The Importance of Securing Data in HasOffers

At TUNE, we aim to align our practices with the highest privacy and security standards possible, while also complying with the laws and requirements of the various countries we do business in.

This tutorial will help you understand:

  • How TUNE treats different types of data—depending on whether they are categorized as anonymous, personal or pseudonymous.
  • Why it’s important to secure personal data before sharing with TUNE or other third parties.
  • Treatment of various data types in HasOffers.

Personal, Pseudonymous & Anonymous Data

Under many privacy, security or data protection laws, data is often classified into 3 categories: personal, pseudonymous or anonymous.

Securing “personal” data, or data that can identify an individual person, before “processing” or sharing that data, is a best practice under most privacy and data protection frameworks.

TUNE clients retain the obligation to (i) provide legally required notices to, and (ii) acquire applicable consents of, end users.

What is Personal Data?

Generally, “personal data” means any information relating to an identified or identifiable natural person. At TUNE, we treat data as personal depending on the laws of the relevant jurisdiction.

What is Pseudonymous Data?

Pseudonymous data is data that is linked to an end user’s device and cannot specifically identify that end user, but still provides some non-remote possibility of future identification.

What is Anonymous Data?

Unlike both Personal and Pseudonymous data, Anonymous data is not linked to an end user’s device and does not specifically identify an end user in any way nor provide the potential for future identification of that end user.

Treatment of Various Data Types in HasOffers

Included below is a table listing the common types of data uploaded by clients to the HasOffers platform and potential HasOffers Practice and Use cases.

This list is not exhaustive, but is intended to give you a guide on how HasOffers treats—and empowers its clients to treat—certain types of data.

Data Type HasOffers Practice and Use Cases
IP Address IP addresses from most of the world are considered pseudonymous data. Clients can currently pseudonymize German IP addresses so they are stored in an obfuscated form within their network. Details about current functionality are in our article on IP Address Obfuscation.

IP addresses originating from the European Union, United Kingdom, and Switzerland will be treated as personal data, and the HasOffers client may opt in to obfuscating such data points.

Device IDs Distinctive number associated with a particular handheld device.

Device IDs originating from the European Union, United Kingdom, and Switzerland will be treated as personal data, and the HasOffers client may opt in to replacing such data points with an empty string.

MAC Address Also known as the networking hardware address.

MAC addresses originating from the European Union, United Kingdom, and Switzerland will be treated as personal data, and the HasOffers client may opt in to replacing such data points with an empty string.

Pixel Tracking Website base code used in conjunction with cookies which registers when a user visits a particular page.
Cookies Small text files to allow websites to recognize users and keep track of their preferences.
User Agent Identifies the type of device and browser, to be used for measurement and targeted advertising.
Referral Link (URL or IP) Allows networks to see where publishers are promoting the offers when available.
Mobile Carrier Based on IP, allows networks to see which mobile carrier a particular device is registered with.
Geolocation (through IP Addresses) Geolocation assists with target advertising in certain countries, states and cities. HasOffers utilizes an external service provider to determines the general vicinity of a user based on their IP address. (See here for more details).

Please note: HasOffers allows clients to configure the product to allow for a variety of data points to be sent to HasOffers by TUNE. This includes Advertiser Identifiers used for analytics, which are not automatically collected as part of HasOffers by TUNE services. Responsibility for configuration of the product and collection of data ultimately resides with our clients. At no time should clients, partners, publishers or ad networks send TUNE any personal data belonging to end users if proper consent has not been obtained and the data is not reasonably protected.

Data Retention

TUNE abides by data minimization principles as guided by the European Union’s General Data Protection Regulation. Unless otherwise agreed in writing between the parties, HasOffers applies the following data retention rules:

  • IP addresses, Device IDs, and MAC Addresses, regardless of jurisdiction, will have a 120-day rolling data retention window on the HasOffers platform (if the data controller does not opt-in to do so earlier). Data scrubbing to occur monthly.
  • All log-level reporting on the HasOffers platform will have a 25-month rolling data retention window (if the data controller does not opt-in to do so earlier). These retention windows will only impact the Conversion Report and Click Logs. All Stats Report queries will still be available beyond these retention windows, though Affiliate Sub 1-5 or Source Stats queries are available for 18 months.
  • TUNE retains client data so long as it is contractually required, and will delete all client data in a reasonable amount of time after the conclusion of our relationship.
  • Additional guidance on end user rights is available at https://optoutmobile.com.

For additional information on how we use data collected, please see the HasOffers Privacy Policy.

 

No Comments

Leave a reply