Version date: 27/09/2021
This Yieldify data collection policy sets out the type of data Yieldify collects in the provision of its Services to Customer, how it processes such data and the purposes and duration of such processing. Capitalised terms used and not otherwise defined herein shall have the meaning set forth in the agreement between Yieldify and Customer which references this policy (“Agreement”):
1. Type of data we collect
As part of Yieldify’s service, we collect the following information about end users:
Personally identifiable information
Technical data such as:
device identification information (such as user agent, MAC address, IMEI, and device time)
browser type and version
type of internet connection
browser window size
whether the browser accepts cookies and local storage
own- and third-party cookie information.
Personal information such as:
custom fields as defined by our client when it is explicitly submitted through our own service (e.g. through an overlay)
Website browsing activity information such as:
pages viewed on the website
timestamps of visits and actions activity events
time spent on pages
Transactional information such as:
information and quantity of products in the basket and in transactions
Mouse interaction information such as exit intent and clicks on campaigns
Form submissions within Yieldify campaigns
Page and website information as defined by our client (e.g. travel route queries)
Content and settings information about the campaigns to which the user has been exposed (impressions) as well as the variant they have seen in the case of A/B tests.
2. How we collect it
3. Why we process the data
Yieldify processes the data for the purposes of providing Services to Customers.
Anonymised/de-identified personal data is processed by Yieldify for the purposes of improving the Services and benchmarking activities.
4. How the data is processed
Yieldify processes the data in various ways depending on the specific and desired functionality of the Services purchased by the Customer. Some use cases are as follows:
Aggregation for the purpose of campaign performance metric reporting
Event deduplication attribution for the purpose of generating A/B Testing Results
Filtering and presentation of lists of email addresses (lead generation)
Aggregation of pageviews in real time for the purpose of social proof campaigns
Data is sent via Connector Engine (subcontractor) to Email Service Providers (ESPs) so that the Customer can utilise its existing ESPs
Data events are sent to the Customer’s Google Analytics so that the Customer can visualise end user interaction data within their existing analytics tool.
5. Where is the data processed
The data is processed both inside and outside the European Economic Area
The Customer's data will not be processed outside the European Economic Area unless one of the adequate safeguards outlined under the Applicable Data Protection Laws have been ensured in relation to such data transfer
6. Storage duration of the data
We process the personal data of the Customer for the Term of the Agreement and for the period of 90 days thereafter at which point the Customer data is anonymised or aggregated.
The anonymised / aggregated data is kept indefinitely.
7. List of sub-processors current as at date of this policy
Amazon AWS (currently Customer Data is hosted in the AWS Ireland “eu-west-1” location)
Snowflake (Data hosted and processed in EU)
Looker (Data hosted in EU, AWS EU-West ~ Dublin, Ireland)
Cyclr (Data hosted in EU)
Sendgrid (Data hosted and processed in EU)
Mailjet (data is stored and processed in the EU)
Yieldify Australia (Yieldify UK’s subsidiary company)
Yieldify Singapore (Yieldify UK’s subsidiary company)
Yieldify USA (Yieldify UK’s subsidiary company)
8. ICO Registration Number and Date of Registration
Registration number: ZA005016
23 July 2013