The Importance of Securing Data in the TMC

At TUNE, we aim to align our practices with the highest privacy and security standards possible, while also complying with the laws and requirements of the various countries we do business in.

This information may help you understand:

  • How TUNE treats different types of data—depending on whether they are categorized as anonymous, personal or pseudonymous.
  • Why it’s important to secure personal data before sharing with TUNE or other third parties.
  • Treatment of various data types in the Tune Marketing Console or “TMC”.

Personal, Pseudonymous & Anonymous Data

Under many privacy, security or data protection laws, data is often classified into 3 categories: personal, pseudonymous or anonymous.

Securing “personal” data or data that can identify an individual person, before “processing” or sharing that data, is a best practice under most privacy and data protection frameworks.

TUNE clients retain the obligation to (i) provide legally required notices to, and (ii) acquire applicable consents of, end users.

What is Personal Data?

Generally, “personal data” means any information relating to an identified or identifiable natural person. At TUNE, we treat data as personal depending on the laws of the relevant jurisdiction.

What is Pseudonymous Data?

Pseudonymous data is data that is linked to an end user’s device and cannot specifically identify that end user, but still provides some non-remote possibility of future identification.

For more details on hashing, click here.

What is Anonymous Data?

Unlike both personal and pseudonymous data, anonymous data is not linked to an end user’s device and does not specifically identify an end user in any way nor provide the potential for future identification of that end user. For instance, aggregated data that you view in the TMC on the number of installs in a given time period, is anonymous data.

Treatment of Various Data Types in the TMC

Included below is a table listing the common types of data uploaded by clients to the TMC and potential TMC Practice and Use cases.

This list is not intended to be exhaustive, but is intended to give you a guide on how the TMC treats — and empowers its clients to treat — certain types of data.

Data Type TMC Practice and Use Cases
Advertising Identifiers

 

Attribution Analytics, Audiences, In-App Marketing

As of May 25, 2018, advertising identifiers originating from the European Union and the United Kingdom will be treated as personal data, and the TMC client may opt out of automatically hashing such data points. Please contact [email protected] for more information.

The following advertising identifiers are automatically hashed upon ingestion and stored as such:

Field Sha1 Md5 Sha256
device_id y y y
google_aid y y y
ios_ifa y y y
ios_ifv y y y
platform_aid N/A N/A y
windows_aid y y y
android_id (os_id) y y y
mac_address y y y
facebook_user_id N/A N/A y
google_user_id N/A N/A y
twitter_user_id N/A N/A y

NOTE: All of the above-mentioned advertising identifiers can be sent in either their raw or hashed format via postbacks to third parties. Please familiarize yourself with your third parties data retention and privacy regulations.

Email address of end users Attribution Analytics, Audiences

Newer versions of the SDK (starting with v.3.8) automatically hash email addresses even before the data leaves the end user’s device. We use SHA-256, and have support for MD-5 and SHA-1. Older versions of the TUNE SDK still support transfer of raw email addresses, but these are hashed upon ingestion into the TMC and are not persisted.

NOTE: Not available to be sent in its raw format via postbacks to third parties.

Age Attribution Analytics, Audiences, In-App Marketing

The TMC does not automatically hash age values.If the TUNE SDK is configured to send the age of the app user and the user is tagged by the COPPA flag and/or under 13, the TMC will automatically treat such users as follows:

  • Automatic exclusion of a user for whom the COPPA flag is turned on from any segment exported via our Audiences feature.
  • There is no exclusion of a user for whom the COPPA flag is turned on from being measured by Attribution Analytics (as one of the “activities necessary for the site or service to maintain or analyze its functioning,” attribution is an exception to COPPA).

Advertisers should ensure that other legal COPPA requirements (COPPA, GDPR, etc.)- such as “verified parental consent” are met for end users under 13.

For more information, see “Understanding and Abiding by COPPA Requirements“.

Gender Attribution Analytics, Audiences, In-App Marketing

The TMC does not automatically hash gender values.

User name Attribution Analytics, Audiences, In-App Marketing

Newer versions of the SDK (starting with v.3.8) automatically hash user names even before the data leaves the end user’s device. We support MD-5, SHA-1, SHA-256 formats. Older versions of the TUNE SDK still support transfer of raw user names, but these are hashed upon ingestion into the TMC and are not persisted.

NOTE: Not available to be sent in its raw format via postbacks to third parties.

Phone number Attribution Analytics, Audiences

Newer versions of the SDK (starting with v.3.8) automatically hash phone numbers even before the data leaves the end user’s device. We support MD-5, SHA-1, SHA-256 formats. Older versions of the TUNE SDK did not support ingestion of phone numbers.

NOTE: Not available to be sent in its raw format via postbacks to third parties.

IP address Attribution Analytics

As of May 25, 2018, IP addresses originating from the European Union and the United Kingdom are treated as personal data and are automatically salted and hashed in the TMC. IP addresses originating from other countries are considered pseudonymous data. For more information, see “How Tune Handles IP Addresses in the TMC“.

Digital fingerprint consisting of “statistical identifiers.” Attribution Analytics

Digital fingerprints are used for attribution when an advertising identifier is not available.All digital fingerprints that include IP addresses and that are originating from Germany are hashed (by May 25, 2018, this will be expanded to all of the European Union & United Kingdom). For more information, see “Main Methodologies for Attribution“.

Geolocation (through IP Addresses) Attribution, Audiences, In-App Marketing

Clients can capture and share (through postback) location data in the TMC. However, precise location data will be truncated for storage in the TMC so that it no longer precisely identifies an end user, and to ensure that data is “pseudonymized” and no longer personal. For instance, lat-long values are stored only to 2 decimal places in the TMC in line with NAI and other guidance.

Advertisers may also direct TUNE to send certain data types to third parties. For example, advertisers may choose to measure In-Store Events, which enables sharing of Advertising ID and location data with Smartwhere. Learn about Smartwhere’s privacy policies here.

Additionally, certain features of the TMC may allow clients to configure the product to allow for a variety of data points that are not automatically collected to be sent to the TMC. Responsibility for configuration of the product and collection of data ultimately resides with our clients as data controllers. At no time should clients, partners, publishers or ad networks send TUNE any personal data belonging to end users if proper consent has not been obtained and the data is not reasonably protected.

Data Retention

TUNE abides by data minimization principles as guided by the European Union’s General Data Protection Regulation. Unless otherwise agreed in writing between the parties, by May 25, 2018, TMC applies the following data retention rules:

  • Attribution Analytics applies a 25-month rolling data retention window (if the data controller does not opt-in to do so earlier) on all log-level reporting for impressions, clicks, and conversion events. Exporting of log-level data is limited to the previous 120-days worth of data. Learn more here.
  • TUNE retains client data so long as it is contractually required, and will delete all client data in a reasonable amount of time after the conclusion of our relationship.
  • Additional guidance on end user rights is available at https://optoutmobile.com.

For additional information on how we use data collected, please see the TMC Privacy Policy.

No Comments

Leave a reply