opt-out of data collection by Crossover, interest based advertising from various providers or to prevent your device from sharing certain types of information.


 

OPTING OUT & LIMITING TRACKING

 

You may limit the use of certain information by submitting an opt-out request to: privacy@crossovercomms.com. Please also see ‘Data Protection Rights’ section for more details.

 

You may limit the disclosure of certain information by your mobile device to app publishers and ourselves by adjusting the settings on your mobile Device. For iOS mobile devices, go to “Settings” from your Device’s home screen; scroll down to “Privacy”; select “Advertising”; and turn on “Limit Ad Tracking.” For Android mobile devices, go to “Google Settings” on your device; select “Ads”; and check the box labeled “Opt Out of Interest-Based Ads.” 

 

For additional instructions or information regarding such opt-outs, please visit: https://www.networkadvertising.org/mobile-choice/ and  https://www.youronlinechoices.com/

 

To opt-out of advertising from companies participating in the Digital Advertising Alliance self-regulatory programme please visit: www.aboutads.info/choices

 

Please note, if you use a different browser or device, reset your Mobile Advertising ID or delete cookies then you may need to resubmit your opt-out.


 

CONTACT DETAILS

 

The data controller of personal information described in this privacy policy is:

Crossover Consulting Limited, 26 Britton St, London EC1M 5UB

Contact: privacy@crossovercomms.com

 

Data Protection Officer: James Davies, James@crossovercomms.com 


 

COMPLAINTS

 

If you have any concerns with how Crossover processes your personal data please contact us at: privacy@crossovercomms.com

 

We respond to all requests. If you are still dissatisfied then you have the right to submit a complaint to the relevant data protection authority. You can find a list here: https://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm


 

CHANGES TO THIS PRIVACY POLICY

 

This Privacy Policy was last updated on 1st September 2020 and we recommend that you revisit this page to keep up to date with any future changes.