Privacy Policy
Zeta
- WEBSITE PRIVACY POLICY (data collection and use at this website)
- GENERAL SERVICES PRIVACY POLICY (collection and use of fully identifiable personal data across Zeta’s range of services)
- ONLINE and DIGITAL SERVICES PRIVACY POLICY (collection and use of data tied to cookies or other online identifiers)
Last Updated March 25, 2024
- WEBSITE PRIVACY POLICY
Scope This Zeta Website Privacy Policy (the “Privacy Policy”) applies solely to information collected by Zeta Global (“Zeta”) on this Zeta website (the “site”). This Privacy Policy provides information about how and why Zeta collects and uses the information we obtain through this Site.
For information on Zeta’s range of services, how we use data across our different services, and your options, please refer to the Zeta General Services Privacy Policy located below.
For information on Zeta’s online and cross context behavioral advertising activities and how to opt out of having data processed for online behavioral advertising purposes, see the Zeta Online and Digital Services Privacy Policy located below.
Links to Third Party Sites
This Privacy Policy does not apply to the practices of third-party sites including, but not limited to, client and affiliate websites, applications and websites on which we may place advertisements, and any third-party websites you may link to from our sites. Zeta does not endorse or make any representations about these third-party sites or applications, or any information, software, products or materials found there. We encourage you to review the privacy policies of these sites and applications to understand their data collection and use practices.
Information Collection, Use and Sharing
Information Collection
We collect two types of information from and about visitors to this website: information that you provide or submit, and tracking data that is collected automatically when you navigate the website. Both types of data are considered “personal information” or “personal data” (these terms mean the same thing and can be used interchangeably) by applicable privacy laws. “Personal information” means information or data that can be linked back to you or to your devices that you use to access the Internet.
Tracking data may include things like the Uniform Resource Locator (“URL”) of the site you visited before coming to this site, the URL of the site you visit after leaving our site, the type of browser you are using and your Internet Protocol (“IP”) address. IP addresses are frequently used to determine your approximate location (e.g., city or postal code) as well. We, and/or our authorized third parties, may automatically collect this information when you visit our site through the use of electronic tools like cookies or pixel tags, as described below.
We use tracking data to administer the Site, analyze trends, gather demographic information, troubleshoot, comply with applicable law, and cooperate with law enforcement activities. We may also share this information with our authorized third parties to measure the overall effectiveness of our online advertising and content.
Information Use
Zeta uses the information we collect at this site to fulfill your requests, respond to your inquiries, provide Zeta news or updates, and to understand the audience for our site. We may also use your information to make our sites easier for you to use and to inform you of service and product updates, whitepapers, new products, market research opportunities and other related information from Zeta, or to send you promotional messages regarding various Zeta products and services.
Zeta uses tracking data to analyze trends, administer the site, track users’ activities on the site, help us understand the parts of our sites visited most often and gather aggregated demographic information for use in improving the site.
Zeta may also obtain personal information from you if you apply for a job with us. This data would include your name, email address, mailing address, employment history and any other information contained in your resume/C.V. that you submit. We may use this information to review your application for employment. To view our EEA specific Employee Recruitment Policy please click here.
Information Sharing and Disclosure
Zeta may share your information with our affiliate companies and service providers for the purposes described in this policy.
We may disclose your information as required by law, court order or other valid legal processes or in connection with the consolidation, sale of or other transaction related to our business. We also reserve the right to disclose your information if we believe in good faith that disclosure is necessary to protect our rights or safety of any person, investigate fraud, or respond to a valid government request.
Choices
Opt-Out of Zeta Corporate Communications
You may opt-out from receiving Zeta Corporate Communications by clicking on the unsubscribe mechanism included in each email message we send.
Even if you choose to opt-out of our communications, Zeta will retain and use your information to comply with our legal obligations, resolve disputes, enforce our agreements and to maintain a record of your opt-out. You may also still receive transactional emails, such as registration confirmation, product updates and responses to direct requests you have made.
Cookies
Cookies are small text files that store data using your web browser to enable websites and marketing companies to recognize you and to associate your browsing activity with other data. We, and our third-party service providers who assist with managing our site, use cookies, web beacons and similar technologies on our site to track use of our Site in order to improve its performance, ensure we are providing content that is of interest to our site visitors, and to make our Site more user-friendly. We also use cookies for cross context behavioral advertising. What this means in practice is that we use cookies to help determine which ads you see online, by logging your visits to many advertiser / brand websites, and then showing you ads for similar products and services.
Types of Cookies used on our Site
Performance Cookies: These cookies collect information about how visitors use our site for web analytics purposes, for instance which pages visitors go to most often and error messages received. These cookies are only used to improve how our site work and your experience on our site; they do not track your browsing activity on other websites. By using our site, you agree that we can place these types of cookies on your device.
Functionality Cookies: These cookies allow our site to remember choices you make (such as your username and password, language preference or the region you are in) and provide enhanced, more personalized features. These cookies may also be used to remember changes you have made to text size, fonts and other personalization. They may also be used to provide services you have requested, such as keeping you logged in to your account as you browse the internet. These cookies do not track your browsing activity on other websites. By using our site or by signing up for an account with us, you agree that we can place these types of cookies on your device.
Managing Cookies in Your Browser
You may be able to adjust your browser settings to manage your cookie preferences, such as setting your browser to notify you when you receive a cookie and give you the choice to decide whether or not to accept it. If you reject cookies, you may still use our site, but the functionality of some areas may be limited.
Below are links to information about managing your cookie preferences in common browsers:
Content Sharing Features
Our site may include social media sharing features, such as LinkedIn and Twitter buttons, and may set a cookie to enable the feature to function properly. These features may collect your IP address and which page you are visiting on our site. Social media features are governed by that social media company’s privacy policy.
DATA RETENTION.
We retain the information we collect for only as long as necessary to fulfil the purposes for which we collected it, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the information, the potential risk of harm from unauthorized use or disclosure of the information, the purposes for which we obtained the information and whether we can achieve those purposes through other means, as well as applicable legal requirements.
SECURITY.
Zeta uses commercially reasonable safeguards to protect personal information against loss, misuse or alteration and to maintain the integrity and security of all information collected through the site. These include technical, physical, and administrative security controls.
YOUR RIGHTS REGARDING PERSONAL DATA.
You may have the following rights under applicable privacy / data protection laws in relation to your personal information, including:
Request access to your personal information (commonly known as a “data subject access request”). This enables you to receive a copy of personal information we hold about you.
Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected. In many cases we do not have the technical ability to correct data, and so will delete the incorrect data instead.
Request deletion of your personal information. This enables you to ask us to delete personal information. There are some limited cases where, as allowed or required by applicable laws, we may refuse to delete data. We may also anonymize data so that it cannot be related back to you instead of deleting it. Even if we have deleted other data relating to you we will maintain a record that you have opted out so we do not contact you in the future.
Object to processing (opt out) You may request that we do not use your personal information for direct marketing purposes.
Request restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it. In general, such requests will be treated as deletion requests.
Request the transfer of your personal information to another party.
If you want to review, verify, correct or request erasure of your personal information, object to the processing of your personal data, or request that we transfer a copy of your personal information to another party, please click here or visit the Privacy Choices page.
INTERNATIONAL DATA TRANSFERS. This site is based and hosted in the United States. This means that when you submit personal information to the site or we collect tracking data at the site, it will be processed in the United States and may also be accessed by technical support teams in India, Sri Lanka, and the Philippines. Your data may also be shared within the Zeta Group or with our service providers.
Whenever we transfer personal information out of the European Economic Area (“EEA”),we transfer data subject to specific contracts approved by the European Commission, which ensures that personal data receive the same protection it has under European privacy laws. For further details, see European Commission: Model contracts for the transfer of personal data to third countries.
Do Not Track / Global Privacy Control (“GPC”) Some browsers offer a “do not track” or “DNT” option that relies on a technology known as a DNT header, which sends a signal to websites about the user’s browser DNT preference setting. Historically, there were multiple technical standards, and they were not widely adopted by websites and data companies. As of December, 2023, the industry is in the process of transitioning to the Global Privacy Control (“GPC”), a new browser-based DNT option that will be implemented during 2024. Zeta will apply GPC signals when the new system is established.
Children’s Privacy This site and the services we provide are intended for general audiences, and is not intended for use by persons under the age of 16. If we learn that we have inadvertently collected personal information from a child under the age of 16, we will delete it. If you believe that we have collected personal information from a child under 16, please contact us at [email protected].
Updates to this Privacy Policy We reserve the right to modify this privacy statement at any time. Note the date of the most recent update at the top of this page.
Contact Us To ask questions about Zeta’s Privacy Policy or to request more information on Zeta’s privacy practices, email us at [email protected] Or send correspondence via mail to:
Zeta Global, Attn: Privacy
3 Park Avenue, 33rd Floor
New York, NY 10016
2. GENERAL SERVICES PRIVACY POLICY
Last Updated: December 22, 2023
INTRODUCTION
Zeta is a business-to-business (B2B) marketing technology and data company that uses software and information / data about consumers to help advertisers reach selected audiences via online or in-app ads, email, direct mail, telemarketing, SMS, connected TV, or any other channel where advertisements are presented. Zeta also has affiliated companies that are separately branded and that have their own privacy policies. Zeta and our affiliates comply with all applicable laws.
Zeta collects and uses data about individual consumers for the limited purpose of helping to identify or predict the types of advertisements most likely to appeal to them. We use a lot of data, because more data about a person’s interests and purchase intent leads to more relevant advertising for consumers, which in turn produces a higher rate of return for advertisers. We do not, however, collect data indiscriminately. We limit the types of data we collect to what is relevant to your interests and purchase intent, and we focus on recent data, which is more relevant to how you might spend in the near future, which is what advertising focuses on. Our data comes from (a) data that you have consented to be used for marketing purposes, (b) data from our cookies, which may be on your browser and which are recognized when you visit websites where our pixel is in use, and (c) data purchased or licensed from reputable third parties who are in the business of selling consumer data, which may also include companies that are under common ownership with Zeta.
Zeta provides a range of services, as described below, and the way each works is different. But in general, the purposes for our collection and use of data is to match people to advertisements that are likely to interest them, or to help advertisers do so. That is our mission. We use data, software, and ingenuity to help advertisers reach people who want their products and services. Our business succeeds when we help advertisers achieve higher-than-average rates of response to ads—that is, people clicking on or forwarding an ad or ultimately making a purchase.
Zeta maintains a platform known as the Zeta Marketing Platform (ZMP) that serves three functions: (1) our clients can load their own data there to be “activated” into advertising on different marketing channels (email, online, smart TV, etc.); (2) client-owned data can be matched with Zeta-owned data in order to better inform marketing decisions--we may have interest or purchase intent data about you that a particular brand that you have purchased from in the past does not have, and we can use that data to help that brand make decisions about whether, when, or what to market to you without transferring our data to them; and (3) marketing campaigns that involve Zeta sending advertisements to people known to Zeta but not to the advertiser, in order to help generate new business for the advertiser. Except in limited cases, Zeta does not directly sell data to its clients in the sense that the clients do not get to keep Zeta’s data. However, while client and Zeta data are being linked through the ZMP, both companies are considered under applicable laws to be sharing data with each other in order to facilitate cross context behavioral advertising. That simply means that we are taking data about your interactions with multiple websites and/or advertisers
This Services Privacy Policy describes each of the different types of services Zeta provides, which are divided into two main categories:
- Zeta Acting as a Service Provider: where Zeta handles personal data that was collected by another company (our client) under the terms of its privacy policy solely to perform a service for that company; and
- Zeta Acting as a Data Collector: where Zeta collects and uses personal data from and about individuals for its own purposes. The terms of this privacy policy apply to these services.
When we act as a service provider, we follow the client’s privacy policy because the data we process in that role belongs to our client and we handle that data only at the client’s direction and acting exclusively on their behalf. When Zeta collects data directly from consumers or obtains data collected by third parties for our own business purposes, we are responsible for how such data is used and shared, and for giving effect to individuals’ privacy legal rights.
For all of our services the overall purpose of our data collection, use, and sharing is the same—to match advertisements to people who have a propensity to engage with them, and ultimately to increase sales for our advertiser clients.
All services may include some amount of “lookalike modeling,” where we use data about known purchasers of a product or respondents to an ad to identify individual attributes that indicate a propensity to buy that product or respond to that ad. This allows us to create a profile of the attributes of a person most likely to respond to an ad, which is used to inform who a future ad will go to.
Many of our services include a component of “cross context behavioral advertising,” which means that Zeta has matched consumer data belonging to our clients with data from other sources in order to better tailor advertising to individual consumers.
We do not provide services that include ads with illegal or adult content, nor do we advertise on adult sites or collect data about what adult sites people visit. In fact, your browsing history is only collected at certain websites, so it is never a complete history of all your online activity. We do not knowingly collect or sell personal information from children under 16. In the event that we learn that we have collected personal information from a child under the age of 16, we will delete it. We do not knowingly facilitate any advertising that is exploitative, discriminatory, hateful, deceptive, or abusive, and our process for doing this is audited annually. We do not allow our data to be used to make impactful decisions about individuals, such as eligibility for credit, insurance, housing, employment, or education. Our data is used exclusively to match people to ads that may interest them.
The types of data we use are also the same across all our services:
(1) Data you have provided directly either to Zeta, our client (an advertiser), or another company you authorized to share data for marketing purposes. This data generally includes an email address, but may also include other information, such as your name, street address, and/or the answers to survey questions.
(2) Data collected indirectly from you using cookies or other online or mobile technologies that allow us to identify certain sites that you visit or apps that you use online. Included is information about when and where you gave your permission to receive commercial email, your IP address, and visits you made to certain websites or apps. We log these visits to help infer your interests in order to determine what sort of products or services might appeal to you. This data typically does not include direct identifiers (like name and address), but it can still be linked back to you via unique identifiers like a cookie ID, mobile ad ID, or an encrypted version of your email address. We only log your visits to certain websites—we do not track every page you view across the Internet.
(3) Data we have obtained from third-party data brokers or data partners. This may include data obtained from public records (like your street address, age, and gender), data about physical locations you have visited in the past (we do not collect real-time precise geolocation data), as well as data relating to purchases, interests, or likely interests that can be derived from a wide variety of sources.
Sensitive Data.
Some privacy laws define certain categories of data as “Sensitive Data.” Depending on the specific law, this category can include government-issued identification numbers, such as US social security numbers or a driver’s license number, genetic data, race/ethnicity, religion, sexual orientation, data about health conditions, or other data that can either be used to commit financial crimes or to expose sensitive details about an individual. Zeta collects and uses race / ethnicity data to build multicultural audiences for advertisers. We also build audiences around interests in specific health conditions, religion, or LGBTQ+ that may constitute Sensitive Data. These types of audiences are built from people who have visited web pages with related content where the Zeta pixel is in use. Some privacy laws require prior consent to collect Sensitive Data (e.g., the European Union, or the U.S. states of Virginia, Connecticut, and Colorado), and Zeta does not collect these types of data from residents who live in these places. Anyone may opt out of our use of this data at any time by visiting our Privacy Choices page.
Our sources of data include:
- You, when you give data directly to one of our websites, affiliated companies, clients, or data-sharing partners;
- Advertisers who entrust data they have collected from or about you that we use to perform marketing and advertising services for them;
- Data we or others collect using cookies or other online trackers. This data may be associated with your directly identifying data (e.g.,name & email);
- Data brokers who supply data obtained from public records, or who resell data obtained from private sources. Data from private sources (like magazine publishers, credit card companies, or retailers) typically has its directly identifying data removed (like your name and email address) and is linked instead via unique identifiers like a proprietary ID, encrypted email address, a cookie ID, or other indirect identifiers, but in many cases, we are able to link this data to your identifying information.
- Data partners who supply data similar to the kinds we obtain from data brokers. The difference between a data broker and a data partner is that we buy data from data brokers, but we may exchange data with data partners.
Recipients of our data include:
- service providers who perform services for us like web hosting, data security services, auditing, or sending email on our behalf;
- our advertiser clients who we may share data with or sell data to;
- companies that we may trade data with for purposes of Online Behavioral Advertising (also called cross context behavioral advertising; see below); and
- Companies with which we may share data in order to facilitate OBA, such as companies who perform cookie matching services, real-time bidding exchanges, supply-side and demand-side platforms, and companies who perform analytics and reporting.
- As required to respond to a legal request for information or to protect the rights, interests, or safety of any person.
You will find more details in the sections below describing each of our services.
SERVICES WHERE ZETA ACTS ONLY AS A SERVICE PROVIDER
Where we perform services exclusively as a service provider or data processor, the data that we handle belongs to our advertiser client. In most cases this data will be put in Zeta’s care by the advertiser in order to use our marketing software and tools. Advertisers may also ask us to collect data on their behalf through various means, including direct collection from individuals, at a web page that we host for the advertiser, via cookies or other online tracking mechanisms, or via third-party sources like data brokers. When we collect data as a service, all of the data we collect belongs to our client and is governed by the client’s privacy policy.
Who are Zeta’s Clients? Our clients are companies you interact with every day. Consumer products brands, retailers, financial institutions, travel, dining, and hospitality providers, education providers, healthcare, political advertisers, and others. Sometimes we work with them directly, sometimes we work with advertising agencies who represent many clients of their own. In either case our mission, and the purpose for which we collect, use, and share personal data, is to help these companies use their marketing resources more efficiently by matching offers to the people who are most likely to be interested in them.
Database Services. Zeta performs services for some clients that include database setup, structuring, formatting, migration, and maintenance. In some cases, Zeta maintains a “database of record” for a client, meaning that the client has outsourced the maintenance of its primary customer database to Zeta. In such cases, Zeta may collect data directly from individuals, but handles the associated personal data exclusively as a service provider and does not do anything with the data outside the scope of the specific services that we have been hired to perform.
Email Services. Clients may engage Zeta to send email to their existing customers on their behalf. For instance, if you have given a retailer your email address, we might send commercial or transactional messages from that retailer, such as an emailed receipt for a purchase, a reminder that you have items in your shopping cart, or to deliver an updated client privacy policy. We may also send you advertisements from that retailer, for instance offering discounts, new products, or sales. When we perform these services, we are acting on the advertiser’s behalf, and everything we do is at the advertiser’s direction and subject to the terms of its privacy policy.
Call Center Services. Clients may engage Zeta to receive calls on their behalf, or to make telemarketing calls on the client’s behalf. When we perform these activities as a service provider, we use client-owned data and perform our services in line with the terms of the client’s privacy policy. Zeta does not maintain its own call centers and so uses service providers to perform these services.
CRM Services. We use our software, data and know-how to help our clients better organize and manage their own customer data, in order to determine which ads to send to which customers at which times.
Website Personalization. We use pixels, cookies, and other online data collection techniques to help personalize a user’s website experience. For instance, we may use data collected at an advertiser’s website to determine which language is used, what content and ads are displayed, and to remember settings like font size or page display.
Audience Management Services. We use cookies and pixels to help store data such as IP addresses, logfile data, ad impression data, mobile advertising identifiers (e.g., Apple mobile advertising ID or Android advertising ID) and other pseudonymous identifiers. In providing the Audience Management Services, Zeta acts as a service provider for our clients and processes data under their specific instructions. Our clients, not Zeta, own the data used for this service. As such, the use of the data contained in the Zeta Audience Console is subject to the respective advertiser’s privacy policy.
SERVICES WHERE ZETA COLLECTS AND USES DATA ON ITS OWN BEHALF
The Zeta Data Cloud is what we call the data related to consumers that Zeta collects or obtains and uses on its own behalf. The Zeta Data Cloud consists of several databases where we store data that we have obtained from the different sources described above. It also includes connections to other third-party sources of data (data brokers and data sharing partners) so that we can get data at or near real time in order to inform specific ad placements. This approach means that we are using the freshest, most up-to-date data we can obtain, and it also reduces the amount of data we need to gather into one place in order to provide our services. Our proprietary software, machine learning, and AI tie all these sources of data together which enables us to make very complex decisions about which person is most likely to respond to a specific ad at any given time and deliver that ad to that person.
Fully identifiable personal data (such as email address, name, or postal address) in the Zeta Data Cloud is in all cases collected first when an individual consents to have their data used for marketing purposes. This permission is generally provided at a web page where an individual provides an email address and/or a phone number or other data and checks a box authorizing their data to be used for marketing purposes, transferred to third parties, and augmented with other data obtained from other sources. Once we have obtained this consent (of which we maintain a record), we supplement the data initially provided by the individual with additional online and offline data. Our goal is to obtain the most up-to-date picture we can of the consumer interests and purchase intent of individual consumers so that we can make the best possible decisions about which ad to show to which person at which time. At the same time, the data we collect and use is limited to data that is relevant to consumer advertising, and most of the data we collect has a limited lifespan of a few months before it is deleted as “stale.” Some data, like your name or email address, is persistent. But data like the fact that you are planning a vacation is not, and we don’t keep it for very long.
We may also use data from the Zeta Data Cloud on a temporary, limited basis to evaluate potential data sharing partners, meaning that we might share your data as part of a sample of our data for limited time to be used in a test environment with another company to evaluate the effectiveness of the other company’s services. When we do one of these evaluations, it is subject to appropriate contractual terms that include that the company we are evaluating may not do anything else with the data and must delete any data that we share with them at the end of the evaluation period.
All of the services described below may be accessed by our advertiser clients via our proprietary platform known as the Zeta Marketing Platform (ZMP).
Personal data in the Zeta Data Cloud is used for the following services:
Acquisition Email. For this service, we send client advertising by email to people who have consented to receive commercial email. These emails all comply with applicable laws (including the U.S. federal CAN SPAM Act) pertaining to the sending of commercial email and include opt-out links so that recipients can request not to receive future emails. This service does not include selling data to our clients. Our clients obtain data when someone to whom we have sent an ad responds to the offer or makes a purchase. Then we will provide the client data on a limited basis showing that we advertised to that person, solely to demonstrate that we played a part in bringing a new customer or a new sale to the advertiser.
Acquisition Email services for a particular client usually begin with an analysis of a sample of that client’s existing data in order to create a profile of the type of individual who is most likely to respond to a particular offer. We then look to the Zeta Data Cloud to find people who share those attributes but who are not already existing customers of our client and send offers or advertisements to those people.
Data Cloud CRM Services. This service consists of loading a Zeta client’s customer data onto a secure Zeta-controlled server, and then using our software to compare the client’s data with data in the Zeta Data Cloud. In most cases, we have more or more current data points about an advertiser’s customers than the advertiser has. We can use that data to generate insights that the advertiser could not produce on their own, like which existing customers would be most likely to respond to a particular ad campaign. We may sell any of the types of data we collect to an advertiser as part of this service. This service is also an example of cross context behavioral advertising.
Online/Cross Context Behavioral Advertising. The data we use for Online/Cross Context Behavioral Advertising (OBA) is tied to a cookie ID, a mobile advertising ID, or other data related to a specific device, like a computer, smartphone or smart TV, or to a browser on that device. Zeta may, by means of matching cookie IDs and other unique identifiers, be able to link OBA data to other, fully identifiable data.
When you visit different sites on the internet, different companies place cookies on your device, and use these to obtain information about the sites you visit, the ads you respond to, and the online purchases you make. Through a process known as “cookie matching” different companies (data sharing partners) can either sell or exchange different bits of this data. By stitching together bits of data from lots of different sources, we are able to create a rich and up-to-date data set that enables us to make predictions about which of an available choice of ads is most likely to appeal to a specific person, or which people are most likely to respond to a specific ad. Zeta performs cookie-matching between the data used for OBA and the Zeta Data Cloud to enable users of our Data Cloud to leverage the interest and purchase intent data generated on the OBA side of our business. This cookie-matching means that data used for OBA is in some cases linked to fully identifiable data. One service, known as “Intelligent Retargeting” uses cookie matching in order to link an anonymous website visitor to an email address or postal address, so that the individual will receive email or direct mail relating to the company whose website they visited.
We offer some more focused services within the broad sphere of OBA, including operating a “demand side platform,” (“DSP”) which is a means of matching specific users to specific ads, personalizing content on a website to a users’ interests, and placing online ads across a range of websites. Please see the Zeta Online and Digital Service Privacy Policy, below, for more detailed information on these services. Other focused services related to OBA are also described in that section.
Optimization and Analytics Services. These services help our clients manage their digital advertising programs. For example, we may help these businesses customize your experience when you visit their website, generate leads and manage their keyword search advertising programs. Where we can reasonably infer that a particular computer or mobile device belong to the same user or household, we may extend our Optimization and Analytics Services across those devices. We undertake these activities on behalf of our customers and subject to their respective privacy policies.
Supply Side Platform (SSP) Zeta operates a SSP, which is basically a marketplace where website publishers can sell open ad space to advertisers (or their agencies) to fill with ads via automated online auctions. This services uses minimal personal data, including cookie IDs, IP addresses (and derived approximate geolocation) for the purpose of conducting these auctions, placing ads, and verifying and auditing these transactions.
Opting-out of Online Behavioral Advertising and Data Collection by Our Cookies
To learn more about Online Behavioral Advertising (also called interest-based advertising or cross context behavioral advertising), analytics services and your choices, including how to opt-out of some interest based advertising, visit https://www.youronlinechoices.com, https://youronlinechoices.eu/, the DAA Consumer Opt-Out Page, NAI Consumer Opt-Out Page and Google’s information page.
You can also refuse or disable cookies already stored on your browser as follows:
For Edge, click here
For Internet Explorer, click here
For Mozilla Firefox, click here
For Google Chrome, click here
For Safari, click here
Below are links to information about managing your cookie preferences in common browsers:
YOUR PRIVACY RIGHTS
Privacy laws around the world give individuals different versions of the rights described below. Zeta allows any person to exercise the following rights no matter where they live. Zeta will not discriminate against you for exercising your privacy rights. Prior to fulfilling a request for a copy of data, Zeta is required to reasonably verify your identity, which we generally do by sending a verification link to the email address associated with your data, or by reading a cookie directly from your browser. Under applicable laws, you can use an authorized agent to make a request on your behalf, but that agent must be able to complete our verification process in order to demonstrate that they have been authorized to make the request. For data in our Data Cloud, verification will require access to the email address that is submitted with your request. For data that is linked to cookies but not integrated into our Data Cloud, access can only be provided to the browser where that cookie is present.
To exercise your rights with respect to data in the Zeta Data Cloud by either you or your authorized agent click here. California residents may also call 1.866.709.0840. To view, access or delete data associated with cookies that Zeta uses for Online Behavioral Advertising, click here. You may also use the opt-out link included in any commercial email we send you, or respond STOP to any SMS marketing message we send. If you have any problems using these mechanisms you can contact [email protected] for more help.
- Data Access / Portability– you can request a copy of the data that relates to you that we hold in a human-readable form. Note that some of the data that we process is not ordinarily maintained in a human-readable form, and that privacy laws generally do not require companies to convert data to become human-readable for the purpose of responding to an access request. If you make an access request, we will normally respond within 30 days if you live in Europe or Canada, or 45 days if you live elsewhere, however, if we are experiencing a high volume of requests, we may take up to 90 days to respond. You can access (or delete) data used for Online Behavioral Advertising in real time here.
- Correction-you can ask us to correct data that we hold about you if it is inaccurate. In many cases we do not have the technical ability to change the data in our database, and so will delete the incorrect data instead.
- Data Deletion-you can ask us to delete data that relates to you. As allowed by applicable laws, there may be some cases where we will decline requests for deletion, but these are rare cases. We may also delete the identifiable data contained in a profile and retain anonymized data that cannot be linked back to you or used to identify you. In the very unlikely case that we refuse your request, you can appeal that decision by contacting [email protected] for a review of your case.
- Objection / Restricting Processing– in some countries you have a legal right to object to processing of data about you, or to ask that such processing be restricted. To keep things simple, if you wish to exercise these rights, please request to have your data deleted—our systems cannot process partial opt-outs.
- Opt-Out of our use of Sensitive Data—you can ask Zeta not to use Sensitive Data that relates to you. In order to keep things simple, we will treat these requests as Data Deletion requests (see above).
- Opt-Out of Receiving Email from Zeta-you can ask to be added to our global email suppression list so that we won’t send any more commercial emails to the email address you opt out.
- Opt-Out of Sales or Sharing of Data-you can request that we do not make your data available to our clients for their own use. If you select this option, we may still use your data for internal analysis, or to send advertisements to you.
You also have the right in many countries to contact a privacy or data protection authority if you believe we are not complying with privacy laws, and we have not been able to resolve the situation to your satisfaction. Many countries have a dedicated privacy / data protection authority; in the United States you can make a complaint to the U.S. Federal Trade Commission or your state Attorney General.
Statistics on Exercise of Privacy Rights during 2023
We are required by law to publish statistics on how many people exercised their privacy rights in the previous year. Because our mechanism for honoring privacy rights with respect to cookie-linked data operates in real time as an automated conversation between your browser and our server, we are not able to provide statistics on the number of people who use it. The following statistics are for people who made requests relating to their fully identifiable data contained in the Zeta Data Cloud during the year ending December 31, 2023. These statistics cover all requests received from individuals around the world.
- Number of requests for access to (copy of) data: 3322
- Number of these requests that were not actioned because the requestor did not complete the verification process: 18
- Number of requests for data deletion: 16131
- Number of these requests that were not actioned because the requestor did not complete the verification process: 72
- Number of requests for opt-out (Do Not Sell): 141481
- Number of these requests that were not actioned because the requestor did not complete the verification process: 55
WHERE WE PROCESS DATA
Zeta is headquartered in the United States, and the majority of our services are performed in the United States with technical support provided by Zeta staff in India, Sri Lanka, the Czech Republic, and/or the Philippines. When you provide data to Zeta, you consent to its processing in the U.S., India, or any of our other locations around the world. Zeta has executed internal data transfer agreements that include the EU’s Standard Contractual Clauses as our basis for enabling EU data to be accessed lawfully in non-EU countries and to transfer between different Zeta entities in different countries.
Zeta also maintains a separate instance of its Zeta Marketing Platform (ZMP) that is based in Europe and that only access data that is stored in Europe. Zeta clients for some of our services
Our online services may potentially collect data relating to residents of any country, but the majority of the data in the Zeta Data Cloud relates to residents of the United States. We may also handle as a service provider client-owned data that originates from any country.
HOW LONG WE KEEP DATA
We keep data only for the period of time needed in order to achieve our stated purposes—i.e. to match people with ads that interest them. Different data is therefore needed for different lengths of time. If you have given us data and permission to market through one of our websites or a partner website, we may continue to use some version of your data for marketing purposes until you revoke your consent / opt out. Certain data, like your contact information, we will keep as long as it is current. Data linked to a device like a smartphone will be maintained for as long as we detect that device on websites or using mobile apps on a regular basis. But data relating to your interests and purchase intent needs to be current to be useful to us, so we are constantly refreshing such data and rely only on the past several months’ data to inform our marketing choices. Data that is years old is generally not useful to us because it is a poor indicator of what you are currently interested in or shopping for.
DATA SECURITY and PRIVACY BY DESIGN
Zeta uses commercially reasonable, industry standard practices to protect data. These include technical, physical, and organizational controls designed to prevent loss or unauthorized access to data. Our security measures are audited every year by an independent third party, and we are constantly evolving our approach to security to keep pace with emerging threats.
Zeta also follows the practice of “Privacy by Design,” meaning that we consider the privacy and implications of our products and services and ensure that they are built to standards that align to privacy requirements and enable privacy rights around the world. The Zeta Privacy office is headed by a Chief Privacy Officer (who also acts as Zeta’s Data Protection Officer for GDPR purposes) and includes legal and non-legal resources with significant experience in the field. These professionals provide advice and guidance to Zeta’s product designers, engineers, human resource professionals, and other businesspeople on a regular basis.
HOW TO CONTACT ZETA GLOBAL AND ITS PRIVACY OFFICER You can reach Zeta, including our Privacy Officer, by writing: Privacy, Zeta Global, 3 Park Ave., New York, NY 10016, or emailing [email protected].
3. Online and Digital Services Privacy Policy
Last Updated December 21, 2023
Zeta offers a suite of digital marketing services designed to help online advertisers generate a higher return on their marketing investment. In the course of providing these services, we collect, use, and disclose data about consumers like you. Our online and digital services include: 1) Online (also known as cross context) Behavioral Advertising Services performed through Zeta’s data management platform and “demand side platform” (the “Zeta DSP”) and Zeta’s Supply Side Platform (the “Zeta SSP”), 2) Optimization and Analytics Services, and 3) Audience Management Services.
The services described in this Online and Digital Services (“ODS”) Privacy Policy include data and technology assets that formerly belonged to companies known as Rocket Fuel, Boomtrain, NetMining, Sizmek, and Ignition One. The terms of this ODS Privacy Policy therefore address data that may have been originally collected by Zeta or any of those earlier companies.
This ODS Privacy Policy describes our practices regarding collection, use, and sharing of data through our online and digital services and instructions for opting out of our use of data that relates to you for online behavioral advertising.
Understanding Online and Digital Services
The infrastructure of online advertising and dynamic websites is technologically complex. We want to be as transparent as we can be by explaining the range of things we do with data. We also don’t want to overwhelm you with technical details and want for our privacy policy to be understandable. We think we’ve struck the right balance, but if after reading this privacy policy you still have questions, you may contact [email protected] for more information.
Our Consumer Mission
At Zeta, we want digital advertising to be a useful complement to your online experience. We want to deliver personalized, well-chosen ads to help you discover things that interest you—new websites, new products, new bargains. Our advertising business also helps fund the free content and services you enjoy across the Internet.
We use complex technology to pick the best ads to show, based on what we know about the context: the ad itself, the page that needs an ad, the time of day and other external factors, and information linked to your browser or mobile device digital advertising identifier.
If we can make ads more relevant for you, that makes advertising more valuable to advertisers, and websites make more money per ad, which pays for the websites, apps, online features and content that they provide to you for free. Our Optimization and Analytics services help websites adapt to your preferences with customized content and functionality. Fueling ad-supported free content and services is an endeavor that we are proud to be a part of, and we hope you’re equally happy with the results. But if you’re not, see the section below titled “Opting Out of Personalized Advertisements.”
How We Think of You
Before describing the kinds of data we collect, it’s important to understand how we think of you and other online consumers. In the context of ODA services Zeta does not know you personally, and we do not need to in order to provide you with relevant advertising. We place an identifier within a cookie on your web browser or use an advertising ID generated by your mobile device. To us, you, and anyone else that uses that browser or mobile device, are just “surfer82” for example. Our cookies are called “rfihub,” “zeta,” “zync,” “disqus,” “boomtrain,” or “netmng,” and you can find them if you search for cookies in your browser settings.
So, when we talk about “you” in this ODA policy, we are referring to information that we have associated with one or more identifiers associated with a web browser that you might use, or with an advertising ID associated with your mobile device.
There are, however, exceptions to this general rule. We perform “cookie matching” between our different cookies and with third parties. This can mean, in some cases, that browser or device-linked data can be associated with your email address or other directly identifying data. In one service called “Intelligent Retargeting” this is the whole point of the service—we use a cookie to link to an email or postal address to send you advertisements by email or postal mail based on your previous visit to a website. This is an example of OBA or cross context behavioral advertising.
Information We Collect
We collect several types of information from and about you, as described in this section. Not all of the types of data collection described below necessarily apply to you—it depends on your browser and device settings and which online services or content you access.
Our services help advertisers customize, target and report on the advertisements we purchase on their behalf across third party websites and mobile applications. While purchasing these ads across third party websites and mobile apps, we collect information about some of the sites that you and others may visit, the mobile apps that you may use, the precise location of your mobile device such as the GPS coordinates (based on the consent you provided to the app), and the searches that you and others may conduct while online in order to serve advertisements that we believe are relevant to your interests. Where we can reasonably infer that a particular computer and mobile device belong to the same user or household, we may extend our advertising campaigns across those devices, serving advertising across multiple browsers or devices. We also work with third-party data companies that help us tailor ads. Both as we provide this service to clients and when we work with these partners, we share personal data, which constitutes cross context behavioral advertising.
When you visit one of our advertiser’s websites or mobile applications (“apps”), or the websites or apps where we display advertisements, we collect information about your activity on that site (such as the page viewed or the advertising that you clicked on) or the location of your device, in order to show you relevant advertising (e.g., for local events), control how many times you may see the same advertisement, in addition to providing advertisers aggregate metrics that help them pay publishers for displaying this advertising.
We collect information about your device, such as unique device identifier, browser type and language, and about your connectivity, such as the IP address, the server your computer is logged into, and the operating system information. We collect information such as the URLs you visit, the date, time, and duration of your visit to each page, and certain commercially relevant keywords pertaining to the searches you conduct (e.g. “shoes”). When we provide Optimization and Analytics Services to our customers, we also collect information about your activities on our customers’ websites.
We collect information about our interactions with you, such as which ads we’ve shown, and on which pages, and whether you responded to those ads by interacting with them.
To learn about the ads you might like or dislike, we may also ask you questions directly—for example, we may provide a survey via an online ad that asks about which ads, products, or brands you like or dislike.
We collect information about our partners’ interactions with you—for example, by placing pixels on an advertiser’s web page that let us know if you ultimately purchased an item after we ran an advertising campaign that showed you an offer for that item. We obtain data from other companies that also use cookie or device identifiers to share similar information that they have collected about you with us. For example, we may partner with other companies to learn the kinds of products you like to buy online.
As part of our Optimization and Analytics Services and our Audience Management Services, we may collect names, email addresses and postal addresses as part of an online lead generation campaign or an email marketing campaign on behalf of one of our clients. We don’t make independent use of that data when performing these services, but use it only as directed by our client. But, as described above, our Intelligent Retargeting service may match online data with an email or postal address from the Zeta Data Cloud (see our General Services Policy for more details about the Data Cloud) for purposes of sending you email or direct mail advertisements.
We store all the information we collect from or about you in a profile in our database.
About Health Data. We do not use data about you from your health care providers or insurers unless you have consented for them to use your data to advertise to you. We may infer certain non-sensitive health related interests from the sites you visit and the ads you interact with. We do not collect data associated with specific medical conditions in states like Virginia, Connecticut, and Colorado where collection of this data requires prior consent.
About Political Data. We do not have information about how you voted. We infer political interests from the sites your browser or device visits and the ads you interact with, and we can combine this with general geo-location data obtained from your IP address to determine, for instance, that you are a likely voter for a particular party in a particular congressional district, based on publicly available voter registration data. (Click here for a list of our political segments.)
Data Retention and Security
The Zeta DSP deletes user profiles in our database after 90 days of inactivity. This means that if we have not had an opportunity to show a consumer an ad, observed a visit from a consumer to a website that includes a Zeta DSP pixel, or received new information from one of our partners about a consumer, we will delete the user ID associated with that consumer. We see activity from a broad range of different places on the Internet, and the 90-day period restarts every time we have an interaction with you. So as a practical matter, if you want to opt out of our cookie and device-based data collection, you should follow the steps to opt out described below.
Data that we compile for purposes like reporting, attribution and fraud detection will be retained for up to 30 months.
How We Use Information
We use the information that we collect directly or receive from other companies to find patterns that help us select better ads to serve you at any given moment. For example, we might assume that an ad for golf-related items is attractive to people who have recently clicked ads related to golf, or we might determine that a coffee ad gets a better response in the morning. Our technology can test millions of possibilities and build models using huge amounts of data to predict responses to advertising.
We perform cookie matching between the different cookies that Zeta uses. By doing this we are able to stitch together all of the information that we have across the different parts of our company to create a fuller picture of a consumer.
We make inferences from the data we assemble from these different sources in order to show you advertisements for products or services that we think may interest you. We sort your device/browser into interest or purchase intent “segments” such as “Footwear > Sports & Fitness > Indoor Fitness”.
We also use the information we collect to measure effectiveness of ads on behalf of our advertisers and publishers.
We may also predict whether different identifiers associated with different browsers and different devices, like a laptop, a phone or a tablet, may belong to one person or household, and then link the activity we see across those devices into a common profile. We call this a “device graph.” We believe this helps us serve you better advertisements, control how many times you may see the same ad and provide better service to our advertisers. We make these predictions based on the device and cookie identifiers and associated interest and intent information that we receive from our third-party partners, as described above.
As part of our Optimization services, we gather information about how you interact with different areas of a website and use this to customize website content for you in future visits, or even the same visit.
Information Sharing
We produce reports and analytics for our clients regarding the performance of their online advertising campaigns and regarding the characteristics of people that were responsive to the ads, but we do not share the online profiles of individuals that our technology generates for commercial purposes.
Both the Zeta DSP and SSP use data linked to browsers, cookies, and IP addresses to buy and sell ad space on third party websites and place advertisements into those spaces.
On the other hand, we may share any information we hold when we believe that we are required to do so by law (including legal processes like subpoenas, warrants or court orders), or as we believe necessary to protect the health, safety, or legal rights of any person.
Finally, we may transfer information to a successor or assignee in connection with a corporate change in control such as a merger or acquisition or other transaction.
Exercising Your Privacy Rights
Click here to see whether our cookies are on this browser, and information associated with them. You can also download a copy of this data, or delete it.
Opting Out of Personalized Advertisements
Go to https://zetaglobal.com/rights-request/ to opt out of interest-based advertising from Zeta. or https://optout.aboutads.info/?lang=EN&c=2 to opt out of other personalized advertising via the DAA’s opt-out page.
If you opt out of interest-based advertising, then we will opt you out for all the identifiers or devices that we have associated with you at the time of the opt out request. We use a predictive process to associate identifiers and devices and do not know definitively all devices or browsers that you may use, so that process is not guaranteed to be error free. If you want to be completely thorough, we recommend that you use this opt out process for each device and browser you use.
Zeta DSP complies with the Self-Regulatory Principles for Online Behavioral Advertising as managed by the Digital Advertising Alliance (DAA). You may opt out of receiving personalized advertisements by DAA members via the DAA website here. Zeta is also a member of the DAA of Canada (DAAC) and the European DAA (EDAA) and follows their self-regulatory codes as well.
Zeta DSP is integrated with the DAA’s AppChoices program, which allows consumers to download and manage their privacy preferences in a mobile environment. You may download DAA’s AppChoices mobile app on your iOS or Android device in order to exercise choice regarding the collection of application activity for interest-based advertising. Links to those applications are below:
What happens when I opt out?
An opt-out in any of the tools listed here will have the same effect, and you do not need to make an opt out selection using more than one method (we list them all to give you options for your convenience). If you opt out of interest-based advertising, you’ll still see ads from us online, but they may not be tailored to your interests. Note that we’ll still maintain some “opt out cookies” on your computer to note the fact that you’ve opted out. Each opt-out cookie is associated with a particular computer and browser. So, for example, if you get a new computer, install a new browser, or clear your cookies, you’ll need to opt-out again if you still do not want interest-based advertising. Our opt-out cookies never expire. If you change your mind, click here to opt back in.
Browser-Based “Do Not Track” Mechanisms
Zeta DSP does not currently process browser-based “Do Not Track” signals, largely because they are not currently supported by the most popular browsers that are used by the vast majority of users, however, if and when these DNT mechanisms come into widespread use, Zeta will support them to the extent required by applicable laws.
Industry Memberships
Zeta DSP is a member of, and complies with the following self-regulatory programs:
- the cross-industry Self-Regulatory Program for Online Behavioral Advertisingmanaged by the Digital Advertising Alliance (DAA),
- Digital Advertising Alliance of Canada (DAAC),
- The European Digital Advertising Alliance (EDAA)
- Zeta DSP is licensed and certified to deploy the Advertising Option icon (AdChoices).
Canadian users who wish to learn more about that program, or opt out directly from the DAAC’s web site, may visit this page for more information.
In addition, Zeta has been audited and certified GDPR-compliant by ePrivacy, an independent auditor based in Germany. See here: https://www.eprivacy.eu/en/customers/awarded-seals/company/zeta-global-corp/.
Our Policy Regarding Children’s Online Data
Zeta does not knowingly collect or solicit information from anyone under 16 years of age. Our services are directed to businesses – advertisers and their agencies – and are not directed to children under 16. If we learn that we have collected personal information of a child under 16 without parental consent, we will delete such information. If you believe that we might have any information from a child younger than 16, please contact us as set forth below.
Personal Data Relating to European Union Residents
Zeta utilizes the EU’s Standard Contractual Clauses as its basis for transferring EU data to the United States for processing.
In addition to the privacy rights mechanisms linked above, you can also direct any questions or complaints about the use or disclosure of your personal information to the Zeta Privacy office by email to: [email protected]. Zeta will investigate and attempt to resolve any complaints or disputes regarding the use or disclosure of your personal information within 45 days of receiving your complaint.
If you are unsatisfied with the resolution of your complaint, you may contact your local data protection authority here.
Contacting Zeta
If you have any questions, please contact [email protected] or send mail to:
Zeta
c/o Privacy / Legal
3 Park Avenue 33rd Floor
New York, NY 10016 USA
Changes to this Policy Statement
We reserve the right to amend this policy statement from time to time. The effective date of the current version will be posted at the top of this page.