Last Updated on January 2023.
We, at Digital Turbine, Inc. and our affiliated companies (collectively, “Digital Turbine”, “we”, “us” or “our”), put great efforts in making sure that we secure Personal Data related to you and use it properly. We provide products and services through properties we own or operate for and on behalf of our business partners (collectively, the “Services”) and operate Digital Turbine’s website at: www.digitalturbine.com (the “Website”).
A Summary of The Policy
Personal Data You Provide Us
We receive and store any information you enter on our Website or give us in any other way. If you register with any of the Services, we will collect your name, your company’s name, your work email address. Read More below.
Personal Data That We Collect
We automatically log ‘traffic/session’ information including IP addresses and user agent. We collect session durations and additional activity information. Read More below.
What Do We Do with Personal Data?
We maintain the Services, make it better and continue developing it, and protect us and the Services from misuse and law violations. Read More below.
Who do we Share Personal Data Related to You?
We use service providers, for example, to send email messages and to store data. We will transfer information when we change our corporate structure, and we will share the information with our affiliate entities. Read More below.
Disclosure of Personal Data to Authorities
We will obey orders and other lawful requirements by authorities to disclose information. Read More below.
Aggregated and Analytical Information
Aggregated data is not identifiable. We use it for legitimate business purposes and for standard analytical tools. Read More below.
You may opt-out of our mailing lists and terminate your use of the Services. Our Services do not respond to Do Not Track (DNT) signals. Read More below.
Your EU Data Subject Rights
If we process Personal Data related to you when you are in the EU, further terms apply to our processing in relation to your rights as a data subject under EU data protection laws. Read More below.
Specific Provisions for California Residents
If you reside in the State of California, further terms apply to our processing in relation to your rights as a data subject under the California Privacy Rights Act of 2022 (CPRA). Read More below.
Personal Data retention
We retain Personal Data to provide the Services and for legitimate and lawful purposes, as further explained in the data retention section of this policy. Read More below.
Transfer of Data Outside Your Territory
We keep Personal Data related to you in the United States and in the EEA, and will store them at additional sites, at our discretion. Our service providers provide us adequate security and confidentiality commitments. Read More below.
We implement systems, applications, and procedures to secure Personal Data related to you, to minimize the risks of theft, damage, loss of information, or unauthorized access or use of information. Read More below.
Contact us at: [email protected] or write us for every request and complaint. We will make good-faith efforts to resolve any existing or potential dispute with you. Read More below.
We will update our policy from time to time after giving proper notice. Read More below.
Please contact us at: [email protected] for further information. Read More below.
Personal Data That You Provide Us
We receive and store any information you enter on our Website or give us in any other way. For example, when you contact us via the Website, we receive any information you provide us.
When you contact us to apply for a job with us, you provide us with Personal Data related to you, which we process for recruitment and general HR purposes.
Personal Data That We Collect
Like many websites, we use “cookies” (for further information about cookies, please see our Cookies and Similar Tracking Technologies Policy), and we obtain information when your browser accesses our Website.
When you use the Service, we also receive information about your Services’ activity from third-party analytics services. For more information, please see the “Aggregated and Analytical Information” section of this policy.
Examples of such information we collect and analyze include the Internet Protocol (IP) address used to connect your access device to the Internet; login; e-mail address; password; access device and connection information such as browser type, version, and time zone setting, browser plug-in types and versions, operating system, and platform.
If you are a mobile device user that is engaged with any of our Services, we process your Personal Data, on behalf of our customers, to provide them with our Services. Read More.
What Do We Do With Personal Data?
We use Personal Data related to you for the following purposes:
- to provide you with the Website and the Services;
- to provide you with notifications related to your use of the Services or Website, such as electronic newsletters, blog or promotional emails;
- to solicit your feedback and provide support;
- to maintain the Website and the Services and to continue developing and make them better;
We obey the law and expect you to do the same. If necessary, we will use Personal Data related to you to enforce our terms, policies, and legal agreements, to comply with court orders and warrants, and assist law enforcement agencies, to collect debts, prevent fraud, misappropriation, infringements, identity thefts and any other misuse of the Service, and to take any action in any legal dispute and proceeding.
We commit to process Personal Data related to you solely for the purposes described in this policy.
Who do we Share Personal Data related to you with?
We do not sell, rent, or lease Personal Data related to you.
We also share Personal Data related to you with our vendors worldwide and with third-party service providers which process Personal Data related to you on our behalf. Such vendors and service providers are contractually bound to keep Personal Data related to you confidential and appropriately secure.
A merger, acquisition or any other structural change will require us to transfer Personal Data related to you to another entity, as part of the structural change, provided that the receiving entity will comply with this policy.
We will share Personal Data related to you only subject to the terms of this policy, or subject to your prior consent.
Disclosure of Personal Data to Authorities
We will need to disclose Personal Data related to you in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
Aggregated and Analytical Information
We use standard analytics tools. The privacy practices of these tools are subject to their own privacy policies, and they use their own cookies to provide their service (for further information about cookies, please see our Cookies and Similar Tracking Technologies Policy).
We use the standard analytics tools of Google Analytics, and we will use additional or other analytics tools, from time to time, to learn about how you and other users use the Service, in support of our Service-related activities and operations.
We use anonymous, statistical, or aggregated information and will share it with our partners for legitimate business purposes. It has no effect on your privacy, because there is no reasonable way to extract data from the aggregated information that we or others can associate specifically to you.
We will give you choices about the ways we use and share Personal Data related to you, and we will respect the choices you make.
We will send newsletters or promotional communications to our users. To unsubscribe to these communications, you will be required to click an “Unsubscribe” link in these emails and confirm the email address for which you would like to unsubscribe.
We collect and receive Personal Data related to you that we need for the purposes described in this policy. You can stop using the Service at any time, thereafter we will stop collecting Personal Data related to you. However, we will store and continue to use or make available certain Personal Data related to you as detailed above.
You may request that your account be terminated, and that Personal Data related to you be deleted by contacting us. Any termination of your account will involve deletion of your account information from our live databases and all the information and data stored for such account in the Service.
You may request a copy of the Personal Data related to you that we store about you by contacting us. You may also request that Digital Turbine transfer Personal Data related to you or provide you with copies of such Personal Data to enable its transfer to a third party.
When we delete Personal Data related to you that we have collected from or about you, it will be deleted from our active databases, but we will keep a reasonable number of copies in our archives. Although we will deactivate your account, we will continue to retain the Personal Data related to you for legitimate business purposes as set forth above.
Web browsers offer a “Do Not Track” (“DNT”) signal. A DNT signal is a HTTP header field indicating your preference for tracking your activities on a service or through cross-site user tracking. Our Website and Service do not respond to DNT signals.
If you wish to exercise any of your rights in relation to Personal Data related to you, including exercising your choices or opt-out rights, please send us an email to [email protected].
Your EU Data Subject Rights
If EU data protection laws apply to the processing of the Personal Data related to you by Digital Turbine, then the following terms apply:
Where we process Personal Data related to you when you visit our Website as a data controller, the processing is based on the following lawful grounds:
- All processing of Personal Data related to you which are not based on the lawful grounds indicated below, are based on your consent.
- We will process Personal Data related to you to comply with a legal obligation and to protect your and others’ vital interests.
- We will further rely on our legitimate interests, which we believe are not overridden by your fundamental rights and freedoms, for the following purposes:
- Communications with you in the following circumstances:
- Where you contact us through our Website and other digital assets:
- After you had signed up to our blog and/or newsletter via our Website.
- After you, on behalf of your company, had signed up to any of our services.
- After you applied to a position at our company via our Website.
- Cyber security.
- Support, customer relations, service operations.
- Fraud detection and misuse of the Service and Website.
In addition to your rights under other sections in this policy, you have the following rights:
- At any time, contact us if you want to withdraw your consent to the processing of Personal Data related to you. Exercising this right will not affect the lawfulness of processing based on consent before its withdrawal.
- Request to delete or restrict access to Personal Data related to you. We will review your request and use our judgment, pursuant to the provisions of applicable law, to reach a decision about your request.
- If you exercise one (or more) of the above-mentioned rights, in accordance with the provisions of applicable law, you may request to be informed that third parties that hold Personal Data related to you, in accordance with this policy, will act accordingly.
- You may ask to transfer Personal Data related to you in accordance with your right to data portability.
- You may object to the processing of Personal Data related to you for direct marketing purposes. Additional information about this right is available under the Choice section in this policy.
- You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affecting you.
- You have a right to lodge a complaint with a data protection supervisory authority of your habitual residence, place of work or of an alleged infringement of the GDPR.
A summary and further details about your rights under EU data protection laws, is available on the EU Commission’s website available at: Rights for citizens | European Commission (europa.eu).
Note that when you send us a request to exercise your rights, we will need to reasonably authenticate your identity and location. We will ask you to provide us credentials to make sure that you are who you claim to be and will further ask you questions to understand the nature and scope of your request.
If we need to delete Personal Data related to you following your request, it will take some time until we completely delete residual copies of Personal Data related to you from our active servers and from our backup systems.
If you have any concerns about the way we process Personal Data related to you, you are welcome to contact our privacy team at: [email protected]. We will look into your inquiry and make good-faith efforts to respond promptly.
Specific Provisions for California Residents
This section applies solely to all visitors, users and others who reside in the State of California and other applicable US States. We adopted this section to comply with the California Privacy Rights Act of 2020 (CPRA) and any terms defined in the CPRA have the same meaning when used in this section. This chapter supersedes any contradicting provisions under the other sections of this policy.
We have collected the Personal Data related to you which is described above under the section “The Personal Data that We Collect and Store” of this Policy. Such Information consists of the following categories:
- Identifiers and Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)).
- Internet or other electronic network activity information, including, but not limited to, browsing history, search history, and information regarding your interaction with the Website.
- Commercial information, including products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
- Geolocation data, namely your physical location or movements.
- Inferences drawn from any of the above-mentioned information.
We obtain the categories of Personal Data related to you listed above from the following categories of sources:
- Directly and indirectly from you and your activity on the Website.
- Third parties such as reliable service providers.
We use the Personal Data related to you that we collect or receive for the purposes mentioned under the section “How We Use Your Personal Information?” of this Policy.
We disclose Personal Data related to you to third parties for business purposes as described above under the section titled “Information Sharing and Disclosure?”.
We do not sell Personal Data related to you.
The Services and Website are not intended to collect Sensitive Personal Information (as defined under the CPRA). We do not knowingly collect Sensitive Personal Information, and we require that you not provide us with any such information.
Selling and Sharing Personal Information
We do not sell or share Personal Data. However, we engage third parties to provide us with services such as analytics, marketing automation and user experience and allow them to collect Personal Data on our Services and Website.
We do not knowingly sell or share the Personal Data of consumers who are under 16 years of age.
The categories of Personal Data collected by these third parties in the preceding 12 months include identifiers, online activities and inferences drawn from such activities.
These third parties do not pay us for collecting such information, but the right granted to them to collect Personal Data may be considered as disclosure for the purpose of sale or sharing for cross-context behavioral advertising. At any time, you can opt-out of the collection of Personal Data by our service Providers by contacting us.
Your rights as a California Resident
In addition to your rights under other sections under this policy, if you are a resident of California or any other applicable US State, you are entitled also to the following specific rights under the CPRA or other applicable US state consumer privacy acts, regarding Personal Data related to you:
- Access to specific Personal Data and data portability rights – you have the right to request that we will disclose certain information to you about our collection and use of Personal Data related to you over the past 12 months. Upon verification of your request, we will disclose to you:
- The categories of Personal Data we collected about you;
- The categories of sources for the Personal Data we collected about you;
- Our business or commercial purpose for collecting that Personal Data;
- The categories of Personal Data that we disclosed for a business purpose, and the categories of third parties with whom we disclosed that particular category of Personal Data;
- The specific pieces of Personal Data that we collected about you;
- If we disclosed Personal Data related to you for a business purpose, we will provide you with a list which will identify the Personal Data categories that each category of recipient obtained.
- Deletion rights – you have the right to request that we delete any of Personal Data related to you. Upon confirmation of your request, we will delete Personal Data related to you from our records, unless an exception applies.
- Non-discrimination – you also have a right not to be discriminated against for exercising your rights under the CPRA.
Exercising Your Rights
To exercise the access, data portability, and deletion rights described above, please submit your request to us by sending an email message to: [email protected] Only you or a person authorized to act on your behalf, may make a request related to Personal Data related to you. A request for access can be made by you only twice within a 12-month period.
The verifiable consumer request must provide sufficient information that allows us to reasonably verify you are the person about whom we collected Personal Data or an authorized representative and describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.
We cannot respond to your request or provide you with the requested Personal Information if we cannot verify your identity or authority to make the request and confirm the Personal Data related to you. We will only use the Personal Data provided in your request to verify your identity or authority to make the request.
We will do our best to respond to your request within 30 days of its receipt. If we require more time (up to additional 30 days), we will inform you of the reason and extension period in writing. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option.
Any disclosures we provide will only cover the 12-month period preceding receipt of your request. The response we provide will also explain the reasons we cannot comply with a request, if applicable.
We do not charge a fee to process or respond to your request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will inform you of the reasons for such decision and provide you with a cost estimate before completing your request.
Personal Data Retention
We retain different types of Personal Data related to you for different periods, depending on the purposes for processing the information, our legitimate business purposes, and pursuant to legal requirements under applicable law.
We will maintain your contact details, to help us stay in contact with you. At any time, you can contact our privacy team at: [email protected] and request to delete your contact details. Note that we will keep your details without using them if necessary, and for the necessary period of time, for legal requirements and proceedings.
Transfer of Data Outside Your Territory
The Service is a web-based service. We store and process information, including Personal Data, either directly or using third parties, such as data hosting service providers, in the United States and in the EU. Digital Turbine has data centers in the United States and in Europe, and as a Customer you will have the option to choose where your data will be stored and processed. The laws of these territories differ from the laws of the jurisdiction in which you live.
If you are a resident in a jurisdiction where transfer of Personal Data related to you to another jurisdiction requires your consent, then you provide us your express and unambiguous consent to such transfer.
If you are located in the European Economic Area (EEA), note that we will transfer personal data related to you to other jurisdictions, which are not deemed to provide an adequate level of data protection. In such case, we will use appropriate safeguards, in particular, by way of entering into the European Union (EU) Standard Contractual Clauses as amended from time to time with the relevant recipients, or by adhering to equivalent data transfer regulations to protect the security and confidentiality of such personal data. You can obtain a copy of the suitable safeguards that we use when transferring personal data as described above or receive further information about data transfer by contacting us at: [email protected].
Digital Turbine is committed to ensuring the security of Personal Data. We and our hosting services implement systems, applications, and procedures to secure Personal Data related to you, to minimize the risks of theft, damage, loss of information, or unauthorized access or use of information. These measures provide sound industry standard security.
However, please understand that no security system is impenetrable, and although we make efforts to protect your privacy we cannot guarantee that the Service will be immune from any wrongdoings, malfunctions, unlawful interceptions or access, or other kinds of abuse and misuse.
We do periodical assessments of our data processing and privacy practices, to make sure that we comply with this policy, to update the policy when we believe that we need to, and to verify that we display the policy properly and in an accessible manner. If you have any concerns about the way we process Personal Data related to you, you are welcome to contact our privacy team at: [email protected], or write to us.
We will look into your query and make good-faith efforts to resolve any existing or potential dispute with you.
From time to time, we will update this policy. If the updates have minor if any consequences, they will take effect 14 days after we post a notice on the Website. Substantial changes will be effective 30 days after we initially posted the notice.
Until the new policy takes effect, if it materially reduces the protection of your privacy right under the then-existing policy you can choose not to accept it and terminate your use of the Service. Continuing to use the Service after the new policy takes effect means that you agree to the new policy. Note that if we need to adapt the policy to legal requirements, the new policy will become effective immediately or as required by law.
Please contact us at: [email protected]