ID5 operates an identity platform for the digital advertising industry. By "Platform", we mean that we provide technology that websites, mobile apps and publishers of other internet-connected properties (such as internet-connected TV's), use to recognize users on their websites, mobile apps and other digital media properties (which we collectively refer to as "Digital Properties"), and that advertisers, or companies on an advertiser's behalf, use to target advertising to users in the most efficient way possible. Digital publishers and other "sellers" want their ads to be relevant to their readers, which helps them to offer content for no cost or lower cost. Advertisers, advertising agencies, and other "buyers" want to use their advertising dollars efficiently by reaching the right audiences, and by measuring the effectiveness of their ads. To accomplish these goals, our clients – including digital publishers and advertising technology platforms and service providers – use our Platform to more efficiently and effectively recognize their users and/or to enable their own clients to do so. ID5 is not an ad network, a media buyer or seller, or a data broker. We do not own digital properties on which we advertise, and we engage in advertising only in a limited manner for our own recruiting purposes and to advertise to other businesses (not to consumers).
The Platform is designed to use certain types of information, that collectively we call "Platform Data". This includes information collected by our technology, products and services on the Digital Properties ("Collected Data"), which may include such information as IP address, unique browser or device identifiers, and the latitude and longitude of your device when you view a website that may want to show you an ad; (ii) information provided or uploaded to us or our Platform by our clients ("Client Data"), which typically includes a "hashed" copy of your email address ("hashing" prevents us from seeing the actual email address); and (iii) "ID5 IDs" (described below), which are random unique identifiers that we create and connect to Collected Data and/or Client Data. See "What Information Do We Collect?" below for more details on the type of information that may be included in Platform Data.
Some Platform Data (for example, cookie IDs, mobile advertising identifiers, ID5 IDs, and IP addresses) may identify a particular computer or device, and may be considered "Personal Data" or "personal information" (or another term with a substantially similar definition and obligations) in some jurisdictions, including the European Economic Area (see below on the meaning of "Personal Data" under the EU General Data Protection Regulation) and certain U.S. states. This data - which we call "Personal Data" - allows us to recognize a particular computer or device over time. We call cookie IDs, mobile advertising IDs, ID5 IDs, and other random unique identifiers "Digital Identifiers".
Our Platform is not designed to utilize information that by itself identifies an individual in the "real world", such as "un-hashed" (i.e., actual) name, address, phone number, email address, or government identifier. Instead, it is designed to utilize only Digital Identifiers that enable the recognition of a specific device or browser.
Under GDPR, "Personal Data" means any data relating to an individual who can be identified, directly or indirectly, from that data. It can take the form of a name or address, and can also extend to unique identifiers that do not tell us who an Internet user is in the "real world" but may, when combined with other information, allow the identification of an individual.
Our Platform does not rely on Personal Data that identifies you as an individual in the "real world", such as your actual, un-hashed name, email address, or phone number. When you (an Internet user) first visit a Digital Property that has integrated our technology, this triggers a request to our Platform. When this occurs, we assign an "ID5 ID" to your browser or device, which allows the Platform to recognize your browser or device the next time it visits another Digital Property that has integrated our technology. Such Digital Identifiers are considered "Personal Data" under the GDPR.
This allows our clients and certain other third parties selected by our clients to sync their own Digital Identifiers against this ID5 ID (see "ID Syncing" below) so that our clients can use their own data on other platforms that they may have associated with their own Digital Identifiers.
Browser: A browser, or web browser, is the user interface or application through which you view web Digital Properties. Examples of prominent browsers are Microsoft's Internet Explorer, Google's Chrome, Apple's Safari, and Mozilla's Firefox.
Cookie: A cookie is a small text file that is stored in a web browser by a website or Ad Server. By saving information in a cookie, websites and servers can remember preferences or recognize web browsers from one visit to another or from one website to another. Cookie IDs are Digital Identifiers.
ID Syncing: ID syncing (sometimes also referred to as cookie syncing) is a common and long-standing process in the digital advertising industry that enables advertisers to link up data from multiple advertising platforms. (In other words, it helps advertisers buy ads in more than one place and on more than one service.)
Here's an example of how ID syncing works. Let's say you sell a product on your website. A customer visits your site. Your website stores a cookie to recognize that customer's browser, and the cookie contains an ID of 12345. You then associate that ID with information about what the customer shopped for on your site. If you want to then use that information to advertise to that user, you might go to an online advertising marketplace to buy ad space. In order to buy the right ad space to show your ads to the right user, you'll need to match your ID, which is 12345, to the ID that the marketplace has assigned to the same customer (which let's say for this example is ABCDE).
The result is a record that says ID 12345 = Marketplace ID ABCDE. That way, when the marketplace offers to sell you ad space to show your ad to ABCDE, your system will know that ABCDE is the same as 12345, and you can pick the right ad to show the customer.
Interest-Based Advertising: Interest-based advertising associates a user’s activity and interest information, demographic information, geographic information, and similar information with a browser cookie or other online identifier in order to provide more useful and relevant advertising. It is sometimes also called "online behavioral advertising", "targeted advertising", "cross-context behavioral advertising" or "tailored advertising".
Mobile Advertising Identifiers: Mobile advertising identifiers (e.g., Apple's iOS Identifier for Advertising (IDFA) or Google's Android Advertising ID (AAID)) are unique IDs that are similar to cookies, but, instead of being stored on your web browser, are associated with individual mobile devices. They usually are user-resettable. Like other Digital Identifiers, Mobile advertising identifiers do not tell us who an Internet user is in the "real world", but may, when combined with other information, allow the identification of an individual. Mobile advertising identifiers are used in connection with apps on your mobile device as opposed to websites that you access through a browser.
Although the specific cookies employed on the ID5 Platform may change from time to time, this describes how and why the ID5 Platform uses cookies. These cookies enable our clients to recognize users and to see users' consent choices (including opt-out choices).
Some browsers or other software may be configured to block third-party cookies by default.
Last Modified: October 10, 2023
This ID5 Platform Privacy Statement (this "Privacy Statement") describes how ID5 collects, uses, shares and otherwise processes Platform Data. It describes how ID5 may enable or allow clients and third-party providers to use Platform Data, but otherwise does not apply to our clients' or other third parties' practices. If you are interested in our website privacy policy, please click here.
What information do we collect and use? | The Platform is designed to collect and use only Platform Data (i.e., Collected Data, Client Data, and ID5 IDs) as described in this Privacy Statement. Details. |
How do we collect information? | The Platform may use cookies, pixels, tags, mobile SDKs, and similar technologies to collect and store Platform Data about web browsers and devices across websites and apps and over time. Details. |
For what purposes do we use the collected information? | ID5 uses the information collected on the Platform to provide, operate, manage, maintain, and enhance the Platform and allow our clients to use our Platform. This means facilitating user identification; using information for fraud detection and the prevention and detection of malicious behavior and maintaining and enhancing our products and services (including our Platform), including using information for machine learning, optimization and statistical analysis. Details. |
In European Jurisdictions, on what legal basis do we process Personal Data? | Where (i) you are a European Economic Area ("EEA"), United Kingdom or Switzerland (such countries, collectively with the EEA, "European Jurisdictions") data subject and (ii) ID5 is acting as a "controller" of Personal Data relating to you, ID5's legal basis for collecting and using such Personal depends on the data concerned and the specific context in which we collect or use it. With respect to Collected Data that is Personal Data in a European Jurisdiction, we generally rely on consent obtained for us by the operators of the Digital Properties that use our technology or use technology that interacts with our Platform; with respect to Client Data that is Personal Data, we rely on consent obtained by or on behalf of the particular client that provides it to us or our Platform. Details. |
What information do we share with third parties? | Where permitted, we provide clients access to their Platform Data that they collect, acquire, or use on the Platform, and typically they may remove it from the Platform for their own use. ID5 may also provide Platform Data to our clients and service providers for the purpose of operating, managing, maintaining, or enhancing our products and services, (including our Platform), including for the safety and security of the Platform and the online advertising industry, or as required by law. ID5 does not share the information collected via the Platform with other third parties, unless legally required. Details. |
How is the information stored and how long is it kept? | Platform Data is stored using generally accepted security standards. It is usually aggregated or deleted within 30-90 days, but may be retained in the Platform for up to 18 months from the date of collection before aggregation or deletion. Details. |
What are your choices? | For European Jurisdiction data subjects, we are registered as a vendor with, and support, the IAB Europe Transparency and Consent Framework (the "TCF Framework"). When you visit a Digital Property, the TCF Framework is designed to enable Digital Properties - which may include our clients - to (i) choose which third parties they wish to allow to access your device and collect, use and share your Personal Data and (ii) provide dynamic transparency and choice to you about each of these third parties (e.g., an opportunity for you to consent) in connection with such Digital Property, depending on that third-party's use of your Personal Data and legal basis. Various clients and third-party providers using our Platform may be accessing your device or collecting, using and sharing your Personal Data as independent controllers for different uses and based on different legal bases or as processors on behalf of other independent controllers. Web browser users may opt out of the use of the Platform for interest-based advertising in their web browser. Mobile app users have access to choices provided by certain apps or in their device system software. Details. |
What happens if this Privacy Statement is changed? | Please check this Privacy Statement for changes. The date of the last update can be found at the top of this Privacy Statement. Material changes will not be applied to previously collected Platform Data. Details. |
Questions? | Please email us at privacy@id5.io. |
Collected Data When you visit a Digital Property (e.g., a website) that uses our technology (or that uses technology that transacts with parties using our Platform), we collect certain information about you and your device, including:
Client Data Our clients may provide or upload to us or our Platform "Client Data", which typically includes a "hashed" email address ("hashing" prevents us from seeing the actual email address). Our clients and vendors, and our clients' third-party clients and vendors, may use their own tags, pixels, cookies, or other similar technology (or those of their other affiliates) within their advertisements and on certain Digital Properties. We are not responsible for our clients, vendors and/or our clients' third-party providers for their privacy practices, including their collection, use, and/or sharing of data and/or their use of technology on their Digital Properties or in their advertisements.
If (i) you are a data subject of a European Jurisdiction and (ii) we are acting as the controller of "Personal Data" relating to you, our legal basis for processing such Personal Data (see "What Information Do We Collect?" above) will depend on the data concerned and the specific context in which we collect or use it. With respect to Collected Data that is Personal Data of a European Jurisdiction data subject, we generally rely on consent obtained for us by the operators of the Digital Properties that use our technology or use technology that interacts with our Platform; with respect to Client Data that is Personal Data of a European Jurisdiction data subject, we rely on consent obtained by or on behalf of the particular client that provides it to us or our Platform.
If you have questions about or need further information concerning the legal basis on which we process Personal Data, please contact us at privacy@id5.io.
ID5 shares Platform Data with the following third parties:
Security
Retention
IAB Europe Transparency and Consent Framework: We are registered as a vendor with, support, and encourage our clients to use, the TCF Framework, which is designed to provide European Jurisdiction data subjects with dynamic transparency into and choice about the various third parties used on Digital Properties on which the TCF Framework is utilized. If you are a European Jurisdiction data subject, the TCF Framework is designed to enable Digital Properties – which may include our clients – to (i) choose which third parties (which may include ID5) they wish to allow to access your device and collect, use and share your personal data and (ii) provide dynamic transparency and choice to you about each of these third parties (e.g., an opportunity for you to consent) in connection with such Digital Property, depending on that third-party's use of your Personal Data and legal basis for such usage.
ID5 Web Browser Opt Out: If you have not already chosen to do so, you may visit https://id5-sync.com/privacy to opt out of having the Platform used to enable our clients to more efficiently serve you relevant ads. When you opt out, an opt-out cookie (from id5-sync.com) will be stored in your web browser. The Platform will know the choice you have made when it sees your opt-out cookie, and will apply your choice to all companies using the Platform. If you block or delete the ID5 opt-out cookie, you will cease to be opted out with respect to the Platform and will need to perform the opt-out process again.
ID5 Web Browser Opt In: If you have previously chosen to opt out, but would now like to opt in, you may visit https://id5-sync.com/privacy to opt in to having the Platform used to enable our clients to more efficiently serve you relevant ads. This does not overwrite any consent settings you may select on a given Digital Property.
Important things to note about the ID5 web browser opt out:
To access the opt outs of other online advertising companies, visit the consumer choice pages of such organizations, as follows:
Mobile App Opt Out: Mobile device system software such as Apple iOS or Google Play Services provide mechanisms that allow users to opt out of the use of information about their usage of mobile apps to deliver targeted ads to their mobile device. For more information, or to opt out using these mechanisms, consult your device settings ("Opt out of Interest-Based Ads" on Android devices and "Limit Ad Tracking" on iOS devices).
If you are a data subject of a European Jurisdiction, you have certain rights and protections under the law regarding the collection, processing, and use of information about you. As stated above, the information we collect about you when you visit Digital Properties that use our technology may include certain identifiers that are considered "Personal Data" under European law.
If you are a data subject of a European Jurisdiction and certain requirements are fulfilled and/or under certain circumstances, you have the right: (i) to access and obtain a copy of your Personal Data; (ii) to erasure of your Personal Data; (iii) to rectification or updating of your Personal Data; (iv) to object to the processing of your Personal Data; (v) to restrict the processing of your Personal Data; and (vi) to data portability (i.e., to be provided with a copy of your Personal Data in a structured, commonly-used, and machine-readable format, and/or to have such a copy provided to a third party). If you are interested in exercising any of these rights, you may do so via our privacy web form (available by clicking here) or you may email us at privacy@id5.io. Please note that, as the process we currently use to verify/authenticate and process "Requests to Know/Access", "Requests to Delete", "Requests to Correct", and "Requests for Data Portability" requires us to recognize an online identifier, if you submit such a "Request to Know/Access" by email, it generally will require more time and at least one more step than submitting your request via the privacy web form.
In addition, you also have the right to withdraw your consent at any time. If you wish to exercise such right with respect to interest-based advertising, you can do so through the mechanisms and methods set forth above under object to the processing of your Personal Data.
Our Platform is designed to collect the minimum amount of Personal Data about you that we believe is necessary to provide our products and services. Because our Platform is not designed to collect information that directly identifies an individual, sometimes it is not feasible for us to provide individuals with information that is tied to their identities.
Also, as a data subject of a European Jurisdiction, you have the right to lodge a complaint about our processing of Personal Data with a European Data Protection Authority, in particular the Member State of your residence, place of work or alleged infringement of the GDPR. For contact details of your relevant local Data Protection Authority, please click here.
Consumer Rights
If you are a resident of a U.S. state with an effective general privacy law (such as California under the California Consumer Privacy Act, including as amended by the California Privacy Rights Act (as amended, "CCPA"), and Virginia under the Virginia Consumer Data Protection Act) (each such law, a "US State Privacy Law"), you have some or all of the following rights with respect to your Personal Data, as set forth in the applicable US State Privacy Law:
Personal Data
To provide and operate our products and services (including our Platform), we utilize (i) Personal Data collected by our products and services on the Digital Properties ("Collected Personal Data"), (ii) Personal Data provided to us by or on behalf of our clients ("Client Personal Data"), and (iii) our ID5 IDs, which are Digital Identifiers (see table below). Even though Client Personal Data is provided to us, we may be considered to have "collected" such data under US State Privacy Laws.
We collect (and during the last 12 months have collected) the following categories of personal information, from the following categories of Personal Data, and for the following business or commercial purposes:
Categories of Personal Data | Categories of Sources | Business / Commercial Purposes |
---|---|---|
Identifiers (such as an online identifier (e.g., a cookie ID, a mobile advertising ID, or an ID5 ID) or an IP address) | Collected Personal Data: we collect such information from consumers via their visits to and/or interactions with the Digital Properties Client Personal Data: we receive such information from our clients or partners | Collected Personal Data: we use such information to provide, operate, maintain, improve, and develop our products and services (including our Platform), including to create and reconcile ID5 IDs Client Personal Information: we use such information to provide, operate, maintain, improve, and develop our products and services (including our Platform), including to create and reconcile ID5 IDs |
Internet or other electronic network activity information (such as browsing history, user agent or timestamp) | Collected Personal Data: we collect such information from consumers via their visits to and/or interactions with the Digital Properties Client Personal Data: we receive such information from our clients or partners | Collected Personal Data: we use such information to provide, operate, maintain, improve, and develop our products and services (including our Platform), including to create and reconcile ID5 IDs Client Personal Data: we use such information to provide, operate, maintain, improve, and develop our products and services (including our Platform), including to create and reconcile ID5 IDs |
With respect to Collected Personal Data, we believe that we are a "controller" or "third party" (each, as defined by the applicable US State Privacy Law) that collects such data via consumers’ visits to and/or interactions with the Digital Properties. With respect to Client Personal Data, we believe that we are a "third party", as we collect such information only from our clients and do not collect it from consumers.
We do not knowingly collect, use, or disclose sensitive Personal Data through our Platform, products, or services.
For information on how long we intend to retain each category of Personal Data, please see "How Is Platform Data Stored, and How Long Is It Kept? – Retention" above.
Disclosure of Personal Data
For purposes of applicable US State Privacy Laws:
Methods of Submitting Requests
If you are a resident of a U.S. state with an effective US State Privacy Law, you may submit requests to exercise your "Right to Know/Access", your "Right to Delete", your "Right to Correct", and/or your "Right to Data Portability" via any of the following methods:
Please note the following:
If you are a resident of a U.S. state with an effective US State Privacy Law, you may exercise your applicable US State Privacy Law "Right(s) to Opt Out" via the following method(s):
Please note that we currently affect US State Privacy Law opt-out rights elections by performing our web browser opt-out process, which results in an opt-out cookie (from id5-sync.com) being stored in your web browser. Such elections – including through the Global Privacy Control user-enabled "universal opt-out mechanism" – will be processed only with respect to the applicable web browser. For more information about such opt-out, please see "What Are Your Choices? – Important things to note about the ID5 web browser opt out" above.
Authorized Agents
If you are a resident of a US state with an effective US State Privacy Law, if and as required by that US State Privacy Law, you may use an "authorized agent" to submit requests to exercise your "right to know/access", your "right to delete", your "right to correct", your "right to data portability", and/or your US State Privacy Law "right(s) to opt-out" (as applicable) on your behalf under that US State Privacy Law. Your authorized agent will need to provide us with a copy of a written permission that is signed by you and indicates that you have provided such authorization.
"Do Not Track"
ID5 has not yet developed a response to browser "Do Not Track" signals, and we do not change any of our data collection practices when we receive such signals. We will continue to evaluate potential responses to "Do Not Track" signals in light of industry developments or legal changes.
While we do not support "Do Not Track" signals, we do honor opt-out preference signals received from Global Privacy Control as the applicable California consumer’s election to opt out of the sale and/or sharing (each, as defined by CCPA) of their Personal Data, to the extent technically feasible.
For more information on your privacy choices, please see "What are your choices?" above and also above in this "Your Rights under Certain U.S. State General Privacy Laws" section.
ID5 supports advertising industry self-regulation, and endorses best practices and self-regulatory requirements that apply to the advertising industry. To learn more about interest-based advertising and industry self-regulation, please visit any of the following organizations:
ID5 is a global company headquartered in the United Kingdom with data centers located in the EEA. If you are a European Jurisdiction data subject and access any of the Digital Properties that use our technology, please be aware that your Personal Data may be transferred to, stored and processed by us and our affiliates in our facilities in the EEA, the United Kingdom and other countries, and by those third parties with whom we may share your information.
Countries outside the EEA may not be deemed by the European Commission to provide an adequate level of data protection for your Personal Data or to have data protection or other laws as comprehensive as those in EEA countries. We will, however, ensure that where ID5 group companies receive Personal Data of EEA data subjects outside the EEA, or provide Personal Data to third-party service providers outside of the EEA, appropriate data protection safeguards are in place (such as "standard contractual clauses").
Please check this page for changes, as we may change this Privacy Statement at any time. If we make changes that we believe are material, those changes will not be applied to information collected prior to the date the changes went into effect.
If you have any questions about this Privacy Statement or our data protection practices, or if you would like to contact our data protection representative, please feel free to contact us by email to privacy@id5.io or by postal mail to the following address: ID5 Technology Ltd, 15 Bishopsgate, London EC2N 3AR, United Kingdom.
If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.
ID5 Platform Privacy Policy v3.0