Privacy Policy for digital advertising activities
1. INTRODUCTION – WHO ARE WE?
Dear Visitor (hereinafter, “You” or the”User“),
This page is the property of the company Refine Direct S.r.l. with registered office in Corso Buenos Aires 54, Milan, Italy, VAT no. and Tax Code 09419240966, registered in the Register of Companies of Milan under number 2089021 (hereinafter, the “Company“). Our Company operates in the field of digital advertising, i.e. the delivery of advertisements via online digital channels, including email, social media and/or banner ads on behalf of advertising agencies and/or clients, and related measurement activities (hereinafter, the “Services“). Therefore, we act as a third party of the publisher’s/advertiser’s website and/or mobile app that you have just come from (hereinafter, the “Website of Origin“). In some cases, we act as an intermediary between the publisher of the aforementioned Website of Origin and third parties (as better described in paragraph 7 below).
2. HOW CAN YOU CONTACT US?
Users can contact the Company at any time for any information on this privacy policy, using the following methods:
• by sending a registered letter with return receipt to the registered office of the Company (Corso Buenos Aires 54, Milano);
• by sending an email to: richieste_privacy@refine.direct.
You can also contact the Data Protection Officer (DPO) of the Company, whose contact details are as follows: email address dpo@refine.direct.
3. WHAT DO WE DO?
We operate in the field of digital advertising, working with third-party publishers, advertising agencies and/or clients, as well as third parties to deliver advertising messages relevant to those browsing the internet and to measure advertising campaigns carried out on behalf of advertising agencies/clients, also using owned and third-party technology.
As cookies and/or other tracking tools, similar to cookies are used through our Services for various purposes, in this privacy policy we would like to explain what are these tools and how they are used.
Some cookies are used and controlled directly by the Company. Through these cookies, the Company collects and processes certain personal data concerning you. In this privacy policy, pursuant to art. 13 of the Regulation EU 2016/679 of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data (hereinafter, the “Regulation“) and pursuant to Italian Legislative Decree no. 196/2003 and subsequent amendments and additions (hereinafter, the “Code” and, together with the Regulation, the “Applicable Law“), we will explain how we collect this data, for what purposes and what your rights are.
Other cookies on the Website of Origin, on the other hand, are carried and controlled by third parties. In this privacy policy you will find links to the privacy policies published by these third parties, which we ask you to read carefully (see paragraph 7 below). If you are not familiar with cookies, please read this privacy policy carefully, so that you can be aware of your choices.
Cookies are only one of the tools used by our Services. In fact, it is also possible that other tracking tools (such as pixels, Software Development Kits (SDK), etc.) may be used for the same purposes of profiling (in order to deliver personalized behavioural advertising, etc.) or analysis and measurement (analysis and monitoring of the behaviour of users of the Website of Origin, analysis of the advertising campaigns delivered, etc.) as set out below.
If you are not familiar with cookies and/or other tracking tools, please read this policy carefully so that you can be aware of your choices.
4. WHAT DATA DO WE PROCESS?
To provide the Services, the Company uses:
A) a so-called Data Management Platform (“DMP“), provided by Adform, i.e. a technological infrastructure that allows the data of users of the online properties in which the DMP is used to be collected and used, for the creation of clusters of users profiled on the basis of their browsing habits and/or their characteristics, also derived from statistical algorithms specific to the DMP.
Cookies and/or other tracking tools of the DMP (e.g. pixels) are therefore installed on the Website of Origin by the Company for profiling purposes. These tools are used to create your user profile, based on the preferences and tastes you have shown while browsing the internet, and to display advertising messages that are consistent with your profile, as well as to measure the advertising campaigns provided by the Company. In this way, the advertisements you see may be of greater interest to you. The tools installed by the DMP used by the Company have the following characteristics:
| Name | Category |
| Adform |
– profiling tools of the Company (third-party with respect to the Website of Origin) – permanent – maximum duration of 12 months |
As Data Controller, the Company can collect data and information on the User through the DMP, such as:
• IP address;
• cookie ID;
• Mobile Advertising ID;
• information on the type of browser and settings of the User;
• information on the operating system used by the device;
• information on the interaction and online activity of a User;
• information on the interaction of the User with an advertising campaign (e.g. clicks, percentage of completion of viewing the advertising video);
• approximate information on the geographical area from which the User operates;
• data specific to the http protocol (e.g. address of the website visited or URL);
• advertising identifiers (IDFA, AAID);
• email address of the User, which is pseudonymised once collected.
To disable the profiling tools of the DMP used by the Company, change the settings of your browser (as better described in paragraph 8 below) or use the opt-out mechanism referred to in the following link. To disable the profiling tools of the DMP used by the Company, change the settings of your browser (as better described in paragraph 8 below).
If you use this system to block DMP profiling tools, you will still receive a technical cookie to store your preference. Please note that, if you delete all the cookies from your browser, this technical cookie may also be removed and, therefore, you may have to express your choice to block them again using the system referred to above.
B) an online conversion tracking solution that enables the counting of commercial actions performed within the Website of Origin, in real time (to measure the effectiveness of the advertising campaigns). Through this system, the Company may collect, in its capacity of data controller, data relating to the User, such as:
• IP address (stored after hashing, therefore encrypted)
• user agent
• information relating to browser type and User settings
The above-mentioned data may be associated with information relating to the advertising campaign delivered by a publisher and the User’s interaction with the advertising campaign itself (e.g., clicks, time of day, subject that delivered the campaign, type of advertising campaign, etc.), in order to attribute the conversion to a specific publisher and to prepare accurate reports.
5. LEGAL BASIS
The legal basis for the processing carried out to provide the Services is the prior consent of the User (art.6, paragraph 1, letter a) of the Regulation).
As set out in the Applicable Law, your prior consent is required to install tracking tools that does not have a technical purpose. For this reason, when you access the Website of Origin, a special banner is displayed or, in some cases, a so-called Consent Management Platform (hereinafter, “CMP“), which you can use to state your preferences.
You are, of course, free to not give your consent to the installation of profiling tracking tools and to opt-out of using them at any time, without this affecting your ability to visit the Website of Origin and enjoy its content in any way.
As a sign of its commitment, Refine Direct S.r.l. is a member of the IAB Europe Transparency & Consent Framework (hereinafter, the “IAB Framework“) – the European framework for transparency and consent management – and complies with the Specifications and Policies of the IAB Framework. The Vendor ID of Refine Direct S.r.l., in the context of the IAB Framework, is 1157. You may find further information regarding the IAB Framework on the IAB Europe’s website (https://iabeurope.eu/transparency-consent-framework/).
6. PURPOSES OF THE PROCESSING
We use the data collected for:
• marketing, re-targeting and profiling (i.e. to show you advertisements and commercial offers that are as close as possible to your preferences) and to help advertisers deliver non-invasive advertisements that are closer to the needs of the User;
• measuring the performance of campaigns delivered by the publishers and/or the Company itself and, where appropriate, providing statistical analysis in aggregate form to advertising agencies/clients and/or the publishers of the Website of Origin;
• providing recommendations and/or reports and/or insight to advertising agencies/clients on the delivery of advertising campaigns in line with the preferences expressed by the User while browsing and/or in relation to the data they use.
7. THIRD PARTIES OTHER THAN THE COMPANY
Other tools (such as cookies, pixels, etc.) are installed on the Website of Origin by third parties other than the publisher of the Website of Origin and the Company.
Below is a list of the third parties currently used to provide the Services, with an indication of the links to the information pages created by their developers (also containing information on how to opt-out of installing them, and on the relevant retention periods):
Further partners of the Company
Through the Website of Origin, if you give your consent, additional partners of ours may process personal data in order to provide advertisement and/or make measurements on the advertisement already delivered. Please refer to the related policies: i) for which links are provided next to each vendor within the CMP; ii) for which links are provided within the policy of the Website of Origin; and/or iii) for which links are provided by the publishers that provide the advertising content that the User interacted with before landing on the Website of Origin, within their properties.
8. HOW TO MANAGE COOKIES AND/OR OTHER SIMILAR TRACKING TOOLS AND OPT-OUT OF USING THEM
There are various options for managing, disabling and deleting cookies and/or to opt-out to the use of similar tracking tools.
(A) Change your browser settings
Follow the instructions provided by the manufacturer of the browser you use to find out how to manage, disable or delete all cookies:
• Explorer: https://support.microsoft.com/it-it/windows/eliminare-e-gestire-i-cookie-168dab11-0753-043d-7c16-ede5947fc64d
• Edge: https://support.microsoft.com/it-it/help/4027947/windows-delete-cookies
• Chrome: https://support.google.com/chrome/answer/95647?hl=it
• Firefox: https://support.mozilla.org/it/kb/Attivare%20e%20disattivare%20i%20cookie
• Safari: https://support.apple.com/kb/PH17191?locale=it_IT
• Opera: https://help.opera.com/en/latest/web-preferences/#cookies
(B) Use the special interactive tools
To disable the profiling cookies of the DMP you can simply use the interactive button that is highlighted in paragraph 4 of this privacy policy, which is reproduced here for your convenience.
Consult the privacy policies of the third parties that install profiling tools (paragraph 7) in order to be aware of the modalities available to you to manage, disable and delete cookies and, more generally, to opt-out to their use of tracking systems. Remember that by disabling third-party tools: (i) you opt-out of using them not only on the Website of Origin but on all websites on which they are used; and (ii) the ability to browse the Website of Origin and use its functions will not be affected in any way.
(C) Use the website www.youronlinechoices.eu
Your Online Choices is an Internet website managed by the non-profit association European Interactive Digital Advertising Alliance (EDAA), the Italian version of which can be found at the address www.youronlinechoices.eu/it/. It provides information on behavioural advertising based on profiling cookies (https://www.youronlinechoices.com/uk/about-behavioural-advertising) and allows Internet users to easily opt-out of the installation of the main profiling cookies installed by advertisers and used on Internet websites (https://www.youronlinechoices.com/uk/your-ad-choices). Before using this tool, we recommend that you carefully read the general terms and conditions of service of the Your Online Choices website (https://www.youronlinechoices.com/uk/terms-conditions), as well as the frequently asked questions (FAQ) (https://www.youronlinechoices.com/uk/faqs) and the help page (https://www.youronlinechoices.com/uk/opt-out-help).
Use Your Online Choices sensibly. Although Your Online Choices brings many of the world’s leading advertising companies that use cookies together, some of the third parties that install cookies through the website may not have signed up with Your Online Choices. Therefore, the use of Your Online Choices does not guarantee that you will receive third-party cookies while browsing the website. Remember, also, that if you delete all cookies from your browser, even the technical cookies issued by Your Online Choices to remember your preferences may be deleted, rendering third-party cookies active once again.
(D) Mobile Advertising ID
To opt-out on many devices such as iPhone, iPad or Android devices, we recommend that you consult the device settings and instructions provided by the device manufacturer. Below we have provided some examples for information purposes only and we decline all liability or warranty on their operation or current relevance.
• Apple iOS
Open settings, then “Privacy” -> “Location Services” -> “System Services” and change the option “Location-Based iAds” to “off“.
Open settings, then “Privacy” -> “Advertising” and switch the “Limit Ad Tracking” to “on“.
To reset your Advertising ID on iOS, open settings, then “Privacy” -> “Advertising” e seleziona “Reset Advertising Identifier“.
• Android
Open Google settings, select “Ads” and then “Reset advertising ID” and select “Opt out of interest-based ads“.
(E) CMP
For the processing of personal data that, subject to your consent, the Company and/or the third parties listed in the previous paragraph B may carry out through profiling cookies used on the Website of Origin, you can use the CMP on the Website of Origin and/or the other consent collection mechanism found therein to provide and, if necessary, withdraw consent by following the related instructions. Please note that Refine Direct S.r.l. is an IAB Framework registered vendor and, through the CMP compliant with the IAB Framework’s standard, you will always be able to make granular choices in terms of providing and/or withdraw consent already given.
9. PROCESSING METHODS, TRANSFER OF PERSONAL DATA TO A THIRD COUNTRY AND DATA RETENTION PERIOD
As highlighted in the introduction of this privacy policy, the Company may collect and process some of your personal data through cookies and/or other tracking tools that it places directly on the Website of Origin. The Company acts as the “data controller” of these data, in accordance with the provisions of the Applicable Law. We will process the data collected only by electronic means, in a fully automated manner and without human intermediation. Therefore, our employees and partners will never access the content of the personal data obtained through cookies and/or other similar tracking tools, which means that they will never be able to access and/or have PII (Personally Identifiable Information), i.e. information which can identify you directly.
Some of our employees and partners, authorised to process personal data pursuant to art. 29 of the Regulation, may carry out maintenance work on the computer systems that host the data, without ever being able to access its actual content. Personal data may be stored on servers managed by third parties (e.g. suppliers of computer systems) or may be managed by parties specialising in online advertising, who act as data processors on the basis of a written appointment by the Company, pursuant to art. 28 of the Regulation.
We inform you that, in compliance with the requirements and guarantees established by the Regulation, your data may be transferred to countries outside the European Economic Area (EEA). Such countries may not offer a level of privacy protection and protection of personal data comparable to the level guaranteed by the Applicable Law; where the Company acts as data controller, it will take the utmost care of the security of the data and will therefore manage such transfers with all the appropriate precautions and safeguards in accordance with the Applicable Law and, in particular, in accordance with articles 45 (Transfer on the basis of an adequacy decision) and 46 (Transfer subject to adequate safeguards) of the Regulation.
Please note that some of the third parties indicated in paragraph 7 above – as independent data controllers – may process the personal data collected through the tracking tools installed on the Website of Origin from a location outside the European territory and, therefore, it is recommended that you read their privacy policies carefully for more details.
Your personal data will not be communicated to third-party data controllers or disseminated.
Your personal data will be kept by the Company for the time considered strictly necessary to carry out the primary purposes described in this privacy policy, or as necessary for the protection in civil law of both your interests and those of the Company and, in any case, for no more than twenty-four (24) months. The User’s personal data collected on the Website of Origin, by means of Refine’s proprietary conversion tracking solution, are processed by the Company for the purpose of correct attribution of the conversion only for the time strictly necessary and, in any case, for no longer than 24 hours. Once the origin of a conversion has been attributed to a specific publisher, the User’s personal data are anonymized.
10. YOUR RIGHTS
To exercise your rights, or to obtain further information or explanations on this privacy policy, please contact the Company using the following methods:
• by sending a registered letter with return receipt to the registered office of the Company (Corso Buenos Aires 54, Milan);
• by sending an email to: richieste_privacy@refine.direct.
You can also contact the Data Protection Officer (DPO) of the Company, whose contact details are as follows: email address dpo@refine.direct.
Under the Applicable Law, Users have:
a. the right to withdraw their consent at any time, if the processing is based on their consent;
b. the right to access their personal data;
c. (where applicable) the right to data portability (the right to receive all personal data concerning them in a structured, commonly-used and machine-readable format), the right to restrict the processing of personal data, the right to its rectification and the right to delete it (“right to be forgotten”);
d. the right to object:
i. in whole or in part, for legitimate reasons to the processing of personal data, even if pertinent to the collection purposes;
ii. in whole or in part, to the processing of personal data for the purpose of sending advertising material or direct sale, or for the purpose of market research or commercial communications;
e. if they consider that the processing of their personal data is in breach of the Regulation, the right to lodge a complaint with a Supervisory authority (in the Member State in which they usually reside, in the Member State in which they work or in the Member State in which the alleged infringement took place). The Italian Supervisory Authority is the “Garante per la protezione dei dati personali”, with registered offices in Piazza Venezia No. 11, 00187 – Rome (http://www.garanteprivacy.it/).
The Company is not responsible for the updating of all links that can be viewed in this privacy policy. Therefore, whenever a link is not functional and/or updated, Users acknowledge and accept that they must always refer to the document and/or section of the websites referred to in these links.