Spectus takes a privacy-first approach to business practices across its platform, procurement, and data processing. Common questions related to such practices can be found here.
How long do you typically retain user-level data?
We generally retain mobile advertising IDs on the following schedule: (a) we render mobile advertising IDs inactive for interest-based advertising purposes within 120 days, (b) we continue to use mobile advertising IDs for analytics purposes and other purposes unrelated to interest-based advertising and reporting (for instance, in aggregated form for market research) for up to 24 months (outside of EEA countries and Switzerland) or 13 months (in EEA countries and Switzerland), provided that we may retain them if we have a legal or significant operational or legal need to do so, such as for auditing, corporate record-keeping, compliance, record-keeping, accounting or security and bug-prevention purposes. We may retain fully anonymized data for longer periods.
Is your data collection certified by a 3rd party?
Yes, with privacy being at the core of our business, we are a member of NAI, both TrustArc and TAG certified, and Privacy Shield Registered. To note, NAI and TrustArc include ongoing and annual audits of our data collection and use practices.
Are there locations that you do not share information about?
Sensitive locations are not included in our products or made available to partners to protect user privacy and safety. There are many other locations that we protect for ethical reasons, including military bases, places of worship, social demonstrations, vulnerable populations, and others that you can read about in our Sensitive Points of Interest policy. We actively maintain a blacklist of sensitive locations that are removed from our data as they are detected. This policy is public because we want to be transparent about our data ethics and encourage others to do so as well.
Does your data contain any personally identifiable information (PII), protected health or medical information?
Does Spectus collect information on children?
No. We only use de-identified data collected from adults, with their consent. We prohibit our partners from sharing minors’ data with us. As an additional precaution, we use privacy enhancing technologies to identify data that may be from a minor and remove it automatically from our systems.
Do you provide a mechanism by which the individual can exercise “opt-out” or prevent transfer of their data to third parties?
Is Spectus CCPA and GDPR Compliant?
Spectus has a full Privacy Accountability Program in place that meets the highest standards in the industry. From Privacy by Design (PbD) at feature and product inception to Privacy Impact Assessments (PIAs) for all launch related elements, Spectus lives and breathes privacy at each and every stage of our product development process.
As a result, our privacy-first approach not only makes us CCPA-compliant but has us well prepared for future privacy laws that are expected to come from other States, and a potential federal omnibus privacy law.
Spectus has been committed to protecting users’ privacy from day one. In addition to the moral and ethical implications of user privacy, which have been driving our efforts, we also recognize that for all companies the privacy compliance of its data partners is becoming a business issue.
In fact, in today’s data-driven landscape, brand safety is no longer just about the environment in which ads run, but it is also tied to the origin of the data that brands use for their initiatives. For this reason, it is paramount that all parties are aware of and screen for data collection practices of the partners they work with, to ensure they are in a safe position.
By working with Spectus, you ensure that you are leveraging a partner grounded in the four key privacy principles of consent, transparency, control, and accountability.
- Consent: We only collect de-identified data from users who opted-in to the collection and use of their information.
- Transparency: Spectus and our partners provide clear, understandable descriptions of: What information is collected, What may be done with it, With whom it may be shared, What options consumers have in those regards
- Control: We allow users to easily opt-out through several paths.
- Accountability: We are a member of the NAI, TAG, TrustArc certified, and Privacy Shield Registered.