Privacy Policy

Effective Date: January 22, 2026
Last Updated: January 22, 2026

1. Information We Collect

1.1 Information You Provide Directly

When you create an account or use our services, we collect:

• Account Information: Name, email address, company name, phone number, business address
• Payment Information: Billing address, payment method details (processed securely by third-party payment processors)
• Verification Information: Tax ID, business registration documents, identity verification documents
• Campaign Data: Ad creatives, targeting preferences, budget settings, campaign goals
• Website Data (Publishers): Domain names, website URLs, traffic statistics, content categories
• Communications: Messages sent through our support system, emails, phone conversations

1.2 Information Collected Automatically

When you access our platform or when ads are served through our network:

• Device Information: IP address, device type, operating system, browser type and version, device identifiers
• Usage Data: Pages viewed, features used, time spent, click patterns, search queries
• Ad Performance Data: Impressions, clicks, conversions, viewability metrics, interaction rates
• Location Data: Approximate location based on IP address (country, region, city)
• Cookies and Tracking: Session cookies, persistent cookies, web beacons, pixels, local storage
• Log Data: Access times, error logs, API usage, system activity

1.3 Information from Third Parties

• Advertising Partners: Google DoubleClick, Facebook/Meta Audience Network, Microsoft Advertising, TikTok for Business, AppNexus, OpenX
• Data Enrichment Providers: Demographic data, interest categories, behavioral segments
• Fraud Prevention Services: Device fingerprinting, bot detection, fraud scores
• Payment Processors: Transaction status, payment history, fraud alerts
• Analytics Providers: Google Analytics, custom analytics platforms

2. How We Use Your Information

2.1 Service Delivery

• Create and manage your account
• Process and deliver advertising campaigns
• Serve targeted advertisements to relevant audiences
• Match advertisers with appropriate publisher inventory
• Provide real-time reporting and analytics
• Enable campaign optimization and performance tracking

2.2 Platform Improvement

• Analyze usage patterns to enhance user experience
• Develop new features and services
• Conduct A/B testing and research
• Monitor and improve ad relevance and quality
• Optimize ad delivery algorithms

2.3 Business Operations

• Process payments and manage billing
• Detect and prevent fraud, abuse, and security threats
• Verify account information and prevent duplicate accounts
• Enforce our Terms & Conditions and policies
• Comply with legal obligations and regulatory requirements
• Resolve disputes and provide customer support

2.4 Communications

• Send service-related notifications and updates
• Provide customer support and respond to inquiries
• Send marketing communications (with your consent)
• Conduct surveys and request feedback
• Notify you of policy changes or important updates

3. Legal Basis for Processing (GDPR)

For users in the European Economic Area (EEA), UK, and Switzerland, we process personal data based on:

• Contractual Necessity: To provide services you've requested
• Legitimate Interests: Platform improvement, fraud prevention, business analytics
• Legal Obligations: Tax compliance, anti-money laundering, regulatory reporting
• Consent: Marketing communications, optional data collection, cookies (where required)

4. Information Sharing and Disclosure

4.1 We Share Information With:

• Advertising Partners: Facebook Ads, Google Ads, Microsoft Advertising, TikTok Ads - for campaign delivery and performance measurement (limited to necessary technical data)
• Publishers: Aggregate campaign performance data, ad delivery instructions
• Advertisers: Campaign performance metrics, audience insights (anonymized)
• Service Providers: Payment processors, cloud hosting (AWS, Google Cloud), email services, customer support tools, analytics providers
• Business Partners: SSPs, DSPs, ad exchanges, ad verification services
• Fraud Prevention: Fraud detection services, security providers

4.2 We Do NOT:

• ❌ Sell your personal information to third parties
• ❌ Share personally identifiable information with advertisers without consent
• ❌ Use your data for purposes unrelated to our services without permission
• ❌ Share sensitive financial information beyond secure payment processing

4.3 Legal Disclosures

We may disclose information when required by law, including:

• Response to court orders, subpoenas, or legal processes
• Compliance with regulatory investigations
• Protection of our rights, property, or safety
• Prevention of fraud or illegal activity
• National security or law enforcement requests

5. Cookies and Tracking Technologies

5.1 Types of Cookies We Use:

• Essential Cookies: Required for authentication, security, platform functionality
• Performance Cookies: Analytics, error tracking, performance monitoring
• Functionality Cookies: Preferences, language settings, dashboard customization
• Advertising Cookies: Ad targeting, frequency capping, conversion tracking, retargeting
• Third-Party Cookies: Google Analytics, Facebook Pixel, advertising partner pixels

5.2 Managing Cookies

You can control cookies through:

• Browser settings (Chrome, Firefox, Safari, Edge)
• Our cookie preference center (available in footer)
• Opt-out tools: NAI Opt-Out, DAA Opt-Out
• Do Not Track (DNT) browser signals (honored where technically feasible)

Note: Disabling essential cookies may affect platform functionality.

6. Data Security

We implement industry-standard security measures:

• Encryption: TLS/SSL encryption for data transmission, AES-256 encryption for data at rest
• Access Controls: Role-based access, multi-factor authentication, principle of least privilege
• Infrastructure Security: Firewalls, intrusion detection, DDoS protection
• Regular Audits: Security assessments, vulnerability scanning, penetration testing
• Data Backups: Regular backups, disaster recovery procedures
• Employee Training: Security awareness, data handling protocols
• Incident Response: 24/7 monitoring, incident response team, breach notification procedures

7. Data Retention

• Account Data: Retained while account is active + 7 years (for legal/tax purposes)
• Campaign Data: 3 years for reporting and optimization
• Ad Performance Data: Aggregated data retained indefinitely; granular data 2 years
• Payment Records: 7 years (legal requirement)
• Support Communications: 3 years
• Logs and Technical Data: 90 days to 1 year
• Deleted Accounts: Personal data deleted within 30 days (unless legal hold applies)

8. Your Privacy Rights

8.1 All Users

• Access: Request a copy of your personal data
• Correction: Update inaccurate or incomplete information
• Deletion: Request deletion of your personal data
• Opt-Out: Unsubscribe from marketing communications
• Data Portability: Receive your data in a structured format

8.2 GDPR Rights (EEA, UK, Switzerland)

• Right to restriction of processing
• Right to object to processing based on legitimate interests
• Right to withdraw consent at any time
• Right to lodge a complaint with supervisory authority
• Right to be informed of automated decision-making

8.3 CCPA Rights (California Residents)

• Right to know what personal information is collected
• Right to know if personal information is sold or disclosed
• Right to opt-out of sale of personal information (we do not sell data)
• Right to non-discrimination for exercising privacy rights

8.4 How to Exercise Your Rights

Email: [email protected]
Subject: Data Privacy Request
We will respond within 30 days (GDPR) or 45 days (CCPA)

9. International Data Transfers

Gaiamobi is based in the United States. If you access our services from outside the U.S., your data may be transferred to and processed in:

• United States (primary data centers)
• European Union (EU data centers for EU users)
• Other countries where our service providers operate

Safeguards: We use Standard Contractual Clauses (SCCs), adequacy decisions, and appropriate safeguards to protect data transferred internationally in compliance with GDPR and other applicable laws.

10. Children's Privacy

Our services are not directed to individuals under 18 years of age. We do not knowingly collect personal information from children. If we become aware that a child has provided personal information, we will take steps to delete it immediately.

11. Third-Party Advertising Platform Compliance

11.1 Facebook/Meta

We comply with Facebook's Data Policy and Advertising Policies. Data shared with Facebook is governed by their privacy policy.

11.2 Google Ads

We comply with Google's Privacy Policy and Google Ads Policies. We use Google Analytics and DoubleClick for ad delivery.

11.3 Microsoft Advertising (Bing)

We comply with Microsoft Privacy Statement and Microsoft Advertising policies.

11.4 TikTok for Business

We comply with TikTok Privacy Policy and TikTok Advertising Policies.

12. California "Shine the Light" Law

California residents may request information about our disclosure of personal information to third parties for direct marketing purposes. We do not share personal information with third parties for their direct marketing purposes.

13. Changes to This Privacy Policy

We may update this Privacy Policy periodically. Material changes will be notified via:

• Email notification to registered users
• Prominent notice on our website
• In-platform notification

Continued use after changes constitutes acceptance of the updated policy.

14. Contact Information

Gaiamobi Ltd.
Privacy Officer
Email: [email protected]
Phone: +1 (818) 658-1999
Address: 123 Digital Avenue, Los Angeles, CA 90001, USA

EU Representative: [If applicable, provide EU representative details]
UK Representative: [If applicable, provide UK representative details]

15. Data Protection Officer

For GDPR-related inquiries:
Email: [email protected]