CONTACT

Privacy Policy

Last updated: January 1, 2020

I. Introduction to Throtle

Throtle helps brands to use their own customer data, along with other licensed data, to improve customer interactions on multiple channels and devices. For instance, we provide data “onboarding” services to marketers engaged in online marketing (such as through use of Data Cookies), through our data management platform as well as other data services and platforms.

We are a member of the Network Advertising Initiative (NAI) and adhere to the NAI’s Code of Conduct. You can click HERE to reach the Network Advertising Initiative site, a central location for information about Interest-Based Advertising and the choices available to you, and to opt-out of receiving third-party Interest-Based Advertising via cookies from us and NAI member companies.

Throtle is also a member of the Interactive Advertising Bureau (IAB). You can choose to opt-out of Throtle’s offline services HERE and our online services HERE. We describe other opt-out methods in Section IX below.

II. The Types of Data We Collect & How We Source the Information

Throtle receives data from a variety of business partners, clients, and other companies that license data to us, or provide us data to facilitate our services. This information, which we refer to in this Privacy Policy as the Throtle “Service Data,” includes the following:

Personal Information. We sometimes use or receive information that identifies people by name, address, or email, along with information about those people’s likely preferences, interests, or demographics. An example of this would be if we know that John Smith owns a home in a particular suburb, and is 53 years old. We obtain this data ourselves and through data licensors, and its source may be, for instance, census bureau data, public records, or data aggregators that collect or receive information from consumers, websites, or business transactions.

Passively Collected Information and Identifiers. This is information that we or our business partners collect passively through websites or mobile devices (or other devices), including cookie IDs, Apple mobile IDFA identifiers and Android mobile Advertising IDs, or unique identifiers tied to those identifiers. These identifiers generally identify or are linked to particular browsers and devices. We refer to all of these identifiers as “UIDs,” and they often are tied to particular browsers and mobile devices (or other devices, such as set-top boxes). (These UIDs in turn may be “synced” or linked across multiple online content providers, ad networks, and other service providers.) We describe these identifiers in more specific detail in Section V, titled Cookies, Pixels, and SDKs That We (or Our Business Partners) Use.”  Sources from which we may obtain this data are data aggregators, mobile applications, and advertising networks.

Web and Mobile Log Data. Passively collected information we receive may also include a range of data about web and mobile logs and usage, such as the type of browser or device (or operating system) being used, an IP address, a time-stamp, other information about a user’s device or browser, and information about whether and how a user viewed an ad or interacted with content or visited a particular website (sometimes referred to as “clickstream data”).  Sources from which we may obtain this data are data aggregators, mobile applications, and advertising networks.

In addition to the above, we also collect information when users visit our corporate website(s), including the one this Privacy Policy is posted on. We refer to this information as “Website Information,” and describe this information in Section XII titled “Information Collected On This Website.”

III. How We Use the Data

Generally, we use the Service Data we receive and collect in order to provide marketing, advertising, and analytics services to our customers, including various business partners. We describe our services generally below, and additional descriptions may be contained on this website.

Data “Onboarding” Services. We use Service Data to help marketers to reach their own “CRM” lists – their proprietary “first party” lists of their current and prospective customers – or other audiences, through third party display media platforms. We often help marketers reach audiences representing these CRM lists (or other lists) by “onboarding” their offline data online for digital advertising purposes such as display advertising. When we do this, we often work with partners that de-identify this data and connect it in de-identified fashion to display media, or other marketing channels.

Enabling Cross-Channel Marketing. We may use the Service Data to help marketers and other data platforms in “cross-channel” or “cross-device” marketing – analyzing, locating and creating potential marketing “audiences” through multiple channels, e.g., web and mobile. For instance, we may link Service Data and UIDs to the same user (based on inferences we have made), so that a marketer can find and remarket to their same audiences through web-based, mobile, or other advertising channels.

Creating Data Segments. We also use our Service Data to create online, mobile or other consumer audiences, represented by UIDs or personal information grouped together based on common interests or preferences (“Data Segments”). These Data Segments may identify a person or, when used online, a unique online identifier, as, for instance, enjoying sports, travel, living in a middle-class neighborhood, or having children. This information may be leveraged by marketers for content personalization to send relevant and desired offers, coupons, and ads to their customers and others. We offer these Data Segments in different forms to marketers wishing to reach customers through online (e.g., web/mobile), email, and offline channels, often working with the types of partners we describe above.

Campaign Measurement and Market Research. We sometimes use the Service Data to help marketers measure the effectiveness of display or other media campaigns – for instance, to determine which types of ads are most likely to be seen, opened, or to lead to purchases, or to perform other market research.

Other Campaign and Data Services. We sometimes use our Service Data to provide other data and marketing services, such as verification, data or audience analytics, data modeling, or other services that may be described on this website.

Improving Our Products. We may use our Service Data to improve, analyze and develop our own products and to analyze their effectiveness, or to work with a business partner or client to perform similar services.  We also may use the Service Data for security-related or de-bugging purposes.

IV. How We Share Data with Third Parties

Throtle may share any data it holds, including Service Data (described above) and Website Data (which is personal information collected on our corporate website), as follows:

Agents and Service Providers: We may share Service Data and Website Data with agents and service providers who work on our behalf, or to help us provide services requested by our customers, and with our customers themselves. We may do so, for instance, for analytical purposes, to measure campaigns, or inform future campaigns. We may do so to facilitate the sending of display media, or other requested services.

Partners: We may share Service Data (including Data Segments), with business and data partners to help provide more tailored advertising and for analytical purposes.  These may include data compilers and resellers, advertising networks, or media platforms.

Affiliates, Parents, Subsidiaries and Successors: Throtle we may share some or all of the data in our possession with affiliated or subsidiary companies. We may also share any data with a successor in interest who purchases all or most of our assets, or in the course of any transaction leading to such an acquisition, i.e., during due diligence.

As Required by Law or to Protect Any Party: Throtle may disclose data if we believe that such disclosure is necessary to (a) comply with relevant laws or to respond to subpoenas or warrants served on us, or (b) to protect or otherwise defend the rights, property or safety of Throtle or any other party.

V. Cookies, Pixels, and SDKs That We (or Our Business Partners) Use

This section provides more information about cookies and similar technologies that we, our clients and their service providers, and our business partners may use, and how they work.

Cookies. Cookies are small text files that websites and other online services use to store information about users on users’ own computers. For instance, cookies are often used to store sign-in credentials and other preferences, so that you don’t need to enter them upon returning to a website. Cookies also often store information to make web viewing more customized to a particular user. Cookies also often store UIDs tied to your particular computer or browser, so that web services and third party ad networks can recognize you across different websites, over time. You may be able to configure your internet browser to advise you each time a cookie is being placed, and you may be able to refuse all or certain cookies altogether. However, if you refuse cookies (particularly first party cookies), this may interfere with certain website operations are optimized and customized to you, and may interfere with other important functions of websites. Throtle places cookies (and may allow third parties to place cookies) on our own website. We also sometimes act as a “third party” and deploy cookies (or sync with other cookies) placed on other websites or by other business parties. When we place these third party cookies, they do not contain what we refer to as “personally identifiable information” such as name, address, email address or phone number, and we expire these cookies within 24 months (and often over a shorter time than that).

Pixels or Web Beacons. Pixels, sometimes called web “beacons,” may also communicate information from your internet browser to a web server. Pixels can be embedded in web pages, emails and even videos, and can allow a web server to collect or read information from your browser, determine whether you have viewed particular web content or emails, or determine your IP address or the URL you are viewing content. We often work with business partners (who are themselves third party providers) to provide our services, and these partners often set and access their own cookies, pixel tags, and use other technologies to interact with your device, which may have cookies with varying expiration periods. These partners also may collect various types of information, often in pseudonymous or de-identified form, about your browser, device, or browsing activities through these cookies.

Some of our partners use cookies to link to various de-identified information and identifiers that are derived from personal information, and inferred personal interests, preferences, or other demographic information. These partners use various de-identification techniques such as “hashing,” to obscure and make non-human readable personal identifiers. For instance, a hashed version of “ouruser@emailprovider.com” might read as: “e37cda4da913332dc143a6a43174de8a9457697f.”

Mobile Identifiers and SDKs: We may also work with partners who use mobile “SDKs” (software development kits) to collect information about how users interact with mobile apps, platforms, and systems, including third party ad networks. The SDK is computer code that app developers can include in their apps to enable ads to be shown, data to be collected, or to optimize or improve their apps in other ways. These SDKs may collect (and provide to us) information such as mobile identifiers (e.g., Apple IDFAs and Android Advertising IDs), and information about what apps a user engages with, mobile devices information, and how users interact with ads. To avoid having ads tailored to you in this way on your mobile device, please following the instructions in the below Section IX titled “Do Not Sell My Personal Information: Your Opt-Out Rights.”

VI. GDPR Compliance Statement

The General Data Protection Regulation (GDPR) is effective as of May 25, 2018 across all European Union (EU) member states. In short, if you process data about individuals in the context of selling goods or services to European citizens in any EU country, then you will need to comply with GDPR.

At the bare minimum, the GDPR was drafted with the intended purposes of protecting all non-anonymized personal data (or personally identifiable information: PII). And any company (or organization) that stores or processes personal information about “natural persons” (individual human beings) who are “data subjects” under the Regulation — e.g., persons who reside in an EU state — must comply.

VII. Throtle’s Policy Regarding EU Data, Protection & Security

It is our general policy to not deliberately accept for processing any personal data where an individual resides in any EU member country. Throtle performs scans on data that we ingest from sources, partners and clients designed to identify non-US postal and foreign email domains. In addition, we work with our partners and sources to inform us if they are ingesting any data from outside the US. Throtle regularly cleanses its Identity graph to remove any linkages that are found to originate outside the United States.

VIII. CCPA Consumer Rights

At Throtle, we take privacy and personal information very seriously and are committed to complying with all applicable laws and regulations, including the new California Consumer Privacy Act (“CCPA”) regulation.  We see CCPA as an opportunity to further safeguard consumers’ rights by providing them the data needed to make informed decisions regarding their personal information. This includes understanding and controlling how and why their personal information is collected, used, and disclosed.

In compliance with CCPA rules effective as of January 1, 2020, consumers who are California residents (as defined by the CCPA) have:

  • The right to know what personal information is being collected about them and what the business purposes are for doing so
  • The right to know to whom their personal information is being disclosed or sold to
  • The right to opt-out of the sale of their personal information
  • The right to access and request deletion of their personal information

Throtle Service Data and Throtle Website Data are both directly subject to CCPA. Information regarding what type of data we collect, the source of the information, our business purposes for using the data, and to whom such information is disclosed or sold is detailed in Sections II-V of our Privacy Policy above, in accordance with CCPA requirements.

While we do not typically have direct interactions with consumers, Throtle has made mechanisms available to support consumer requests for opt-outs, delete requests, and requests to know in accordance with CCPA requirements.  Instructions to submit opt-out requests, delete requests, and/or right to know requests through either our Website or our Toll-Free number may be referenced in Sections IX-XI of this Privacy Policy.

Non-discrimination
We will not discriminate against you for exercising any of your CCPA rights.  Unless permitted by the CCPA, we will not:

  • Deny you goods or services
  • Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties
  • Provide you a different level or quality of goods or services
  • Suggest that you may receive a different price or rate for goods or services or a different level of goods or services.

CCPA Requirements for Minors

The CCPA includes special restrictions on the sale of children’s personal information. Businesses must obtain special “opt-in” consents for the sale of personal information if they wish to sell information related to minors under 13, or information of minors 13 to 16 years of age.

Throtle does not knowingly accept, process, or sell any personal information related to minors.

IX. Do Not Sell My Personal Information: Your Opt-Out Rights

Some of our services involve the use of inferred user interests and preferences collected or employed across multiple websites, devices or channels. These services are often referred to as a type of “Interest-Based Advertising” or “IBA,” and we provide a way for consumers to “opt-out” of these IBA services. There are several methods by which you may opt-out of our IBA service as described below.

Throtle Cookie Opt-Outs, i.e. “Do Not Sell” Requests

If you decide to opt-out of our IBA services via this method, we will set an opt-out cookie (or similar technology) on your browser or device, to indicate to us that you have opted out. You may opt-out by clicking here:  https://optout.thrtle.com/optout.

We will complete the processing of your opt-out request within 15 days of receipt.

Please note that if you browse the web from multiple browsers or devices, you will need to opt-out from each browser and/or device to ensure that we withhold our IBA services on all of them. For the same reason, if you procure a new device, change browsers or delete your Throtle opt-out cookie (or clear all cookies), you will need to perform this opt-out task again.

Also note that the opt-out cookie cannot be set if your browser is configured to block third-party cookies.

Please note that your choice to use any of our opt-out tools will not affect ads placed by any other organization.

Third-Party Cookie Opt-Outs

If you would like to opt-out of other third party ad platforms and services (including some that we work with, and may have transferred data to previously), we recommend visiting the opt-out pages offered by the Network Advertising Initiative (the NAI), the Digital Advertising Alliance Web Choices Tool  or the Digital Advertising Alliance CCPA Opt Out Tool . Opting out in this way will not prevent you from seeing ads.  It will, however, generally prevent ads that are targeted to inferences made about your preferences based on your activity across websites and over time.

Permanent Opt-outs via Mobile Advertising IDs (MAIDs)

Apple assigns an “ID for Advertising” (IDFA) to each iOS device, and Google assigns an “Advertising ID” to all Android devices.  Similar to how a cookie is leveraged for IBA on a web browser, these Mobile Advertising IDs (MAIDs) can be used to deliver ‘cross-app’ advertising ads to mobile applications to help inform your ad preferences.

If you would like to opt-out of this advertising, you can generally opt-out through your device “settings.”. Common device settings are as follows:

  • For Apple Devices: Apple users can opt-out of remarketing by enabling a device setting called “Limit Ad Tracking” (LAT), which restricts advertisers from using the IDFA for behavioral advertising. On your iOS or iPadOS device, you can enable Limit Ad Tracking by going to Settings > Privacy > Advertising and turning on Limit Ad Tracking. You may also reset your advertising ID by going to Settings > Privacy > Advertising > Reset advertising ID.  You can reference further details on how to limit ad tracking on your iOS device here: IDFA Opt-Out.
  • For Android Devices: Similar to IDFA for Apple devices, Android users may opt-out of app-based tracking for IBA by opening the Google Settings app on your device, selecting Ads, and then selecting the option to opt-out of interest-based ads. You can learn more about how identifiers on mobile are used for advertising and receive instruction for how to opt-out of mobile advertising on the Google Privacy & Terms

Please note that these platforms control how these settings work, so the above may change, at their discretion. Likewise, if your device uses other platforms not described above, you should check the settings for those devices.

You may also opt-out of Throtle’s use of Mobile Advertising IDs (MAIDs) set by Android devices via the following link on our webpage:   https://throtle.io/data-privacy-manager/do-not-sell/.  Because Apple does not disclose their IDFA to users, we are not able to establish an opt-out request based on an Apple MAID (IDFA) in our system. MAIDs are device specific, so you must submit a separate opt-out request for each mobile device (e.g. smart phone, tablet) that you use.

We will complete the processing of your opt-out request within 15 days of receipt.

We will retain your associated personal information on an internal “opt-out” list to prevent further sale of your data in connection with Throtle services.

Please note that your choice to use any of our opt-out tools will not affect ads placed by any other organization.

Permanent Opt-outs via Email Address, Name/Home Address, or Telephone Number

You may opt-out of the use of your email address, name/home address, or telephone number in connection with Throtle services by submitting an opt-out via the following form on the Throtle webpage: https://throtle.io/data-privacy-manager/do-not-sell/.

Please note, if you use several email addresses you must submit a separate opt-out request for each one.  Similarly, if you have multiple home addresses or telephone numbers, you must submit a separate opt-out for each one.

We will complete the processing of your opt-out request within 15 days of receipt.

If you opt-out, we will retain your hashed email address on an internal “opt-out” list to prevent further sale of your data in connection with Throtle services. Please note that opting out of Throtle’s processing of your data does not mean that online advertising will be blocked altogether or that you will see fewer ads. It simply means that the ads that you see will not be personalized for you. Ads may be served because they relate to the website you are visiting or to your current search, or they may just be randomly placed.

Please note that your choice to use any of our opt-out tools will not affect ads placed by any other organization.

X. Delete Requests

In compliance with CCPA regulation, California residents have the right to request that Throtle delete any personal data that we may have collected from a Consumer.  A delete request may be submitted via the following webform on the Throtle website (https://throtle.io/data-privacy-manager/delete-my-information/) or by calling our toll-free number (866) 672-5235.

Throtle will confirm receipt of Delete Requests within 10 days including a brief description about how Throtle will process the request.

We will complete the processing of your delete request within 45 days after receipt. If Throtle is unable to process the request within 45 days, we will notify you with an explanation of the delay, with an extension to not exceed an additional 45 days.

XI. Right to Access Personal Information

In compliance with CCPA regulation, California residents may request certain information with respect to the PII we (when we act as a “business” under the CCPA) store, process, or share with third parties for those third parties’ direct marketing purposes.  This includes:

  • The categories of personal information that have been collected
  • The specific pieces of personal information that have been collected about that consumer

To exercise your rights, please submit a request to us by either completing our ‘Request to Know’ webform on our website (https://throtle.io/data-privacy-manager/request-to-know/) or by calling our toll-free number at (866) 672-5235.

We take security and privacy very seriously and take proactive measures to ensure we do not inadvertently disclose your personal information to an unauthorized third party.  In order to securely verify your identity for all detailed Right to Access requests, we request a copy of a government issued ID as part of the required information (along with your name/address, email or MAID ID).  If you do not have a government issued ID, please contact us at https://throtle.io/data-privacy-manager/request-to-know to request alternate documentation options for identity verification.

Only you, or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable customer request related to your personal information.  You may only make a request for access twice in a 12-month period. The request must provide sufficient information that allow us to reasonably verify you are the person about whom we collected personal information or an authorized representative, and if you are an authorized agent, we may request additional proof as permitted by the CCPA, such as power of attorney. The scope will be limited to data from the 12-month period preceding the Consumer’s request.

Throtle will confirm receipt of your Right to Access request within 10 days including a brief description about how Throtle will process the request.  This includes Throtle’s verification process and timing of when the consumer should expect a response.

We will respond to your verified request within 45 days. If we cannot verify your identity or authority to make the request and confirm the personal information relates to you, we will notify you within 45 days as to why the request cannot be completed.

If Throtle is unable to process the request within 45 days, and requires more time to do so, Throtle will notify you with an explanation of the delay, with an extension to not exceed an additional 45 days.

We will only use personal information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.

XII. Information Collected On This Website
This website is mainly directed to businesses that may wish to use our services, but we of course welcome consumers and others who want to know more about the data we collect and services we offer. When you visit this website, or contact us by email, we may collect the following Website Data:

Personal Information: If you provide us with information through our website – for instance, if you give us your email to sign up for an event or webinar, or to request materials – we may request and receive certain information, like your name, email address, company name and address, or other information. We may use this information for any business purpose, including to administer your account, provide you services, market to and communicate with you, and analyze how people use our services and websites. We will also provide the information to any successor entity, or during due diligence.

Passively Collected Information. We collect other information (or allow third parties to do so) when you visit our website, similar to the information that we describe in Section II describing our Service Data. This includes cookies, web log data, IP addresses, and UIDs, including information about how you engage with our website (or if you are on another website, with our ads), as well as information about your browser or device. We may use this information to target or “retarget” ads to you on other websites or mobile applications. For instance, if you spend time viewing a description of an event we are holding on our website, we might “retarget” you with an invitation to that event. You can opt-out of such targeting through the same channels we describe in Section IX above.

XIII. Sensitive Information, and Information Pertaining to Health Conditions
Throtle does not offer for public use Data Segments we have created containing or identifying sensitive health conditions or medical ailments, or regarding a person’s sexual orientation. This only applies to the data that Throtle itself directly provides, however — our customers, data partners, ad networks or other platforms with whom we work may use or make available their own, distinct sets of data.

Throtle creates and shares audience segments consisting of political data available on our platform where permitted by law and self-regulatory rules. Click here for a list of standard political segments.

XIV. Security and Data Integrity
Throtle takes steps to help ensure that the data we possess is housed and transmitted securely. We use multiple types and layers of physical and electronic security, including firewall protections, encryption of data during transfer, and strict access controls to personal information. While neither we nor any platform can guarantee 100 percent safety from hacks or illegal intrusion, we make substantial efforts to ensure that this does not occur.

XV. Updates to this Privacy Policy

We may update this Privacy Policy from time to time, such as to describe new types of data we collect or services that we offer. If you are interested in our data collection, use and sharing policies, we recommend that you check back to review these updates, as they occur.

XVI. International Users
Our Service Data and Website Data are generally stored on servers in the United States. If you are accessing our website, or if your information is used in our services, and you are located in another country (such as a nation within the European Union), you should know that the laws governing various types of data in the United States may be different or less protective than those of your own country, and you may wish to consider that factor in deciding whether or not to opt-out of our or other similar data services.

XVII. Data Retention
The service data we hold is not subject to any sector specific data retention requirements. As described in Sections II-IV above, we process ‘Service Data’ for different purposes, and the length of time that we retain this data varies depending on the processing purpose, the type of data and certain external factors.

We retain raw, cookie level data associated with our services for up to 12 months.

Throtle service cookies expire in 9 months, however additional user registration at an onboarding partner site may result in placement of a new cookie.

Associations made through Mobile Identifiers expire 18 months after the last time you interact with a partner website or advertiser.

All other offline data is retained as long as it is useful in our products.

Data may be deleted as space requires or in the normal course of business. Furthermore, we may delete personal data in response to a request from a user under applicable law, when requested to do so by our clients, or when contracts with our clients end. Generally, Client data obtained as part of our services is retained for up to 6 months following the termination of the relationship, unless the Client has requested a longer retention period.”

Questions or Concerns
If you have questions or concerns about Throtle’s privacy efforts or products, please contact us at:

ATTN: Privacy Officer
Throtle, Inc.
141 West Front Street, Suite 410
Red Bank, NJ 07701

Or, you may email us at privacy@throtle.io.

Privacy Settings
Youtube
Vimeo
Google Maps
Spotify
Sound Cloud
SIGN UP NOW