Odeeo Privacy Policy
Last Updated: August 7, 2024
In order to ensure transparency and give you more control over your Personal Data (as defined below), this privacy policy (“Privacy Policy”) governs how we, Sonic Odeeo Ltd. (“Odeeo” “we”, “our” or “us”) use, collect and store personal data we collect or receive from or about you (“you”) such as in the following use cases:
- When you browse or visit our website, https://odeeo.io/ (“Website”)
- When you contact us
- When you request a demo
- When you submit your CV in the careers section
- When you are a Publisher and you create an account, log in, and make use of our Services (as defined below)
- When we serve an end user an advertisement on the mobile application of the Publisher (as defined below);
- When you attend marketing events and provide us with Personal Data and/or exchange business cards with us
- When we use the Personal Data of our service providers and suppliers
- When we collect Demand Partners (as defined below) contact details
- When we collect all categories of personal data to comply with a legal obligation to store records of data processing activities
Odeeo offers specialized and innovative solutions and concepts for audio advertising and an audio-based ad platform for mobile applications (the “Services”), allowing ad placements by entities or individuals that develop mobile applications (“Publisher”) provided by or on behalf of entities that provide advertisements, including demand side platforms, advertising networks, or other advertising demand sources (collectively, the “Demand Partners”). In addition, we offer a portal (“Portal”) for the Publishers.
We greatly respect your privacy, which is why we make every effort to provide you with meaningful information concerning our processing of your Personal Data and about our data protection practices in general. Please read this Privacy Policy carefully, so you can fully understand our practices in relation to personal data. “Personal Data” or “Personal Information” means information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with you. Please note that this is a master privacy policy and some of its provisions only apply to individuals in certain jurisdictions. For example, the legal basis in the table below is only relevant for GDPR-protected individuals.
This Privacy Policy can be updated from time to time and, therefore, we ask you to check back periodically for the latest version of this Privacy Policy. If we implement significant changes to the use of your Personal Data in a manner different from that stated at the time of collection, we will notify you by posting a notice on our Website or by other means.
Table of Contents:
- What Personal Data we Collect, Why we Collect it, and How it is Used
- Publisher Information
- Period of Storage of Collected Personal Data
- How we Protect your Personal Data
- How we Share your Personal Data
- Additional Information Regarding Transfers of Personal Data
- Your Privacy Rights
- Interaction With Third Party Products
- Use by Children
- Analytic Tools
- Specific Provisions Applicable Under California Privacy Law
- Changes to the Privacy Policy
- Contact us
1. What Personal Data we Collect, Why we Collect it, and How it is Used
Personal Data we collect | Why is the Personal Data collected and for what purposes? | Legal basis (GDPR only, if applicable) | Consequences of not providing the Personal Data |
---|---|---|---|
Internet and other electronic network information, such as IP address and device details. We collect the Personal Data via necessary cookies and log files. For more information, please read our Cookies Policy. | ● Ensuring the security and functionality of the Website ● Debugging and developing the Website ● Improving user experience |
Legitimate interest (e.g., to improve your user experience) (Article 6(1)(f)) | Cannot collect and store the information Cannot improve your user experience Certain Website features may not be available |
Internet and other electronic network information, such as IP address, usage pattern of the Website, and device details. We collect the Personal Data via cookies, analytic tools, and log files. For more information, please read our Cookies Policy. | ● To engage in internet-based advertising ● To track your usage of the Website |
Your consent (Article 6(1) (a)) | Cannot make re-targeting Cannot track your usage of the Website |
When you contact us
Personal Data we collect | Why is the Personal Data collected and for what purposes? | Legal basis (GDPR only, if applicable) | Consequences of not providing the Personal Data |
---|---|---|---|
● Full name ● Email address ● Phone number ● Company name ● Contact reason (if chosen) ● The content of the message (any additional information you choose to share with us) |
● To process and answer questions ● To provide support |
Performance of a contract (Article 6(1)(b)) Your consent (Article 6(1) (a)) * When you provide us with personal data and you contact us, this action can be considered a request to establish or fulfill a contract between you and us. Nevertheless, if there is uncertainty, we rely on legitimate interest (e.g., to provide support) (Article 6(1)(f)). |
Cannot assist you and respond to your query Cannot provide support |
When you request a demo
Personal Data we collect | Why is the Personal Data collected and for what purposes? | Legal basis (GDPR only, if applicable) | Consequences of not providing the Personal Data |
---|---|---|---|
● Full name ● Email address ● Phone number ● Company name ● Contact reason (if chosen) ● The content of the message (any additional information you choose to share with us) |
● To provide you with a demo of our Services | Performance of a contract (Article 6(1)(b)) Your consent (Article 6(1) (a)) * When you provide us with personal data to book a demo, this action can be considered a request to establish or fulfill a contract between you and us. |
Cannot provide you with a demo preview of our Services |
When you submit your CV in the careers section
Personal Data we collect | Why is the Personal Data collected and for what purposes? | Legal basis (GDPR only, if applicable) | Consequences of not providing the Personal Data |
---|---|---|---|
● Full name ● Email address ● Phone number ● CV/resume ● Any additional information you choose to share with us |
● To assess you as a candidate ● To contact you for candidacy-related matters |
Performance of a contract (Article 6(1)(b)) Your consent (Article 6(1) (a)) * When you provide us with personal data to submit your CV, this action can be considered in order to take steps at the request of the data subject prior to entering into a contract. |
Cannot assess you as a candidate Cannot contact you for candidacy-related matters |
When you are a Publisher and you create an account, log in to the Portal, and make use of our Services
Personal Data we collect | Why is the Personal Data collected and for what purposes? | Legal basis (GDPR only, if applicable) | Consequences of not providing the Personal Data |
---|---|---|---|
● Contact details: - Company name and address - Full name - Email address - Phone number - Job position / title - Billing information - Any additional information you choose to share with us ● When the Publisher (and its employees) make use of our Portal (as part of the Services): - Company name and details - Full name - Email address - Username & password - Business Phone number - Usage pattern - Any additional information you choose to share with us |
● To allow you to create an account and log in ● To perform/execute the agreement ● To grant you access to the Services ● To communicate with you in case of support, updates, and upgrades ● To improve the user experience with the Services and the Portal |
Performance of a contract (e.g., to allow you to create an account) (Article 6(1)(b)) Legitimate interest (e.g., to provide you with customer support) (Article 6(1)(f)) |
Cannot allow you to create an account and log in Cannot perform/execute the agreement Cannot grant you access to the Services Cannot communicate with you in case of support, updates, and upgrades Cannot improve the user experience with the Services and the Portal |
When we serve an end user an advertisement on the mobile application of the Publisher
Personal Data we collect | Why is the Personal Data collected and for what purposes? | Legal basis (GDPR only, if applicable) | Consequences of not providing the Personal Data |
---|---|---|---|
General/classic mode: ● Mobile Ad ID ● IP address (country location) ● User agent (a text string which includes information regarding your devices such as type of device, operating system, type of browser) ● TCF preference strings (if any received) ● Device details (manufacturer, model, audio details, etc.), to the extent considered Personal Data Non-consent mode: ● IP address (country location) ● User agent (a text string which includes information regarding your devices such as type of device, operating system, type of browser) ● TCF preference strings (if any received) ● Device details (manufacturer, model, audio details, etc.), to the extent considered Personal Data CCPA – Do Not Sell My Personal Information mode: ● IP address (country location) ● User agent (a text string which includes information regarding your devices such as type of device, operating system, type of browser) ● TCF preference strings (if any received) ● Device details (manufacturer, model, audio details, etc.), to the extent considered Personal Data Kids Safe-Mode advertisement: This category means that the Publisher requested to limit the data collection and type of Advertisements in a manner that the end user shall be treated as children. Therefore, the only data collected is: ● IP address (country location) ● User agent (a text string which includes information regarding your devices such as type of device, operating system, type of browser) ● TCF preference strings (if any received) ● Device details (manufacturer, model, audio details, etc.), to the extent considered Personal Data |
● To serve behavioral ads when the end user makes use of the Publisher’s mobile application ● To measure ad performance; ● To receive the impression events ● To apply market research to generate audience insights ● To ensure security, prevent fraud, and debug ● To calculate the monetization payments ● To develop, update, fix and improve our products and Services |
To the extent that we are considered a separate data controller, we request Publishers to obtain the relevant permissions and legal basis (e.g., depending on the context, consent or legitimate interest) through the Publisher consent management platform on the applicable mobile application. We have a contract in place with the relevant Publisher. The Publisher is responsible for collecting consent and passing it to us. Please note that our Services can be initialized whether or not an end-user provides their consent to the Publisher. | Cannot serve a personalized advertisement to the end users. Cannot apply market research to generate audience insights Cannot develop, update, fix, and improve our products and Services |
When you attend marketing events and provide us with Personal Data and/or exchange business cards with us
Personal Data we collect | Why is the Personal Data collected and for what purposes? | Legal basis (GDPR only, if applicable) | Consequences of not providing the Personal Data |
---|---|---|---|
● Full name ● Email address ● Company name ● Job position ● Phone numbers ● Any other data you decide to provide/supply us with |
● To establish a business connection ● To send marketing communications |
Your consent (Article 6(1) (a)) Performance of a contract (Article 6(1)(b)) (e.g., to provide you with additional information of Odeeo and its Services – B2B relationship) |
Cannot establish a business connection Cannot send marketing communications |
When we use the Personal Data of our service providers and suppliers
Personal Data we collect | Why is the Personal Data collected and for what purposes? | Legal basis (GDPR only, if applicable) | Consequences of not providing the Personal Data |
---|---|---|---|
● Full name ● Email address ● Company name ● Job position ● Phone numbers ● Billing information ● Any other data you decide to provide/supply us with |
● To contact our service providers ● To perform the applicable agreement ● To communicate with you (e.g., service-related communications) |
Performance of a contract (Article 6(1)(b)) Legitimate interest (e.g., to provide technical support) (Article 6(1)(f)) |
Cannot communicate with you Cannot perform the applicable agreement |
When we collect Demand Partners contact details
Personal Data we collect | Why is the Personal Data collected and for what purposes? | Legal basis (GDPR only, if applicable) | Consequences of not providing the Personal Data |
---|---|---|---|
● Personal identifiers and customer records information, including: - Full name - Email address - Job position - Phone numbers - Payment information (i.e., bank account number and/or credit card details) - Any other data you decide to provide/supply us with |
● To provide our products and Services ● To contact our Demand Partners ● To perform the applicable agreement |
Performance of a contract (Article 6(1)(b)) Legitimate interest (e.g., to provide technical support) (Article 6(1)(f)) |
Cannot provide the Services Cannot communicate with you Cannot perform the applicable agreement |
2. Publisher Information
2.1. For the avoidance of doubt, Odeeo is processing the Publisher Data on behalf of the applicable Publisher. Therefore, the Publisher is the responsible party for the security, integrity, and authorized usage of Publisher Data in the context of the Services and also for obtaining consents, permissions, and providing any required data subject rights and fair processing notices required for the collection and usage of such Publisher Data.
2.2. Odeeo has a contractual relationship with the Publisher. In the context of Odeeo’s Services, the Publisher shall install an SDK on their mobile application and the SDK will collect information of the user, including Personal Data (“Publisher Data”). See above in Section 1 the different modes that the Publisher can implement, at their discretion. If you have any questions related to the Publisher Data, please contact the relevant Publisher directly.
3. Period of Storage of Collected Personal Data
Your Personal Data will be stored until we: (i) no longer need the information and proactively delete it; or (ii) you send a valid deletion request. Please note that we may retain it for a longer or shorter period in accordance with data retention laws. In addition, in some circumstances, we may store your Personal Data for longer periods of time, for example (i) where we are required to do so in accordance with legal, regulatory, tax, or accounting requirements, or (ii) for us to have an accurate record of your dealings with us in the event of any complaints or challenges, or (iii) if we reasonably believe there is a prospect of litigation relating to your Personal Data or dealings.
4. How we Protect your Personal Data
We have implemented appropriate technical, organizational, and security measures designed to protect your Personal Data. As the security of information depends in part on the security of the computer, device, or network you use to communicate with us and the security you use to protect your user IDs and passwords, please make sure to take appropriate measures to protect this information. We regularly review our security procedures and policies to consider appropriate new technology and methods.
5. How we Share your Personal Data
5.1. With our business partners, including the Demand Partners (for example, to serve you the advertisement) and the vendors or analytic companies, as instructed by the Publishers.
5.2. With service providers that assist us in providing the Website and the Services for the following purposes:
- With cloud providers for hosting purposes;
- With WordPress service providers in order to help us manage our Website;
- With email providers, marketing, cookies and analytic tools, CRM and other similar tools; and
- With fraud prevention vendors.
5.3. With regulators, to comply with all applicable laws, regulations, and rules, and requests of law enforcement, regulatory, and other governmental agencies or if required to do so by court order;
5.4. To the extent necessary, to our employees, contractors, legal advisors, law enforcement, or governmental agencies in order to protect our legal interests and other rights, protect against fraud or other illegal activities, prevent harm, for risk management purposes, or to comply with a legal obligation; and/or
5.5. If, in the future, we sell or transfer some or all of our business or assets to a third party, we will (to the minimum extent required) disclose information to a potential or actual third-party purchaser of our business or assets. In the event that we are acquired by or merged with a third-party entity, or in the event of bankruptcy or a comparable event, we reserve the right to transfer or assign Personal Data in connection with the foregoing events;
5.6. Where you have provided your consent (e.g., where you provide us with marketing consents or opt-in to optional additional services or functionality);
5.7. If you want to receive the list of the current recipients of your Personal Data, please contact us at info@odeeo.io.
6. Additional Information Regarding Transfers of Personal Data
Where we transfer your Personal Data outside of EU/EEA (for example, to third parties who provide us with services), we will generally obtain contractual commitments from them to protect your Personal Data. When Odeeo engages in such transfers of personal information, it relies on i) Adequacy Decisions as adopted by European Commission on the basis of Article 45 of Regulation (EU) 2016/679 (GDPR) (for example, when we access from Israel), or ii) Standard Contractual Clauses issued by the European Commission. Odeeo also continually monitors the circumstances surrounding such transfers in order to ensure that these maintain, in practice, a level of protection that is essentially equivalent to the one guaranteed by the GDPR.
7. Your Privacy Rights
7.1. EU Residents: If our processing of your Personal Data is subject to GDPR, you are entitled to the following rights (which may be subject to certain exemptions or derogations):
- You have a right to access Personal Data held about you. Your right of access may normally be exercised free of charge; however, we reserve the right to charge an appropriate administrative fee where permitted by applicable law;
- You have the right to request that we rectify any Personal Data we hold that is inaccurate or misleading;
- You have the right to request the erasure/deletion of your Personal Data (e.g., from our records). Please note that there may be circumstances in which we are required to retain your Personal Data, for example for the establishment, exercise, or defense of legal claims;
- You have the right to object to or to request restriction of the processing;
- You have the right to data portability. This means that you may have the right to receive your Personal Data in a structured, commonly used and machine-readable format, and that you have the right to transmit that data to another controller;
- You have the right to object to profiling;
- You have the right to withdraw your consent at any time. Please note that there may be circumstances in which we are entitled to continue processing your data, in particular, if the processing is required to meet our legal and regulatory obligations. Also, please note that the withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal;
- You also have a right to request certain details of the basis on which your Personal Data is transferred outside the European Economic Area, but data transfer agreements and/or other details may need to be partially redacted for reasons of commercial confidentiality;
- You have a right to lodge a complaint with your local data protection supervisory authority (i.e., your place of habitual residence, place or work, or place of alleged infringement) at any time or before the relevant institutions in your place of residence. We ask that you please attempt to resolve any issues with us before you contact your local supervisory authority and/or relevant institution. In case of any questions regarding data protection, you can apply to the Supervisory Authority. You can find the full list of EU supervisory authorities through the link.
7.2. We kindly invite you to share your concerns with us in the first place regarding any issue related to your personal data processing. You may use the following channels to address your inquiries: privacy@odeeo.io. You can exercise your rights by contacting us at privacy@odeeo.io. Subject to legal and other permissible considerations, we will make every reasonable effort to honor your request promptly in accordance with applicable law or inform you if we require further information in order to fulfill your request. When processing your request, we may ask you for additional information to confirm or verify your identity and for security purposes before processing and/or honoring your request. We reserve the right to charge a fee where permitted by law, for instance, if your request is manifestly unfounded or excessive. In the event that your request would adversely affect the rights and freedoms of others (for example, would impact the duty of confidentiality we owe to others) or if we are legally entitled to deal with your request in a different way than initially requested, we will address your request to the maximum extent possible, all in accordance with applicable law.
7.3. Withdraw consent: You may withdraw your consent to the processing of your personal data at any time. Please remember that the withdrawal of consent does NOT automatically mean that the processing before the withdrawal is considered unlawful. You may NOT withdraw your consent to the processing of your personal data on a basis of the performance of a contract between you and us or on a basis of our legitimate interests.
7.4. You may withdraw the consent to the processing of your personal data by sending us an email at info@odeeo.io, via Contact Us form, or by contacting us in any other way convenient for you.
8. Interaction With Third Party Products
We enable you to interact with third party websites, mobile software applications, and products or services that are not owned or controlled by us (each a “Third Party Service”). We are not responsible for the privacy practices or the content of such Third Party Services. Please be aware that Third Party Services can collect Personal Data from you. Accordingly, we encourage you to read the terms and conditions and privacy policies of each Third Party Service.
9. Use by Children
9.1. Odeeo’s Website is not knowingly collecting any Personal Data connected to children.
9.2. Odeeo does not knowingly collect Personal Data from or serve advertising to children (e.g., 13 years old according to the COPPA, 16 years old according to the EU GDPR, but not below 13 years old according to the national legislation of certain EU member states) through the Services. The Publishers are the relevant party that shall comply with applicable laws related to children's data (including COPPA and GDPR). When Odeeo controls the Personal Data of such children, Odeeo delegates Odeeo’s obligations regarding parental consent to the Publisher. For any privacy/related questions and or to obtain more information, you should contact the Publisher.
9.3. If you learn that a child has provided us with personal information without verifiable parental consent, we will take steps to delete the information and terminate their account, if any. If you become aware that a child has provided us with personal information without parental consent, please contact us by email at privacy@odeeo.io.
9.4. Note that COPPA only covers Personal Data collected online from children. It does not cover Personal Data collected from parents and other corporate clients that may pertain to children.
10. Analytic Tools
Odeeo uses the following tools:
Google Analytics: The Website uses a tool called “Google Analytics” to collect information about the use of the Website. Google Analytics collects information such as how often users visit this Website, what pages they visit when they do so, and what other websites they used prior to coming to this Website. We use the information we get from Google Analytics to maintain and improve the Website and our products. We do not combine the information collected through the use of Google Analytics with personal information. Google’s ability to use and share information collected by Google Analytics about your visits to this Website is restricted by the Google Analytics Terms of Service, available at https://marketingplatform.google.com/about/analytics/terms/us/, and the Google Privacy Policy, available at http://www.google.com/policies/privacy/. You may learn more about how Google collects and processes data specifically in connection with Google Analytics at http://www.google.com/policies/privacy/partners/. You may prevent your data from being used by Google Analytics by downloading and installing the Google Analytics Opt-out Browser Add-on, available at https://tools.google.com/dlpage/gaoptout/.
Through our Website, we may allow third party advertising partners to set technologies and other tracking tools to collect information regarding your activities and your device (e.g., your IP address, mobile/website identifiers, page(s) visited, location, time of day). We also may combine and share such information and other information (such as demographic information and past purchase history) with third party advertising partners. These advertising partners will use this information (and similar information collected from other websites) for purposes of delivering targeted advertisements to you when you visit third party websites within their networks. This practice is commonly referred to as “interest-based advertising” or “online behavioral advertising. We allow access to other data collected by the services to share information that may be useful, relevant, valuable or otherwise of interest to you.
We reserve the right to remove or add new analytic tools.
11. Specific Provisions Applicable Under California Privacy Law
[TBD once Odeeo completes US privacy laws assessment]
11.1. Under the California Consumer Privacy Act and its amendments, modifications and regulations (the “CCPA”), California residents have certain rights regarding our collection, use, and sharing of their personal information.
We may collect various categories of personal information when you use and/or access our Website and Services, including information you provide when you create an account, usage data (regarding your interactions with our Services), payment information, and other data you may possibly provide to us.
In particular, we may collect the following categories of personal information specified in the CCPA when you use and/or access Website and/or our Services:
- Category A – Identifiers;
- Category B – Personal information categories listed in the Cal. Civ. Code § 1798.80(e);
- Category C – Protected classification characteristics under California or federal law;
- Category F – Internet or other similar network activity;
- Category G – Geolocation data;
- Category H – Audio, electronic, visual, thermal, olfactory, or similar information;
- Category I – Professional or employment-related information.
You can find a detailed description of the personal information that we may collect from you above in Section 1 (What Information we Collect, Why we Collect it, and How it is Used). Note that in Section 5 (How we Share your Personal Data) you can review the categories of third parties with whom we may share your personal information.
11.2. If you are a California resident, to the extent provided for by the CCPA and subject to applicable exception, you have the following rights in relation to the personal information we have about you:
- Right to obtain information: You can request information about what personal information has been collected about you and how we have used that personal information during the preceding 12 months.
- Right of access: You can request a copy of the personal information that we have collected about you during the preceding 12 months.
- Right to deletion: You can request us to delete the personal information that we have collected from you unless it is necessary for us to maintain your personal information in certain cases under the CCPA, such as protection against malicious, deceptive, fraudulent, or illegal activity.
- Right to be free from discrimination: We do not believe that we sell your personal information to third parties for monetary or other valuable considerations. Additionally, we do not offer any financial incentives associated with our collection, sharing, or retention of your personal information. For more information read Section 2 above. We take the protection of your privacy seriously, so in no way will we discriminate against you for exercising any of your rights granted by the CCPA. You can exercise your rights under the CCPA by sending us an email at privacy@odeeo.io or by any other means of communication convenient for you.
Please note that we may need to confirm your identity to process your requests to exercise your rights under the CCPA. Thus, we may not be able to satisfy your request if you do not provide us with sufficient detail to allow us to verify your identity and respond to your request.
11.3. We do not currently respond or take any action with respect to web browser “do not track” signals or other mechanisms that provide consumers with the ability to exercise choice regarding the collection of personal information about an individual consumer’s online activities over time and across third-party web sites or online services. We may allow third parties, such as companies that provide us with analytics tools, to collect personal information, subject to applicable law, about an individual consumer’s online activities over time and across different websites when a consumer uses the Services.
12. Changes to the Privacy Policy
This Policy may be changed from time to time due to the implementation of new technologies, laws’ requirements, or for other purposes. We will send notice to you if these changes are dramatic and where required by applicable laws, we will obtain your consent. Also, we encourage you to regularly review this Policy to check for any changes. Such notification may be provided via your email address, post in our social media accounts, or announcement on the Website and/or by other means, consistent with applicable law.
13. Contact us
If you have any questions, concerns or complaints regarding our compliance with this notice and the data protection laws, or if you wish to exercise your rights, we encourage you to first contact us at: privacy@odeeo.io. We designated a Data Protection Officer (“DPO”) in order to ensure that we process Personal Data in compliance with the GDPR. You can contact the DPO directly using the following details: External Data Protection Officer - Legal IT Group LLC - Office 1, 38 Volodymyrska Str. 01030 Kyiv, Ukraine. Email: info@odeeo.io.