Privacy

Privacy Notice

How Cheetah Digital collects, uses, and shares personal data in compliance with applicable laws, regulations, and industry standards.

Updated: September 10, 2021

 

Cheetah Digital, Inc., its parent company Marketing Technology Partners UK Limited, and its group companies (“Cheetah Digital”, “Cheetah”, “we”, “us” or “our”) provides enterprise Software-as-a-Service (“SaaS”) solutions for marketers delivering personalized experiences, email and cross-channel messaging, and loyalty strategies at scale (the “Services”).

 

Cheetah takes data privacy and security seriously. This Privacy Notice explains how we collect, use, disclose, retain and protect the personal information in our care. This includes information collected through our websites, platform login portals, blogs, media (for example, our videos and podcasts), social sharing widgets, our correspondence with you (for example, by email when you subscribe to our newsletters), and when we are providing you our Services.

  • This Privacy Notice is supported by other related statements providing additional information. Notably, our Cookie Notice is connected to a privacy tool on our website that contains more information about which ones are necessary in order for us to provide the services to you, and allows you to arrange which non-essential cookies you may want to accept or not accept.

  • What is ‘personal information’ is defined differently under different privacy laws around the world. For the purposes of this Privacy Notice we use the terms ‘personal information’ and ‘personal data’ interchangeably to mean information that relates directly or indirectly to a natural person, including through unique online identifiers such as hashed email addresses, cookies and mobile device IDs among others. 

  • By ‘processing’ we mean any operation performed on personal data, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

Cheetah Digital will collect personal information from you based upon our relationship with you, your use of our websites, our products and services, and as otherwise set out below. 

 

About us

 

  • We service other businesses (B2B). Cheetah Digital provides Software-as-a-Service products and related services to our enterprise customers. We are not consumer-facing but many of our customers are. 

  • We are a "data processor" of the personal information we handle on behalf of our customers, and a "data controller" when processing personal information to manage our business.

  • We are global and collaborative. Cheetah may share or access your personal information within our group of companies as necessary to provide the service that you requested or to answer your question in the best way possible.

  • Our products and support functions are also global. Depending on the products or services being provided Cheetah may transfer your personal information to or access the data from countries outside of the United Kingdom and the European Economic Area, notably to the United States. If we do this, we take sufficient technical, organisational and contractual measures to ensure that an adequate level of data protection is provided.

  • We do not process the data of children. Our website, content, events, and Services are not meant for children, nor do we knowingly collect or maintain personal information from persons under the age of 16.

  • We do not use personally identifiable information (“PII”) to measure or improve our Services. Instead we may use anonymized, scrambled or aggregated information for performance benchmark reporting and to inform improvements.

  • We use service providers. We work with companies who provide us with facilities, technologies and services supporting our business, products and services. We take technical, organisational and contractual measures to ensure the processing of your data by our service providers is necessary and proportional to the services being provided, and that adequate protections are in place.

  • We do not sell personal information. We are not data brokers and do not sell your personal information to third parties or make it available on the open market. We may however share your personal information with our service providers to, for example, provide you with after-hours technical support.

  • You can contact us about your privacy. Cheetah Digital has a global privacy office which you can reach via privacy@cheetahdigital.com whenever you want to use the rights to access, rectification, erasure, object, revoke consent or block data, or have any questions. We also have a UK Data Privacy Officer reachable via ukdpo@cheetahdigital.com, and an EEA Data Protection Officer reachable via eudpo@cheetahdigital.com for when you wish to escalate requests regarding your rights or have any questions or complaints.

 

​​​​Our legal entities

 

Cheetah Digital’s websites and customer login portals are operated by Cheetah Digital, Inc unless we state otherwise. Your personal information may be collected and processed by Cheetah Digital, Inc or any of our group companies around the world where this is necessary and subject to the general principles for the transfer of personal data: 

 

If you are established in:

You are contracting with:

Which can be reached at:

  • The United States of America

  • Latin America

  • Canada

Cheetah Digital, Inc (incorporated in Delaware)

72 W. Adams St., 8th Floor, Chicago, IL 60603

  • United Kingdom

  • Europe

  • Middle East

  • Australia

  • Asia-Pacific

Marketing Technology Partners UK Limited (incorporated in England with registered number 10721635 and ‘trading as’ Cheetah Digital)

Hill House, 1 Little New Street, London EC4A 3TR

  • Germany

Cheetah Digital Germany GmbH

Speditionstr. 1, 40221 Düsseldorf

 

  • France

CM Marketing Technology Partners France Sarl

54-56 54 AV Hoche 75008 Paris 8

  • Japan

Cheetah Digital Co, Ltd.

Kamiyacho Trust Tower, 4-1-1 Toranomon,

Minato-ku, Tokyo 105-6923

 

Our role in your privacy

 

How we use your personal information depends on why we have it. We might have your personal information for more than one reason. In this document, we use the following words to describe our relationships with different people:
 

Website Visitor

If you are accessing and browsing our websites and content such as our podcasts and videos you are our Website Visitor. 

Customer Contact

If you are part of an organization ordering our Services, logging into our SaaS platform, or receiving communications from us concerning your use of the Services you are our Customer Contact.

Prospect Contact

If you are part of an organization interested in ordering our Services or receiving communications from us concerning your interest you are our Prospect Contact.

Supplier Contact

If you are part of an organization working for Cheetah as a partner, supplier or service provider, you are our Supplier Contact.

Consumer

If you buy products or services from our customers, subscribe to their newsletters, participate in their loyalty programs, engage with them over social media, or directly communicate with them about the products or services they offer you, you are a Consumer.

Employee or Job Applicant

If you work for Cheetah as an employee, contractor, or volunteer, or you used to do work for us, you are our Employee. If you are applying to work for us you are a Job Applicant. We provide our current and prospective employees a separate privacy notice concerning our talent recruitment and HR privacy practices. 

 

Our responsibilities:

 

  • If you are a website visitor, customer contact, prospect contact, supplier contact, employee or job applicant we act as the data controller of your personal information. This means we as a business determine how and why your data are processed, and are responsible if you want to exercise your rights or have any questions or complaints concerning Cheetah Digital.

  • If you are a consumer and we are provided personal information about you from our customer in accordance with our Services, we act as the data processor of that personal information about you. 

  • Being a data processor means as a service provider we only process personal information to help us provide our Services, to do so in a safe and reliable manner, to act on our customer’s instructions, or as otherwise required by law. 

  • If we receive a request from a consumer who wishes to exercise their privacy rights, we will do our best to direct such requests to our customer for handling and to assist them with honoring those rights when asked to do so.

 

Your responsibilities:

 

  • Read this Privacy Notice.

  • If you are our customer and provide us with the personal information about your customers or partners, you are the data controller. You are therefore responsible for making sure that the personal information you provide us is collected and shared in accordance with applicable privacy laws and industry standards.

  • This commonly includes informing your customers about how service providers (like us) collect and use data on your behalf, and obtaining any necessary permissions. By submitting the information you confirm that you have the right to authorize us to process it on your behalf in accordance with this Privacy Notice.

  • If you are our customer, please also check the contracts between us: they may contain further details on how we collect and process your data. You can review our template Master Services Agreement and Data Processing Addendum.

 

What types of information we collect

 

The table below tells you the types of personal information we collect based on your relationship with us. You might fit into more than one of these categories. 

 

Category of information:

Data subjects:

Description:

Contact Details

  • Customer Contacts

  • Prospect Contacts

  • Supplier Contacts

Names, email addresses, postal addresses, phone numbers, job role or position, company details, order history, or other contact or personal details you share with us or may be asked to provide in support of us interacting with you. 

 

Communication and Customer Support Data 

  • Customer Contacts

  • Prospect Contacts

  • Supplier Contacts

Your or your company’s contact details and as much information as we need in order to know from whom the inquiry originates and to respond to the inquiry. 

If your company is already a customer of ours, we will assign you to the responsible customer support representative for answering the inquiry, including through our secure customer support portal. We need your email address to answer your inquiry or for possible queries. 

Transaction Data

  • Customer Contacts

  • Supplier Contacts

Personal information related to any invoices, purchase orders, accounts and other historical financial records related to our relationship with you.

Social Network Data

  • Customer Contacts

  • Prospect Contacts

  • Suppliers Contacts

  • Website Visitors

Information relating to your social network and advocacy group profiles, including (but not limited to) LinkedIn and Twitter, that you may provide to us directly, the technical information that is collected when you use one of our social sharing widgets, or when you participate in a Cheetah provided social network or advocacy group.

Platform Login Credentials

  • Customer Contacts

  • Prospect Contacts

  • Employees

Username, password, account preferences, system transaction logs, audit logs, including for trial accounts and the customer support portal.

Platform Personal Data

  • Consumers

Personal information we process on behalf of a customer which typically includes email addresses and other contact information, demographics and personal interests, marketing related analytics information, loyalty program participation information, completed surveys and other such experiences facilitated by our services in line with our terms and acceptable use policies. 

Technical Data

  • Website Visitors

  • Customer Contacts

  • Prospect Contacts

  • Employees

Technical journals, server and systems logs, security logs, HTTP headers, Internet Protocol (IP) addresses, geolocation, pixels/tags, cookies, mobile device identifiers, choice preferences (when stored), online behaviors, and other browser or device level information typically collected and exchanged by internet enabled services which may be associated with an individual. 

Choice Preferences

  • Website Visitors

  • Customer Contacts

  • Prospect Contacts

  • Supplier Contacts

  • Consumers

Marketing and advertising preferences including consents and opt-out preferences.

Other Information 

  • Customer Contacts

  • Prospect Contacts

  • Supplier Contacts

  • Website Visitors

Any other information you provide to us. For example, if you write a review of our products, submit a “Contact Us” form, or visit our offices and sign a visitor journal. 

Online or offline event registration and record of attendance information, event or group participation, and feedback regarding your use of our products and services.

 

How and why we use the information we collect

 

We will only process this personal information to fulfill the purposes stated in this document, as described within our contractual agreements, if you reasonably expect the use,  and to comply with the laws and regulations in each jurisdiction where we operate. 

 

Lawful grounds (legal bases):

 

When Cheetah Digital acts as a data controller, we are relying on the following lawful grounds to collect and process your personal information:

  • Legitimate business interests: We may use your personal data for our legitimate business interests for the purposes of preventing fraud, to improve our Services and content, and to optimize your experience. Consistent with our legitimate business interests and any choices that we offer or consents that may be required under applicable laws and regulations, we may use personal data and technical information for direct marketing.

  • Consent: We may use personal data described in this Privacy Policy subject to your consent. Notably and where required by applicable laws and regulations, we will rely on your consent for electronic marketing and personalization of message content, which may include collecting information from your mobile device or computer. You may withdraw your consent at any time using opt-out and preference management mechanisms provided within the message or by contacting us as described in this Privacy Policy. Withdrawing consent will not affect the lawfulness of consent-based processing before consent is withdrawn.

  • Legal obligation: In some cases, we are required by law to collect and store certain data, e.g., we must provide evidence of valid consent, or store transaction data for tax purposes.

  • Performance of contract: We need to collect and use your personal data to enter into a contract with you or to perform a contract that you have with us. For example, when you express interest in working with us, we will process contact information you provide to respond to your requests.

 

Purposes of processing:

 

The table below tells you what we do with the personal information we collect, where we get it from based on our relationship with you, and how we treat the data based on our role and responsibilities with respect to the data. 

 

Purposes:

Data categories:

Data sources:

Our role:

Lawful grounds:

Service Provision and Customer Support

To enable Cheetah Digital to fulfill our obligations to our customers in accordance with our contractual agreements and terms of service, including to provide technical and operational support.

 

  • Contact Details

  • Platform Personal Data

  • Communication and Customer Support Data

  • You or your company

  • Created by Cheetah Digital (e.g. support ticket)

  • Supplier (e.g. call center subcontractor)

  • Processor

  • Instructions from Controller

 

Platform Access & User Management

To enable Cheetah Digital to administer access to and use of our products by our customers in line with our terms of service and company policy.

 

  • Platform Login Credentials

  • Technical Data

  • You or your company (e.g. list of users to be provisioned)

  • Created by Cheetah Digital (e.g. login credentials)

  • Controller

  • Legitimate Interests

Security & Integrity

To enable Cheetah Digital to protect its websites, Services, and the personal data under our care against cyber threats.

  • Platform Login Credentials

  • Technical Data

  • Your browser or device

  • Created by Cheetah Digital (e.g. security log)

  • Supplier (e.g. endpoint protection provider)

  • Controller

  • Legitimate Interests

  • Legal Obligation

Finance & Accounting

To enable Cheetah Digital to invoice our customers, to pay our suppliers, and as otherwise needed for financial accounting and reporting.

  • Contact Details

  • Transaction Data

  • You or your company

  • Created by Cheetah Digital (e.g. invoice)

  • Government agencies (e.g. OFAC information)

  • Courts

  • Controller

  • Legitimate Interests

  • Legal Obligation

Customer Relationship Management

To enable Cheetah Digital to administer, foster and develop our existing business relationships, to correspond with you, and to keep our CRM databases accurate and up to date.

  • Contact Details 

  • Communication and Customer Support Data

  • Transaction Data

  • You or your company

  • Created by Cheetah Digital (e.g. CRM record)

  • Supplier (e.g. data hygiene service) 

  • Other public sources

  • Controller

  • Consent

  • Legitimate Interests

Sales & Marketing

To enable Cheetah Digital to grow its business such as by engaging in direct sales activities, sending you email newsletters you have subscribed to, inviting you to our events, promoting our brand on third-party websites, and to provide you with on-demand information such as podcasts and whitepapers concerning our Services.

  • Contact Details 

  • Communications and Customer Support Data

  • Social Network Data

  • Choice Preferences

  • You or your company

  • Social media site (e.g. your company page on LinkedIn)

  • Your browser or device

  • Supplier (e.g. consent platform, campaign analytics provider)

  • Other public sources

  • Controller

  • Consent

  • Legitimate Interests

Measurement & Analytics

To enable Cheetah Digital to measure the effectiveness of its websites and campaigns, and to generate reports and insights into our business operational, sales and marketing efforts.

  • Communications and Customer Support Data

  • Technical Data

  • Transaction Data

  • Other Information

  • You or your company

  • Created by Cheetah Digital (e.g. quarterly business report)

  • Supplier (e.g. website analytics tool)

  • Controller

  • Processor (via Services)

  • Legitimate Interests

Consent & Choice Management

To enable Cheetah Digital to administer any consent/opt-out/opt-in that you may have given to us and/or send you emails such as newsletters, invites for webinars and other events.

  • Business Contact Details

  • Choice Preference Information

  • Technical Data

  • You

  • Your browser or device

  • Controller

  • Processor (via Services)

  • Legitimate Interests

  • Instructions from Controller

  • Legal Obligation

Legal Compliance & Enforcement

To enable Cheetah Digital to (prepare to) administer and fulfill our obligations under mandatory law including providing correct information to relevant authorities. To defend the legal position of Cheetah Digital, and to assert and enforce any existing claims. 

  • Contact Details

  • Employment Data

  • Transaction Data

  • Technical Data

  • Other Information

  • You or your company

  • Cheetah Digital (e.g. court filings)

  • Law enforcement agencies

  • Government agencies

  • Courts

  • Other public sources

  • Controller

  • Legal Obligation

  • Legitimate Interests

 

Data retention

 

We will retain your personal information for the length of time needed to fulfill the purposes outlined in the above table unless a longer retention period is required or permitted by law.

This is to:

  • Provide you our Services.

  • Employ you or provide you employment opportunities.

  • Respond to any questions, complaints or claims made by you or on your behalf.

  • Keep records for as long as required or permitted by international, national or local law, or necessary for us to comply with a legal request from a national or local authority.

For how long we need to keep the data is determined by national or local law, our contractual commitments, and other such legal obligations, and so can vary from jurisdiction to jurisdiction. 

When the purpose for which the personal information has been retained is fulfilled, we will stop using the personal information for that purpose. If the same data is not relevant for any other purpose we will delete the relevant personal information as soon as commercially reasonable in accordance with international standards and best business practices.

 

Security of information

 

Safeguarding the personal information you give us or we receive about you is important to us. 

We use commercially reasonable physical, electronic and procedural safeguards to protect the personal information we process from loss, theft, misuse, alteration and unauthorized access or destruction. In addition, we maintain appropriate physical, electronic, and procedural safeguards to protect your personal information in line with international standards and security best practices. Notably:

  • All data transmitted by you personally is encrypted using the generally accepted and secure standard TLS (Transport Layer Security). TLS is a secure and proven standard that is also used, for example, for online banking. You can recognize a secure TLS connection by the “s” appended to http (i.e. https://..) in the address bar of your browser or by the lock symbol in the lower area of your browser. 

  • Your information is maintained in a secure environment and is encrypted at rest and we limit access to your personal information to those employees, agents, contractors and other third parties who have a business need to know. They will only process your information on our instructions, and they are subject to a duty of confidentiality.

  • Our team of security professionals continually monitors our web interface touch-points to detect and thwart any attempts at unwanted intrusion. Cheetah Digital takes appropriate technical and organizational measures to protect against loss, misuse and unauthorized access, alteration, disclosure, or destruction of your information.

  • We have put in place procedures to deal with any suspected data breach and will notify you and any applicable regulator of a breach where we believe it is the right thing to do and/or where we are legally required to do so. 

  • We undergo independent audits annually to ensure the ongoing confidentiality, integrity, availability and resilience of our systems and services processing your personal information. Our third party auditors examine our controls against internationally recognized standards and certification programs. 

 

Access, disclosure and cross-border transfers

 

We maintain facilities and offices around the world, including in the United States, the UK, France, Germany, Australia and Japan. Your personal information may be transferred to, stored in, or accessed from a location outside of your country or the country in which you were located when you initially volunteered the information. We take many steps to ensure the data is transferred or accessed securely and that us doing so is lawful under applicable data protection law.

For example, if your personal information is subject to EU and/or UK data protection laws we rely on model data transfer agreements as our legal mechanism for the cross-border flow of such data.

When a person or an organization works on our behalf to store data, maintain our systems, or help us perform services, we only choose people or organizations that will protect your personal information appropriately and use it only the way we ask them to. We require these partners and service providers to make that commitment through a contract, including through model data transfer agreements where appropriate.

 

Disclosure purposes and safeguards

 

If disclosing personal data we use strong contractual, technical and organizational measures to protect its confidentiality, integrity and availability.

 

Accessed by or disclosed to:

Purpose of access or disclosure:

Guarantees and safeguards:

Cheetah group companies

We may share your personal information within our group of companies as necessary to provide you with our products and services in the best way possible. 

Notably, we offer our customers 24/7 'follow-the-sun' support. Depending on your agreement with us personal information may be accessed by Global Support and/or systems administrators from Cheetah support locations around the world.

To learn more please refer to our Data Processing Addendum.

  • Access on a “need-to-know”, “least privilege” basis.

  • Encryption “in transit” and “at rest”.

  • Intra-company contracts with model data transfer and protection commitments. 

  • Independent data protection audits and certifications.

Suppliers and business partners

We may share your information with third parties who provide services on our behalf to help with our business activities. 

These services may include marketing, advertising and related analytics, communications, and data aggregation providers, fulfilling orders or purchases, payment processing, validating contact information, providing database services, providing data storage facilities or cloud infrastructure, payroll provision, and to provide after-hours technical support.

From time to time we may also share your information with third party business partners, for instance, for the purpose of enhancing our products and services, or so that they may market their events, venues, products or services to you. If you do not want us to share your personal information with these companies, contact us at privacy@cheetahdigital.com.

These companies are authorized contractually to use your personal information only as necessary to provide these services to us.

To learn more please refer to our Data Processing Addendum.

  • Access on a “need-to-know”, “least privilege” basis.

  • Encryption “in transit” and “at rest”

  • Supplier contracts with model data transfer and protection commitments.

  • Regular data protection audits and performance assessments.

Law enforcement, courts or other authorities

In certain situations Cheetah Digital may be required to disclose personal information in response to lawful requests by law enforcement agencies, courts, data protection authorities, and other such national or local authorities to meet national security or law enforcement requirements. We may also disclose your personal information as required by law, such as to comply with a subpoena or other legal process, when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or properly respond to a government request.

  • Process to respond to lawful requests and to challenge unlawful requests.

  • Assurances to notify Customers if permitted or required by law.

  • Technical and organizational measures to prevent indiscriminate or unauthorized access to data. 

Mergers and acquisitions

Please note that if we are involved in a merger, acquisition, dissolution or sale of all or a portion of its assets, we reserve the right to transfer your personal information. You will be notified via email and/or a prominent notice on our website of any change in ownership or uses of your personal information, as well as any choices you may have regarding your data.

  • Process to assess privacy risks and requirements associated with M&A transactions.

 

Your privacy rights

 

Modern personal data protection laws like the European Union’s and United Kingdom’s General Data Protection Regulations (EU GDPR, UK GDPR), California’s Consumer Privacy Protection Act (CCPA) and Consumer Privacy Rights Act (CPRA), and Japan’s Act on Protecting Personal Information (APPI) among others offer individuals a range of rights concerning the processing of their information. These rights may only be available in certain jurisdictions or under specific circumstances.  

  • If you are our customer, prospect, supplier, current or former employee, or job applicant and you wish to access, correct, amend or delete data collected for our sales or direct marketing purposes, you can contact your Cheetah sales or account representative, or reach us at privacy@cheetahdigital.com. Please note that we may contact you and ask you to confirm your identity and ask you to specify your request before we perform any actions. This helps us ensure that we do not disclose your personal information to any unauthorized person, or alter or delete personal information that is about someone else, and that we may ask you to specify your request before we perform any actions.

  • If you are a consumer and we process your personal information on behalf of a customer please direct your rights request to that respective organization using the instructions they provide. If you do contract us to exercise your rights, we will take commercially reasonable steps to match your request to the applicable customer and to direct your request to their attention. Please note that as a data processor we are not consumer facing and are not in a position to verify your identity or validate your rights to the data in question. We are also contractually prevented from taking action to address your request without the written instructions from a customer, who is the data controller.

  • As a data subject you have the right to make a complaint at any time to your relevant data protection authority.

To learn more about the general rights available to individuals under the GDPR, the CCPA and similar such laws around the world please see the table below.  

 

Privacy right:

What it is:

What it means:

Information

You have the right to be informed about the information we collect and process about you, and the rights you have under applicable law.

"Tell me about your privacy practices and what options I have if the information is mine, or is about me or my household."

Access

You have the right to receive a copy of your personal information that we hold about you, subject to certain exemptions and limitations.

"Tell me what you and your partners know about me and why. Tell me what you need from me to provide me access. Remind me of my other rights and options that I can exercise."

Portability

You have the right to obtain personal information that you have provided to us in a structured, commonly used, and machine-readable format and for it to be transferred to you or another organization, where it is technically feasible. 

The right only applies where the use of the personal information you provided was with your consent or for the performance of a contract with you, and when the use of your personal information is carried out by automated (i.e. electronic) means.

"Once you tell me what you know about me, give me my data in a common format so I can take it to another platform."

Correction

You have the right to ask us to correct your personal information that we hold where it is incorrect or incomplete.

"Your records are incorrect. Update this and that information."

Opt-In

You have the right to grant your informed consent before we collect and use your personal information through direct or automatic means.

"I understand and agree to this but not that use of my data."

Objection 

You have the right to proactively (or reactively) object to the use of your personal information in certain circumstances. For example:

  • Where you have concerns relating to your particular situation and we use your personal information for our legitimate interests (or those of a third party); 

  • If you proactively object to the use of your personal information such as for direct marketing purposes.

"I object to these uses of my data. Tell me my options."

Withdraw Consent

You have the unconditional right to withdraw your consent (opt-out) at any time where we or our customers rely on consent to use your personal information, such as for marketing communications.

"I wish to withdraw my consent to this but not that use of my data. Opt me out."

Processing Restriction

You have the right to suspend our use of your personal information in certain circumstances.  For example: 

  • Where you think your personal information is inaccurate and request suspension while we work to verify the accuracy of your personal information; 

  • The use of your personal information is unlawful and you oppose the erasure of your personal information and request that it is suspended instead; 

  • We no longer need your personal information, but your personal information is required by you for the establishment, exercise or defense of legal claims; or

  • You have objected to the use of your personal information and we are verifying whether our legal bases for the use of your personal information override your objection.

"I have objected to this use of my data. Suspend your processing while our lawyers sort this out."

Deletion

You have the right to ask that your personal information be deleted in certain circumstances.  For example: 

  • Where your personal information is no longer necessary in relation to the purposes for which they were collected or otherwise used; 

  • If you withdraw your consent and there is no other legal basis for which we (or our customers) rely on for the continued use of your personal information; 

  • If you object to the use of your personal information; 

  • If we (or our customers) have used your personal information unlawfully; or 

  • If your personal information needs to be erased to comply with a legal obligation.

"I have objected to this and that use of my data. I don't see the need for you to retain my data any longer. Forget I exist in your systems and the systems of your vendors. If you disagree, tell me why."

Profiling

You have the right to receive information about and object to your personal information being aggregated into a profile, subject to certain exemptions and limitations.

"Tell me if you are compiling data about me, my interests and my activities. And, tell me how to opt-out."

Automated Decision-Making

You have the right to receive information about, to challenge the results of, and to object to machine-based decisions being made concerning you when such decisions have legal effect.

"Tell me if you are using advanced tech to make automatic decisions about me. Explain to me how decisions are made and whether human beings are involved to ensure I am not discriminated against."

Do Not Sell My Personal Information

California consumers have the right to opt-out of data “sales”, which are defined as the sharing of personal information with third parties for “monetary or other valuable consideration”.

Similar rights specifically related to the sharing of personal information for targeted advertising uses are available to U.S. consumers in other U.S. States. 

"Tell me if you sell my data to data brokers or monetize my interests and behaviors on third party ad networks. And, tell me how to opt-out."

Non-Discriminiation

Depending on the jurisdiction you have the implicit or explicit right to not be discriminated against for exercising any of your privacy rights.

For example, California consumers may not be denied goods or services, or charged a higher price for goods or services, for wishing to opt-out of data “sales”.

As another example, in the UK and EU you are not required to pay any charge for exercising your privacy rights.

"Do not unfairly penalize me for exercising my rights.”

 

Special Topics

 

Cookies and analytics:

 

We use pixels, tags and cookies on our websites and as part of our Services. Unless you adjust your browser settings to refuse cookies, we (or partnering third parties) will issue cookies when you interact with a cookie enabled website or service. These may be ‘session’ cookies, meaning they delete themselves when you leave our website, or ‘persistent’ cookies which delete themselves after a set time. Notably,

  • When you visit cheetahdigital.com, cookies and similar technologies help us understand the number of visitors to the various pages of our sites, how many visitors downloaded our whitepapers or subscribed to our newsletter among other such performance measurements. This information is processed in a way that does not directly identify our website visitors, and we do not allow our analytics providers to otherwise learn the identities of those visiting our sites.

  • Measurement and analytics related tracking involves the automatic collection of technical information such as web server log file data, IP addresses, web pages visited, operating system, date/time stamp, clickstream data, unique visitations, type of browser used, emails opened (read) or clicked through, and other session-based or context based interaction activity. This information cannot be used to directly identify you.

  • Cookies and other such online identifiers can be used to pseudonymously identify a website visitor, their browser or mobile device. The identifier can be associated with a known individual when they identify themselves. For example, if you are a customer visiting our platform login portal and enable the ‘remember me’ feature before signing in, our we will issue a cookie that will ‘remember’ your login for a period of time.

  • When enabled by our customers, Cheetah cookies are used to help deliver personalized email and experiences, remember consumer choice preferences, and to analyze and report on the effectiveness of customer campaigns.

  • As a brand we may work with third-party marketing, advertising and related analytics providers to help us advertise Cheetah Digital's products on our websites or third-party websites. These ad technology providers may issue their own cookies and collect technical information from website visitors on our behalf.

To learn more about how we use cookies and similar technologies on our websites, and how to control them, please see our Cookie Notice

 

Notice and consent:

 

When we have a direct relationship with you and collect and use your personal information we take commercially reasonable means to notify you beforehand. There might be a link to this kind of document or a brief statement provided to you right when your information is collected, or both. Where required by applicable law and regulation, or industry codes of conduct, we will ask you for your informed consent.

  • If you are our customer, prospect, supplier, current or former employee, or job applicant you may be required to provide us your consent or authorization for us to collect and process your personal information. Your consent can be expressed through various actions, including by signing a contract, ticking a box, updating previously provided choice preferences, adjusting your browser settings, or simply providing your personal information after being told how it will be used.

  • If you are a website visitor we will ask you to provide us your consent or choice preferences with respect to cookies that are not necessary for site functionality, security and accessibility. We use a cookie tool to gain consent for such optional cookies.

  • If you are a consumer and we process your personal information on behalf of a customer, we contractually require the customer to ensure they provide you appropriate notice and obtain your consent(s) as required under applicable privacy laws and regulation. Some of the things we do with your data would be based on a legal basis other than consent, particularly in situations where it is not possible for us to obtain your prior consent or allow you to withhold such consent. Protecting our systems from bots and other such security threat actors is one key example. 

If you want to know whether you have consented to the collection and handling of your personal information, or if you want to withdraw your consent, please contact us at privacy@cheetahdigital.com and we will explain your options.

 

Opt-out and choice preferences:

 

  • If you are our customer, prospect, supplier you may opt-out of Cheetah Digital’s direct marketing communications through the mechanisms provided in the message, in which case, we will no longer use your personal information for marketing. You can also update your communication preferences using our email preference center.

  • If you are a website visitor you may opt-out of cookies through various means, including through our cookie preference center. See our Cookie Notice for more information.  

  • If you are a consumer and wish to opt-out of the marketing our customers send using our Services you can do so using the opt-out mechanisms provided in their message or through a preference center or privacy contact details they may provide.

 

Automated decision making and profiling:

 

Cheetah Digital does not use automated means to evaluate or profile you or make decisions about you which have legal effects or otherwise significantly affect you. Our customers may use our Services to personalize marketing content and optimize their consumer engagements. We do not make profiling or personalization decisions for our customers, or know how they make decisions with legal effect based on our Services.

 

California and the “sale” of personal information:

 

The California Consumer Protection Act (CCPA) is a law that protects the personal information of people in California. However, it only applies to some personal information, because other information is protected by other laws. The CCPA uniquely concerns the “sale” of Californians’ personal information. What is a “sale” under the CCPA is broadly defined and can include the monetization of consumer data, including via cookies, by digital marketing and targeting advertising technology companies. 

Cheetah Digital’s customers do not “sell” us personal information for us to provide them our Services, and we do not “sell” or rent personal information to third-parties. We may however disclose personal information to our service providers who act as sub-processors on our behalf. 

 

Changes to this Privacy Notice

 

We may change this Privacy Notice from time to time. If we make changes, we will notify you by revising the date at the top of the policy. We encourage you to check back regularly to stay informed about our information practices and the choices available to you.

 

Links

 

Our websites and communications may contain links to other websites. Cheetah Digital is not responsible for the content or privacy practices of these sites. We recommend users read the privacy statements of each linked website.

 

How to contact us

 

Please direct any questions, comments or complaints regarding our privacy practices to us at privacy@cheetahdigital.com

  • If you are in the U.S. and wish to contact us by postal mail, you can send your inquiry to Cheetah Digital, Attention: Privacy, 72 W Adams St, Chicago, IL 60603.

  • If you are our customer you can also contact your account representative or our global support organization, and they will direct your inquiry to the privacy team.

  • If you remain dissatisfied and are in the UK you are welcome to contact our UK Data Protection Officer at ukdpo@cheetahdigital.com

  • Similarly, if you reside in an EU or EEA Member Country you can contact our EU Data Protection Officer at eudpo@cheetahdigital.com.

  • You can also contact your national, state or local data protection authority or ombudsman.

For other inquiries please see our Contact Us page.