LiveRamp Product and Service Privacy Notice

LiveRamp is a data connectivity platform leveraged by companies, such as brands and their partners, to deliver relevant advertising and marketing. Our business provides the technology to move data safely and securely between various parties, such as advertisers and the platforms that host ads. 

LiveRamp allows companies to enhance and activate their data across online and offline channels, primarily for marketing purposes. For instance, a sports clothing store might receive email addresses from its in-store shoppers. This enables the store to send emails to its shoppers regarding offers or updates, but doesn’t enable it to communicate tailored offerings to its shoppers through different channels, or enable the store to understand the effectiveness of its online marketing.

LiveRamp enables the sports clothing store to transform the information provided directly by its customers into other identifiers, such as the advertising IDs at platforms that engage in online advertising. This enables the store to use (and sometimes to share) its data much more flexibly, such as serving digital advertisements on their customers’ devices, understanding how those digital advertising campaigns impact in-store sales, or discovering additional customer traits (for instance “interest in outdoors”) by appending 2nd- and 3rd-party data sets to its customer list. 

Though the information in this notice is accurate regardless of where you reside, more specific information and access to some data rights described in geographically-defined regulations, such as state-specific privacy rights or the European Union’s General Data Protection Regulation (GDPR), may be available depending on your jurisdiction.

In the below sections, we describe:

1. Our Collection of Personal Information – the categories of personal information that we collect, and the types of sources we collect it from.
2. Our Disclosure and Sale of Personal Information – the categories of recipients to whom we disclose or sell personal information.
3. Our Business Purposes for Collecting and Selling or Disclosing Personal Information
4. When We Act as a Service Provider/Processor – processing client data on behalf of the client
   
5. Security – our commitment to security best practices
6. Our Opt Out Options – how you may stop LiveRamp data collection and use
7. Disclosures and Policies Specific to Certain States (CA, CO, CT, VA, NV) and other Countries.
8. Our Contact Options – how you may communicate with us

The following sets forth the categories of information we collect and purposes for which we may use personal information:

LiveRamp collects certain categories of personal information in connection with our products. For the purposes of this notice, personal information is broadly defined as information that identifies, relates to, describes, references, is reasonably capable of being associated with, or could reasonably be linked  with a particular consumer or device. This includes offline identifiers such as a postal address (i.e., directly identifiable data (DII) or personally identifiable information (PII)), as well as online identifiers associated with devices (i.e., non-PII), such as a browser cookie or mobile advertising ID. 

Cookies are one example of an online identifier, which our business model relies on in particular: they are small, unique text files stored on the browser of your computer (or another internet-connected device) to identify the device. Cookies contain information that helps improve site functionality and security, but can also be used for advertising, analytics, and other commercial purposes which span multiple sites. 1st-party cookies are cookies set by the website owner; 3rd-party cookies are cookies set by parties other than the website owner. In its products, LiveRamp both places 3rd-party cookies and leverages its partners’ 1st-party cookies.

On web browsers, LiveRamp may collect and store data using 3rd-party cookies that it places, and in some cases multiple types of identifiers may be collected in the course of a single action. LiveRamp cookie domain names include both “rlcdn” and “pippio”.

When you are logged in to one of our partner websites (or sometimes, if you open emails from them), that partner may sell or share information collected from you, such as your email (in hashed, non-human-readable form), IP address, or information about your browser or operating system, with LiveRamp. LiveRamp uses this information to create an online identification code for the purpose of recognizing your device. This code may be placed in our partners’ cookie and for use in online and cross-channel advertising (including targeted advertising), or LiveRamp may connect it to LiveRamp’s own 3rd-party cookie and other identifiers. 

LiveRamp also uses certain publicly available data sets in order to enhance and improve our products. These data sets do not include personal information as defined under any applicable privacy laws.

The personal data and identifiers we collect (for instance, a cookie ID) may be linked to other personal data and identifiers through known associations and/or identity resolution (for instance, an identifier derived from or associated with a hashed email address and LiveRamp cookie 1234 might be associated with partner cookie 5678), and shared with advertising partners and other third party advertising companies for the purpose of enabling interest-based content or targeted advertising throughout your online and offline experiences (e.g., web, TV [MVPDs], connected TV, mobile applications, and other media). These third parties may in turn use this identifier to link demographic or interest-based information you have provided in your interactions with them. Note that LiveRamp does not itself provide the service of targeted advertising (sometimes referred to as “cross-context advertising”) but, rather, processes and transfers data to an advertiser’s advertising platform so that platform can provide targeted advertising services. You have the right to express a choice regarding LiveRamp using this data for the above purposes. 

To opt out of this use we have several options:

• Information about opt out options can be found here.
• Note: For information about state specific rights (CA, CO, CT, VA, NV) and opt outs, please find the section titled “Policies Specific to Residents of Certain States” at the bottom of this privacy notice. To get directly to instructions for exercising rights offered by certain states, please visit Your Privacy Choices ,

The categories of information LiveRamp may collect about you when it acts as a “business” or “controller” of personal information, as well as how we collect and use such categories of information, are summarized in the table below.  Note that we often receive information from our clients, for instance about their own customers:  when we receive this information, we are only a “processor” or “service provider” (under state laws that use that terminology) – in other words, a vendor – and that information therefore is not specifically described below or elsewhere in this policy.

Generally speaking, we collect and disclose the Personal Information that we collect for the purposes of building products and providing services for advertisers (and ad and data platforms that service advertisers) related to facilitating marketing, advertising, analytics, attribution, fraud detection, and reporting. This includes:

• Generally, creating marketing and advertising tools and products for our clients, as more fully described in our websites. This includes our provision of online or other “connected” datasets, campaign measurement reports and tools , data “appends” (connecting data across partner data sets and marketing channels), and data hygiene services (helping customers to evaluate, organize, validate and correct personal information they hold).
• Assisting our clients through our Services to provide their current and prospective customers with better communications, improved offerings, and special promotions:  for instance, advising on which current or prospective customers are most likely to be interested (or disinterested) in certain offers.
• For creating modeled audiences to which our clients can market their products and services. For example, a sports clothing company might be looking for new potential customers who are likely to be interested in athletic wear. The sports clothing company can use our services and products to analyze characteristics (i.e., demographics, expressed interests) about their customers and identify other customers that share similar characteristics.
• To facilitate the delivery of our clients’ marketing and advertisements to current and prospective customers. For example, a sports clothing company may have its own lists of email addresses, cookies or other identifiers associated with customers who have previously purchased sports clothing from them. The sports clothing company may wish to send a discount offer to these customers, e.g., for online purchases. The sports clothing company can use our products and services to deliver the company’s lists of customers/prospects to their advertising platform partners, matched to that platform’s own digital identifiers. Note that LiveRamp does not itself provide the service of targeted advertising (sometimes referred to as “cross-context advertising”) but, rather, processes and transfers data to an advertiser’s advertising platform so that platform can provide targeted advertising services.
• For supporting clients and partners to connect your preferences across the various browsers and/or devices you use to more accurately market to you. For example, you are logged in to multiple devices (such as your desktop, your smartphone, and your tablet) using the same login and have clicked on a sports clothing company’s online advertisement on at least one of those devices. The sports clothing company can thus display more consistent offers to you via automated technologies (such as a cookie ID or a publisher’s advertising ID) on your different devices  or marketing channels.  
• For use in the analytics and measurement of performance of our clients’ advertising campaigns. For example, a sports clothing company wants to better understand if its website advertisements for a new line of sports clothing contributed to an increase in sales. Our services and products can help the advertiser to analyze how many ads were viewed and clicked, and if the consumer purchased any of the advertiser’s sports clothing.
• To provide a platform for advertisers to find data partners that help the advertiser to personalize advertisements to you, such as through website and email personalization or dynamic marketing and advertising optimization. For example, if you have previously indicated an interest in sports clothing to a data partner, we provide a platform for the data partner to provide this information to the advertiser. The advertiser then uses this information to personalize ads to you when you visit their website.

We will sell and share the information collected about you as discussed above for various business purposes, with service providers and with third parties, including our customers. The chart below describes how and with whom we sell, share, or disclose personal information, and whether we believe we have “sold” a particular category of information in the prior 12 months.

We also may share any of the personal information we collect as follows: 

Sharing for Legal Purposes: In addition, we may share personal information with third parties in order to: (a) comply with legal processes or a regulatory investigation (e.g. a subpoena or court order); (b) enforce our Terms of Service, this Privacy Notice, or other contracts with you, including investigation of potential violations thereof; (c) respond to claims that any content violates the rights of third parties; and/or (d) protect the rights, property or personal safety of us, our platform, our customers, our agents and affiliates, its users and/or the public. We likewise may provide information to other companies and organizations (including law enforcement) for fraud protection, spam/malware prevention, and similar purposes. 

Sharing In Event of a Corporate Transaction: We may also share personal information in the event of a major corporate transaction, including for example a merger, investment, acquisition, reorganization, consolidation, bankruptcy, liquidation, or sale of some or all of our assets, or for purposes of due diligence connected with any such transaction. 

Sharing With Service Providers: We may share personal information with our service providers who process it on our behalf and in accordance with our instructions. This may include, for instance, providers involved in tech or customer support, operations, web or data hosting, billing, accounting, security, marketing, data management, validation, enhancement or hygiene, or otherwise assisting us to provide, develop, maintain and improve our services.

Children’s privacy

We do not knowingly collect personal data about children under the age of 16. Our websites and systems are not designed for use by individuals under the age of 18, and in particular are not designed for children under the age of 16. If we learn we have collected or obtained personal data of someone under 16, we will delete that information from our database. If you believe that this has occurred, please contact the US Privacy Team.

Generally speaking, we collect and disclose the Personal Information that we collect for business purposes including:

Operating (and marketing) our Services

For example: 

• Improving, testing, updating and verifying our own database.
• Developing new products.
• Operating, analyzing, improving, and securing our Services.
• We also may use email addresses and other personal information we receive in our corporate capacity to communicate with or market to organizations that we believe may benefit from our Services.

Other operational purposes

For example:

• Auditing
• Detecting security incidents
• Debugging
• Short-term and transient use
• Performing services 
• Internal research
• Quality control
• Legal compliance

We may receive, handle and process personal information on behalf of our clients, in order to provide services to those clients. This may include, for instance, information about our clients’ customers or prospective customers, or about other consumers our clients have interacted with. This is information we access as a “processor” or “service provider”. This information is not owned by LiveRamp, and thus is not subject to the processes or choices described in this or related policies. To exercise your rights with respect to that information, you must contact whichever company or organization is the “controller” or “business” that holds it. 

LiveRamp has implemented security measures, including physical, technical and operational safeguards, designed to prevent the unauthorized access to or acquisition of personal information in our possession. However, no security measures are 100 percent effective. Thus (like other platforms and websites) we cannot guarantee such safeguards in securing all information from any such event or preventing harm that might arise.

LiveRamp offers several ways to opt out of the personal information that LiveRamp controls being shared with or sold to others (and/or used for targeted advertising) through our products and services. These options are explained and accessible here. Please note that there are specific opt out choices available depending on your location (i.e., Australia, EU, California, Colorado, Connecticut, Nevada, Utah, Virginia) by following the instructions on the opt out page.

Regarding cookies used on LiveRamp.com websites, you may opt out of selling, sharing, or disclosure of personal data for targeted advertising by rejecting cookies through the cookie banner that pops up on our websites or by enabling the Global Privacy Control signal on a compatible browser. Further, LiveRamp is a member of the Digital Advertising Alliance (DAA) and Digital Advertising Alliance Canada (DAAC) and adheres to the DAA Principles for Online Behavioral Advertising and Multi-Site Data, as well as related guidance. LiveRamp subscribes to the DAA’s industry-wide cookie opt out mechanism that can be found here and its mobile device ID opt out available through its AppChoices app. Consumers who choose to opt out through these DAA mechanisms do not need to opt out of the equivalent mechanism with LiveRamp.

Keep in mind that opting out of LiveRamp through our opt out channels or through the DAA does not disable advertisements altogether. Instead, opting out means that LiveRamp services will no longer be used to facilitate targeted advertising to your browser, device, or email address. In other words, you will still see advertisements and receive email marketing, but they may be less relevant to you. 

If you create a new email address, reset the mobile advertising ID on your device, or use a new browser, you will need to apply the appropriate opt out to that new email address, new device ID, and/or new browser as opt outs are not necessarily transferred between email addresses, browsers, or devices.

As a Business representative, you can manage your email marketing preferences with us by clicking here. This will opt you out of LiveRamp and RampUp Sponsor email marketing.