Last Updated: December 20, 2019
This Policy explains who The Rubicon Project, Inc. and its affiliates (“Rubicon Project” or “we”) are, how we collect, share, and use personal information about you, and how you can exercise your privacy rights.
This Policy only applies to personal information we collect through our websites (such as http://www.rubiconproject.com) (the “websites“) and in the course of our sales and marketing activities.
We recommend that you read this Policy in full to ensure you are fully informed. However, to make it easier for you to review those parts of this Policy which apply to you, we have divided up the document into the following sections:
- About Us
- Information we collect and how we collect it
- How we use your information
- How we share your information
- Cookies and similar tracking technology
- Special Information for Residents of the European Economic Area (EEA), UK, and Switzerland
- Information retention
- Third party websites
- Contact us
Information you provide to us
Certain parts of our websites may ask you to provide us with personal information about you voluntarily. For example, we may ask you to provide your identifiers and contact details when you: register an account with us; subscribe to our marketing communications; submit enquiries to us; request market reports; request access to a demo; and or apply for a job.
The personal information we collect may include identifiers and contact information such as your name, address, telephone number or email address and contact preferences. It may also include professional information, such as your job title, department or job role, as well as the nature of your request or communication. If you apply for a job, we will collect your resume and information related to your employment and education history.
In addition, if you choose to correspond with us through email or blog postings, we may collect and retain other information you voluntarily provide us, such as the content of your email messages together with your email address and our responses.
Information we collect automatically
When using or interacting with our websites and/or marketing emails (collectively with our websites, the “Online Properties”), we may collect certain information automatically. Some of this information may include identifiers, for example your IP addresses and certain unique device identifiers, and may identify a particular computer or device, meaning that it may therefore be considered “personal data” or “personal information” under applicable laws in some jurisdictions. Some of this information may be collected using cookies and similar tracking technology, as explained further under the heading “Cookies and similar tracking technology.”
Specifically, the information we collect automatically may include identifiers like your IP address, device ID and cookie ID, as well as internet or other electronic network activity information, including device type, domain, referring website address, browser type and language and other technical information. We may also collect other types of internet or other electronic network activity information about how your device has interacted with our Online Properties, including the pages accessed, search keywords and links clicked.
We use the information that we collect for a variety of business and commercial purposes, including:
- To respond to your requests or provide you with information requested by you;
- To send administrative or account related information to you;
- To communicate with you about updates to our products and services;
- To maintain our websites and tailor our websites to your needs;
- For other business purposes, such as data analysis, identifying usage trends, determining the effectiveness of our marketing and to enhance, customize and improve our websites, products and services;
- If you apply for a job, to determine your eligibility for a position with us;
- To comply with and enforce applicable legal requirements, agreements and policies;
- To prevent, detect, identify, investigate, respond and protect against potential or actual claims, liabilities, prohibited behavior, and criminal activity; and
- To notify you about important changes to our website, new services and special opportunities we think you will find valuable where this is in accordance with your expressed marketing preferences. You may notify us at any time if you do not wish to receive these offers by emailing us at firstname.lastname@example.org.
We do not rent, sell or disseminate personal information we collect about you to third parties for promotional purposes without your consent.
We may disclose your personal information to the following categories of third parties for the following business or commercial purposes:
- to our group companies, third party services providers and partners who provide data processing services to us (for example, to support the delivery of, provide functionality on, or help to enhance the security of our websites), or who otherwise process personal information for purposes that are described in this Policy or notified to you when we collect your personal information;
- to a potential buyer (and its agents and advisers) in connection with any proposed purchase, merger or acquisition of any part of our business, provided that we inform the buyer it must use your personal information only for the purposes disclosed in this Policy; and
- to any other person with your consent to the disclosure.
We may also share personal information with any competent law enforcement body, regulatory, government agency, court or other third party where we believe disclosure is necessary (i) as a matter of applicable law or regulation, (ii) to exercise, establish or defend our legal rights, or (iii) to protect your vital interests or those of any other person.
If you are a visitor from the EEA, the UK, or Switzerland, please read these additional disclosures.
Legal Basis for Processing
If you are a visitor from the EEA or the UK, our legal basis for collecting and using the personal information described above will depend on the personal information concerned and the specific context in which we collect it.
However, we will normally collect personal information from you only where we have your consent to do so, where we need the personal information to perform a contract with you, or where the processing is in our legitimate interests and not overridden by your data protection interests or fundamental rights and freedoms. In some cases, we may also have a legal obligation to collect personal information from you.
Similarly, if we collect and use your personal information in reliance on our legitimate interests (or those of any third party), such legitimate interests include: (i) improving our technology, websites, products and services; (ii) for our marketing activities; (iii) measuring the effectiveness of our marketing and promotional campaigns; and (iv) if you apply for a job, identifying and recruiting eligible candidates.
If you have questions about or need further information concerning the legal basis on which we collect and use your personal information, please contact us using the contact details provided under the “Contact us” heading below.
If you are a resident of a country in the EEA, the UK, or Switzerland, you have certain rights and protections under the law regarding the collection, processing, and use of information about you. Specifically, you may have the right: (i) to request access and obtain a copy of your personal information, (ii) to request rectification or erasure; (iii) to restrict the processing of your personal information; and (iv) if applicable, to data portability. In certain circumstances, you may also have the right to object to the processing of your personal information.
If you would like to exercise any of these rights, please write to us at the contact details provided below or see our Data Subject Rights policy for instructions on how to do so: http://rubiconproject.com/terms-conditions/subject-access-request-policy/. You may also opt-out of receiving marketing communications from Rubicon Project by clicking on the “unsubscribe” or “opt-out” link in the marketing e-mails we send you.
Right to Lodge a Complaint
You also have the right to lodge a complaint about our processing of personal data with your local Data Protection Authority. Contact details for EU Data Protection Authorities are available here: http://ec.europa.eu/justice/data-protection/article-29/structure/data-protection-authorities/index_en.htm. The Swiss Data Protection Authority can be contacted at https://www.edoeb.admin.ch/edoeb/en/home/the-fdpic/contact/address.html.
We respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws. To protect your privacy and security, we take reasonable steps to verify your identity before granting you access to your personal information or making corrections to your personal information.
Rubicon Project is a global company headquartered in the United States with data centers located in the United States, Europe and Hong Kong. If you are accessing any of our Online Properties from outside the United States, please be aware that your data may be transferred to, stored and processed by us and our affiliates in our facilities in the United States and other countries (including in Hong Kong, Brazil, Japan, Singapore and Australia, where our global affiliates have offices) and by those third parties with whom we may share your personal information.
These countries (including the United States) may not provide an adequate level of data protection for your personal information (as determined by the European Commission) or have data protection or other laws as comprehensive as those in your country. We will however ensure that where Rubicon Project group companies or third party service providers receive personal information outside of the EEA, appropriate protections are in place under European data protection legislation. In this regard, The Rubicon Project, Inc. and its US subsidiaries, Rubicon Project Hopper, Inc. and Rubicon Project Apex, Inc., have self-certified to the Privacy Shield (see below) to ensure that appropriate safeguards are in place when personal information is transferred outside of the EEA, UK and Switzerland.
If you would like to learn more about the safeguards we put in place for international transfers, please contact us using the contact details further below.
The Rubicon Project, Inc. and its US subsidiaries, Rubicon Project Hopper, Inc. and Rubicon Project Apex, Inc., comply with the EU-US and Swiss-US Privacy Shield Frameworks as set forth by the US Department of Commerce with respect to personal information concerning individuals from the EEA, UK and Switzerland. Please see our Privacy Shield Notice to learn more.
We use industry-standard technical and organizational security measures to help protect information transmitted over or stored on our systems. Please note that no transmission or storage of information, however, can ever be guaranteed to be completely secure, though we take all reasonable precautions to protect against security incidents.
We retain personal information we collect from you where we have an ongoing legitimate business need to do so (for example, to provide you with a service you have requested or to comply with applicable legal, tax or accounting requirements).
We may update this policy from time to time in order to reflect, for example, changes to our practices or for other operational, legal or regulatory reasons. If we make material changes to this policy, we will notify you of any material changes by posting the revised policy on this website, and where necessary, by any other means required by applicable law.
We are not responsible for the practices employed by websites or applications (including widgets) linked to or from our website nor the information or content contained therein. Often links to other websites are provided solely as pointers to information on topics that may be useful to the users of our website. Please remember that your browsing and interaction on any other website, including websites which have a link on our website, is subject to that website’s own rules and policies.
For more information about our privacy practices, if you have questions, or if you would like to make a complaint, please contact Rubicon Project’s Privacy Team by email at email@example.com or by post using the details provided below:
The Rubicon Project, Inc.
Attn: Privacy Team
12181 Bluff Creek Drive, 4th Floor
Playa Vista, CA 90094
You can also contact Rubicon Project’s Data Protection Officer at firstname.lastname@example.org
The data controller of EEA, UK, and Switzerland residents’ personal information is The Rubicon Project, Inc. at the above address.
Our EU data protection representative is The Rubicon Project Ltd., who can be contacted at: Walmar House, 5th Floor, 296 Regent Street, London W1B 3AP, United Kingdom.