If you have a disability which prevents you from electronically accessing this policy and require it to be provided in alternative format (e.g., audio, large print), you can send us a message at privacy((at))triplelift((dot))com.
This policy applies to our websites and corporate activities. If you are interested in our data collection and use in relation to our advertising technology services, please click here.
Last modified: June 15, 2022
Applicable policies, laws, rules, and regulations
This policy covers TripleLift’s collection and use of personal information about non-employees for corporate functions, such as marketing and recruiting, and unless otherwise specified does not apply to the collection and use of information by any third party.
We collect and use information for the purposes for which it was collected and consistent with this policy, any disclosures that were made in association with the collection, and applicable laws, rules, and regulations.
Sometimes we will make disclosures at the time of collection – for example on a sign-up form for an email list or webinar. To the extent that those disclosures may be different from the terms of this policy, those disclosures will apply.
When we collect or receive information from a third-party, such as from a job recruiting site, your provision of and our access to information will be governed by those parties’ own policies and applicable laws.
Information we collect
You may provide information to us for various reasons, such as to receive marketing information, to apply for a job, or to ask a question about this policy. Information you submit might include your name, username, phone number, email address, or physical address. If you apply for a position at TripleLift, you might provide us information about your work history, work authorization status, education, skills, professional licenses, permits or certifications, and references, as well as information in any documents you may choose to provide, such as a CV, resume or cover letter, and any other information you choose to provide to us.
We may also receive information about you via third-party sites, such as social media or job sites, according to the policies of those sites and applicable law. For example, our recruiters might find you on LinkedIn, or our marketing team might get your contact information from your attendance at an industry webinar or conference.
When you visit our websites or apps, we may automatically collect certain pseudonymous data that is linked to your computer or device, but does not directly identify you. This includes information such as IP address, browser type and language, pages visited, referring and exit pages, operating system, and date and time of your visit as well as identifiers assigned to your device, such as cookies or mobile device advertising identifiers. Some of this information may be considered personal under applicable laws and regulations.
We advertise our services online. We may collect, or allow third-party partners to collect, information about your visits to our website to use in relation to advertising our services.
How we collect information
You might provide us information online — via our or third-party websites or apps, or via email — or offline — in person, by mail, or over the phone.
We also receive information – such as marketing or recruiting information — from third parties.
On our websites and apps, we use, and sometimes allow third-parties to use, technologies such as cookies, beacons, pixels, tags, mobile SDKs and similar technologies to collect certain technical information from you automatically. If you want to understand how these technologies work, there is much information on the internet. However, the main thing to know is that these are bits of computer code that enable companies like us to collect or receive information from your visits to the Websites, and in some cases, store identifiers or other information on your device.
How we use the information we collect
We use the information for legitimate business purposes.
When you give us information, our usage might include:
To respond to your inquiries and fulfill your requests
To send administrative information to you
To send you communications that we believe may be of interest to you, including any communications for marketing purposes related to our services
To process your employment application, including assessing your qualifications for a job, conducting reference checks, communicating with you about your application and conducting background checks if we offer you a position, as permitted by applicable law
To send you information regarding changes to our terms and policies
We may use other information we collect to market to you or to recruit you for open positions.
We use information that we collect automatically from our websites or apps:
To administer and improve the Websites
To understand how you found out about us and what services may interest you
To analyze usage trends
To determine the effectiveness of our advertising campaigns
For fraud monitoring and prevention
To streamline website usability
To advertise our services on our sites and apps or on third-party sites and apps
Additionally, we may use your information as we believe to be necessary or allowed: (a) under applicable law; (b) to comply with legal process and our legal obligations; (c) to respond to requests or requirements from public, law and government authorities (including national security and law enforcement requirements) and private parties; (d) to enforce our terms and conditions; (e) to protect our operations; (f) to protect our rights, privacy, safety or property, and/or that of you or others; (g) to allow us to pursue available remedies or limit the damages that we may sustain; and (h) to prevent or stop activity we may consider to be, or to pose a risk of being, illegal, unethical, or legally actionable activity.
How and why we transmit the information we collect to other parties
We may share your information in the following circumstances:
Our affiliates: We share information with our affiliated companies, i.e. companies within our corporate family, which are also subject to this policy.
Our vendors and service providers: We use a variety of vendors and service providers to help us with our business activities. These could include email management, event management, maintenance of our marketing database, analytics and social media as well as vendors who provide services relating to recruiting, background checks processing and similar services related to processing your job application.
Business transfers: We may transfer information as part of or in connection with a corporate merger, consolidation, sale of assets, bankruptcy, or other corporate change.
Legal requirements: We may also disclose your information when we reasonably believe it is required by law, subpoena or other legal process, including to meet national security or law enforcement requirements, as well as to honor user access rights, as applicable.
At your request: We may transfer information to any other third party with your consent to do so.
Others: When we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud,or to any other third party with your prior consent to do so.
Where this requires us to transfer your personal information outside of the EEA, UK and Switzerland, please refer to the section of this Policy on International Transfer for further details on cross-border transfers. In connection with the recruitment process, your personal data may be transferred outside of the EEA, UK and Switzerland to Hirebridge, LLC and Criteria Corp., which provide applicant tracking and evaluation services. Hirebridge, LLC and Criteria Corp. have agreed to comply with the EU Standard Contractual Clauses to ensure that your personal information is adequately protected whilst outside of the EEA, UK and Switzerland.
We only allow our vendors and service providers to handle your information if we are satisfied that they take appropriate measures to protect your information.
We do not sell your information to third parties.
We may have third-party content, such as video players or social media buttons, incorporated into our websites or apps, which allows those third-parties to collect information about your visit to our site or app, as well as your interaction with their content.
Storage and retention
We will keep your personal information for as long as is necessary:
For the purposes for which the information was collected;
As business records reasonably retained in the normal course of business;
To respond to any questions, complaints or claims that may be made by you or on your behalf; or
To keep records required by law.
Different retention periods apply for different types of personal information.
TripleLift has implemented appropriate technical and organizational measures to help protect your information that we process from accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access.
Your choices and rights
You are not obligated to provide us your information. However, if the information is necessary to reply to your requests or answer your questions, we may not be able to assist you without it.
You may opt out of promotional communications at any time by following the unsubscribe instructions included in the communications we send you or by contacting us via email at privacy((at))triplelift((dot))com.
If you reside or are located in certain jurisdictions, you may have rights and protections regarding the collection, processing, sharing, and use of your information under local law. See sections below for European and Californian users.
For users in the EEA, UK, or Switzerland
Under the laws of the EEA, UK, and Switzerland, certain data we collect is considered to be “personal data.” We may have certain obligations and you may have certain rights with respect to this data.
TripleLift is a global company headquartered in the United States with data centers located in the United States, Europe and Asia.
If you visit digital content that uses our technology, your information may be transferred to, stored and processed in our facilities in the United States and other countries and by those third parties to whom we may transmit or disclose your information, as described above.
Under the European General Data Protection Regulation (GDPR) or equivalent laws, some countries may be deemed to not provide an adequate level of data protection for your information.
When we transfer data outside of the EEA, UK, or Switzerland, we ensure that appropriate protections are in place under European data protection legislation. These protections may include technical measures, such as removing personal data, or a legal mechanism such as the standard contractual clauses approved by the European Commission. In case of any conflict between the terms in this policy and such mechanism, the terms of the transfer mechanism shall govern.
Additionally, TripleLift may be required to disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
TripleLift commits to resolve complaints about our collection or use of your personal information under the Privacy Shield Framework. Individuals who have inquiries or complaints under the Privacy Shield Framework should first contact TripleLift at privacy((at))triplelift((dot))com or:
Triple Lift, Inc., c/o The Privacy Team 254 36th Street, Space B633, Building 2, 6th floor, Brooklyn, New York, 11232
Triple Lift, Inc. has further committed to refer unresolved Privacy Shield complaints to the ICDR (the international division of the American Arbitration Association), an international alternative dispute resolution provider. If you do not receive timely acknowledgment of your complaint from us, or if we have not resolved your complaint, please contact the ICDR or visit https://go.adr.org/privacyshield.html for more information or to file a complaint. The services of the ICDR are provided at no cost to you.
Under certain conditions, you may be entitled to invoke binding arbitration when other dispute resolution procedures have been exhausted. See https://www.privacyshield.gov/article?id=ANNEX-I-introduction for more information.
The Federal Trade Commission has jurisdiction over Triple Lift, Inc.’s compliance with the Privacy Shield Framework.
For the recruitment process, Triple Lift, Inc. has further committed to cooperate with the panel established by the EU data protection authorities (DPAs) with regard to unresolved Privacy Shield complaints concerning data transferred from the EU.
Role of Company as a Controller or Processor
If you are located in the EEA, UK, or Switzerland, TripleLift may act as a “controller” as defined under applicable law when processing your personal data. We may also act as a “processor” as defined under applicable law to the extent that we process your personal data on behalf of and at the instruction of another party.
Legal Basis for Processing
TripleLift’s legal basis for processing your personal data depends upon the specific context in which we collect or use it. In many cases, we will process your personal data based on our legitimate interests. These legitimate interests include operating our websites, managing our recruitment and marketing efforts. You have a right to object to processing the basis of legitimate interests. If consent is the legal basis, for example in certain situations when we send you marketing communications, we will obtain your consent and let you know how you can withdraw your consent.
You may contact us at privacy((at))triplelift((dot))com if you have questions or would like additional information regarding our legal basis for processing your personal data.
You may be entitled to exercise certain data subject rights available under the GDPR or other applicable European laws. These rights may include the right to request access to personal data we hold about you. You may also have the right to object to, or request that we restrict, processing of your personal data. You may also have the right to ask that your personal data be corrected, erased, or transferred to another party. If you would like to exercise any of these rights, please contact us at privacy((at))triplelift((dot))com.
You may contact our European Data Protection Officer via dpo((at))triplelift((dot)) com.
For California residents
The California Consumer Privacy Act or “CCPA” (California Civil Code Section 1798.100 et seq.) applies to the collection, use, and disclosure of “personal information” collected from California residents (as those terms are defined by the CCPA). The CCPA requires us to disclose to California consumers the categories of personal information (as defined in the CCPA) we collect, our business and commercial purposes for collecting, using, or selling such personal information, the categories of sources from which we collect personal information, the categories of personal information we have disclosed or sold for a business or commercial purpose in the preceding 12 months, and the categories of third parties with whom we share personal information. We have provided these disclosures in this policy. Note that the activities described in the policy include these categories of personal information defined by the CCPA: Identifiers, Other personal information protected under Cal. Civ. Code 1798.80(e), Protected classification characteristics/demographic information, Professional or employment-related information, Internet or other network activity, both precise and non-precise Geolocation data and, Inferences data.
Additionally, under the CCPA, you may have the right to: (i) request access to your personal information and request additional details about our information practices, (ii) request deletion of your personal information, (iii) opt out of the “sale” of your personal information (as that term is defined by the CCPA), and (iv) to not be discriminated against for exercising any of your rights under the CCPA. For more information about how to exercise these rights with respect to data collected under this policy, contact us at privacy((at))triplelift((dot))com.
Users under 16 years old
As of the effective date of this policy, we do not have actual knowledge of website or app visitors’ ages, including that we are not able to identify visitors that are under 16 years of age
Changes to this policy