Threedium Privacy

This Privacy policy covers the following key subjects:

It explains how we use your information, as a Visitor, Platform User and End User;

It aims to explain clearly what information we collect with your permission, what we do with it and, and what we do not do with that information;

It holds us accountable for protecting your rights and privacy under this policy.

It also lays out in detail the ways in which you are consenting your information to be collected, processed and used including:

• The use of cookies and other tracking technologies
• The transfer of your information outside your country of residence
• The transfer of your non-personal information between trusted partners and third party entities as described in this policy, in order to fulfil a service as agreed by you, Threedium and/or tsuch entities;
• The collection, processing, use, disclosure and retention of your information by all entities as described in this policy, including Threedium as Data Controller and Data Processor (as applicable).
• Glossary of terms

For purposes of this policy:

“Personal Information” for non-residents of the European Economic Area means any information that can be used to identify, contact, or precisely locate a person, including name, email, address, and telephone number.

“Personal Information” for residents of the European Economic Area means any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person. This includes IP address and advertising ID (IDFA/AAID).

“Non-Personal Information” means information not included in the definition of Personal Information, such as pages or ads visited, time spent on pages, browser and device type, and referring and exit pages. For non-residents of the European Economic Area, IP address and advertising IDs (IDFA/AAID) are Non-Personal Information.

A list of additional terms for reference:

“Information” or “Data” - used interchangeably, “Information” or “Data” refers to personal and non-personal data that is collected, processed, used, distributed or retained from Visitors, Platform Users and/or End Users, by Threedium, in order to fulfill the terms of use of our Site or to fulfill our service agreements, as described in this Privacy Policy.

“Ad(s)” - a digital advertisement or “adunit”

“Sensory ads” - Threedium’s user-engagement ad product, Sensory Ads are served on the premise that a user must voluntarily and actively participate with an ad experience by fullfiling a digital “gesture-based” (using the computer cursor, mobile touch-screen or mobile gyroscope type command) interaction. This means that a user must view and opt-in by engaging in order to benefit from the ad experience, as opposed to the traditional industry model of view-only.

“RTB“ - Real-time bidding refers to the buying and selling of online ad impressions through real-time auctions that occur in the time it takes a webpage to load.

“Bidder“ - Threedium is using DoubleClick to buy inventory required for serving adunits. DoubleClick is New York based company that offers the first

“Bidder-as-a-Service“ solution for programmatic RTB media buying.

“HTTPS“ - (HTTP Secure) is an adaptation of the Hypertext Transfer Protocol (HTTP) for secure communication over a computer network, and is widely used on the Internet.

“Cookie“ - An HTTP cookie is a small piece of data sent from a website and stored on the user's computer by the user's web browser while the user is browsing. • “Beacons, Pixels“ -- A Web beacon is an often-transparent graphic image, usually no larger than 1 pixel x 1 pixel, that is placed on a Web site or in an email that is used to monitor the behavior of the user visiting the Web site or sending the email. It is often used in combination with cookies.

“AWS“ - Amazon Web Services (AWS) is a subsidiary of Amazon.com that provides on-demand cloud computing platforms to individuals, companies and governments.

“Amazon VPC“ - Amazon VPC lets you provision a logically isolated section of the Amazon Web Services (AWS) cloud where you can launch AWS resources in a virtual network defined by the client (Threedium).

“Amazon S3“ - Amazon Simple Storage Service is a web service offered by Amazon Web Services (AWS). Amazon S3 is extremely durable, highly available and secure object storage built to store and retrieve any amount of data on the Internet.

“AWS Kinesis“ - Amazon Kinesis Data Streams enables you to build custom applications that process or analyze streaming data for specialized needs.


In general, there are three categories of information we collect:
Information that you opt to share so we can use it to provide additional features and improve your experience;
information that we must have for you to use the Threedium Sites and Services;
Information collected from your interaction with Threedium Products or Services as an End User of an ad format or 3D Configurator
The kind of information we collect, and how we do it depends on which kind of user category you fall into.

I.Contact information. When you request information about Threedium, via our Site’s contact forms or through other means, register to use our Platform, or sign-up to our Platform or other services, you will be asked to provide certain Personal Information which may include your name, email, mailing address, phone number, job title, name of your organisation. When you voluntarily share Personal Information with us, this information is used by Threedium in a manner consistent with the permissions communicated to us. We may use this information to:

• Respond to you regarding your specific query or request;
• Communicate with you for marketing, research and promotional purposes;
• Inform you of any training sessions or events;
• Conduct communication relating to the service or project you signed-up for;
• Inform you of product and service updates.

You always have the option to opt-out of such communication by unsubscribing, changing your user/profile settings or emailing us. You can also request that we delete your information at any time by contacting us directly at info@threedium.co.uk or privacy@threedium.co.uk

II. Cookies. We collect information from our Visitors via cookies or similar technologies, as laid out in our Cookies Policy.

III. Visitor Analytics. In order to ensure the best user experience on our Sites, we may collect certain Visitor and browsing information from visitors to our Sites (“Visitor Analytics”). This may include IP address, browser and device type and language, referring and exit pages and URLs, date and time, amount of time spend on pages, what sections of the Site Visitors visit, and other, similar aggregate user data concerning your use of the Sites. We may use this data to manage and improve our Site. In some areas of the world, certain Visitor Analytics may be Personal Information. Where this is the case, we comply with applicable laws regarding our use and processing of Personal Information.

IV. Billing Information. When you register or sign-up for our Platform or services, we may request you to provide payment or invoicing information that may include invoicing contact (name, email, mailing address, phone number, etc), credit card details (number, expiration date, security code), billing address, unique invoice identifier number, activation code, and similar information (“Billing Information”). Threedium uses this information for the purpose of invoicing and processing payments for services provided. We may use reliable third-party service providers to manage credit card processing, they are not permitted to store, retain, or use Billing Information except for the sole purpose of credit card processing. We may also use reliable third-party service providers to issue, manage and execute billing and payment events, they are not permitted to store, retain, or use Billing Information except for the sole purpose of executing the billing and payment service, and are required to comply with applicable laws regarding our use and processing of Personal Information.

V. Platform User Profile. When you register or sign-up to our Platform, we request you to define a Platform User Profile that may include a user name, contact email and user photo/avatar. This information will be visible to members of your project team to enable communication and execution of the project. You can edit and manage this information on your Platform account settings or by contacting us directly on info@threedium.co.uk.

VI. Ad Serving Data. Threedium collects, processes, uses, discloses or retains information about End Users in the context of their exposure or interaction with an ad. We may also collect information on behalf of our customers which may be an brand/advertiser, publisher, advertising agency and/or their agents, in the context of fulfilling our service to them. Ad Serving Data includes standard digital advertising metrics as defined by industry bodies such as the Internet Advertising Bureau (IAB), including number of ads viewed, time spent viewing an ad, page views, video views, number of ads clicked, IP address, GPS coordinates, advertising identifiers (IDFA/AAID). It may also include Personal Information that you actively choose to share with us through text field forms, and other information about your interaction with the ads. End User information may be used for lawful advertising purposes to provide you with a more tailored online advertising experience. It may also be used by Threedium to improve the functionality of our services. In this context, Threedium may collect, process, uses, disclose or retain information about End Users in the following manners:

Bidder Data - Threedium serves as a “Data Processor” in the context of user targeting and media buying in a programmatic environment, whereas the Bidder makes available information that is covered by consent passed on by the Bidder or Bidder suppliers.

RTB - Threedium may use Ad Serving Data to optimise the performance of the ad campaigns we are bidding for using a Real-Time Bidding Platform. For every relevant auction we receive a bid request. This request is sent over HTTPS and is processed by our servers inside protected AWS VPC. After we reply to the bid request we delete the request data.

Reporting Logs - When we buy inventory using a Bidder, we receive logs with details about auctions we won. This data is sent to us using secure channels using tools like AWS S3 and AWS Kinesis. This data contains End User IP addresses, locations, browser details, websites name, app name, and all bid-related details, and we may use it for campaign optimisation and reporting purposes. You can read more about the Bidder Data we receive here.

Threedium Engagement Data - In addition to standard digital advertising metrics, Threedium also tracks “user engagements” that form the core offering of Sensory Ads.
Every time an ad is loaded in the user browser or app environment, Threedium tracks a set of events triggered by the engagement (including engagement gesture, clicks, skips, etc). We send this data with auction_id back to our servers over the HTTPS channel.

Third Party Tracking - Threedium may implement third-party performance tracking mechanism, such as click-through links and tracking pixels, per the request of our clients who receive and may share with us daily aggregated reports, used to monitor the performance of the campaigns. These mechanisms may store user IP address, store a cookie in the user browser and get information about the browser.

Cookies - Threedium doesn’t store any cookies in End User browsers in the context of Ad serving. However, the Bidder (used to buy ad inventory) and its supplies may store cookies in the End User browser to profile inventory, to fulfil targeting requirements. For this use, Threedium does not target individual (identifiable) users, we only focus on the environmental variables like type of device, domain name and geographical location of the user. Third party tools may also store cookies in the End User browser to help measure and monitor the ad campaign performance accurately. These cookies are governed by the third party and/or domain (publisher) terms.

Aggregated Reporting - In order to fulfil our service proposition, Threedium aggregates raw Bidder Data and Threedium Engagement Data for monitoring, optimisation and reporting purposes. Aggregation is usually executed in the form of daily sums and/or campaign lifecycle totals. Aggregated reports are used to track performance and delivery of campaigns, and are shared with our clients (the advertiser) as part of our contractual obligations. Threedium’s customers and/or partners (collectively “Third Parties”) may also use cookies to customise the End User online advertising experience, based on the preferences or interests known or inferred from the information collected. Our customers (the advertiser) may use cookies to serve appropriate ads to you and to help track results or measure effectiveness of those ads. Third Parties may also combine information collected in the context of delivering an ad to you with other information they have independently collected over time across different online environments, including syncing or connecting behavior across different websites, mobile apps or devices. These Third Parties collect and use information under their own privacy policies.

 

Ad Serving Data is stored in AWS data centres in AWS North Virginia (USA) and the Republic of Ireland.
There are two types of Ad Serving Data

Raw Data - Information we collect via the Bidder (containing IP address, locations and details about the user browser) and tracking logs we store in encrypted S3 buckets with appropriate access control policies.
We keep Raw Data for 90 days. This allows us to check and ensure that the relevant and subsequent aggregations are correct.

Aggregated Data - Aggregated (non-identifiable) information is stored in secured and encrypted databases in the AWS data centres. At this stage we no longer store IP addresses and location we have received from the Bidder. We may store aggregated data indefinitely or as long as normal business operations will require.
If you have any concerns about or would like to opt-out from Ad Serving Data you can contact Threedium at info@threedium.co.uk for further information.

 

Threedium adheres to the DAA’s Self-Regulatory Principles for Online Behavioral Advertising. To learn more about interest based or online behavioral advertising, and other advertising companies’ privacy practices and opt-out from each or any of them (including Threedium), you may also go directly to the DAA website at http://www.aboutads.info/choices/ or contact Threedium at info@threedium.co.uk.
Sharing and disclosure of Personal Information

I. Threedium will only share Personal Information as agreed by the User at the time of collection, or in the following events:

II. Advertiser Customers. We may share Ad Serving Data per the terms described in section 1.IV.

III. Third Party Service Providers. We may share your information with reliable Third Party Service Providers that support us in fulfilling our service obligations. We may also share information with third parties that help us operate and market our services, per the situations described in section 1. We ensure that such third parties are contractually obligated to protect your Personal Information, as required by law.

IV. Compliance with the Law. Threedium may disclose your information to courts, law enforcement, or government authorities, or authorised third parties, if and to the extent we are required to do so by law or in a good-faith belief that such action is necessary or advisable in order to comply with any laws of any country or region which may assert jurisdiction) or in order to respond to a judicial or other governmental action, order, subpoena, request, demand or warrant. We may make such disclosures without providing notice to you.

V. Against Liability or Fraud. We reserve the right to disclose one or more clients’ and/or individual users’ information if it is appropriate or necessary in Threedium’s discretion in order to: take precautions against liability; protect against fraudulent, abusive, or unlawful uses; investigate or defend against any third-party actions or allegations (including assisting a client or third party to do so); assist government enforcement agencies; or protect the security, integrity, rights, property, or personal safety of Threedium, its systems and services, as well as its employees, clients or others.

VI. Business Transfers. If Threedium undertakes or is involved in any merger, acquisition, reorganisation, sale or assets, bankruptcy, or insolvency event, then we may sell, transfer, or share some or all our assets, including your Personal Information. In this event, we will notify you before your Personal Information is transferred and becomes subject to a different privacy policy.

Threedium may also may disclose your information under circumstances not mentioned above, with prior consent of the entity or third-party that submitted the information to us.
Transfer of information across regional/national borders
Threedium’s servers are located in the US and in the Republic of Ireland. Any information collected and provided to us, including Personal Information, will be transferred to and processed through our servers in the US and/or the Republic of Ireland.
By accepting our Terms of Use, you are consenting to the transfer of data to and processing of data, from your country of residence to the location of our servers. If you do not consent to this, do not submit Personal Information to Threedium, or contact Threedium to correct or delete your Personal Information via info@threedium.co.uk or privacy@threedium.co.uk.

 

Threedium is committed compliance with GDPR which comes into effect on 25th May, 2018. If you are a resident of the European Union and are subject to jurisdiction under The European Parliament, you have the following rights: 

1. The right to request access to, or ask us to provide you with copies of, Personal Data that we hold about you at any time, which may be subject to a fee specified by law for processing your request (but not for making a request for access). If Threedium is the Data Controller with respect to your data, we will respond to your request within a reasonable period, and if we are the Data Processor with respect to your data, we may redirect your request to our customer acting as the Data Controller with respect to your data. We may decline a request for access to Personal Data in circumstances prescribed by relevant privacy laws. If we decline a request, we will provide you with a written notice that sets out the reasons for the refusal (unless it would be unreasonable to provide those reasons) and provide you with a statement regarding the mechanisms available to you to make a complaint;
2. The right to ask us to delete any Personal Data that we hold about you free of charge, unless we are required to maintain a copy of this data pursuant to applicable law;
3. The right to ask us to update and correct any out-of-date or incorrect or inaccurate Personal Data that we hold about you free of charge. We will take reasonable steps to correct the information so that it is accurate, complete and up to date. If we refuse to correct your Personal Data, we will provide you with a written notice that sets out the reasons for our refusal (unless it would be unreasonable to provide those reasons) and provide you with a statement regarding the mechanisms available to you to make a complaint;
4. The right to opt out of any marketing communications that we (or any third-party to whom we have disclosed your Personal Data with your consent) may send you or to withdraw your prior consent or object to any further processing of your Personal Data;
5. The right to request information about any automated decisions made using your Personal Data that have legal consequences for you or which significantly affect you; and
6. The right to lodge a complaint with your local Data Protection Authority concerning Threedium’s processing of your Personal Data.

If you wish to exercise any of the above rights, send us an email at privacy@threedium.co.uk . Before we process any request, we may ask you for certain Personal Data to verify your identity, and in situations where Threedium is the Data Processor, consult with the Data Controller of your data. Where permitted by local law, we may reject requests that are unreasonable or impractical. Please allow us a reasonable time to respond to your inquiries and requests.
Users residing in the EU who are not satisfied with our response, or believe we are processing your personal data not in accordance with the law, data subjects covered under the GDPR framework have the right to lodge a complaint with a supervisory authority in the Member State of their habitual residence, place of work, or place of the alleged infringement.

 

Threedium works with social media tools, services and networks, such as LinkedIn, Facebook and Twitter. We provide users with both proprietary and branded tools to enable them to share an item of Distributed Content, solicit or refer other users to view Distributed Content, or express or broadcast their opinion about an item of Distributed Content.
In some cases, the use of these tools will require a user to provide personally-identifiable information. For example, a user may send a link for certain content to one or more recipients by email with a personal message.
Threedium does not use the email addresses, except as necessary to deliver the communication as requested, and does not store the email addresses. If you use a tag, button or sharing feature that is provided by a branded third-party social media service or network, such as a “Like” button, you may be required to log-in to your account or otherwise take steps to access such third party services. Such collection, use and disclosure of any information by or in relation to such third party service is subject to its privacy policy, and this Privacy Policy does not apply.

 

Threedium adheres by reasonable technical and organisational security protocols to safeguard Personal Data that is submitted to us via our Site or Services, according to the voluntary principles of information sharing outlined in this document.
No method of transmission over the Internet, or method of electronic storage, is 100% secure. We cannot control the actions of third-parties with whom you elect to share your Personal Data and we cannot assume responsibility or liability for disclosure of your information due to errors in transmission, unauthorized third-party access or other causes beyond Threedium’s reasonable control.. We cannot guarantee that only authorised persons will view your Personal Data. We cannot ensure that information you share on our Site and/or through our Services will not become publicly available.

 

Threedium adheres to strict protocols to safeguard children’s privacy. You must be at least 13 years old to use the Site and/or our Service. We do not knowingly collect Personal Data from any child under 16 years of age without consent or authorisation of the holder of parental responsibility for said child, per EU GDPR guidelines. If you are under 16 years of age, do not use our Services and do not provide any Personal Data to us. If you are a parent of a child under 16 years of age and become aware that your child has provided Personal Data to Threedium without your consent, please contact us at info@threedium.co.uk or privacy@threedium.co.uk and you may request access, correction, deletion, and/or objection rights.

 

Threedium may update this Privacy Policy from time to time, and so you should review this Policy periodically. We’ll notify you of material changes to the Privacy Policy via a notice on our Site(s) and/or a direct communication (ie. via email). When appropriate and required, we may notify you and request continue acceptance of the revised Terms of Use and/or Privacy Policy. You may be provided other privacy-related information in connection with your use of offerings from Threedium, as well as for special features and services not described in this Privacy Policy that may be introduced in the future.

 

If you have questions or concerns regarding this Privacy Policy, including our policies for the collection, processing, use, disclosure or retention of information, and/or our use of cookies, you can contact us at:

Wework Marylebone, 119 Marylebone Rd, London, United Kingdom, NW1 5PU
Primary email: info@threedium.co.uk
UK phone: +44 (0)-749-1567-061