cardlytics.com

Cardlytics, Inc.
 Privacy Policy
Effective Date: November 9, 2009

Cardlytics, Inc. ("Cardlytics," "we," or "us") knows that you care how information about you is used and shared.  This Privacy Policy explains what information of yours will be collected by Cardlytics when you use the Cardlytics Service, how the information will be used, and how you can control the collection, correction and/or deletion of information.   We value your trust and take great care to ensure that your data is anonymous and secure.  We will not use or share your information with anyone except as described in this Privacy Policy.

Overview of Our Services

Our mission is to deliver content that is relevant and meaningful to you based on your purchase habits.  To accomplish this goal, we aggregate your online transaction and behavior data in an anonymous manner with similar data from other users of websites and online properties operated by our partners or other companies.  We refer to this aggregated data as “Anonymous Data.”  We analyze this Anonymous Data to organize users into groups based on factors such as geography and interests (“Groups”).  Based on your membership in a Group, we work with our customers to tailor advertisements and other content to your interests.  We refer to this functionality and the other services that we provide as the “Cardlytics Service.”

Information We Collect and How It Is Used

We collect Anonymous Data about your online transactions and interactions, as well as those of other users.  We receive Anonymous Data from our partners or other companies.  We may also collect Anonymous Data through cookies, log file information, or clear gifs as described below.  Anonymous Data may include information about spending patterns and other online behavior.  We aggregate and analyze the Anonymous Data to customize content to your interests.  By only using Anonymous Data on an aggregated Group level, Cardlytics ensures that information about any specific user remains anonymous. 

Cardlytics does not collect any personally identifiable information, such as your name, address, or phone number.  However, if you correspond with us by email, we may retain the content of your email messages, your email address and our responses.

Cookies Information:  When you visit a partner website or use the Cardlytics Service, we may send one or more cookies - a small text file containing a string of alphanumeric characters - to your computer that uniquely identifies your browser.  A cookie may convey anonymous information about how you browse the Cardlytics Service to us.  A cookie does not collect personal information about you.  Cardlytics uses both session cookies and persistent cookies. A persistent cookie remains on your hard drive after you close your browser. Persistent cookies may be used by your browser on subsequent visits to the site. Persistent cookies can be removed by following your web browser’s directions. A session cookie is temporary and disappears after you close your browser. You can reset your web browser to refuse all cookies or to indicate when a cookie is being sent. However, some features of the Cardlytics Service may not function properly if the ability to accept cookies is disabled.

Log File Information:  Log file information is automatically reported by your browser each time you access a web page.  When you visit a partner website or use the Cardlytics Service, our servers automatically record certain information that your web browser sends whenever you visit any website. These server logs may include information such as your web request, Internet Protocol (“IP”) address, browser type, referring / exit pages and URLs, number of clicks, domain names, landing pages, pages viewed, and other similar information.

Clear Gifs Information:  When you visit a partner website or use the Cardlytics Service, we may employ clear gifs (also known as web beacons or pixel tags) which are used to track the online usage patterns of our users anonymously.  No personally identifiable information is collected using these clear gifs.  [In addition, we may also use clear gifs in HTML-based emails sent to our users to track which emails are opened by recipients.  The information is used to enable more accurate reporting, improve the effectiveness of our marketing, and make Cardlytics better for our users.]

We may also use cookies, clear gifs, and log file information to: (a) monitor the effectiveness of our Service; (b) monitor aggregate metrics such as total number of visitors and traffic; (c) diagnose or fix technology problems reported by our users or engineers that are associated with certain IP addresses; or (d) provide you with content away from our partners’ websites.

Information Sharing

Cardlytics may share aggregated Anonymous Data and anonymous Group characteristics with partners, advertisers or other affiliates.  We may also share Anonymous Data and Group information with third party service providers to help provide you with services.  For example, we may store the information at a third party’s data storage facility.

We may allow third-party ad servers or ad networks to serve advertisements on the Cardlytics Service. These third-party ad servers or ad networks use technology to send, directly to your browser, the advertisements and links that appear on the Cardlytics Service. They automatically receive your IP address when this happens. They may also use other technologies (such as cookies, JavaScript, or web beacons) to measure the effectiveness of their advertisements and to personalize the advertising content.  Cardlytics does not provide any personally identifiable information to these third-party ad servers or ad networks without your consent. However, please note that if an advertiser asks Cardlytics to show an advertisement to a certain audience and you respond to that advertisement, the advertiser or ad-server may conclude that you fit the description of the audience they are trying to reach.  This Privacy Policy does not apply to, and we cannot control the activities of, third-party advertisers.  Please consult the respective privacy policies of such advertisers for more information.  [this paragraph may be tweaked depending on who is actually serving the advertisements]

As we develop our business, we may buy or sell assets or business offerings. Anonymous Data and Group information may be transferred in such an event.  We may also transfer Anonymous Data and Group information in the course of corporate divestitures, mergers, or dissolution. 

Unless you provide your specific consent, Cardlytics does not provide any personally identifiable information to advertisers when you view or interact with an advertisement.  Unless you provide your specific consent, Cardlytics does not rent, sell, or share your personally identifiable  information with other people or non-affiliated companies except to provide you with services that you have specifically requested.

[From time to time, we may run contests, special offers, or other events or activities (“Events”) on the Service together with a third party partner.  If you provide information to such third parties, you give them permission to use it for the purpose of that Event and any other use that you approve. We cannot control third parties’ use of your information. If you do not want your information to be collected by or shared with a third party, you can choose not to participate in these Events.]
Except as otherwise described in this Privacy Policy, Cardlytics will not disclose your personal information to any third party unless required to do so by law or subpoena or if we believe that such action is necessary to (a) conform to the law, comply with legal process served on us or our affiliates, or investigate, prevent, or take action regarding suspected or actual illegal activities; (b) [to enforce our Terms of Use [link],] take precautions against liability, to investigate and defend ourselves against any third-party claims or allegations, to assist government enforcement agencies, or to protect the security or integrity of our site; or (c) to exercise or protect the rights, property, or personal safety of Cardlytics, our users or others.

Data Security

Cardlytics uses commercially reasonable physical, managerial, and technical safeguards that comply with federal regulations to preserve the integrity and security of any information that we collect.  We cannot, however, ensure or warrant the security of any information you transmit to Cardlytics and you do so at your own risk. Once we receive your transmission of information, Cardlytics makes commercially reasonable efforts to ensure the security of our systems. However, please note that this is not a guarantee that such information may not be accessed, disclosed, altered, or destroyed by breach of any of our physical, technical, or managerial safeguards. 

In the event that personal information is compromised as a result of a breach of security, Cardlytics will promptly notify those persons whose personal information has been compromised.

Links to Other Web Sites

Please remember that when you use a link to go from the Cardlytics Service or a partner website to another website, our Privacy Policy is no longer in effect. Your browsing and interaction on any other website, including those that have a link or advertisement provided by the Cardlytics Service, is subject to that website's own rules and policies. Please read over those rules and policies before proceeding.

Your Choices About Your Information

You may opt-out of the Cardlytics Service by visiting our partners’ web pages.

Children’s Privacy

Protecting the privacy of young children is especially important to Cardlytics.  For that reason, Cardlytics does not knowingly collect or solicit personal information from anyone under the age of 13.  Cardlytics will not aggregate Anonymous Data from, not create any Groups consisting of, users under the age of 13.  If you are under 13, please do not send any information about yourself to us. No one under age 13 is allowed to provide any personal information to or on Cardlytics. In the event that we learn that we have collected personal information from a child under age 13. If you believe that we might have any information from or about a child under 13, please contact us at privacy@cardlytics.com.

Notification Procedures

It is our policy to provide notifications, whether such notifications are required by law or are for marketing or other business related purposes, to you via conspicuous posting of such notice on our website or on our partners’ websites. We reserve the right to determine the form and means of providing notifications to you, provided that you may opt out of certain means of notification as described in this Privacy Policy.

Contacting Us/Changes to the Privacy Policy

If we change our privacy policies and procedures, we will post those changes on our website to keep you aware of what information we collect, how we use it and under what circumstances we may disclose it.  Changes to this Privacy Policy are effective when they are posted on this page.  

If you have any questions about this Privacy Policy, please contact us at privacy@cardlytics.com, or send mail to:
Cardlytics, Inc.
621 North Avenue NE
Suite C-30
Atlanta, GA 30308

 
©2009 Cardlytics. All Rights Reserved.