LiveRamp Product and Service Privacy Notice

LiveRamp is a data connectivity platform leveraged by companies, such as brands and their partners, to deliver exceptional experiences. Our business provides the technology to move data safely and securely between various parties, such as advertisers and the platforms that host ads. 

LiveRamp allows companies to enhance and activate their data across online and offline channels, primarily for marketing purposes. For instance, a sports clothing store might receive email addresses from its in-store shoppers. This enables the store to send emails to its shoppers regarding offers or updates, but doesn’t enable it to communicate tailored offerings to its shoppers through different channels, or enable the store to understand the effectiveness of its online marketing.

LiveRamp enables the sports clothing store to transform the information provided directly by its customers into other identifiers, such as the advertising IDs at platforms that engage in online advertising. This enables the store to move and use its data much more flexibly, such as serving digital advertisements on their customers’ devices, understanding how those digital advertising campaigns impact in-store sales, or discovering additional customer traits by appending 2nd- and 3rd-party data sets to its customer list. 

Though the information in this notice is accurate regardless of where you reside, more specific information and access to some data rights described in geographically-defined regulations, such as state-specific privacy rights or the European Union’s General Data Protection Regulation (GDPR), may be available depending on your jurisdiction.

In the below sections, we describe:

1. Our Collection of Personal Information – the types of personal information that we collect, and the types of sources we collect it from.
2. Our Disclosure and Sale of Personal Information – the types of recipients to whom we disclose or sell personal information.
3. Our Business Purposes for Collecting and Selling or Disclosing Personal Information
4. When We Act as a Service Provider/Processor – processing client data on behalf of the client
5. Our Security Philosophy – our commitment to security best practices
6. Our Opt Out Options – how you may stop LiveRamp data collection and use
7. Our Contact Options – how you may communicate with us
8. Policies Specific to Certain States (CA, VA, NV) and other Countries.

The following sets forth the categories of information we collect and purposes for which we may use personal information:

LiveRamp collects certain categories of personal information in connection with our products. For the purposes of this notice, personal information is broadly defined as information that identifies, relates to, describes, references, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or device. This includes offline identifiers such as a postal address (i.e., directly identifiable data or personally identifiable information (PII)), as well as online identifiers associated with devices (i.e., non-PII), such as a browser cookie or mobile advertising ID. 

Cookies are one example of an online identifier: they are small, unique text files stored on the browser of your computer (or another internet-connected device) to identify the device. Cookies contain information that helps improve site functionality and security, but can also be used for advertising, analytics, and other commercial purposes which span multiple sites. 1st-party cookies are cookies set by the website owner; 3rd-party cookies are cookies set by parties other than the website owner. In its products, LiveRamp both places 3rd-party cookies and leverages its partners’ 1st-party cookies.

On web browsers LiveRamp may collect and store data using 3rd-party cookies that it places, and in some cases multiple types of identifiers may be collected in the course of a single action. LiveRamp cookie domain names include both rlcdn and pippio.

When you log into one of our partner websites, that partner may sell or share information collected from you, such as your email (in hashed, non-human-readable form), IP address, or information about your browser or operating system, with LiveRamp. LiveRamp uses this information to create an online identification code for the purpose of recognizing you on your device. This code may be placed in our partners’ cookie and for use in online and cross-channel advertising (including targeted advertising), or LiveRamp may connect it to LiveRamp’s own 3rd-party cookie. 

Finally, LiveRamp uses certain publicly available data sets in order to enhance and improve our products. These data sets do not include personal information as defined under any applicable privacy laws. For accreditation information please contact LiveRamp.

The personal data and identifiers we collect may be linked to other personal data and identifiers through known associations and/or identity resolution and shared with advertising partners and other third party advertising companies globally for the purpose of enabling interest-based content or targeted advertising throughout your online and offline experiences (e.g. web, TV (MVPDs), connected TV, mobile applications, and other media). These third parties may in turn use this code to link demographic or interest-based information you have provided in your interactions with them. You have the right to express a choice regarding LiveRamp using this data for the above purposes. To opt out of this use we have several options:

• Information about opt out options can be found here.
• Note: For information about state specific rights (CA, VA, NV) and opt outs, please find the section titled “Policies Specific to Residents of Certain States” at the bottom of this privacy notice. To get directly to instructions for exercising rights offered by certain states, please visit My Privacy Choices .

The categories of information LiveRamp may collect about you, as well as how we collect and use such categories of information, are summarized in the table below.

Generally speaking, we collect and disclose the Personal Information that we collect for the purposes of building products and services for advertisers related to facilitating marketing, advertising, analytics, attribution, fraud detection, and reporting. This includes:

• Generally, creating marketing and advertising tools and products for our clients, as more fully described in our websites. This includes our provision of datasets, data “appends” (connecting data across datasets), and data hygiene services (helping customers to evaluate, organize, validate and correct personal information they hold).
• Assisting our clients through our Services to provide their current and prospective customers with better service, improved offerings, and special promotions, for instance, advising on which current or prospective customers are most likely to be interested (or disinterested) in certain offers.
• For creating modeled audiences to which our clients can market their products and services. For example, a sports clothing company is looking for new potential customers who are likely to be interested in sports clothing. The sports clothing company can use our services and products to analyze characteristics (i.e., demographics, expressed interests) about their customers and identify other customers that share similar characteristics.
• To facilitate the delivery of our clients’ marketing and advertisements to you. For example, a sports clothing company has its own lists of emails or cookies of customers who have previously purchased sports clothing from them. The sports clothing company wants to reach out to these customers with advertising for a discount offer on online purchases. The sports clothing company can use our products and services to deliver the company’s lists of customers/prospects to their advertising platform partners. Note that LiveRamp does not provide the service of targeted advertising but, rather, moves data to an advertiser’s advertising platform that results in targeted advertising.

• For supporting clients and partners to connect your preferences across the various browsers and/or devices you use to more accurately market to you. For example, you are logged into multiple devices (such as your desktop, your smartphone, and your tablet) using the same login and have clicked on a sports clothing company’s online advertisement on at least one of those devices. The sports clothing company can thus display more consistent offers to you via automated technologies (such as cookie ID or a publisher’s advertising ID) on your different devices.  
• For use in the analytics and measurement of performance of our clients’ advertising campaigns. For example, a sports clothing company wants to better understand if its website advertisements for a new line of sports clothing contributed to an increase in sales. Our services and products can help the advertiser to analyze how many ads were viewed and clicked, and if the consumer purchased any of the advertiser’s sports clothing.
• To provide a platform for advertisers to find data partners that help the advertiser to personalize advertisements to you, such as through website and email personalization or dynamic marketing and advertising optimization. For example, if you have previously indicated an interest in sports clothing to a data partner, we provide a platform for the data partner to provide this information to the advertiser. Then the advertiser then uses this information to personalize ads to you when you visit their website.

We will sell and share the information collected about you as discussed above for various business purposes, with service providers and with third parties, including our customers. The chart below describes how and with whom we sell, share, or disclose personal information, and whether we believe we have “sold” a particular category of information in the prior 12 months.

We also may share any of the personal information we collect as follows: 

Sharing for Legal Purposes: In addition, we may share personal information with third parties in order to: (a) comply with legal processes or a regulatory investigation (e.g. a subpoena or court order); (b) enforce our Terms of Service, this Privacy Notice, or other contracts with you, including investigation of potential violations thereof; (c) respond to claims that any content violates the rights of third parties; and/or (d) protect the rights, property or personal safety of us, our platform, our customers, our agents and affiliates, its users and/or the public. We likewise may provide information to other companies and organizations (including law enforcement) for fraud protection, spam/malware prevention, and similar purposes. 

Sharing In Event of a Corporate Transaction: We may also share personal information in the event of a major corporate transaction, including for example a merger, investment, acquisition, reorganization, consolidation, bankruptcy, liquidation, or sale of some or all of our assets, or for purposes of due diligence connected with any such transaction. 

Sharing With Service Providers: We may share personal information with our service providers who process it on our behalf and in accordance with our instructions. Service providers are contractually prohibited from using the personal information for purposes outside of our instruction. This may include, for instance, providers involved in tech or customer support, operations, web or data hosting, billing, accounting, security, marketing, data management, validation, enhancement or hygiene, or otherwise assisting us to provide, develop, maintain and improve our services.

Children’s privacy

We do not knowingly collect personal data about children. Our websites and systems are not designed for use by individuals under the age of 18, and in particular are not designed for children under the age of 16. If we learn we have collected or obtained personal data of someone under 16, we will delete that information from our database. If you believe that this has occurred, please contact the US Privacy Team.

Generally speaking, we collect and disclose the Personal Information that we collect for business purposes including:

Operating (and marketing) our Services

For example: 

• Improving, testing, updating and verifying our own database.
• Developing new products.
• Operating, analyzing, improving, and securing our Services.
• We also may use email addresses and other personal information we receive in our corporate capacity to communicate with or market to organizations that we believe may benefit from our Services.

Other operational purposes

For example:

• Auditing
• Detecting security incidents
• Debugging
• Short-term and transient use
• Performing services 
• Internal research
• Quality control
• Legal compliance

We may receive, handle and process personal information on behalf of our clients, in order to provide services to those clients. This may include, for instance, information about our clients’ customers or prospective customers, or about other consumers our clients have interacted with. This is information we access as a “processor” or “service provider” or “processor.” This information is not owned by LiveRamp, and thus is not subject to the processes or choices described in this or related policies. To exercise your rights with respect to that information, you must contact whichever company or organization is the “controller” or “business” that holds it. 

LiveRamp’s security program is designed to reduce risk in alignment with business goals and the protection of the consumer data entrusted to us by establishing and leading the execution of a comprehensive security strategy. Security protects the information and physical assets of LiveRamp by establishing and executing on a security framework (policies, standards and processes). The Security team works in collaboration with the business to deeply understand business risks and changes, foster accountability for security, and strengthen the partnership between security and business leaders. 

   The Security Program aligns strategies to business goals by: 

• Developing, implementing, and enforcing a security framework and using industry-standard techniques and technologies such as hashing, encryption, and firewalls.
• Informing and training employees on security
• Monitoring and assessing security processes and systems
• Detecting and responding appropriately to security incidents
• Taking appropriate steps to prevent the occurrence of any such incidents
• Integrating with Risk and Compliance stakeholders at the enterprise and division levels

LiveRamp offers several ways to opt out of the personal information that LiveRamp controls being shared with or sold to others through our products and services. These options are explained and accessed here. Please note that there are specific opt out choices available depending on your location (i.e., EU, California, Nevada) by following the instructions on the opt out page.

LiveRamp is a member of the Digital Advertising Alliance (DAA) and Digital Advertising Alliance Canada (DAAC) and adheres to the DAA Principles for Online Behavioral Advertising and Multi-Site Data, as well as related guidance. LiveRamp subscribes to the DAA’s industry-wide cookie opt out mechanism that can be found here and its mobile device ID opt out available through its AppChoices app. Consumers who choose to opt out through these DAA mechanisms do not need to opt out of the equivalent mechanism with LiveRamp.

Keep in mind that opting out of LiveRamp through our opt out channels or through the DAA does not disable advertisements altogether. Instead, opting out means that LiveRamp services will no longer be used to facilitate targeted advertising to your browser, device, or email address. In other words, you will still see advertisements and receive email marketing, but they will be less relevant to you.

If you create a new email address, reset the mobile advertising ID on your device, or use a new browser, you will need to apply the appropriate opt out to that new email address, new device ID, and/or new browser as opt outs are not necessarily transferred between email addresses, browsers, or devices.

Regarding cookies used on LiveRamp.com websites. You may opt out of selling, sharing, or disclosure of personal data for targeted advertising by rejecting cookies through the cookie banner that pops up on our websites or by enabling the Global Privacy Control signal on a compatible browser. 

You can manage your email marketing preferences with us by clicking here: lp.liveramp.com/subscription-management.html. This will opt you out of LiveRamp and RampUp Sponsor email marketing.