Ogury Services Privacy Statement
Last Updated: 9 May 2022
Ogury Limited (“Ogury”, “we” or “us”) cares about its users’ privacy and is committed to clearly describing and disclosing its data practices.
Welcome to Ogury
Ogury is a mobile advertising technology company. We develop and maintain software, cookies, pixels and similar technologies (“Ogury Technologies”) that mobile app and website publishers and developers (“Publishers“) can integrate into their mobile apps and websites(“Properties “) to help them and us to:
- manage end-user transparency and privacy choices and
- display ads of advertisers and advertising agencies (together “Partner(s)”) within their Properties.
Specifically, we use Ogury Technologies to provide the following products for Publishers, Active Insights, Consent Manager and User Engagement – in this Privacy Statement, we call these solutions the “Ogury Services” and we call ads that we display on behalf of our Partners in connection with the Ogury Services, “Ogury Ads“.
In connection with the Ogury Services, we process certain data (“User Data“) of end-users accessing Properties on which Ogury Technologies are used, and from other third party partner sources.
This Ogury Services Privacy Statement explains what User Data we process in connection with our provision of the Ogury Services, how we process and share User Data and your rights to your User Data.
What User Data we process?
The User Data we process comprises the following categories of information:
Information relating to Users’ Devices – this information includes:
- The type of mobile, tablet or other handheld devices (“Device“) being used (including manufacturer, model, operating system, screen dimensions, OS version, Virtual Machine name and version and android standby bucket).
- Details of the Property and web browser in which the Ogury Technologies are incorporated (asset key, App name and version or mobile web address and ad unit).
- The version number of the Ogury Technologies used by the Property.
- Device language and country codes, local time and time-zone
- Device connection type; GSM, 3G, 4G, Wi-Fi etc.).
“What User Data we process with Identifiers”
Ogury links the Technical Information it collects listed above to certain Device and User identifiers that it collects from Users and their Devices – this information includes:
- Unique Advertising ID, such as Google AAID or Apple IDFA or a unique cookie based identifier.
- IP Address.
All User Data we collect is associated with these identifiers.
“Ad Engagement Information”
Information on how Users engage with Ogury Ads, including:
- Content of the Ogury Ad (what the Ogury Ad relates to).
- The format of each Ogury Ad (e.g., text, image, or video).
- Where the Ogury Ad is displayed within Property or elsewhere.
- The User’s interaction with the Ogury Ad (for example, clicks and how long the Ogury Ad was displayed for).
- User interaction with Partner sites after clicking on an Ogury Ad.
We combine Ad Engagement Information with Usage Data to determine what Users do when interacting with or after viewing each Ogury Ad – for example, to identify whether a User proceeded to buy the product or services that were displayed to them in an Ogury Ad.
“Ad Execution and Crash Reporting Information”
Information relating to when Property has crashed – this information includes:
- Date and time
- Advertising ID
- API key/Ad Unit ID
- Ogury Script Version
- Page locale
- Mobile web address
- App package name and version
- Browser name and version
- Device model and OS version
- Error message
User Data includes any other information (including personal information) that may be submitted to us directly (for example, through a User submitted form or survey response).
Our policy towards children
In accordance with applicable European Union guidance on the practice, we do not knowingly collect User Data from children under the age of 16 or use any User Data to target adverts to children under the age of 16. If you believe we have inadvertently collected User Data from or about a child, please contact us using the details provided under the heading How to Contact Us below.
Sources of User Data
We collect User Data from the following sources:
- Directly from Devices of Users visiting Apps and websites on which Ogury Technologies are used
- Third parties such as Publishers, Partners or supply side platforms. We receive this User Data in different ways (including by means of third-party tags) for the purposes described in the section How is User Data used below.
How is User Data used?
In simple terms – User Data is used by Ogury to provide the Ogury Services. More specifically, and dependent on your privacy choices, we use User Data for the following purposes:
- To store and/or access information on a Device – We will store or access cookies, device identifiers, or other information for the purposes presented to you. (TCF P1)
- To select basic Ogury Ads for you – To show Ogury Ads to you based on the content you’re viewing, the app you’re using, your approximate location, or your device type. (TCF P2)
- To measure the performance of Ogury Ads – To measure the performance and effectiveness of Ogury Ads that you see or interact with. (TCF P7)
- To apply market research to generate audience insights – To use market research to learn more about the audiences who visit apps and/or view Ogury Ads. (TCF P9)
- To develop and improve products – To improve existing Ogury systems and Ogury Technologies and to develop new products. (TCF P10)
- To ensure security, prevent fraud and debug – To monitor and prevent fraudulent activity, and ensure that systems and processes work properly and securely. (TCF SP1)
- To technically deliver Ogury Ads – To allow you to see and interact with ads. (TCF SP2)
We may also perform the following functions to use User Data for the purposes listed above:
- Match and combine offline data sources – We may combine User Data that we receive from offline data sources with your online User Data in support of one or more of the above purposes. (TCF F1)
- Receive and use automatically-sent device characteristics for identification – We may distinguish your Device from other Devices based on information that it automatically sends, such as IP address or browser type. (TCF F3)
Ogury is a member of the Interactive Advertising Bureau’s (“IAB“) Transparency and Consent Framework v2 (“TCF“). The purposes for which Ogury processes User Data (and the functions that it carries out for such purposes) described above are aligned with the IAB’s TCF policies here (“TCF Policies“. References above to “TCF P’s”, “TCF SP’s” and “TCF F’s” are references to the corresponding TCF Purposes, TCF Special Purposes and TCF Features as outlined in the TCF Policies.
Our legal basis for processing User Data
Our legal basis for processing User Data will depend on the User Data concerned, the specific context in which we process it and your privacy preferences that you communicate at the point at which the User Data is collected.
However, we normally process User Data for you based on your consent or where the processing is in our (or a third party’s) legitimate interests and are not overridden by your rights, such as your right to opt out.
If we process User Data in reliance on our legitimate interests, these interests will normally be to technically deliver Ogury Ads, to ensure security, prevent fraud and debug in respect of Ogury Ads, to develop and improve products.
When Users use a version of Property which contains Ogury Technologies, a page is displayed which notifies them that, subject to User preferences, certain User Data will be collected by Ogury Technologies unless and until the User subsequently changes their preferences. To ensure that Users appropriately informed about how their User Data is used, they are also provided with a link to this Privacy Statement.
As a member of the IAB’s TCF, Ogury we may share User preferences and User Data with other IAB approved vendors in accordance with the IAB’s TCF transparency and user choice requirements and specifications as set out in the TCF Policies. The full TCF vendor list is available here: https://iabeurope.eu/vendor-list-tcf-v2-0/.
Managing Your Choices
Users can request the deletion of their User Data by following the below link and entering their Google Advertising ID (AAID) or Apple advertising ID (IDFA) in the form: https://consent.ogury.co.
If Users request deletion of User Data, Users may still see untargeted ads.
In addition to the process described above, if their Device permits, Users may be able to manage their choices by changing the settings of their Device as follows:
Google Advertising ID (AAID)
You can change your Google Advertising ID settings by following these instructions: open Settings on your Device and go to Google > Ads > Opt out of Ads Personalisation. Users should be aware that clicking this opt-out button will disable interest-based ads from all advertising networks that use Google Advertising IDs, although Users will still see untargeted advertisements. The process may also differ from devices’ manufacturer and the Android version you have on your Device. You may need to refer to your Device’s user manual in case the process above is not adapted to your Device.
Apple iOS Advertising ID (IDFA)
You can change your Apple Advertising ID settings by following these instructions: open Settings on your device and go to Privacy > Tracking. This will disable personalised ads using the IDFA from all advertising networks that use IDFAs, although Users will still see untargeted advertisements.
How Ogury shares User Data
We share the User Data with the following categories of recipients:
Publishers and Partners
We may share User Data with Publishers and Partners for the purposes described in the How is User Data Used section above, including for example, for measurement and reporting to aid in their understanding of how Users are engaging with Ogury Ads.
Ogury Group Companies, Third Party Service Providers
We may share User Data with group companies and third-party service providers who provide data processing services to us, for example, payment processing, product fulfilment, technical infrastructure, engineering and other technical support, and email and customer support.
We may share User Data with other ad tech partners (including for example, other vendors registered with the IAB’s TCF) for the purposes described in the How is User Data Used section above (and where applicable, in accordance with the TCF Policies).
Actual or Potential Buyer
We may share User Data with an actual or potential buyer (and its agents and advisers) in connection with any actual or proposed merger, reorganisation, sale of some or all Ogury assets, or a financing or acquisition of all or a portion of our business by another company. In these circumstances, Ogury will instruct the parties with whom User Data is shared to process User Data in accordance with this Privacy Statement.
Competent Law Enforcement Body, Regulatory, Government Agency, Court or other Third Party
We may share User Data with any competent law enforcement body, regulatory, government agency, court or other third party, where we believe disclosure is necessary:
- As a matter of applicable law or regulation;
- To enable us to exercise, establish or defend our legal rights;
- To protect your vital interests or those of any other person (including our employees and agents or Partners)
Your Data Protection rights
Users have the following data protection rights:
- If you wish to access, correct, update or request deletion of your User Data, you can do so at any time by contacting us using the contact details provided under the How to Contact Us heading below.
- You can also object to processing of your User Data where we are processing your personal data based on our legitimate interests, ask us to restrict processing of your User Data or request portability of your User Data. Again, you can exercise these rights by contacting us using the contact details provided under the How to Contact Us heading below.
- Similarly, if we have collected and process your personal information with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your personal information conducted in reliance on lawful processing grounds other than consent. To request deletion of your User Data, please see the heading Managing Your Choices above.
- You have the right to complain to a data protection authority about our collection and use of your personal information. For more information, please contact your local data protection authority. (Contact details for data protection authorities in the European Economic Area, Switzerland are available here (and you can contact the UK Information Commisioner’s Office here)
We respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws.
International Data Transfers
User Data may be transferred to, stored or processed in countries other than the country in which you are resident.
Users should be aware that these countries may have data protection and privacy laws that are different to the laws of your country. However, we take appropriate safeguards to ensure that your User Data remains protected in accordance with this Privacy Statement. These safeguards include transferring User Data from the EEA or UK:
- to countries which have been deemed to provide an adequate level of protection by the European Commission (or UK authority, as appropriate); or
- implementing the Standard Contractual Clauses adopted by the European Commission (or UK authority, as appropriate) for transfers of personal information outside of the EEA or UK.
If you have any questions about our international transfers of User Data, please contact us using the contact details provided in the How to Contact Us section below.
We will delete or anonymise User Data from our live systems before the expiry of 13 months.
We maintain appropriate organisational, technical and administrative security measures to protect User Data in accordance with applicable laws.
If, while visiting a Property, you recognise a problem with an Ogury Ad, you can notify us of the problem by contacting us via email at firstname.lastname@example.org.
If you follow a link to any of third-party websites via an Ogury Ad, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. The links to third party websites or locations are for convenience only and do not signify our endorsement of such third parties or their products, content, or websites. Ogury does not control the privacy policies of third parties.
California Residents and the CCPA
The following section of our Services Privacy Statement sets out how Ogury has processed personal information in the 12 months prior to the date of this notice, the rights of California residents under the California Consumer Privacy Act of 2018 (CCPA) and how Ogury complies with the requirements of the CCPA.
Right to Know
You have the right to:
- know the categories of personal information Ogury has collected about you, the categories of sources from which the personal information is collected, the business or commercial purpose for collecting, selling, or sharing personal information, the categories of third parties to whom we disclose personal information and the specific pieces of personal information we have collected, and
- request a copy of the specific personal information Ogury collected about you during the last 12 months.
To exercise your right to know you will need to provide us with your device ID (either Android Advertising ID (AAID) or Apple ID for Advertisers (IDFA)) which will allow us to locate your personal information. For help finding your AAID or IDFA please see the section Managing Your Choices above or contact us using one of the methods below.
We may ask you for additional information to verify that your request is legitimate, and you will be required to provide a signed declaration confirming you are the consumer to which the personal information relates.
You may exercise your right to know by
- emailing us at email@example.com;
- going to https://consent.ogury.co/; or
- Calling us toll-free on +1 (855) 590-4158.
If you contact us via telephone you must also provide a contact email address for future correspondence and the provision of your personal information.
We will acknowledge receipt of your request within 10 days, informing you of how we will process your request. We will fulfil your request within 45 days of receipt. If we need more time to comply, we will inform you that your request will be delayed by a maximum of an additional 45 days.
Sale and Disclosure of your Personal Information
Ogury does not sell your personal information and has not done so in the 12 months prior to the date of this notice.
We treat you as having instructed us not to sell your personal information. If you wish to withdraw your consent to Ogury using your personal information and transferring it to any third parties completely you may do so here.
We disclose and have disclosed for a business purpose in the past 12 months, the following personal information to service providers or third parties that you have consented to us sharing it with. This personal information includes the following:
- Online Identifiers such as AAID and IDFA;
- Information regarding your interaction with Ogury Ads; and
- Approximate Geolocation data.
To the following categories of recipients
- Technology infrastructure service providers to Ogury, such as cloud hosting services
- Demand Side Platforms (DSPs) that allow Partners to buy advertising through Ogury
- Fraud detection and ad viewability service providers
- Campaign measurement and performance service providers
Requests for Deletion
You have the right to request that the Personal Information Ogury has collected regarding you be deleted.
To exercise your right to deletion of your personal information you will need to provide us with your device ID (either Android Advertising ID (AAID) or Apple ID for Advertisers (IDFA)). This will enable us to identify you and verify your request. For help finding your AAID or IDFA please see the section Managing Your Choices above or contact us using one of the methods below.
You may exercise your right to request deletion of your personal information by
- emailing us at firstname.lastname@example.org;
- going to https://consent.ogury.co/; or
- calling us toll-free on +1 (855) 590-4158.
If you submit your request online your personal information will be deleted automatically. If you submit your request by any other means we will acknowledge receipt of your request within 10 days, informing you of how we will process your request. We will fulfil your request within 45 days of receipt. If we need more time to comply, we will inform you that your request will be delayed by a maximum of an additional 45 days.
Right to Non-Discrimination
You have the right not to receive discriminatory treatment by Ogury for the exercise of the rights conferred on you by the CCPA.
You may nominate an authorized agent to exercise your rights on your behalf. If you choose to do so we will need to obtain from you a signed declaration that you are the consumer to which the information relates and written proof that the authorized agent is entitled to act on your behalf. We will also need you to verify your identity directly with us.
CCPA came into force on 1 January 2020. We will provide metrics regarding the exercise of rights conferred on consumers by CCPA in July 2021.
Categories of Personal Information Collected
Please see the section What User Data we process above.
How we collect your Personal Information
Please see the section Sources of User Data above.
What we used your personal information for
Please see the section How is User Data used above.
If you have any questions about your rights under CCPA please contact us at email@example.com.
Updates to this Privacy Statement
We may update this Privacy Statement from time to time in response to changing legal, technical or business developments. When we update our Privacy Statement, we will take appropriate measures to inform you, consistent with the significance of the changes we make. We will obtain your consent to any material Privacy Statement changes if and where this is required by applicable data protection laws.
You can see when this Privacy Statement was last updated by checking the “last updated” date displayed at the top of this Privacy Statement.
How to Contact Us
If you have any questions or concerns regarding our data usage practices or this Privacy Statement, please send us a message at DPO@ogury.co. Our data protection officer can also be contacted at this e-mail address.
The data controller of any personal information contained within User Data is Ogury Limited, whose address is 3rd Floor, Classic House, 174-180 Old Street, London EC1V 9BP.
Our representative in the EU is Ogury France, a company registered in Paris, France, whose registered address is 6 rue de Berri, 75008 Paris, France.
Google Play’s Data Safety Section Guidance
This section provides information on Ogury with respect to Google Play’s Data safety Section.
|Category||Data type||Description||Ogury SDK Data Collected||Data Handling||Purpose||Comment, external|
|Location||Approximate location||User or device physical location to an area greater than or equal to 3 square kilometers, such as the city a user is in, or location provided by Android’s ACCESS_COARSE_LOCATION permission.||NO||Ogury does not collect position data through this permission;
Ogury IP geolocation data is within 50 square kilometers;
Ogury servers collects the IPs during the Ad requests;
|Precise location||User or device physical location within an area less than 3 square kilometers, such as location provided by Android’s ACCESS_FINE_LOCATION permission.||NO|
|Personal info||Name||How a user refers to themselves, such as their first or last name, or nickname.||NO|
|Email address||A user’s email address.||NO|
|Personal identifiers||Identifiers that relate to an identifiable person. For example, an account ID, account number, or account name.||NO|
|Address||A user’s address, such as a mailing or home address.||NO|
|Phone number||A user’s phone number.||NO|
|Race and ethnicity||Information about a user’s race or ethnicity.||NO|
|Political or religious beliefs||Information about a user’s political or religious beliefs.||NO|
|Sexual orientation or gender identity||Information about a user’s sexual orientation or gender identity.||NO|
|Other personal info||Any other personal information such as date of birth, veteran status, etc.||NO|
|Financial info||Credit card, debit card, or bank account number||Information about a user’s financial accounts such as credit card number.||NO|
|Purchase history||Information about purchases or transactions a user has made.||NO|
|Credit info||Information about a user’s credit. For example their credit history or credit score.||NO|
|Other financial info||Any other financial information.||NO|
|Health and fitness||Health information||Information about a user’s health, such as medical records or symptoms.||NO|
|Fitness information||Information about a user’s fitness, such as exercise or other physical activity.||NO|
|Messages||Emails||A user’s emails including the email subject line, sender, recipients, and the content of the email.||NO|
|SMS or MMS messages||A user’s text messages including the sender, recipients, and the content of the message.||NO|
|Other in-app messages||Any other types of messages. For example, instant messages or chat content.||NO|
|Photos or videos||Photos||A user’s photos.||NO|
|Videos||A user’s videos.||NO|
|Audio files||Voice or sound recordings||A user’s voice such as a voicemail or a sound recording.||NO|
|Music files||A user’s music files.||NO|
|Other audio files||Any other user-created or user-provided audio files.||NO|
|Files and docs||Files and docs||A user’s files or documents, or information about their files or documents such as file names.||NO|
|Calendar||Calendar events||Information from a user’s calendar such as events, event notes, and attendees.||NO|
|Contacts||Contacts||Information about the user’s contacts such as contact names, message history, and social graph information like usernames, contact recency, contact frequency, interaction duration and call history.||NO|
|App activity||Page views and taps in app||Information about how a user interacts with your app. For example, the number of page views or the screen coordinates of taps.||NO|
|In-app search history||Information about what a user has searched for in your app.||NO|
|Installed apps||Information about the apps installed on a user’s device.||NO|
|Other user-generated content||Any other user-generated content not listed here, or in any other section. For example, user bios or notes.||NO|
|Other actions||Any other user activity or actions in-app not listed here such as gameplay and likes.||NO|
|Web browsing||Web browsing history||Information about the websites a user has visited.||NO|
|App info and performance||Crash logs||Crash log data from your app. For example, the number of times your app has crashed, stack traces, or other information directly related to a crash.||YES||Required
|Analytics||When a Crash occurs, we send its code to a database to improve our SDK performances and stability;
Datas collected are the following:
|Diagnostics||Information about the performance of your app. For example battery life, loading time, latency, framerate, or any technical diagnostics.||NO|
|Other app performance data||Any other app performance data not listed here.||NO||Only crash reports|
|Device or other identifiers||Device or other identifiers||Identifiers that relate to an individual device, browser or app. For example, an IMEI number, MAC address, Widevine Device ID, Firebase installation ID, or advertising identifier.||YES||Required
|Advertising or marketing,
Fraud prevention, security, and compliance
|We collect Advertising ID, Cookie ID and IP Adress|