We may collect and use the following types of information:
When you create a The Plug account, we store the username, phone_number, and e-mail address you registered with the account. We also encourage our users to provide us with additional information such as a first and last name. This optional information allows us to better respond to your requests, and makes it easier for other users of our Service to connect with you on The Plug. Any profile information that you provide us with may be updated or modified at any time - please contact us to do so.
We may use the contact information you provide us with to help connect you with other The Plug users.
We may access, collect, and/or remotely store miscellaneous device information, such as your device’s unique identifier, operating system, and mobile network information, in order to help us to provide better support for you.
When you use our Services, we automatically record log data created by your use of the Services. This data may include your Internet Protocol (IP) address, operating system and browser type, your web request, number of clicks, pages and links visited, search terms, cookie information, and other such information regarding how you interact with our Services.
The Plug uses log data in order to measure and improve its Services.
We use information that you provide us with to:
We may disclose your information to such third parties if we are under a duty to do so in order to comply with any legal obligation (such as a search warrant, court order, or a subpoena). In case a part of or the whole set of The Plug assets is sold or transferred to another organization, your information may be among the items sold or transferred. In addition, we may engage third party service providers to facilitate normal operation of our Services, and we may share some of your information with them, subject to the confidentiality obligations consistent in this Policy.
The information provided to us can be modified by you through tools and settings available as part of our Services. You can also permanently delete your The Plug account by contacting us.
You can contact our Privacy Officer with any questions or concerns via email: firstname.lastname@example.org
Certain information pertaining to your use of our Services may be used and disclosed, during and after the term of the Services, in aggregate. We also may use this information internally to conduct benchmark analysis or industry-based results pertaining to our Services. This aggregate information cannot be used to personally identify you, your business, or your computer.
The Plug Services and content are not directed at persons under the age of 13, and we knowingly do not allow such persons to register for the Service. If you become aware that your child has provided us with personal information without your consent, please contact us, and we will take steps to remove such information and terminate the child’s account.
Any customers that are citizens of the European Union should note that we seek to adhere to the General Data Protection Regulations [GDPR] as determined by the European Union Legislator and the Court of Justice of the European Union through EU Directive 95/46/EC. These regulations are applicable to you whether or not you are currently living in an EU Member State. The guidelines of the GDPR require the following:
Once again, any questions or concerns can be directed to our Privacy Officer via email at: email@example.com
The following terms shall have the meanings set out below: “Affiliate” means any entity which is controlled by, controls or is in common control with a Party. “Control,” for purposes of this definition, means direct or indirect ownership or control of more than 50% of the voting interests of the subject entity.
“Data Controller” means the entity which determines the purposes and means of the Processing of Personal Data.
“Data Processor” means the entity which Processes Personal Data on behalf of the Data Controller.
“Data Protection Laws” means the laws and regulations of the European Union which are applicable to the Processing of Personal Data under the Agreement.
“Data Subject” means the individual to whom Personal Data relates.
“Personal Data” means any information relating to an identified or identifiable person.
“Processing” means any operation or set of operations which is performed upon Personal Data, whether or not by automatic means, such as collection, recording, organization, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, blocking, erasure or destruction (“Process”, “Processes” and “Processed” shall have the same meaning).
“Security Breach” has the meaning set forth in Section 7 of this DPA.
“Services” means The Plug’s ad network enabling the purchase and sale of mobile advertising.
“Sub-processor” means any Data Processor engaged by Processor.
The Plug shall ensure that its personnel engaged in the Processing of Personal Data are informed of the confidential nature of the Personal Data and are subject to obligations of confidentiality.
The Plug shall ensure that access to Personal Data is limited to those personnel who require such access to perform the Services.
The Plug will appoint a data protection officer where such appointment is required by Data Protection Laws.
User acknowledges and agrees that (i) The Plug Affiliates may be retained as Sub-processors; and (ii) The Plug may engage third-party Sub-processors in connection with the Services. Any such Sub-processors will be permitted to obtain Personal Data only to deliver the services The Plug has retained them to provide, and are prohibited from using Personal Data for any other purpose. The Plug agrees that any agreement with a Sub-processor will include substantially the same data protection obligations as set out in this DPA.
The Plug may continue to use those Sub-processors already engaged by The Plug or any The Plug Affiliate as at the date of this DPA.
The Plug shall give User notice of the appointment of any new Sub-processor via The Plug’s platform, via email or as otherwise generally made available to The Plug’s advertisers and publishers, including applicable details of the Processing to be undertaken by the Sub-processor. If, within 10 days of receipt of that notice, User notifies The Plug in writing of any objections (on reasonable grounds) to the proposed appointment, The Plug shall not appoint that proposed Sub-processor until reasonable steps have been taken to address the objections raised by the User and the User has been provided with a reasonable written explanation of the steps taken.
To request an audit a user must submit a detailed audit plan at least four (4) weeks in advance of the proposed audit date describing the proposed scope, duration, and start date of the audit. Audit requests must be sent to firstname.lastname@example.org with a copy to email@example.com. The audit must be conducted during regular business hours, subject to obligations of confidentiality and The Plug’s policies, and may not unreasonably interfere with The Plug’s business activities. Any audits are at the User's expense.
Any request for The Plug to provide assistance with an audit is considered a separate service if such audit assistance requires the use of resources different from or in addition to those required by law. Before the commencement of any such audit, User and The Plug shall mutually agree upon the scope, timing, and duration of the audit in addition to the reimbursement rate for which User shall be responsible. All reimbursement rates shall be reasonable, taking into account the resources expended by The Plug. User shall promptly notify The Plug with information regarding any non-compliance discovered during the course of an audit.
The Plug will reasonably cooperate with User, at User’s expense, where User is conducting a privacy impact assessment.
If The Plug becomes aware of any unlawful access to any Personal Data stored on The Plug’s equipment or in The Plug’s facilities, or unauthorized access to such equipment or facilities resulting in material loss, disclosure, or alteration of Personal Data (“Security Breach”), The Plug will promptly: (i) notify User of the Security Breach; (ii) investigate the Security Breach and provide User with information about the Security Breach; and (iii) take reasonable steps to mitigate the effects and to minimize any damage resulting from the Security Breach.
User agrees that an unsuccessful Security Breach attempt will not be subject to this Section. An unsuccessful Security Breach attempt is one that results in no unauthorized access to Personal Data or to any of The Plug’s equipment or facilities storing Personal Data, and may include, without limitation, pings and other broadcast attacks on firewalls or edge servers, port scans, unsuccessful log-on attempts, denial of service attacks, or similar incidents.
Notification(s) of Security Breaches, if any, will be delivered to one or more of User’s business, technical or administrative contacts by any means The Plug selects, including via email. It is User’s sole responsibility to ensure it maintains accurate contact information on The Plug’s support systems at all times.
The Plug shall return Personal Data to User, to the extent possible, and/or delete Personal Data in accordance with The Plug’s data retention policies which adhere to requirements of Data Protection Laws, and in a manner consistent with the terms of the Agreement.