Updated: May 24, 2018

AcuityAds is committed to transparency, and we want EU data subjects to have access to personal data that we may have about them and/or the devices that they may use to access the Internet.

Our privacy policy describes the types of personal data that we process. We only ask for the information we need to help us process a subject access request and will only keep information pertaining to your request for up to two years. If you are a client of AcuityAds with a login and password to the Acuity Platform, we ask that you first direct your request to the person or persons at your organization that administers the relationship with AcuityAds.

YOUR EU DATA SUBJECT ACCESS RIGHTS

If you make a subject access request as set out in this policy, you are entitled to see the personal data that we have about you including any digital identifiers such as cookie IDs and mobile advertising IDs that AcuityAds may store.

We will provide you with the ability to see the personal data that we have by providing you with a copy of that data. You have the right to port that data to a different entity than AcuityAds, although we can’t guarantee that others will be in position to ingest this data. We will also provide you with the ability to correct errors in the data, but reserve the right to simply delete data which you’ve indicated may contain errors or inaccuracies. We will restrict or cease processing of this data upon request and offer you the ability to object to our processing of this upon request. And we will delete the data upon request so long as we are not prohibited from doing so by applicable law and/or the information is not required for us for billing, fraud prevention or security purposes.

Please note that the information we process as part of the services we provide is owned and/or controlled by our clients as controllers of that data. Where we are merely the agents and/or processors of data (e.g., re: the data we process via the Acuity Platform), we may be prohibited from processing this data except as directed in writing by those Clients. If that’s the case, we will submit your request to the applicable Client and await their written instructions. Also, if we are unable to locate any of the information you have requested, we will let you know.

MAKING AN EU DATA SUBJECT ACCESS REQUEST 

Step 1: Locating Your Information

Providing us with your email address and telephone number should be relatively straightforward. Please note that we will send you an email to the address(es) provided in order to help us authenticate your request.

Here’s what you need to do in order to share your digital identifiers.

As described in our privacy policy, and our cookie policy, our advertising technology operates using text files called “cookies” that are placed on your computer or device. For more general information about cookies, please visit http://www.allaboutcookies.org/. Some of the cookies we place may provide a unique ID which helps our systems recognize your browser or device over time.  In order to find the unique ID, please use your Internet browser to look for cookies named “auid” (which is set from the AcuityPlatform.com domain). The text in each of these cookies is a separate unique ID.

Please keep in mind that different cookies are placed on each browser that you use to access the Internet. As a result, if you use multiple browsers (for example, Google Chrome and Mozilla Firefox), you will need to locate the “auid” cookies for each browser. Your browser’s help section should provide an overview of how to locate your cookies. An internet search of how you may find cookies in your browser may also be helpful. If you need more assistance locating these cookies for your browser, please feel free to email us for assistance at privacy@acuityads.com.

 

Mobile Devices

Additionally, certain mobile devices (for example, mobile phones or tablets using the iOS or Android operating systems) generate persistent a “Advertising Identifier” per device, which, among other things, can be used by third parties for purposes of providing you with targeted advertising. On iOS devices, your Advertising Identifier may be referred to as an “IDFA,” “IFA,” or an “ID for Advertising.” On Android devices, your Advertising Identifier may be referred to as an “Advertising ID.” Please follow instructions from your mobile device manufacturer on how to locate your specific Advertising Identifier.

Step 2: Authentication of the Information Provided

In order to make sure that we are only providing personal data to the correct person, we also will need to take reasonable steps to authenticate your request. We request that you provide screen shots of any cookies and mobile Advertising Identifiers for which you are submitting a request. We also reserve the right to send you an email to any addresses you provide in order to authenticate that portion of your request. We also request that you fill out and sign the affidavit we’ve prepared this PDF. By filling out and signing the affidavit, you’re promising AcuityAds that you’re the person listed on the affidavit, and proof to demonstrate that you are indeed connected to the personal data and digital identifiers you located in Step 1.

 Step 3: Contacting AcuityAds

Once you have located your Digital Identifiers and can provide us with verification of those Digital Identifiers, you should reach out to us. The easiest way to do so would be to email us at privacy@acuityads.com.

Please make sure to include the following information in your email:

  • Your full name
  • The country in which you are located at the time you are making your request
  • A signed affidavit, linked in Step 2
  • The screenshots providing supporting proof of the Cookie IDs and Mobile Advertising IDs, as described in Step 2

EU data subjects can also make a subject access request by mail, by sending a written request with all of the above-listed information to the following address:

AcuityAds Inc.
181 Bay Street, Suite 320
Toronto, ON, M5J 2T3
Canada