Captivate Privacy Policy

Effective Date: June 24, 2026.

1. Introduction.

This Privacy Policy describes Captivate’s data practices regarding information within its scope, including the choices available to you. Captivate provides podcast hosting, distribution, analytics, monetization, and creator tools, including embedded podcast players and AI-assisted creator features.

This Privacy Policy applies to information we collect where we control the purposes and means of processing, specifically through our websites, apps, emails, or other online services that link to this Privacy Policy (the “Service”) as well as from other sources described below. Your use of the Service is subject to our Terms of Service and Ad Services Terms and Conditions.

This Privacy Policy does not apply to:

  • The practices of third parties we do not control.
  • Information collected in the context of job applications or employment with us.
  • Information that has been anonymized or, to the extent permitted by law, deidentified.

Unless otherwise stated, “information” or “personal information” means information that identifies, relates to, or is reasonably capable of being associated with an individual or household.

If you are a resident of the U.S., see our U.S. State-Specific Disclosures.

If you are located in the EEA, Switzerland, or the UK, see our EU Disclosures.

See Contact Us for our contact details.

2. Collection.

We collect the following categories of information:

  • Contact Identifiers, including your name, email address, postal address, and phone number.
  • Characteristics or demographics, including generalized geographic region inferred from your IP address and, where voluntarily provided, limited profile information.
  • Commercial information, including records relating to subscriptions, memberships, purchases, monetization services, and related transactions that you made or considered.
  • Advertising and analytics information, including ad delivery events, campaign performance data, podcast download metrics, impression counts, completion metrics, and related measurement information.
  • Account credentials, including your username, password, password hints, and other information used for authentication or account access.
  • Payment information, including payment instrument number (such as a credit or debit card number), expiration date, and security code as necessary to process your payments. This information is processed by our payment processors. We do not store full payment card details.
  • Content, including podcast audio or video files, transcripts, show notes, comments, messages, support requests, chat communications, tip messages, survey responses, and other content submitted through the Service.
  • Device and network identifiers, including your device’s IP address, browser identifiers, user-agent strings, and other technical identifiers associated with your browser or device.
  • Device information, including your device’s operating system and browser (e.g., type, version, and configuration), internet service provider, and regional and language settings.
  • Internet or other network activity, including interactions with the Service, the pages or content you view, podcast downloads and streams, links that referred you to the Service, whether a download was completed, and interactions with embedded podcast players.
  • Non-precise location data, such as location inferred from an IP address or generalized to a city or postal code level.
  • Inferences, preferences, or other insights we derive from the information described above.

Some of the information we collect may be considered sensitive under applicable law. See our region-specific disclosures for details.

3. Sources.

We collect information from the following sources:

  • Information you provide through the Service. When you use the Service, you may be asked to provide information to us, such as when you create or manage a Captivate account, host or distribute podcast content, purchase subscriptions or services, sign up for our newsletters, respond to surveys, submit or post content, or communicate with us through customer support tools or live chat features. Please do not provide any information that we do not request.
  • From your device. When you use the Service, we and third parties we work with automatically collect information from your browser or device using cookies and other tracking technologies. This may include information collected when podcast episodes or audio files are downloaded or streamed through third-party podcast applications and embedded podcast players. See Cookies and Other Technologies.
  • Through our business relationship with you. To the extent you engage with us on behalf of another business, such as a podcast creator, network, agencies, advertisers, or other organization, we collect information relating to you and that business. This information is not subject to this Privacy Policy except as required by applicable law.
  • From third parties. We obtain information from third party sources, including:
    • Third party vendors and related parties we work with, in connection with receiving analytics, advertising, security, fraud prevention, artificial intelligence, transcription, and customer support services.
    • Social media platforms with which you interact. For example, when you engage with our social media channels, promote podcast content, participate in marketing campaigns, or otherwise interact with Captivate only, we may collect information associated with those interactions, your profile, or any information you have authorized the platform to disclose to us. If you publicly reference us, we may feature your post in our Service or marketing materials.
    • Content analysis and brand safety providers that analyze podcast episodes and transcripts to classify podcast content and support advertising suitability reviews.
    • Business partners that offer co-branded services, distribute our Services, or engage in joint marketing or promotional activities.
    • Third party integrations that you connect to the Service. For example, if you connect social media accounts or other third-party tools to the Service, we receive information that you have authorized those third parties to disclose to us.
    • Public sources, such as data in the public domain.
  • Where we generate the information. We generate information based on information we collect from the various sources described above. For example, we derive inferences, preferences, or other insights using analytics or machine learning.

4. Cookies and Other Technologies.

This section describes the types of tracking technologies we use to automatically collect information from your browser or device. See Your Privacy Choices to exercise choice around tracking technologies.

  • Cookies. Cookies are browser-based text files placed on your browser when you visit a website, open or click on an email, or interact with an advertisement. There are various types of cookies, including session cookies (which expire when you close your browser) and persistent cookies (which remain until a set expiration date or until you manually delete them). Cookies may be first party (served directly by us) or third party (served by third parties we work with).
  • Pixels. Pixels (also known as web beacons) are pieces of code embedded in a service. There are various types of pixels, including image pixels (typically one-pixel transparent images) and JavaScript pixels (which execute code). Pixels are often used in conjunction with cookies. When you access a service that contains a pixel, the pixel may allow us or a third party to collect information from your browser or device, or to place or read cookies on your browser.
  • Podcast analytics and delivery technologies. These technologies are used to host, distribute, stream, and measure podcast content through the Service, podcast applications, RSS feeds, and embedded podcast players. They may allow us and our service providers to collect technical information such as IP address, user-agent string, approximate location, referral information, download timestamps, and related podcast delivery and analytics information

We use these tracking technologies for various purposes, including to operate our Service, personalize your experience, provide and improve customer support and chat functionality, maintain support sessions, prevent fraud, improve security, perform measurement and analytics, and provide advertising (including targeted advertising).

5. Purposes for Collection and Use.

We collect and use information for the following purposes:

  • To provide services, such as hosting, distributing, delivering, and monetizing podcast content, including generating RSS feeds, serving embedded podcast players, processing subscription access, and otherwise operating and maintaining the Service.
  • To personalize your experience, including showing you content we believe may be of interest to you.
  • To communicate with you, including sending transactional and marketing messages by email.
  • To understand usage and trends, including through surveys you respond to and tracking technologies incorporated into the Service (such as Google Analytics).
  • To improve products and services, including training models and algorithms.
  • For advertising purposes. We work with various third parties, such as ad agencies, ad networks, ad marketplaces and exchanges, publishers, measurement providers, social media platforms, and technology providers, to deliver, insert, and measure advertising associated with the podcast content and the Service. For example, we place ads on third party websites or platforms that use tracking technologies to serve the ads, measure ad performance, detect ad fraud, limit how often ads are shown, and provide reporting and analytics. If you visit our Service after viewing or interacting with one of our ads on a third party website or platform, tracking technologies on our Service will help us attribute your visit and understand ad effectiveness.Some advertising we engage in may be “targeted advertising,” which is the practice of showing you more relevant or personalized ads based on your activity over time and across non-affiliated services. Targeted advertising often involves us incorporating third party tracking technologies into our Service or disclosing identifiers, such as IP addresses, with third parties. These third parties then match our data with their own (or their partners’ data) to deliver ads to you or similar audiences. For example, we incorporate the Google Ads tags on our website to serve ads to Google audiences based on the data we provide.
  • For security, compliance, and enforcement, including preventing, detecting, investigating, and responding to fraud, invalid traffic, automated abuse, unauthorized access, misuse, policy or legal violations, or threats to safety.
  • At your direction, including where you instruct us to use your information in a specific way or where we notify you and obtain your consent.
  • Non-personal information. We may anonymize or deidentify information so it is no longer considered personal information under applicable law. Where we deidentify information, we commit to maintaining and using the deidentified information in deidentified form and not attempt to reidentify it. We may use non-personal information for any purpose permitted by law.

We use artificial intelligence (AI), including machine learning technologies, to support the purposes described above. This includes helping us provide the Services, personalize experiences, understand usage and trends, improve products and services, promote security, compliance, and enforcement, and automate internal processes. We also use AI to provide creator tools, such as the Captivate Assistant, podcast transcription, summaries, show notes, and other content-generation features. Unless specifically disclosed otherwise, we do not use your content, including personal information, to train publicly available AI models.

See Your Privacy Choices to exercise choice around our collection and use.

6. Disclosure.

We disclose the information we collect for the purposes described in this Privacy Policy. The categories of persons to whom we disclose information include:

  • Service providers. Many of the third parties we work with are service providers that collect and process information on our behalf. Service providers perform services for us, such as payment processing, data analytics, marketing and advertising, cloud and website hosting, content delivery and infrastructure services, measurement services, AI and transcription services, customer support, email delivery, and technical support. To the extent required by law, we contractually prohibit our service providers from processing information they collect on our behalf for purposes other than performing services for us, although we may permit them to use non-personal information for any purpose permitted by law.
  • Third party vendors and related parties. Some of the third parties we work with independently control the purposes and means of processing your information. For example, we disclose information to vendors that provide analytics, security, and fraud prevention services to us. We also disclose information to ad networks, technology providers, and other third parties that help provide targeted advertising.
  • Business partners. We disclose information to our business partners in connection with offering co-branded services, selling or distributing our products, or engaging in joint marketing or promotional activities.
  • Affiliates. We disclose information to our affiliates and related entities, including DAX US D/B/A AudioHQ. Affiliates may act as our service providers subject to this Privacy Policy or use the information in accordance with their own privacy policies, including the DAX Privacy Policy.
  • The public. We disclose information you make public, such as content in your profile or in your podcast content. Please think carefully before making information public as you are solely responsible for any information you make public. Once you have posted information, you may not be able to edit or delete such information, subject to any rights you have under applicable law.
  • Recipients in a merger or acquisition. We disclose information in connection with, or during negotiations of, any proposed or actual merger, purchase, sale, or any other type of acquisition or business combination of all or any portion of our assets, or transfer of all or a portion of our business to another business.
  • Recipients for legal, security, and enforcement purposes. We disclose information to comply with the law or other legal process, and where required, in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. We also disclose information to protect the rights, property, life, health, security, and safety of us, the Service, or anyone else.
  • Recipients at your direction or with your consent. We disclose information where you direct us to do so or with notice to you and your consent.
  • Non-personal information. We may disclose non-personal information for any purpose permitted by law.

See Your Privacy Choices to exercise choice around our disclosures.

7. Third Parties.

Our Service may link to, integrate with, or include websites, podcast applications, embedded podcast players, RSS readers, and online services controlled by third parties. We may also integrate technologies controlled by third parties into our Service, including those described in Cookies and Other Technologies. Except where these parties act as our service providers, they (not us) determine the purposes and means of processing your information.

8. Processing on Behalf of Our Clients.

In connection with providing services to podcast creators, networks, agencies, advertisers, and other business customers, we collect and use information on their behalf (“Client Data”). For example, we may collect and process information to facilitate your orders, maintain and administer your accounts, respond to your questions, comply with your requests, market and advertise to you, and otherwise comply with the law. Client Data has historically included contact identifiers, characteristics or demographics, commercial or transactions information, device identifiers, device information, internet activity, and non-precise location data, among other information. Our processing of Client Data in our role as a processor or service provider is governed by the terms of our service agreements with our clients, and not by this Privacy Policy. We are not responsible for how our clients treat the information we collect on their behalf, and we recommend you review their privacy policies and terms. If we are permitted to process Client Data for our own purposes, we will process it in accordance with the practices described in this Privacy Policy.

9. Your Privacy Choices.

This section describes the choices available to you regarding your information.

Region-Specific Choice.

Some regions offer additional choice. If you are a resident of the U.S., see our U.S. State-Specific Disclosures. If you are located in the EEA, Switzerland, or the UK, see our EU Disclosures.

Communications.

To opt-out of receiving marketing emails, change your communication preferences through your account settings, follow the unsubscribe instructions near the bottom of such emails, or email us at as set out in the Contact Us section below with the word UNSUBSCRIBE in the subject field of the email. Please note that you cannot opt out of transactional emails.

Accounts.

If you have an account with us, you can delete your account through your account settings. We will address your request in accordance with our data retention practices.

If you have linked your Captivate account with certain third party services, you may unlink your accounts at any time by visiting your Captivate account settings. Please note that unlinking your accounts will not affect any information previously disclosed through the linking. We are not responsible for the data practices of any third parties, and we recommend that you carefully review their privacy policies and terms of use.

Browser and Device Controls.

  • Cookies and pixels. You may be able to manage cookies through your browser settings. When you manage cookies, pixels associated with such cookies may also be impacted. Please note that cookie management only applies to our website. If you use multiple browsers, you will need to instruct each browser separately. If you delete or reset your cookies, you will need to reconfigure your settings. Your ability to limit cookies is subject to your browser settings and limitations.
  • Third party opt-out tools. Some third parties we work with offer their own opt-out tools related to information collected through cookies and pixels. To opt out of your information being used by Google Analytics, visit https://tools.google.com/dlpage/gaoptout. We are not responsible for the effectiveness of their tools.
  • Industry opt-out tools for targeted advertising. Some third parties we work with follow the Digital Advertising Alliance’s Self-Regulatory Principles for Online Behavioral Advertising, which offers its own opt-outs tools for targeted advertising. For details, visit https://youradchoices.com/control. We are not responsible for the effectiveness of these tools.

10. Children.

The Service is not directed toward children under 16 years old. If you are a parent or guardian and believe we have collected information from children in violation of applicable law, contact us as set out in the Contact Us section below.

11. Security.

We implement and maintain reasonable administrative, physical, and technical security safeguards to help protect information about you from loss, theft, misuse and unauthorized access, disclosure, alteration and destruction. Please note that transmission via the internet is not completely secure and we cannot guarantee the security of information about you.

12. Retention.

We retain information for the length of time that is reasonably necessary for the purpose for which it was collected, and as necessary to comply with our legal obligations, resolve disputes, prevent fraud, and enforce our agreements.

13. International Transfer.

Your information may be transferred to and processed in the U.S. or another country where we operate. Where required by applicable law, we will provide appropriate safeguards for data transfers.

14. Changes to this Privacy Policy.

We reserve the right to revise and reissue this Privacy Policy at any time. Any changes will be effective immediately upon posting of the revised Privacy Policy. Your continued use of our Service indicates your consent to the Privacy Policy then posted. If the changes are material, we may provide additional notice to you, such as through email or prominent notice on the Service.

15. Contact Us.

The controller responsible under this Privacy Policy is:

Captivate.fm (“Captivate,” “we,” “our,” or “us”)

30 Leicester Square, London, WC2H 7LA

[email protected]

If you have any questions about our data practices or experience difficulty accessing this Privacy Policy, contact us using the postal or email address above. To exercise any choices available to you, follow the instructions provided in the relevant sections of this Privacy Policy.

16. U.S. State-Specific Disclosures.

This section applies to residents of California or any other U.S. state that has enacted a comprehensive state privacy law (each, a “Consensus State”). For purposes of this Privacy Policy, Consensus States include Colorado, Connecticut, Delaware, Indiana, Iowa, Kentucky, Maryland, Minnesota, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Rhode Island, Tennessee, Texas, Utah, and Virginia. This section does not apply to residents of other states except as expressly provided herein.

Notice at Collection

Our data practices are as follows:

  • Collection. In the past 12 months, we have collected the categories of personal information set out in the Collection section above, as well as those set out below using California-specific terms:
  • Identifiers, including contact identifiers (such as your name, email address, postal address, and phone number) and device identifiers (such as your device’s IP address).
  • Characteristics or demographics, including your age, gender, and country.
  • Commercial information, including records of products or services purchased, obtained, or considered.
  • Internet activity, including information about your browsing history and interactions, such as the features you use, pages you visit, content you view, purchases you make or consider, time of day you browse, and referring and exiting pages.
  • Non-precise geolocation data, such as location derived from an IP address or data that indicates a city or postal code level.
  • Audio, electronic, or visual information, such as photos, video files, or audio files, .
  • Inferences drawn from any of the above information.

The categories of sensitive personal information we have collected include:

  • Account access credentials, including your username, account number, or card number combined with any required security code, password, or credentials allowing access to an account.
  • Content of your messages where we are not the intended recipient of the communication.
  • Sources. The categories of sources from which we collect personal information are set out in the Sources section above
  • Purpose. The specific purposes (including business and commercial purposes) for collecting and using personal information are set out in the Purposes for Collection and Use section above.
  • Disclosure. The categories of persons to whom personal information is disclosed, including service providers for business purposes, are set out in the Disclosure section above. We disclose the categories of personal information listed in the Collection section above to service providers for business purposes.
  • Sales, Shares, and Targeted Advertising. Some of our disclosures of personal information to third parties may be considered a sale or share for cross-context behavioral advertising purposes under applicable law. We also may process your personal information for purposes of targeted advertising as defined by applicable law. The categories of personal information we sell, share, or process for targeted advertising purposes include: identifiers, characteristics or demographics, commercial information, content, internet activity, non-precise geolocation data, and inferences drawn from any of the above. The categories of third parties to whom we sell, share, or disclose your personal information for targeted advertising purposes include, where applicable, vendors and other parties involved in cross-context behavioral advertising. We do not sell or share the personal information of consumers we know are under 16 years old.
  • Profiling. We do not process personal information for purposes of profiling in furtherance of decisions that produce legal or similarly significant effects concerning consumers.
  • Sensitive Data. We collect, use, and disclose sensitive personal information only for the permissible business purposes for sensitive personal information under applicable law. We do not sell or share sensitive personal information to third parties.
  • Retention. The criteria used to determine the period of time we retain your personal information is set out in the Retention section above.

Rights

This section sets out your rights. See Exercising Rights below for details on how to exercise your rights.

  • Verifiable Requests.

For California residents, you have the right to:

  • Know what personal information we have collected about you, specifically have the right to know the categories of sources from which personal information was collected, the business or commercial purposes for collecting, selling, or sharing personal information, the categories of personal information that we sold, shared, or disclosed for a business purpose, the categories of third parties to whom we disclosed personal information, and the specific pieces of personal information we have collected about you;
  • Correct inaccurate personal information we maintain about you; and
  • Delete personal information that we have collected from you.

For Consensus State Residents, you have the right to:

  • Confirm whether or not we are processing your personal information, and in some regions, confirm the categories of personal information we have processed;
  • Access your personal information;
  • Correct inaccuracies in your personal information;
  • Delete your personal information;
  • Obtain a copy of your personal information that you previously provided to us in a portable and readily usable format

If you are a Minnesota or Oregon resident, you also have the right to obtain a list of the specific third parties to which we have disclosed personal data.

If you are a Delaware or Maryland resident, you also have the right to obtain a list of categories of third parties to which we have disclosed your personal data.

If you are a Connecticut or Rhode Island resident, you also have the right to obtain a list of the specific third parties to which we have sold personal information.

  • Opt-Out of Sales, Shares, and Targeted Advertising. You have the right to opt-out of us selling or sharing for cross-contextual advertising purposes your personal information to third parties, or processing your personal information for targeted advertising purposes.
  • Revocation of Consent. You have the right to revoke consent previously given to us that we rely on to process your personal information. If you withdraw consent, you may not be able to receive certain services dependent on that consent.
  • Nondiscrimination. You have the right not to be discriminated against for exercising any of your rights.
  • Appeals. You have the right to appeal our decision in response to your requests.
  • Authorized Agents. You may exercise your rights through an authorized agent.

Exercising Rights

This section sets out how to exercise your rights.

  • Verifiable Requests. Verifiable requests require us to verify your identity before fulfilling them. To exercise any of these rights, submit a request through our form here (specifying the rights you wish to exercise). If you have an account with us, we may require you to submit the request through your account. We will confirm receipt of and respond to your request consistent with applicable law. To verify your identity, we may require you to confirm receipt of an email sent to an email address that matches our records, provide us with details relating to your history with us, or provide additional information. If we cannot verify your identity, we may deny your request in accordance with applicable law.
  • Sales, Shares, and Targeted Advertising. We do not typically associate information collected through tracking technologies on our website with other information in our systems. As a result, you may need to submit one opt-out for information collected through website tracking technologies, and a separate opt-out for other information in our systems (like your email address).

    For website tracking technologies: Enable a recognized opt-out preference signal in your browser (such as Global Privacy Control) or adjust your cookie preferences here. This opt-out will apply only to the browser in which it is set, and, if you delete or reset cookies or switch browsers, you will need to opt-out again.

    For information in our systems: Submit a request through our form here, use the opt-out setting in our app’s settings menu, or use the opt-out option in your account settings (if you have an account).

    If we can readily associate the information collected through website tracking technologies with other information in our systems, such as you are logged into your account when you submit the request or we maintain a pseudonymous profile associated with the browser or device from which you submit the request, we will apply the opt-out more broadly across our systems where feasible.

  • Consent. To revoke consent, write us at the email or postal address set out in the Contact Us section above (specifying the consent you wish to withdraw). If you withdraw consent, you may not be able to receive certain services related to that consent.
  • Authorized Agents. Authorized agents must submit requests through the specific methods designated herein. Except where prohibited by law, we will require written and signed proof of the agent’s permission.
  • Appeals. To appeal, write us at the email or postal address set out in Contact Us and specify what you wish to appeal. We will review and respond to your appeal in accordance with applicable law. If we deny your appeal, you may submit a complaint to your Attorney General as follows: Colorado, Connecticut, Delaware, Indiana, Iowa, Kentucky, Maryland, Minnesota, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Rhode Island, Tennessee, Texas, Utah, Virginia.
  • Limitations. Your rights are subject to exceptions and our data retention practices. To the extent permitted by law, rights requests must be exercised through the applicable designated method specified herein

Additional California Disclosures

  • Shine the Light. If you are a California resident and have an established business relationship with us, you have the right to request a list of the categories of personal information (as defined by Shine the Light) disclosed by us to third parties for their own direct marketing purposes during the immediately preceding calendar year, along with the names and addresses of such third parties. To exercise this right, write us at the email or postal address set out in the Contact Us section above and specify that you are making a “California Shine the Light Request.” We will respond to requests received in accordance with Shine the Light.
  • Do Not Track. We do not respond to Do Not Track signals.

Additional Connecticut Disclosures

  • Large Language Models. We do not collect or use personal data to train large language models. However, when we sell personal data to third parties, they may use the data to train their own large language models. See their privacy policies for details.

Disclosures for Nevada

For Nevada residents, you have the right to opt-out of sales of your personal information to third parties. To exercise your right, following the opt-out process in Exercising Rights above. Your rights are subject to exceptions and our data retention practices.

17. EEA, Switzerland, and the UK

Data Practices

For individuals located in the European Economic Area, Switzerland, or the United Kingdom, our practices regarding the collection, use, disclosure, and retention of your personal data are set out in the main Privacy Policy above.

Lawful Basis for Processing

Data protection laws in your region require a “lawful basis” for processing personal data. The table below describes our lawful bases for each of the purposes for which we process personal data.

To provide services, such as hosting, distributing, delivering, and monetizing podcast content, including generating RSS feeds, serving embedded podcast players, processing subscription access, and otherwise operating and maintaining the Service. For podcast creators or subscribers who have an account and have agreed to your Terms of Service: Performance of a contract (Article 6(1)(b)) For end-listeners who stream audio through an RSS feed or embedded player without creating an account: Our legitimate interests in distributing content (Article 6(1)(f))
To personalize your experience, including showing you content we believe may be of interest to you. Our legitimate interests in delivering the most relevant content to users (Article 6(1)(f)) =
To communicate with you, including sending transactional and marketing messages by email. Transactional messages: Performance of a contract (Article 6(1)(b)).
    Marketing messages:
  • Consent (Art. 6(1)(a)), or,
  • If you are an existing customer who previously bought or entered into negotiations to buy a product or service, we may rely on our legitimate interests (Article 6(1)(f)) to send you marketing messages about similar services.
You may unsubscribe from marketing messages at any time.
To understand usage and trends, including through surveys you respond to and tracking technologies incorporated into the Service (such as Google Analytics). Consent (Article 6(1)(a))
To improve products and services, including training models and algorithms. Our legitimate interests in improving our services (Article 6(1)(f))
For advertising purposes. We work with various third parties, such as ad agencies, ad networks, ad marketplaces and exchanges, publishers, measurement providers, social media platforms, and technology providers, to deliver, insert, and measure advertising associated with the podcast content and the Service. For example, we place ads on third party websites or platforms that use tracking technologies to serve the ads, measure ad performance, detect ad fraud, limit how often ads are shown, and provide reporting and analytics. If you visit our Service after viewing or interacting with one of our ads on a third party website or platform, tracking technologies on our Service will help us attribute your visit and understand ad effectiveness. Consent (Article 6(1)(a))
“Targeted advertising,” which is the practice of showing you more relevant or personalized ads based on your activity over time and across non-affiliated services. Targeted advertising often involves us incorporating third party tracking technologies into our Service or disclosing identifiers, such as IP addresses, with third parties. These third parties then match our data with their own (or their partners’ data) to deliver ads to you or similar audiences. For example, we incorporate the Google Ads tags on our website to serve ads to Google audiences based on the data we provide. Consent (Article 6(1)(a))
For security, compliance, and enforcement, including preventing, detecting, investigating, and responding to fraud, invalid traffic, automated abuse, unauthorized access, misuse, policy or legal violations, or threats to safety. Our legitimate interest in maintaining the security of our network (Article 6(1)(f))
At your direction, including where you instruct us to use your information in a specific way or where we notify you and obtain your consent. Consent (Article 6(1)(a))
Non-personal information. We may anonymize or deidentify information so it is no longer considered personal information under applicable law. Where we deidentify information, we commit to maintaining and using the deidentified information in deidentified form and not attempt to reidentify it. We may use non-personal information for any purpose permitted by law. Our legitimate interests in anonymizing personal data for the purposes of statistical analysis (Article 6(1)(f))

International Data Transfers

Because we operate globally, the personal data we collect from you may be transferred to and processed by us and other parties in countries outside of the European Economic Area (EEA) and the United Kingdom (UK), including the United States.

The privacy laws in these countries may not be as comprehensive as those in the UK and the EEA. However, whenever we transfer your personal data outside of the UK or the EEA, we ensure that it is protected to an equivalent standard by implementing the following legal safeguards:

Adequacy decisions: We may transfer your personal data to countries that have been formally recognized as providing an adequate level of data protection.

  • For data originating in the EEA: We rely on adequacy decisions issued by the European Commission.
  • For data originating in the UK: We rely on adequacy regulations published by the UK Government.
  • Transfers to the United States: Where we transfer data to service providers or partners in the US, we may rely on the EU-U.S. Data Privacy Framework (DPF) and the UK Extension to the EU-U.S. DPF, provided that the receiving entity is certified under these frameworks to handle EU and UK personal data.

Standard Contractual Clauses (SCCs): Where we transfer personal data to countries that have not received a formal adequacy decision (for example, to a US-based recipient that is not certified under the Data Privacy Framework), we rely on robust, regulator-approved contracts to safeguard your data.

  • For transfers out of the EEA: We use the Standard Contractual Clauses (SCCs) approved by the European Commission.
  • For transfers out of the UK: We use the UK International Data Transfer Agreement (IDTA) or the UK Addendum to the EU SCCs, as approved by the UK Information Commissioner’s Office (ICO).

Requests

You have the following rights under data protection law:

  • Right to rectification: You have the right to have your personal information corrected if it is inaccurate or incomplete. You can also correct personal information yourself if you have registered with us via an account on one or more of our websites.
  • Right of access: You have the right to obtain a copy of your personal information and certain other information about the processing we undertake (similar to the information set out in this Privacy Policy).
  • Right of erasure: You have the right of erasure (also known as the ‘right to be forgotten’) which allows you to request the deletion or removal of your personal information. This right is not absolute, and there are circumstances where we may need to continue processing your data despite a request for erasure.
  • Right to object and opt-out of marketing: You have the right to object to certain types of processing of your personal information. This includes the right to object to direct marketing. You can exercise your right to opt-out of further direct marketing when you receive such communications from us (via the ‘unsubscribe’ option we include in each email or you can contact us directly.
  • Right to portability: You have the right to receive certain personal information from us in a commonly used electronic format so that this personal information can be used in a different service.
  • Right to restrict processing: You have the right to restrict or ‘block’ the use of your information in certain circumstances such as when you think your data rights outweigh our legitimate interests in the processing of your data. When you exercise this right, we can still store your information but cannot undertake further processing.
  • The right to withdraw consent: If you have given your consent to anything we do with your personal information, you have the right to withdraw your consent at any time (although if you do so, it does not mean that anything we have done with your personal information with your consent up to that point is unlawful).

To exercise any of these rights, submit a request through our form here or write us at the email or postal address set out in the Contact Us section above (specifying the rights you wish to exercise).

Please note you may be asked to supply us with proof of identity and other additional information before we will be able to provide you with a response. We aim to respond within one month of receiving your request or identifying information (if required), and we will let you know if we anticipate your request taking any longer.

Complaints and questions

If you are in the UK, you have the right to complain to us directly about how we have handled your personal data. We will acknowledge your complaint within 30 days and respond without undue delay. Please contact [email protected] to make such a complaint.

You can contact our Data Protection Officer (DPO) on [email protected]

You have the right to lodge a complaint with the relevant supervisory authority in your country.

In the UK this is the Information Commissioner’s Office, which may be contacted here, and in Ireland it is the Irish Data Protection Commission, which may be contacted here.

If you are based in a country in the EU or EEA and would like to make a data privacy related query, please contact our nominated representative in the EU, Exterion Media (Netherlands) B.V. Karspeldreef 8, 1101 CJ Amsterdam, 33207193 by emailing [email protected] and stating the country you are situated in.