Last Modified: September 18, 2023
We are a leading global media and entertainment company that creates content and experiences. When you use our services, browse our mobile and online websites, view our content or advertisements, or contact us (collectively, the “Services”), we may collect information from or about you. Content IQ serves contextual and targeted advertisement on our websites.
If you are a California resident and the California Consumer Privacy Act (the “CCPA”) applies to you, please review our CCPA Privacy Notice.
- POLICY CHANGES
We reserve the right to amend this Policy from time to time, at our sole discretion. The most recent version of this Policy will always be posted on this website. We will provide notice to you if we make any material changes and, where required by applicable law, will obtain your consent. Any amendments to the Policy will become effective within 30 days upon the display of the modified Policy. We recommend that you review this Policy periodically to ensure that you understand our most updated privacy practices.
- CONTACT INFORMATION AND DATA CONTROLLER INFORMATION
Content IQ LLC. is incorporated under the laws of the State of New York and is a controller of the Personal Data you share with us when you visit our website.
You may contact our privacy team and our Data Protection Officer (our “DPO”) as follows:
- By Email: firstname.lastname@example.org
- By Mail:
Content IQ LLC.
1 World Trade Center
New York, NY 10007
Representative for Data Subjects in the EU and UK Contact Information:
We value your privacy and your rights as a data subject and have therefore appointed Prighter Group with its local partners as our privacy representative and your point of contact. Prighter gives you an easy way to exercise your privacy rights (e.g., requests to access or erase personal data). If you want to contact us via Prighter or exercise your data subject rights, please visit the following website: https://prighter.com/q/11106546394. You may also email Prighter at “email@example.com“.
- DATA WE COLLECT AND FOR WHAT PURPOSE
During your interaction with our Services, we may collect and aggregate non-personal, non-identifiable information which may be made available or gathered via your access to and use of the Services (“Non-Personal Data”). We are not aware of the identity of the user from which Non-Personal Data is collected. The Non-Personal Data being collected may include usage and technical information transmitted by your device, such as: the type of browser or device you use, language preference, time and date stamp, and country location. Non-Personal data is stored and used in aggregated form, only.
We may also collect from you, during your access or interaction with the Services, information that identifies an individual or may, with reasonable effort, be used to identify an individual (“Personal Data”). If we connect or link any Non-Personal Data to any Personal Data, it is Personal Data as long as such connection or linkage exists.
We do not knowingly collect or process any Personal Data constituting or revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, genetic data, biometric data, data concerning a person’s health or data concerning a person’s sex life or sexual orientation.
The types of Personal Data that we collect as well as the purpose for processing such data and lawful basis are specified in the table below. We typically process data subject to our legitimate interest or your consent, as detailed below. Where we process data subject to your consent, you may withdraw consent at any time by using the cookie preference settings or by using our Data Subject Request Form.
|WHAT WE COLLECT||HOW WE USE IT (PURPOSE)||OUR LAWFUL BASIS|
|Online Identifiers: We collect certain online identifiers such as: IP address, cookie ID, agent ID, unique identifiers.||We use Online Identifiers collected through first-party cookies to enable the operation of the website; this information is strictly necessary. Our partners collect Online Identifiers through third-party cookies to provide us with analytic and marketing services.||We process Online Identifiers collected through first-party cookies subject to our legitimate interest.
We process Online Identifiers through third-party cookies subject to your consent.
|Contact Information: Information you decide to share with us, which may include Personal Data such as your name, job title, company name, email address, etc.||We will use this data to respond to your inquiry.||We process such Contact Information subject to our legitimate interest.
We may keep such correspondence if we are legally required to.
|Behavior Data: In an effort to deliver relevant advertising to you, third-party partners with whom we have engaged with collect consumer interest segments for use in targeted advertising online (“Interest-Based Advertising” or “IBA”).||as further detailed below, so that they can deliver more relevant advertising to the end user browsing our website. Content IQ itself does not use, collect or have access to Behavior Data, however, we enable our partners collect it and display targeted ads.||We process this data solely upon receiving consent from the end user directly through the consent management platform and cookie notice. You may withdraw your consent at any time by opting out of IBA as further detailed below.
|Ad Calls: A code shared with advertisers, include advertiser ID, the webpage the end user came from, the IP address, approximate location which assists the advertiser to determine which ads to place. The ad call will also include the end user’s preferences regarding interest-based advertising.||We share this data with our partners as further detailed below, so that they can deliver more relevant advertising to the end user browsing our website. Please note, we do not use, collect or have access to Ad Calls, however, we enable our partners .|
In addition, we may use certain Personal Data to prevent prohibited or illegal activities, fraud, misappropriation, infringements, identity thefts and any other misuse of the Services. We may also use Personal Data to enforce the Terms as well as to protect the security or integrity of our databases and the Services, and to defend our legal interests. We process such Personal Data based on our legitimate interests.
- HOW WE COLLECT YOUR INFORMATION:
- When you voluntarily choose to provide us with information, such as when you contact us.
- COOKIES AND SIMILAR TECHNOLOGIES:
The Services collect or allow third parties to collect, through computer code called “pixels” or “web beacons”, certain information about your usage of the Services. We, or our partners, including our advertising partners, may package all or part of this information into small text files called cookies and send the cookie to your computer (i.e., locally stored). These cookies will allow us to customize the Service and content as well as enhance your experience of the Services. You can find more information about cookies at www.allaboutcookies.org.
Our third-party advertising partners may collect, through the use of such tracking technologies, some or all types of Personal Data detailed above, including for the purpose of combining such information with other information they have independently collected relating to your browser’s activities across their network of websites, for the purpose of enhanced targeting functionality and delivering personalized ads, as well as providing aggregated analytics related to the performance of the campaign or advertisement you have interacted with. These third parties collect and use this information under their own privacy policies, and are responsible for their practices. The privacy policies of these third parties are available
Most browsers will allow you to erase cookies from your computer’s hard drive, block acceptance of cookies, or receive a warning before a cookie is stored. You may set your browser to block all cookies, including cookies associated with our Services, or to indicate when a cookie is being used by us, by adjusting the privacy and security settings of your web browser. Please refer to the support page of your browser to learn more about how you can adjust your privacy and security settings.
Please note that once you choose to opt out or disable cookies, some features of the Services may not operate properly and your online experience may be limited In addition, even if you do opt-out, you may still receive some content and advertising, however, it will not be targeted content or advertising.
- WHO WE SHARE PERSONAL DATA WITH
We share your data with third parties, including our partners and service providers that help us provide our Services. You can find here information about the categories of such third-party recipients.
|CATEGORY OF RECIPIENT||DATA THAT WILL BE SHARED||PURPOSE OF SHARING|
|Consent Manager (or “CMP”)||Online Identifiers and the user’s preference||When you browse our site for the first time, a cookie banner may appear, in this banner you will be able to choose if you allow us to share Personal Data (e.g., Online Identifiers) with third parties for one or all of the aforesaid purposes (“Preferences”). These Preferences are different depending on your jurisdiction. The CMP receives the Online Identifiers from us.|
|We share this data with our advertising partners, so they will be able to place ads that best suit the webpage, as a part of our Services.|
|Media Buyers||Cookie ID
|In some cases when we buy media online, we may submit a unique identifier. The unique identifier provided to the media owner (a social media platform, publisher or webpage), may become personally identifiable when such media owner combines our parameters with its own information about you, to which you previously provided your consent when first interacting with such media owner’s services.|
|All data listed in the table above||We may disclose Personal Data to our service providers, contractors and third parties, including, but not limited to, our cloud and hosting provider, analytics and marketing providers, payment processors, recruitment providers, CRM systems, Salesforce (a cloud-based provider of customer relations management software), etc.; the service providers are limited by contracts which limit their use of the data, and requires implementing security measures. The service providers process the data solely to provide the needed services. These entities are prohibited from using your Personal Data for any purposes other than providing us with requested services.|
|Any acquirer of our business||All data||We may share Personal Data, in the event of a corporate transaction (e.g. sale of a substantial part of our business, merger, consolidation or asset sale).|
|Legal and law enforcement
|Subject to law enforcement authority request.||We may disclose certain data to law enforcement, governmental agencies, or authorized third parties, in response to a verified request relating to terror acts, criminal investigations or alleged illegal activity or any other activity that may expose us, you, or any other user to legal liability, and solely to the extent necessary to comply with such purpose.|
Service providers and Partners are contractually required to secure the Personal Data they receive, are limited in how they can use the Personal Data, and must comply with all applicable data protection regulations (such service providers may use other non-personal data for their own benefit).
- YOUR RIGHTS
Depending on your relationship with us, you may have certain rights with regard to your Personal Data.
For California residents, please see our CCPA Notice.
For detailed information on your rights and how to exercise your rights, please see the Data Subject Request Form (“DSR”) available here.
Certain rights can be easily executed independently by you without the need to fill out the DSR Form: You can withdraw consent for processing Online Identifiers and Behavior Data, for analytics or marketing purposes, at any time be using the cookie settings on the website, or as detailed in the section below:
- OPT OUT OPTIONS:
- Digital Advertising Alliance (US) https://www.aboutads.info/choices/
- Digital Advertising Alliance (Canada) https://youradchoices.ca/en/tools
- Digital Advertising Alliance (EU) https://www.youronlinechoices.com/
- Network Advertising Initiative https://optout.networkadvertising.org/?c=1
- You can also opt out of interest-based advertising from Google https://adssettings.google.com/authenticated.
- On many mobile devices, you can control interest-based advertising through your device’s settings. These options can include resetting your device’s advertising ID or selecting “Limit Ad Tracking” (for iOS devices) or “Opt out of Ads Personalization” (for Android devices) in your device settings.
Please note that, if you opt out of interest-based advertising, some information will still be collected for other purposes, such as research, analytics, and internal operations. You will also continue to receive contextual advertisements, but they may be less relevant to your interests.
- DATA RETENTION:
In general, we retain the Personal Data we collect for as long as it remains necessary for the purposes set forth above, consistent with applicable regulation, or until you express your preference to opt out, where applicable.
The retention periods are determined according to the following criteria:
- For as long as it remains necessary in order to achieve the purpose for which the Personal Data was initially processed. For example: if you contacted us, we will retain your contact information at least until we will address your inquiry.
- To comply with our regulatory obligations. For example: transactional data will be retained for up to seven years (or even more under certain circumstances) for compliance purposes.
- To resolve a claim we might have or a dispute with you, including any legal proceeding between us, until such dispute will be resolved, and following, if we find it necessary, in accordance with applicable statutory limitation periods.
Please note that except as required by applicable law, we will not be obligated to retain your data for any particular period, and we may delete it for any reason and at any time, without providing you with prior notice if our intention is to do so. We also do not retain any data for retargeting purposes.
- SECURITY MEASURES:
We have designed the Services with strong security features to protect the Personal Data we process. We have implemented physical, technical, and administrative security measures for the Services that include encryption using SSL, data minimization, and access controls.
- INTERNATIONAL DATA TRANSFER:
We host and store the information you provide in the US. The Company’s headquarters are based in New York, where we may access the information stored on such servers or other systems such as the Company’s ERP, CRM, Salesforce and other systems. In the event that we need to transfer your Personal Data out of your jurisdiction, we will take appropriate measures to ensure that your Personal Data receives an adequate level of protection as required under applicable law. Furthermore, when Personal Data that is collected within the European Economic Area (“EEA“) or the United Kingdom (“UK”) is transferred outside of either jurisdiction to a country that has not received an adequacy decision from the European Commission or UK Information Commissioner’s Office, we will take necessary steps in order to ensure that sufficient safeguards are provided during the transferring of such Personal Data, in accordance with the provision of the Standard Contractual Clauses approved by the European Union and UK. Thus, we will obtain these contractual commitments from the data importer to protect your Personal Information or rely on adequacy decisions issued by the European Commission. Some of these assurances are well recognized certification schemes.
- INTERACTION WITH THIRD PARTY CONTENT:
- CHILDREN’S PRIVACY:
The Services are not intended for use by children (the phrase “child” shall mean an individual that is under the age defined by applicable law which with respect to the EEA is under the age of 16 and with respect to the US, under the age of 13) and we do not knowingly process children’s information. We will discard any information that we receive from a user that is considered a “child” immediately upon our discovery that such a user shared information with us. Please contact us at: firstname.lastname@example.org if you have reason to believe that a child has shared any information with us.
- ADDITIONAL STATE NOTICES
ADDITIONAL NOTICE TO COLORADO RESIDENTS
Under the Colorado Privacy Act (“CPA”) if you are a resident of Colorado, acting as an individual or in the household context only (and not in a commercial or employment context, as a job applicant or as a beneficiary of someone acting in an employment context), your rights with respect to your Personal Data are described below.
“Personal Data” as defined in the CPA means: “information that is linked or reasonably linkable to an identified or identifiable individual” and does not include publicly available information, de-identified or aggregated consumer, and information excluded from the CPA scope, such as: health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPPA) or 42 CFR Part 2- “Confidentiality Of Substance Use Disorder Patient Records”, Personal information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FRCA), the Gramm-Leach-Bliley Act (GLBA) or and the Driver’s Privacy Protection Act of 1994, Children’s Online Policy Protection Act of 1998 (COPPA), Family Educational Rights and Privacy Act of 1974, national Security Exchange Act of 1934, higher education data and employment data.
“Sensitive Data” as defined in the CPA include (i) racial or ethnic origin, religious beliefs, mental or physical health condition or diagnosis, sex life or sexual orientation; (ii) Genetic or biometric data that can be processed to uniquely identify an individual; or (iii) child data. We do not process or collect any sensitive data.
Your Rights under the CPA
The table below details how Colorado consumers can exercise their rights, and appeal our decisions regarding their exercise requests.
|Right to Access/Right to Know
You have the right to confirm whether we are processing your Personal Data and to access such Personal Data.
|Right to Correction
You have the right to correct inaccuracies in your Personal Data, taking into account the nature of the Personal Data and the purposes of the processing of your Personal Data.
|You can exercise this right directly through your account or by filling in our DSR.|
|Right to Deletion
You have the right to delete the Personal Data we hold about you. However please note this right is not absolute, and in certain circumstances we may deny such request, in full or in part, if retaining the Personal Data is necessary for us or our service provider(s) for any of the following reasons:
1. Complete a transaction for which we collected the Personal Data; provide a service that you requested; take actions reasonably anticipated within the context of our ongoing business relationship with you; or otherwise perform our contract with you.
2.Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
3. Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
4.Comply with the law or legal obligation.
5.Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent.
6. Solely internal uses that are reasonably aligned with your expectations based on your relationship with us.
7. Make other internal and lawful uses of that Personal Data that are compatible with the context in which you provided it.
We will delete or de-identify Personal Data not subject to one of these exceptions from our records and will direct our processors to take similar action.
|If you would like to delete your Personal Data, please fill in our DSR. You are not required to create an account with us to submit a request to delete your Personal Data.|
|Right to Portability
You have the right to obtain the Personal Data we process about you, in a portable, and to the extent technically feasible, readily usable format that allows you to transmit the data to another entity without hindrance.
|If you would like to receive the Personal Data, please fill in our DSR. We will select a format to provide your Personal Data that is readily usable and should allow you to transmit the Personal Data from one entity to another entity without hindrance.|
|Right to Opt Out from Sale of Personal Data
To the extent applicable to the Personal Data we hold about you, you have the right to opt out of the “sale” or “share” of your Personal Data for purposes of targeted advertising, “sale” to a third party for monetary gain, or for profiling in furtherance of decisions that produce legal or similarly significant effects concerning you or any other consumer.
|Right to Opt Out from Targeted Advertising
|Right to Opt Out from Profiling||We do not profile you, thus we do not provide an opt-out mechanism in this regard.|
|Right to Appeal, Duty not to Discriminate
|Please see below under “How to Submit a Request Under the CPA”|
How to submit a request under the CPA:
Only you, or someone legally authorized to act on your behalf, may make a request to know or delete related to your Personal Data. If the DSR is submitted by someone other than the consumer about whom information is being requested, proof of authorization (such as power of attorney or probate documents) will be required.
We will respond to your request within 45 days after receipt of a verifiable Consumer Request and for no more than twice in a twelve-month period. We reserve the right to extend the response time by an additional 45 days when reasonably necessary and provided consumer notification of the extension is made within the first 45 days. If we refuse to take action on a request, you may appeal our decision within a reasonable period time by contacting us at email@example.com and specifying you wish to appeal. Within 60 days of our receipt of your appeal, we will inform you in writing of any action taken or not taken in response to the appeal, including a written explanation of the reasons for the decisions. If the appeal is denied, you may submit a complaint as follows: Colorado AG at https://coag.gov/file-complaint/.
If you have an account with us, we may deliver our written response to that account or via email at our sole discretion. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option. You do not need to create an account for submitting a request.
Any disclosures we provide will only cover the 12-month period preceding our receipt of your request. The response we provide will also explain the reasons we cannot comply with a request, if applicable.
ADDITIONAL NOTICE TO VIRGINIA RESIDENTS
Under the amended Virginia Consumer Data Protection Act (“VCDPA”), if you are a resident of Virginia acting solely in an individual or household context (and not in an employment or commercial context), you have the following rights with respect to your Personal Data.
“Personal data” means any information that is linked or reasonably linkable to an identified or identifiable natural person. “Personal data” does not include de-identified data or publicly available information. Personal Data does not include de-identified data or publicly available data, and information excluded from the scope such as: HIPAA, GBPA, non-profit entities, higher education, employment data and FCRA, Driver’s Privacy Protection Act of 1994, Family Educational Rights and Privacy Act, Farm Credit Act.
The VCDPA requires Content IQ to disclose the Categories of data processing and the purpose of each category, as detailed above in “DATA WE COLLECT AND FOR WHAT PURPOSE” , the categories of data shared and the third parties with whom it is shared, as detailed above in “WHO WE SHARE PERSONAL DATA WITH”. You may request disclosure of sale of data or targeted advertising by submitting a DSR Form.
How to submit a request under the VCDPA:
We will respond to your request within 45 days of receipt. We reserve the right to extend the response time by an additional 45 days when reasonably necessary and provided consumer notification of the extension is made within the first 45 days. If we refuse to take action on a request, you may appeal our decision within a reasonable period time by contacting us at firstname.lastname@example.org and specifying you wish to appeal. Within 60 days of our receipt of your appeal, we will inform you in writing of any action taken or not taken in response to the appeal, including a written explanation of the reasons for the decisions. If the appeal is denied, you may submit a complaint as follows: Virginia Attorney General at https://www.oag.state.va.us/consumercomplaintform.
We shall provide information in response to your request free of charge, up to twice annually, unless requests are manifestly unfounded, excessive or repetitive. If we are unable to authenticate your request using commercially reasonable efforts, we may request additional information reasonably necessary to authenticate you and your request. If we cannot authenticate you or your request, we will not be able to grant your request.
ADDITIONAL NOTICE TO CONNECTICUT RESIDENTS
Under the Connecticut Data Privacy Act, Public Act. No. 22-14 (the “CDPA”) if you are a resident of Connecticut, acting in an individual or household context (and not in a commercial or employment context or as a representative of business, non-profit or governmental entity), your rights with respect to your Personal Data are described below.
“Personal Data” means any information that is linked or reasonably linkable to an identified or identifiable individual. It does not include de-identified data or publicly available information. If further does not include information excluded from the scope such as: HIPAA, GBPA, non-profit entities, higher education, employment data and FCRA, Driver’s Privacy Protection Act of 1994, Family Educational Rights and Privacy Act, Farm Credit Act.
The categories of Personal Data processed, purpose of processing, are detailed in “DATA WE COLLECT AND FOR WHAT PURPOSE”, categories of personal data shared with third parties, categories of third parties with whom data is shared, are detailed in “WHO WE SHARE PERSONAL DATA WITH”. You may request a disclosure of sale of data or targeted advertising is detailed in in the DSR Form.
How to submit a request under the CDPA:
We shall respond to your request within 45 days of receipt. The response period may be extended once by 45 additional days when reasonably necessary, taking into account the complexity and number of requests, provided we inform you of such extension within the initial 45 days response period, together with the reason for the extension.
If we decline to take action on your request, we shall so inform you without undue delay, however no longer than within 45 days of receipt of your request. The notification will include a justification for declining to take action and instructions on how you may appeal. Within 60 days of our receipt of your appeal, we will inform you in writing of any action taken or not taken in response to the appeal, including a written explanation of the reasons for the decisions. If the appeal is denied, you may submit a complaint to the Connecticut Attorney General at link: https://www.dir.ct.gov/ag/complaint/ or (860) 808-5318.
We shall provide information in response to your request free of charge, up to twice annually, unless requests are manifestly unfounded, excessive or repetitive. If we are unable to authenticate your request using commercially reasonable efforts, we may request additional information reasonably necessary to authenticate you and your request. If we cannot authenticate you and your request, we will not be able to grant your request.