ironSource Mobile Ltd. Privacy Policy

Effective Date: May 25, 2018

Table of Contents:

  • About Us.
  • Scope.
  • Information We Collect.
  • How We Use the Information We Collect.
  • Maximum Information Retention Period.
  • How We Share Your Information.
  • How to Control Your Information.
  • Children.
  • International Transfers.
  • Changes to This Privacy Policy.
  • Contact Us.
  • About Us

ironSource Mobile Ltd. (“ironSource Mobile”) operates 3 main services:

  • Ad Network – We have a network that connects app developers with advertisers, and helps app developers to serve ads on their apps. App developers means the company or individual that developed and operates the mobile app that is integrated with or otherwise sends information to ironSource Mobile. Advertiser is a company or an individual that advertises its products or services within the app.
  • Mediation Platform – A platform that helps app developers to manage all the ad providers with which they have a direct relationship (e.g. ironSource Mobile ad network, third party ad networks, additional online advertising companies, etc.) that serve ads on their apps.
  • Marketing Platform – We help advertisers to create and optimize advertising campaigns.

We collect information in either of 2 ways:

  • Directly – from your device through our SDK integrated by app developers in their apps. SDK, or a Software Development Kit, is a software component that allows us to serve ads in a mobile app, and to collect information directly from the end users of such app.
  • Indirectly – through other ad networks with which we engage in order to serve you with ads, or by receiving information from our advertisers.

We collect information as described in this privacy policy for ironSource Mobile’s own purposes, as a data controller under data protection law where relevant, except as otherwise indicated herein.

  • Scope

This privacy policy describes ironSource Mobile’s privacy practices with respect to information it processes through its ad network, mediation platform, and marketing platform. This privacy policy does not govern the use of our website, dashboard for publishers, and dashboard for advertisers.

ironSource Mobile serves ads to users all around the world. Accordingly, throughout the document, we try to harmonize our approach and the language of the privacy policy as much as possible. However, sometimes we refer to specific laws that require further disclosures. Accordingly, whenever you see throughout the policy the annotation “The GDPR angle”, it means that the purpose of such section is to satisfy the transparency requirements of the General Data Protection Regulation (AKA the GDPR), and therefore it applies only to users (devices) who we deem to be located in the European Economic Area, United Kingdom, or Switzerland.   

  • Information We Collect
  • Information collected directly from you through our SDK, and information provided to us by a third party ad network (“Ad Network Information”)

Identifiers: Your Advertising ID, an additional unique identifier of available solely from within the app of the app developer which cannot be used to identify you on other apps, IP address, information about your browser settings. The term Advertising ID refers to the Google Advertising ID on Android devices, and ID For Advertising (“IDFA”) or ID For Vendor (“IDFV”) on iOS devices. The Advertising ID is a resettable persistent identifier generated by Android or iOS that allows online advertising companies to recognize your device across non-affiliated apps, for purposes such as frequency capping, attribution, fraud detection, personalized advertising, and whitelisting. You can find additional information about how to limit our use of your Advertising ID under “How to Control Your Information”.

General technical information about your device: The ironSource Mobile SDK version, your time zone, the amount of free memory on your device, the name and version of the app to which the ad is served, battery status, limit ad tracking status, operating system name and version, timestamp, the name of the manufacturer of the device, the language of the operating system, the name of the mobile carrier, internet connection type (e.g. WiFi).

Interaction with our ads: An indication if you viewed or clicked on an ad.

  • Information received (through our SDK) from app developers that are integrated with our mediation platform (“Mediation Information”) – your age, gender, in-app purchases, advance in the game, and such other information provided by the app developer.
  • Information received from advertisers (through the advertiser itself or through a third party in behalf of such advertiser) (“Advertiser Information”)

Identifiers: Your advertising ID, IP address, a unique identifier of your device available solely with respect to the advertiser, information about your browser settings.

Campaign information: an indication that you installed the advertiser’s app following a click on or a view of an ad served by us or otherwise; information about actions you performed within an advertiser’s app following such an install, such as in-app purchases, level in the game, and the number of times you opened the app; and other information that the advertiser decides to share with us.

  • How We Use the Information We Collect:

As stated above, we perform 3 main services. For each such service, we use the information we collect in different ways. Below is a general description of how we use your information across our services:

  • Serving Ads on App Developers’ Apps – We use the Ad Network Information collected from your device to serve ads on app developers’ apps. More specifically, we use such information for the following purposes:
    • Ad delivery: we use your Ad Network Information to technically enable the delivering of ads to your device.
    • Reporting, billing and attribution: We use your Ad Network Information to generate reports for our publishers and bill advertisers and publishers, including for ensuring that if you interacted with our ads, we will receive payment for our service.
    • Internal Operations: We use your Ad Network Information for internal operations, such as debugging, support, security, and improving our services.
    • Fraud detection and prevention: We use your Ad Network Information for detecting and preventing fraud, and for ensuring viewability of our ads.
    • Optimization and frequency capping: We use your Ad Network Information for optimizing advertising campaigns, including for limiting the number of times you view a specific campaign across our network, or the number of ads you view in a specific app.
    • Personalized advertising: Our corporate affiliates and advertisers may use your Ad Network Information for personalized advertising (i.e. ads that are based on your interest or profile).
  • Operating our Mediation Platform – We use your Advertising ID, IP address, and Mediation Information collected from your device to operate our mediation platform. More specifically, we use such information for the following purposes:
    • Reporting: We generate reports for the app developers using our mediation platform in order to allow them to better understand their audience in terms of interaction with ads.
    • Segmentation: We allow app developers to create segments based on parameters they configure in our mediation platform. Such segmentation allows them to use different ad networks and different ad units for different segments of users. However, this feature does not allow them to serve you with personalized advertising, as app developers cannot control the content of the ads served by different networks.
    • Sending ad requests on behalf of the app developer: In addition to the other information used to operate the mediation platform, we use the Ad Network Information in order to send ad requests on behalf of the app developer to ad networks with which the app developer has direct contractual relationship, but due to technical reasons, we are in the best position to populate the ad request with the Ad Network Information.
  • Operating our Marketing Platform – We use the Advertiser Information received from our advertisers to operate our marketing platform. More specifically, we use such information for the following purposes:
    • Optimizing advertising campaigns: We optimize campaigns for our advertisers based, for example, on events that happen in their app or indications of installs received from other apps.
    • Suppression: We use device IDs of users of an advertiser’s app in order not to serve advertising campaigns of such advertiser to such users, as they already have the advertiser’s app.
    • Whitelisting/blacklisting: We allow advertisers to upload lists of device IDs to include/exclude in their advertising campaigns.
  • Compliance with legal obligations – We may use your Ad Network Information, Mediation Information, and Advertiser Information to comply with applicable legal obligations.

The GDPR Angle:

  • We act as a processor – When we process Ad Network Information, Mediation Information and Advertiser Information on behalf of app developers, we act as their processors. For any request to exercise your individual rights related to such processing (including the rights of access, rectification, erasure, portability, and the right to restriction and/or object to processing), you should contact the relevant app developer.
  • We also act as controllers and process personal data on the basis of legitimate interest – When we process Ad Network Information for the purposes of optimization and frequency capping (to ensure you are not seeing the same ad too many times), fraud detection and prevention (to ensure that our ads are not viewed by bots, and/or any other fraudulent means), and internal operations, as detailed above (to ensure you receive smooth and secured experience), on the basis of our legitimate interest or the legitimate interests of our app developers, in order to ensure a specific campaign is .
  • Personalized Advertising in the European Economic Area, United Kingdom, and Switzerland  At the moment, we do not serve personalized ads to users who are located in the European Economic Area, United Kingdom, and Switzerland. However, as a result of technical considerations, on certain occasions, we may be included in consent pop-ups operated by app developers and ad networks that are engaged with us. If we start serving personalized advertising to users who are located in the European Economic Area, United Kingdom, and Switzerland, we, will ask you for your consent (typically through consent pop-us managed by app developers and ad networks with which we work).
  • Further processing of Advertiser Information – When we process Advertiser Information, we may further process Advertiser Information for optimization of our network based on our legitimate interest.
  • Legal necessity – We may process your Ad Network Information, your Mediation Information, and your Advertiser Information for compliance with applicable legal obligations.
  • Maximum Information Retention Period:

We will retain your Ad Network Information, Mediation Information, and Advertiser Information for the longer of: (i) a period of up to 2 years from the date such information is first stored in our systems; or (ii) a period of 3 months from the last appearance of your Advertising ID in our systems.

  • How We Share Your Information:
  • We share your Ad Network Information with:
    • Other ad networks – for the purpose of receiving advertising campaigns from such ad networks.
    • Our corporate affiliates – from which we receive services, such as IT, security, storage, delivery of advertising campaigns, personalized advertising, and other internal operations.
    • Advertisers – for the purposes of attribution and whitelisting/blacklisting, as stated above.
  • Service providers – We share your Ad Network Information, Mediation Information, and Advertiser Information with our service providers for the purpose of receiving services such as fraud detection and prevention, viewability measurement, reporting, and storage.
  • Viewability measurement – Please note that certain versions of our SDK may include MOAT, Inc.’s SDK for the purpose of verifying if our ads were actually viewed. Please review MOAT, Inc.’s privacy policy to learn about their privacy practices, as available at: https://moat.com/privacy.
  • How to Control Your Information:
  • Personalized Ads – We collect and transfer Ad Network Information to other entities (including our corporate affiliates and non-affiliates such as advertisers, other ad networks, and third parties acting on behalf of these types of entities) that use the information described in this Privacy Policy for serving you with personalized ads (i.e. ads that are based on your interests or profile).   
  • Opt out from personalized ads – If you do not want us to transfer your information to corporate affiliates and third parties for personalized ads, please follow the below instructions:
    • iOS devices: go to Settings > Privacy > Advertising > enable Limit Ad Tracking. Please note that if you use more than one device, you need to opt-out separately in each device.
    • Android devices: Please follow the instructions set forth at: https://support.google.com/ads/answer/2662922?hl=en. Please note that if you use more than one device, you need to opt-out separately in each device.
  • Scope of the opt-out – Note that if you reset your advertising ID through your device’s platform settings, you should follow the steps above to reset your opt-out choice.  In addition, opting out may not stop data from being collected from your device or transferred for other, non-personalized advertising purposes such as optimization, reporting, frequency capping, internal operations, and fraud prevention. If you become aware of any third party that received your Ad Network Information from us, and that does not respect your choices, please let us know by contacting us at: dpo@ironsrc.com.

The GDPR Angle:

  • Data subject rights – Please note that you have the right to request from us access to and rectification or erasure of your personal data we process as controllers, or to restrict or to object to processing of your personal data in accordance with the provisions of the GDPR. To submit a request for exercising your rights, please send an email with your request to the following address: gdpr-request@ironsrc.com. Please note that we will process your request subject to verification of your identity.
  • Complaint to supervisory authority – You also have the right to file a complaint with the relevant supervisory authority (e.g. of your country or domicile) where ironSource has not addressed your concerns.
  • Children:

ironSource does not knowingly collect or maintain personal information collected online from children under the age of 13, except to the extent that the U.S. Children’s Online Privacy Protection Act permits us to collect and maintain such information without parental consent. If you believe your child has provided us with personal information that is covered by the U.S. Children’s Online Privacy Protection Act without your required consent, please contact us at legal@ironsrc.com and we will make reasonable efforts to delete the information from our records. Our services may link to other websites or mobile apps. Please be advised that we are not responsible for the privacy practices of such other websites or mobile apps as those may have different privacy policies and terms of use and are not associated with us. You agree that we cannot control these websites and/or mobile apps and we shall not be responsible for any use of such websites and/or mobile apps.

The GDPR Angle:

We do not collect or otherwise process personal data from individuals in the European Economic Area, the United Kingdom, and Switzerland whom we know to be under 16 years of age, except to comply with law or to support our legitimate interests or the legitimate interests of our app developers as described above.

  • International Transfers:

We store information that we collect from your device on our Amazon Web Services servers in the United States. Accordingly, please note that if you do not live in the United States, we will transfer your information to and store it in, the United States.

The GDPR Angle:

If you are located in the European Economic Area, the United Kingdom, or Switzerland, we will transfer your information to the United States based on the Standard Contractual Clauses. If you wish to receive a copy of these clauses, please contact us through the below contact details.

  • Changes to This Privacy Policy:

We may revise this Privacy Policy from time to time. The most current version of the policy will govern our processing of your information and is posted at https://developers.ironsrc.com/ironsource-mobile/air/ironsource-mobile-privacy-policy/. If we make a change to this policy that, in our sole discretion, is material, we will notify you via a banner on this website and by posting the revised Privacy Policy. By continuing to access or use an app containing our services after those changes become effective, you agree to be bound by the revised Privacy Policy.

  • Contact Us

ironSource Mobile Ltd.

dpo@ironsrc.com

121 Menachem Begin Rd., Tel Aviv, Israel

Attn: Data Protection Officer