Arts Scene (“we,” or “us”) is committed to protecting users’ privacy and handling their data in an open and transparent manner. This Privacy Statement describes the data services that we provide to our clients and how we use, share, and protect the personal data that we gather about users in connection with our services (referred to herein as “personal data”). This Privacy Statement also describes users’ choices and legal rights in relation to their personal data.
The practices described in this Privacy Statement are undertaken by Arts Scene companies providing Arts Scene around the world. Learn more about Arts Scene’s family of companies or contact Arts Scene’s Privacy Department (see the “Contact Us” section below for our contact details) for more information.
This Privacy Statement does not apply to the data handling practices of website publishers and other parties who share data with Arts Scene or those parties’ use of users’ data for interest-based advertising and other purposes. We encourage users to review the privacy statements of each platform, website, and mobile application (“mobile app”) that they access or use to learn how these parties may use their data.
OUR DATA SERVICES
Arts Scene collects data from multiple sources about users’ online activity across websites, mobile apps, and devices (including laptops, smartphones, and televisions); sorts it into categories based on users’ demographics, interests, and preferences; and makes it available to advertisers, website publishers, and content providers (collectively, our “Clients”) in order to facilitate interest-based advertising and provide a more relevant advertising experience to consumers. We do not collect directly-identifiable data, such as names, email addresses, phone numbers, or social media user names from users in connection with our services.
We collect data via our own technologies and from third parties, such as website publishers, mobile app developers, smart TV operators, and other providers of advertising technology and services in a variety of ways, including through the use of browser cookies, pixel tags, application software development kits (“SDKs”), and server-to-server connections with our partners.
We collect information about users’ browsers and devices, such as the mobile device identifier, IP address, and operating system. We also collect information about users’ visits to certain websites (such as number of visits and pages viewed) and use of mobile apps on a device. We do not collect information that directly identifies individuals (e.g., names, email addresses, phone numbers).
We use the information collected to gain insights on computer and device users, in order to allow our Clients to deliver more effective and relevant advertising and content, as described below in the “Data Use” section.
Additional details about our data collection practices and the different technologies we use to facilitate these activities can be found below.
- Pixel Tags. Pixel tags are small strings of code that provide a method for delivering an image on a web page or other document. Pixel tags allow the operator of the web page or other document (or a third party who serves the pixel tag) to set, read, and modify certain cookies. Pixel tags may also be used to gather data about the device being used to view that web page, such as the time a tag was sent, the user’s operating system and browser type, and similar data.
- SDKs. An SDK is a piece of code within a mobile app that provides functionality for the app. We use SDKs to collect and transmit certain data to us. This data includes a mobile advertising identifier (i.e., an Apple IDFA or Google Advertising ID), IP address, timestamp, general (not precise) location information derived from the device’s IP address, and data regarding the use of mobile apps on the device from which we make inferences about the demographics, interests, and/or preferences of users. We also receive data (such as user agent data and device ID) collected by or from users’ mobile devices.
- Server-to-Server Connections. We may obtain data, such as user agent header, IP address, or unique device ID, that relates to users’ browsers, mobile devices, and television use from other online and offline third-party sources directly through connections to their servers and various secure data transfer methods.
We may use data we collect or receive from advertising technology partners and our Clients, including smart television providers, website publishers, and mobile app providers, to make a deterministic or statistical match of mobile device advertising identifiers and cookie identifiers. For example, we or our partners may match a user’s devices if the user logs in to the same online service on multiple devices or web browsers or if the user’s devices share similar attributes that support an inference that they belong to the same user. We also may use such data to match a user’s interests across devices, as well as for analytics, ad reporting, or to improve our services.
We may retain information about device matches for up to 13 months from a user’s last online activity.
BASIS FOR PROCESSING USERS’ PERSO
We are committed to providing users with choices with respect to how we process their personal data. This section describes how users can exercise these choices.
Applicable law in certain countries requires us to set out in this Privacy Statement the legal basis upon which we rely in order to process users’ personal data.
- Consent: We rely on the consent that we or our data providers obtain from users in order to perform our services and help our Clients deliver more effective and relevant advertising and content to users.
- Legitimate interests: We may rely on our legitimate interests to process users’ personal data, provided that such interests are not overridden by users’ interests, fundamental rights, or freedoms. In particular, we may process users’ personal data in reliance on a legitimate interest in the effective and lawful operation of our business as well as the effective delivery and improvement of our products, services, and websites.
- Compliance with legal obligations: We may process users’ personal data if necessary for us to comply with a legal obligation arising under an applicable law to which we are subject.
USERS’ LEGAL RIGHTS
Depending on their country or U.S. state of residence, under applicable law users may also have the right to:
- request confirmation as to whether or not we are processing personal data about them;
- request access to or copies of the personal data we hold about them and request that we update or correct such data (where applicable);
- propose restrictions on the ways in which we use their personal data (e.g., if we have no legal right to keep using it) or limit our use of their personal data (e.g., if their personal data is inaccurate or unlawfully held);
- object to our processing of their personal data;
- withdraw the consent that they have given us to process their personal data (where we process their personal data on the basis of their consent);
- request that their personal data be transferred to another organization in a structured, commonly used, and machine-readable format (to the extent applicable);
- request that we delete the personal data we hold about them; and
- lodge a complaint with the appropriate data protection or privacy authority regarding our processing of their personal data.
DATA RETENTION AND SECURITY
We retain pseudonymized log file data, including cookie data, web browsing data, and mobile browsing and app usage data for up to 120 days from the date of a user’s last online activity for ad targeting purposes. Aggregated data may be retained for other purposes, including analytics, for up to 13 months.
We use generally-accepted industry security standards including physical, electronic, and administrative safeguards that are designed to help protect the data that we collect, use, and retain. However, please note that no security measures are perfect, and there can be no absolute assurance of security.
We understand the importance of protecting the privacy of children, especially in the online environment. Our products and services are not designed for or directed at children. We do not knowingly solicit, collect, or maintain personal data from children under the age of 16. Similarly, we prohibit our third-party data providers from providing us with personal data from websites and mobile apps directed at children or from knowingly sharing with us data relating to children. If we become aware that we have collected or received personal data relating to a child, we will take reasonable steps to delete it.
CHANGES TO THIS PRIVACY STATEMENT
We may update or revise this Privacy Statement as needed from time to time in light of, for example, changing business or personal data processing practices, technology, or legal requirements. When we make changes to this Privacy Statement, we will amend the “Last updated” date at the top of this page. We encourage users to visit this page periodically to review any updates and remain informed about how we are processing and protecting personal data.