Privacy Policy

Liftoff

Privacy Policy

Effective: January 2024

The Liftoff group of companies which includes Liftoff Mobile, Inc. and Vungle, Inc. (“Liftoff,” “we,” “us,” “our”) is a mobile advertising group that provides customers with an advertising and optimization platform and software (the “Services”). In order to provide our Services to customers, we collect and use certain information about user activity and preferences. As such, we know that our users (“you”, “your”) care about their personal information and how it is used and shared, and we take your privacy very seriously. Taking the importance of your privacy into consideration, we have created and enacted this privacy policy to help you understand our privacy practices.

KEY POINTS

  • Liftoff is the data controller of personal information processed through our interaction with you or processed in order to serve you with ads.
  • We obtain and process information about end users who are targeted with our customers’ ads (insofar as the information is required for such ad targeting), customer and supplier personnel (for the purposes of liaising and contracting with customers and suppliers and for business development purposes) and users of our website (to provide the website and answer queries and requests).
  • We may send you marketing updates about our services, however you can unsubscribe at any time.
  • We share information with third party service providers, our affiliates and partners, our group companies and where required by law.
  • You have a number of rights that you may exercise in relation to our use of your personal information, and you may exercise these by contacting us at [email protected].

I. WHAT DOES THIS PRIVACY POLICY COVER?

The privacy practices and policies that we outline in this privacy policy will apply to the way that we use your information. Generally speaking, you will fall into one of four categories:

  • “Site Visitor”: accessing or browsing the www.liftoff.io site (the “Site”);
  • “Customer”: requesting the provision of Services from us;
  • “Partner”: providing services to us, to allow us to provide Services to our Customers: or
  • “Targeted End User”: using mobile apps provided to you by our Customers (acting as an “End User”).

This privacy policy applies to the Site and our Services. This privacy policy describes how Liftoff collects, uses, shares and stores information that identifies you (“personal information”) as well as your choices regarding the use, access and correction of your personal information. Please note that this policy does not apply to the practices of companies that we do not own or control, or to individuals that we do not employ or manage.

This Privacy Policy covers the following:

II. WHO WE ARE

Liftoff is the data controller of the personal information that we collect from you. It is a company registered in Delaware (registration number C3511707), whose registered office is at 555 Bryant Street, Suite #133, Palo Alto CA 94301.

You can contact us in relation to this privacy policy by email at [email protected]. For more information on how to contact us, see the “How to contact us” section below.

III. THE INFORMATION WE COLLECT AND HOW WE USE AND STORE YOUR PERSONAL INFORMATION

The type of personal information that we process falls into three categories:

  • Information we collect from Customers and Partners in connection with the provision of our Services;
  • Information we collect and use when Targeted End Users interact with our Customers’ mobile applications and which we need to provide our Services; and
  • Information that Site Visitors provide to us via the Site.

A. Information We Collect from Customers and Partners

If you are one of our Customers or Partners (or a representative of one of our Customers or Partners), we collect the following information from you, and process it for the following purposes (based on the following legal basis if you are located in the UK / European Economic Area (“EU”)):

Personal Information

Purpose

Legal Basis

Name;

Email;

Account login details (such as user ID, password);

Payment Information;

Data related to the use of your user account/profile, including: (a) technical information such as IP address, device type, country from which you access, browser type and version, browser plug-in types and versions, operating system; and (b) information about your use such as page clicks, time and length of visits, pages visited, traffic data, location data, weblogs and other communication data.

To allow you to set up and use a user account and profile

Legitimate interests (running, developing and improving our business)

To fulfil your requests for certain products and Services

Legitimate interests (running, developing and improving our business)

To analyse how Customers utilise the Services

Legitimate interests (running, developing and improving our business)

To receive services from you or the business you represent (where you or your business is a Partner)

Legitimate interests (running, developing and improving our business)

To generate leads

Legitimate interests (to market our Services);

Consent (where you have given it)

As part of our “Mobile Heroes” programme

Legitimate interests (to market our Services)

To send you marketing communications (with consent where required by applicable laws) unless you have told us that you would rather not hear from us

Legitimate interests (to market our Services);

Consent (where you have given it)

To keep a record of your consent and to manage your data subject rights requests

Legitimate interests (running our business);

Compliance with legal obligations

To determine the effectiveness of our Services and communications

Legitimate interests (running, developing and improving our business)

Preserving and sharing information with others including law enforcement, responding to legal requests and establishing, exercising or defending our legal rights

Legitimate interests (protecting our rights, personnel, property or products, or those of others);

Compliance with legal obligations

To follow applicable laws and regulations

Compliance with legal obligations

  • Name
  • Email
  • Browser information
  • Geographic data
  • Payment Information from Partners

Customers and Partners wishing to opt out of receiving information from Liftoff can click “UNSUBSCRIBE” in marketing emails or email us at [email protected].

We also collect certain types of information automatically through the use of Cookies as outlined below and other similar tracking technologies. These tracking technologies enable us to personalize the Services to Customers.

When you provide us with personal information about your contacts we will only use this information for the specific reason for which it is provided in order to reach out to the individual nominated as a mobile hero. If you believe that one of your contacts has provided us with your personal information and you would like to request that it be removed from our database, please contact us at [email protected].

B. Information We Collect and Use About Targeted End Users When They Interact With Our Customers’ Mobile Applications

If you are a Targeted End User, we collect certain device information provided by our advertising exchange Partners or our Customers which we process it for the following purposes (based on the following legal basis if you are located in the UK / EU):

Personal Information

Purpose

Legal Basis

Generic geographic location consisting of IP address and explicit geographical categorization such as country or zip code and then granular latitude and longitude coordinates (please note that this is subject to the capability of the advertising exchange that we use, and so this data is not always collected by us);

Carrier;

Device make, manufacturer, operating system and language settings;

Name of application interactive with Liftoff Services;

Internet Protocol Address;

Device ID;

Browser type;

Internet service provider (ISP);

Android ID or Identifier for Advertisers (IDFA);

Connection speed;

App usage data;

Referring / exit pages;

Files viewed on our Site (e.g. HTML pages, graphic, etc.);

Date / time stamp;

Clickstream data

Using limited data to select advertising: Advertising presented to you on a Customer’s app can be based on limited data, such as the app you are using, your non-precise location, your device type or which content you are (or have been) interacting with (for example, to limit the number of times an ad is presented to you).

Consent

Creating profiles for personalised advertising: Information about your activity on a Customer’s app (such as forms you submit, content you look at) can be stored and combined with other information about you (for example, information from your previous activity on a Customer’s app and other websites or apps) or similar users. This is then used to build or improve a profile about you (that might include possible interests and personal aspects). Your profile can be used (also later) to present advertising that appears more relevant based on your possible interests by this and other entities.

Consent

Using profiles to select personalised advertising: Advertising presented to you on a Customer’s app can be based on your advertising profiles, which can reflect your activity on that app or other websites or apps (like the forms you submit, content you look at), possible interests and personal aspects.

Consent

Measuring advertising performance: Information regarding which advertising is presented to you and how you interact with it can be used to determine how well an advert has worked for you or other users and whether the goals of the advertising were reached. For instance, whether you saw an ad, whether you clicked on it, whether it led you to buy a product or download an app, etc. This is very helpful to understand the relevance of advertising campaigns.

Consent

Understanding audiences through statistics or combinations of data from different sources: Reports can be generated based on the combination of data sets (like user profiles, statistics, market research, analytics data) regarding your interactions and those of other users with advertising or (non-advertising) content to identify common characteristics (for instance, to determine which target audiences are more receptive to an ad campaign or to certain contents).

Consent

Developing and improving services: Information about your activity a Customer’s app, such as your interaction with ads or content, can be very helpful to improve products and services and to build new products and services based on user interactions, the type of audience, etc. This specific purpose does not include the development or improvement of user profiles and identifiers.

Consent

Ensuring security, preventing and detecting fraud, and fix errors: Your data can be used to monitor for and prevent unusual and possibly fraudulent activity (for example, regarding advertising, ad clicks by bots), and ensure systems and processes work properly and securely. It can also be used to correct any problems you, the publisher or the advertiser may encounter in the delivery of content and ads and in your interaction with them.

Legitimate interests (it is in the interests of us, our clients, and you to ensure that ads are served in a safe and error free way and that fraudulent third parties do not distort the true price to be paid for showing you ads)

Delivering and presenting advertising and content: Certain information (like an IP address or device capabilities) is used to ensure the technical compatibility of the content or advertising, and to facilitate the transmission of the content or ad to your device.

Legitimate interests (it is in the interests of us, as a core aspect of our business, to help to serve the ads, whether personalised or not, at a technical level)

Preserving and sharing information with others including law enforcement, responding to legal requests and establishing, exercising or defending our legal rights

Legitimate interests (protecting our rights, personnel, property or products, or those of others);

Compliance with legal obligations

To follow applicable laws and regulations

Compliance with legal obligations

In pursuit of the above purposes, we do the following:

  • Match and combine data from other data sources: Information about your activity on a Customer’s app service may be matched and combined with other information relating to you and originating from various sources (for instance your activity on a separate online service, your use of a loyalty card in-store, or your answers to a survey), in support of the purposes explained in this notice;
  • Link different devices: In support of the purposes explained in this notice, your device might be considered as likely linked to other devices that belong to you or your household (for instance because you are logged in to the same service on both your phone and your computer, or because you may use the same Internet connection on both devices);
  • Identify devices based on information transmitted automatically: Your device might be distinguished from other devices based on information it automatically sends when accessing the Internet (for instance, the IP address of your Internet connection or the type of browser you are using) in support of the purposes exposed in this notice;
  • Use precise geolocation data: With your acceptance, your precise location (within a radius of less than 500 metres) may be used in support of the purposes explained in this notice.
  • Actively scan device characteristics for identification: With your acceptance, certain characteristics specific to your device might be requested and used to distinguish it from other devices (such as the installed fonts or plugins, the resolution of your screen) in support of the purposes explained in this notice.

Our Privacy Principles for the use of data about Targeted End Users

  • Liftoff’s systems aggregate events/data at granularities that cover many users, as opposed to a specific user, unless the user consents. For instance: users with iPhone X’s in San Francisco have clicked on ads in app A 100 times and installed app B 50 times.
  • Liftoff does not tie together events/data across apps in a user-specific way, without the user’s consent. For instance: we do not track that a person did X in app A and also Y in app B from a different publisher, if the person opts-out of interest-based advertising.
  • Instead, Liftoff only ties events/data from a given specific user within the context of a given app. E.g. user with app-local ID 123 installed app A, then finished the tutorial, then made a purchase.
  • This allows Liftoff to understand the conversion rates from one event to another within an app, but not track the activities of a user across different apps.
  • Liftoff does not record or store personal information that the user cannot easily revoke, such as email address, physical address, photographs or phone number to personalize our advertising. Liftoff relies upon device IDs to uniquely identify a user, and Liftoff solely relies upon the user’s consent in allowing Liftoff to access this information.
  • Liftoff does not export per-user data outside of Liftoff, except for validation purposes to a company that already has access to that data
  • Details of how to opt-out of interest based advertising from us can be found at: https://liftoff.io/opt-out/.

C. Information You Provide to Us via Our Site

When you visit our Site, we collect the following information from you, and process it for the following purposes (based on the following legal basis if you are located in the UK / EU):

Personal Information

Purpose

Legal Basis

Name;

Email;

Account login details (such as user ID, password);

Data related to your use of the Site, including: (a) technical information such as IP address, device type, country from which you access, browser type and version, browser plug-in types and versions, operating system; and (b) information about your use such as page clicks, time and length of visits, pages visited, traffic data, location data, weblogs and other communication data.

Any other information that you actively provide to us via our Site

To provide access to our Site

Legitimate interests (running, developing and improving our business)

To deal with and respond to your enquiries

Legitimate interests (running, developing and improving our business)

To analyse how our Site is used

Legitimate interests (running, developing and improving our business and Site)

For the purposes set out in the “Cookies and Tracking Technologies” section below

Legitimate interests (running, developing and improving our business and Site);

Consent (where you have given it)

To send you marketing communications (with consent where required by applicable laws), unless you have told us that you would rather not hear from us

Legitimate interests (to market our Services);

Consent (where you have given it)

To keep a record of your consent and to manage your data subject rights requests

Legitimate interests (running our business);

Compliance with legal obligations

To determine the effectiveness of our Site and communications

Legitimate interests (running, developing and improving our business)

Preserving and sharing information with others including law enforcement, responding to legal requests and establishing, exercising or defending our legal rights

Legitimate interests (protecting our rights, personnel, property or products, or those of others);

Compliance with legal obligations

To follow applicable laws and regulations

Compliance with legal obligations

If you do not want to receive any communications from us (as set out in the table above), please indicate this by contacting us at [email protected]. Please note that if you do not want to receive legal notices from us, those legal notices will still govern your use of the Services, and you are responsible for reviewing such legal notices for changes.

Additionally, you may sign up to receive reports and communications from us by following the “Join Our Newsletter” link on our Site. If you would like to opt-out of receiving any information that you receive from us, such as our newsletter, you may update your email preferences by using the “UNSUBSCRIBE” link found in emails we send to you or at your member profile on our Site or by contacting us at [email protected].

User Data Supplementation

We may receive information about you from other sources as required in connection with our legitimate interests, including publicly available databases or third parties from whom we have purchased data (including marketing data). We combine this data with information we already have about you to help us to update, expand and analyze our records, identify new Customers, deliver our marketing services and provide more tailored advertising, products and Services.  If you provide us with personal information about others, or if others give us your information, we will only use that information for the specific reason for which it was provided to us.

Cookies and Tracking Technologies

Liftoff and our partners use cookies or similar technologies to analyze trends, administer the Site, track users’ movements around our Site, and to gather demographic information about our user base as a whole. A full list of cookies we use on this site is found on our Cookie Policy.

You can control the use of cookies at the individual browser level, but if you choose to disable cookies, it may limit your use of certain features or functions on our Site or Services.

Automated decision making

We perform the following automated decision making processes using your personal information:

  • To build lookalike targeting models to target users who are similar to the Customer’s existing users. Our Machine Learning does this automatically for every Customer. The more upfront device IDs Liftoff has, the more beneficial this is.
  • For power predictive ML features e.g. users who have purchased in the past are much more likely to purchase again in the future
  • To exclude existing users from User Acquisition campaigns, and power targeting rules for re-engagement campaigns e.g. target users who have registered but not purchased.

Information Related to Data Collected through the Service

If you are using our analytics platform, the use of information collected through our service shall be limited to the purpose of providing the Service for which you have engaged Liftoff.

Liftoff collects information under the direction of its Customers, and has no direct relationship with the individuals whose personal information it processes. If you are a Targeted End Users of one of our Customers and would no longer like to be contacted by one of our Customers that use our service, please contact the Customer that you interact with directly.  We may transfer personal information to companies that help us provide our service. Transfers to subsequent third parties are covered by the service agreements with our Customers.

We acknowledge that you have the right to access your personal information. A Targeted End User who seeks access, or who seeks to correct, amend, or delete inaccurate data should direct his query to the Liftoff’s Customer (the data controller). If requested to remove data we will respond within a reasonable timeframe.

We will retain personal information we process on behalf of our Customers for as long as needed to provide services to our Customer. Liftoff will retain this personal information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.

IV. INTERNATIONAL TRANSFERS

Your personal information may be collected, transferred to, and processed in, countries other than the country in which you are located, including the United States and other countries where we or our group companies or service providers (among others) maintain facilities. Our group affiliates and our third party service providers and partners operate around the world. We maintain primary data centers in the United States, Singapore and Japan and Germany. These countries may have data protection laws that are different to the laws of your country, and may not provide for the same level of data protection as your jurisdiction. We take steps designed to ensure that the data we collect under this privacy policy is processed as described in this privacy policy and according to applicable law.

We have implemented appropriate safeguards to ensure that the recipient of your personal information offers an adequate level of protection, including by entering into the standard contractual clauses for the transfer of personal information, or where required, we will ask you for your prior written consent for such international data transfers.

Where we transfer your personal information to countries and territories outside of the European Economic Area, Switzerland and the UK which have been formally recognized as providing an adequate level of protection for personal information, we rely on the relevant “adequacy decisions” and “adequacy regulations” from the European Commission, Swiss and UK authorities.

Where the transfer is not subject to an adequacy decision, we take appropriate safeguards to ensure that your personal information will remain protected in accordance with this privacy policy and applicable laws. These safeguards include implementing the European Commission’s Standard Contractual Clauses as issued on 4 June 2021 under Article 46(2) GDPR for transfers originating in the EU and Switzerland; and the UK Addendum under Article 46(2) of the UK GDPR for the transfer of data originating in the UK.

Our Standard Contractual Clauses entered into by our group companies and with our third party service providers and partners can be provided on request. Please note that some sensitive commercial information will be redacted. If you have any questions or concerns related to international data transfers, please contact us via the contact details set out below.

Data Privacy Frameworks

Liftoff complies with the EU-U.S. Data Privacy Framework (“EU-U.S. DPF”), the UK Extension to the EU-U.S. DPF (“UK Extension”) and the Swiss-U.S. Data Privacy Framework (“Swiss-U.S. DPF”) as set forth by the U.S. Department of Commerce. We have certified to the U.S. Department of Commerce that we adhere (i) to the EU-U.S. DPF Principles with regard to the processing of personal information received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF, and (ii) the Swiss-U.S. DPF Principles  with regard to the processing of personal information received from Switzerland in reliance on the Swiss-U.S. DPF (collectively, the “DPF Principles”). If there is any conflict between the terms in this Privacy Policy and the DPF Principles, the DPF Principles shall govern. To learn more about the DPF program, and to view our certification, please visit https://www.dataprivacyframework.gov/.

The types of personal information we receive in the US, as well as the purposes for which we collect and use it, are set out in section II titled “The information we collect and how we use and store your information”. We will give you an opportunity to opt out where personal information we control about you is to be disclosed to an independent third party, or is to be used for a purpose that is materially different from those set out in this privacy policy. If you otherwise wish to limit the use or disclosure of your personal information, please contact us via the contact details set out below.

Information about the types of third parties to which we disclose personal information and the purposes for which we do so is described in Section V below titled “How we share your personal information and who we share it with”. If we have received your personal information in the US and subsequently transfer that information to a third party acting as an agent, and such third party agent processes your personal information in a manner inconsistent with the DPF Principles, we will remain liable unless we can prove we are not responsible for the event giving rise to the damage. If you are located in the European Economic Area, the United Kingdom (inc. Gibraltar) or Switzerland, you have the right to request access to the personal information that we hold about you and request that we correct, amend, or delete it if it is inaccurate or processed in violation of the DPF Principles. If you would like to exercise these rights, please contact us via the contact details provided below. We may request specific information from you to confirm your identity and we will respond to your request in accordance with the DPF Principles and applicable data protection laws. You may also opt-out of receiving marketing communications from us by writing to us at the contact details provided below or by clicking on the “unsubscribe” or “opt-out” link in the marketing emails we send you.

In compliance with the EU-U.S. DPF, the UK Extension and the Swiss-U.S. DPF, we commit to resolve DPF Principles-related complaints about our collection and use of your personal information. EU, UK and Swiss individuals with inquiries or complaints regarding our handling of personal information received in reliance on the EU-U.S. DPF, UK Extension and Swiss-U.S. DPF should first contact Liftoff at: [email protected]. We will investigate and attempt to resolve any DPF-related complaints or disputes within forty-five (45) days of receipt.

We commit to refer unresolved complaints concerning our handling of personal information received in reliance on the EU-U.S. DPF, the UK Extension and the Swiss-U.S. DPF to JAMS, an alternative dispute resolution provider based in the United States. If you do not receive timely acknowledgment of your DPF Principles-related complaint from us, or if we have not addressed your DPF Principles-related complaint to your satisfaction, please visit www.jamsadr.com/eu-us-data-privacy-framework for more information or to file a complaint. The services of JAMS are provided at no cost to you. If your complaint is not resolved by us or by JAMS, you may, under certain conditions, invoke binding arbitration for complaints regarding compliance with the EU-U.S. DPF, the UK Extension and the Swiss-U.S. DPF. Please see here for additional information.

The Federal Trade Commission has jurisdiction over our compliance with the EU-U.S. DPF, the UK Extension and the Swiss-U.S. DPF. We may be required to disclose personal information we handle under the EU-U.S. DPF, the UK Extension and the Swiss-U.S. DPF in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

We reserve the right to amend this section from time to time consistent with the EU-U.S. DPF, the UK Extension and the Swiss-U.S. DPF requirements.

V. HOW WE SHARE YOUR PERSONAL INFORMATION AND WHO WE SHARE IT WITH

·           Sharing of Information We Collect

We neither rent nor sell your personal information in personally identifiable form to anyone. However, we do share your personal information with third parties as described in Section III and in this Section. If you have consented to us sharing your personal information but later change your mind, you may contact us and we will cease any such activity.

·           Affiliated Businesses and Third Party Websites We Do Not Control

In certain situations, businesses or third party websites we’re affiliated with may sell items or provide services to you through the Services (either alone or jointly with us). You will be able to recognize when an affiliated business is associated with such a transaction or service, and we will share your personal information with that affiliated business only to the extent that it is necessary and related to such transaction or service. We have no control over the policies and practices of third party websites or businesses as to privacy or anything else, so if you choose to take part in any transaction or service relating to an affiliated website or business, please review all such business’ or websites’ policies. This privacy policy applies only to personal information that we collect through the Site and Services. If you have any questions about these practices, please contact us at [email protected].

·           Service Providers

We employ third party companies and people, for example cloud service providers (“Third Party Service Providers”), such as Amazon Web Services, Dropbox, Salesforce and Unity Technologies to perform tasks e.g., provide computer and network infrastructure services on our behalf or as advertising exchange partners and we may need to share your information with them to provide products or Services to you. We only share your personal information with Third Party Service Providers to the extent necessary for them to assist us and they do not have any right to use your personal information we share with them beyond what is necessary to assist us. We may also work with Google to deliver the best advertising opportunities to its clients through the use of remarketing tags. Traffic Clients and other data subjects can consult Google’s policies to learn more about Google’s processing policies here.

·           Group companies

We may provide your personal information to our subsidiaries or affiliated companies for the purpose of processing personal information on our behalf to provide the Site and the Services to you. These parties are required to process such information based on our instructions and in accordance with this privacy policy. They do not have any independent right to share this information.

·           Compliance with laws and legal proceedings

We may also disclose your personal information as required by law, such as to comply with a subpoena or other legal process and when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request.

·           Merger or Acquisition

If Liftoff or any of its subsidiaries are involved in a merger, acquisition, or sale of all or a portion of its assets, you will be notified via email and/or a prominent notice on our Site of any change in ownership, uses of your personal information, and choices you may have regarding your personal information. We may also disclose your personal information to any other third party with your prior consent.

VI. SECURITY

The security of your personal information is important to us.  Whilst we take appropriate technical and organisational measures to safeguard the personal information that you provide to us, no transmission over the Internet can ever be guaranteed secure. Consequently, please note that we cannot guarantee the security of any personal information that you transfer over the Internet to us.

We take appropriate steps to pseudonymize your personal information. For Targeted End Users, the advertising device IDs (which are the only per-user identifiers that we track, and can be reset by the user at any time) are SHA1-hashed before insertion. Since SHA1 is a one-way hashing algorithm, the original raw advertising device ID cannot be reverse-engineered from the hashed version.

If you have any questions about the security of your personal information, you can contact us at [email protected].

VII. DATA RETENTION

If you have provided us with personal information for the purposes of holding an account with us, we will retain your information (including personal information) for as long as your account is active or as needed to provide you Services.

If we hold information about you through any other means we shall only process this information for as long as is necessary for the purpose and in any event for no longer than 28 days.

Information relating to Targeted End Users is retained for 30 days in pseudonymized form before it is automatically deleted from our active database. Backups are stored indefinitely.

We will delete it after the timescales stated above, except we will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.

VIII. YOUR RIGHTS

·           Opting-out of interest-based advertising from Liftoff

As described in this privacy policy, third parties may use cookies and similar tracking technologies to collect information and infer your interests for interest-based advertising purposes. If you would prefer to not receive personalized ads based on your browser or device usage, you may generally express your opt-out preference to no longer receive tailored advertisements by clicking here (or if located in the EU click here). Please note that you will continue to see advertisements, but they will no longer be tailored to your interests.

Refer to our opt out page for instructions on how to opt-out of interest-based advertising when you are a Targeted End User.

·           Data Subject Rights

You have certain rights in relation to your personal information. If you would like further information in relation to these or would like to exercise any of them, please contact us via email at [email protected] at any time. You have the following rights:

  1. Right of access.  You have a right of access to any personal information we hold about you.  You can ask us for a copy of your personal information; confirmation as to whether your personal information is being used by us; details about how and why it is being used; and details of the safeguards which are in place if we transfer your information outside of the UK or EU.
  2. Right to correct/ update your information. You have a right to request a correction/ update to any of your personal information which is out of date or incorrect.
  3. Right to delete your information.  You have a right to ask us to delete any personal information which we are holding about you in certain specific circumstances.  You can ask us for further information on these specific circumstances by contacting us by email.

We will pass your request onto other recipients of your personal information unless that is impossible or involves disproportionate effort.  You can ask us who the recipients are, by contacting us by email.

  1. Right to restrict use of your information: You have a right to ask us to restrict the way that we process your personal information in certain specific circumstances.  You can ask us for further information on these specific circumstances by contacting us by email.  

We will pass your request onto other recipients of your personal information unless that is impossible or involves disproportionate effort.  You can ask us who the recipients are by contacting us by email.

  1. Right to object to processing of your personal information.  You have a right to ask us to consider any valid objections which you have to our use of your personal information where we process your personal information on the basis of our or another person’s legitimate interest.  
  2. If we have collected and process your personal information with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your personal information conducted in reliance on lawful processing grounds other than consent.
  3. Right to stop marketing: You have a right to ask us to stop using your personal information for direct marketing purposes.  If you exercise this right, we will stop using your personal information for this purpose.
  4. Right to data portability: You have a right to ask us to provide your personal information to a third party provider of services.  

This right only applies where we use your personal information on the basis of your consent or performance of a contract; and where our use of your information is carried out by automated means.

We will consider all such requests and provide our response within a reasonable period (and in any event within one month of your request unless we tell you we are entitled to a longer period under applicable law). Please note, however, that certain personal information may be exempt from such requests in certain circumstances, for example if we need to keep using the information to comply with our own legal obligations or to establish, exercise or defend legal claims.  

If an exception applies, we will tell you this when responding to your request.  We may request you provide us with information necessary to confirm your identity before responding to any request you make.

IX. CHILDREN’S PRIVACY

We do not knowingly collect or solicit personal information from anyone under the age of 16 or knowingly allow such persons to register for the Services (as that term is defined in our Terms of Use). If you are under 16, please do not attempt to use the Site or register for the Services or send any information about yourself to us, including your name, address, telephone number, or email address. No one under age 16 may provide any personal information to us or use the Site or the Services. In the event that we learn that we have collected personal information from a child under age 16, we will delete that information as quickly as possible unless your parent or guardian has provided us with their consent for your use of our Site or Services. If you believe that we might have any information from or about a child under 16, please contact us at [email protected].

X. CHANGES TO THIS PRIVACY POLICY

We may update this privacy policy to reflect changes to our information practices. If we make any material changes, we will notify you by email (sent to the e-mail address specified in your account) or by means of a notice on this Site prior to the change becoming effective. We encourage you to periodically review this page for the latest information on our privacy practices.

XI. HOW TO CONTACT US

Liftoff is the data controller of the personal information, with registered office at 555 Bryant Street, Suite #133, Palo Alto CA 94301.

We have a Data Protection Officer to assist with all queries or concerns you may have regarding our processing of your personal information, who can be contacted at [email protected].

If you have complaints about our Site or Services, please contact us at: [email protected].  

You may also contact our representatives in the EU and UK:

Jurisdiction

Representative

EU

Attn: Legal Department

Liftoff GmBH

Torstrabe 146/Linienstrabe 86, 10119, Berlin, Germany

UK

Attn: Legal Department

Liftoff Mobile Limited

Drapers House, 76-78 Clerkenwell Road, London, EC1M 5QA

In the EU and UK, you may also make a compliant to the appropriate data protection authority for data protection matters or seek a remedy through local courts if you believe your rights have been breached.