Version date: 27/09/2021

Purpose

This Yieldify data collection policy sets out the type of data Yieldify collects in the provision of its Services to Customer, how it processes such data and the purposes and duration of such processing. Capitalised terms used and not otherwise defined herein shall have the meaning set forth in the agreement between Yieldify and Customer which references this policy (“Agreement”):

1. Type of data we collect

As part of Yieldify’s service, we collect the following information about end users:

  • Personally identifiable information

    • Technical data such as:

      • IP address

      • device identification information (such as user agent, MAC address, IMEI, and device time)

      • browser language

      • browser type and version

      • geolocation

      • operating system

      • type of internet connection

      • browser window size

      • color depth

      • whether the browser accepts cookies and local storage

      • own- and third-party cookie information.

    • Personal information such as:

      • name

      • email address

      • telephone number

      • address

      • custom fields as defined by our client when it is explicitly submitted through our own service (e.g. through an overlay)

  • Activity information

    • Website browsing activity information such as:

      • pages viewed on the website

      • timestamps of visits and actions activity events

      • referring URL

      • time spent on pages

    • Transactional information such as:

      • order ID

      • order value

      • information and quantity of products in the basket and in transactions

    • Mouse interaction information such as exit intent and clicks on campaigns

    • Form submissions within Yieldify campaigns

    • Page and website information as defined by our client (e.g. travel route queries)

    • Error logs.

  • Content information

    • Content and settings information about the campaigns to which the user has been exposed (impressions) as well as the variant they have seen in the case of A/B tests.

2. How we collect it

Part of the integration process between Yieldify and the Customer is the placement of a Javascript tag (either by the Customer or Yieldify) in the header on every page of the Customer’s website. The Javascript tag can be installed in a Tag Manager such as Google Tag Manager, or directly on the Customer’s site.

Once the Javascript tag is installed and activated it will collect personal data from users of the Customer’s website, place cookies to uniquely identify users, and send this data to Yieldify’s data collection servers as HTTPs requests.

3. Why we process the data

  • Yieldify processes the data for the purposes of providing Services to Customers.

  • Anonymised/de-identified personal data is processed by Yieldify for the purposes of improving the Services and benchmarking activities.

4. How the data is processed

Yieldify processes the data in various ways depending on the specific and desired functionality of the Services purchased by the Customer. Some use cases are as follows:

  • Aggregation for the purpose of campaign performance metric reporting

  • Event deduplication attribution for the purpose of generating A/B Testing Results

  • Filtering and presentation of lists of email addresses (lead generation)

  • Aggregation of pageviews in real time for the purpose of social proof campaigns

  • Data is sent via Connector Engine (subcontractor) to Email Service Providers (ESPs) so that the Customer can utilise its existing ESPs

  • Data events are sent to the Customer’s Google Analytics so that the Customer can visualise end user interaction data within their existing analytics tool.

5. Where is the data processed

  • The data is processed both inside and outside the European Economic Area

  • The Customer's data will not be processed outside the European Economic Area unless one of the adequate safeguards outlined under the Applicable Data Protection Laws have been ensured in relation to such data transfer

6. Storage duration of the data

  • We process the personal data of the Customer for the Term of the Agreement and for the period of 90 days thereafter at which point the Customer data is anonymised or aggregated.

  • The anonymised / aggregated data is kept indefinitely.

7. List of sub-processors current as at date of this policy

  • Amazon AWS (currently Customer Data is hosted in the AWS Ireland “eu-west-1” location)

  • Snowflake (Data hosted and processed in EU)

  • Looker (Data hosted in EU, AWS EU-West ~ Dublin, Ireland)

  • Cyclr (Data hosted in EU)

  • Sendgrid (Data hosted and processed in EU)

  • Mailjet (data is stored and processed in the EU)

  • Yieldify Australia (Yieldify UK’s subsidiary company)

  • Yieldify Singapore (Yieldify UK’s subsidiary company)

  • Yieldify USA (Yieldify UK’s subsidiary company)

8. ICO Registration Number and Date of Registration

Registration number: ZA005016

23 July 2013

Did this answer your question?