Privacy Policy

Last Updated: 30 October 2023

Zemanta is committed to protecting your personal data. This privacy policy (“Privacy Policy”) governs Zemanta’s use of data collected by us, including any and all personal data. Personal data is information that relates to you and may identify you as an individual. We use your personal data in line with all applicable laws.

Who we are, What we do, How you can contact Zemanta, our DPO or the relevant authorities

Who we are:

Zemanta means Zemanta Inc., a Delaware, USA corporation with headquarters in New York; and its affiliated subsidiaries (collectively, “Zemanta,” or “we“, “us“, “our“).

Please note that Zemanta’s parent company Outbrain Inc has a separate Privacy Policy, which can be found here.

What we do:

For more about Zemanta’s products and services see here.

How to contact us:

We regularly review our compliance with this Privacy Policy. Questions, comments and requests regarding this Privacy Policy are welcomed and should be addressed to Privacy@outbrain.com.

If Zemanta does not satisfactorily answers your questions or concerns, you may also contact the following for advice, support or complaints:

Zemanta’s Data Protection Officer (“DPO”) at dpo@outbrain.com; and/or
the Information Commissioner’s Office, which is Zemanta’s lead supervisory authority within the European Territories.

Self-Regulatory Bodies:

We adhere to:

the Self-Regulatory Principles set forth by the Digital Advertising Alliance(DAA) and the European Interactive Digital Advertising Alliance (EDAA);
the Interactive Advertising Bureau’s (IAB) Self-Regulatory Principles for Online Behavioral Advertising and the IAB Europe OBA Framework.

2. Zemanta User Types (including Opt Out Options)Much of this Privacy Policy is divided into sections based on the way you may interact with Zemanta. Please determine what user type you are. For each user type we’ve explained what information we collect and why, what cookies and other similar technologies we use, how we share such information, and your rights.

Site Visitors: You are a Site Visitor when you visit and interact with our web sites, web pages, interactive features, blogs and their respective contents at Zemanta.com (or any derivation, such as Zemanta.co.uk; Zemanta.fr; Zemanta.de etc.).

(a) What information we collect and why

We want to understand what services on Our Sites interest you and we want to remind you about the services we offer when you are not on Our Sites. To do this, we collect the following information from you: (i) IP address; (ii) User Agent data: device type (e.g., iPhone), browser type (e.g., Chrome), operating system (e.g., iOS); (iii) the pages visited on Our Site (e.g., the Zemanta “About” page); (iv) the time of visit (and corresponding timezone); and (v) referring URLs and other information normally transmitted in HTTP requests (e.g., this information tells us how you arrived on Our Sites).

(b) What cookies and other similar technologies we use

Please see this Cookie Table under “Site Visitors” for a detailed list of the cookies (and their corresponding retention periods) we use when you visit Our Sites.

(c) How we may share information

Sharing Information we learn about you on Our Sites

In general, we do not share personal data about you with third parties for third party marketing or advertising purposes. However, we use various third parties (each listed on this Cookie Table) to help us market or advertise to you. For example, some of the cookies we use on Our Sites belong to third parties that will help Zemanta market or advertise to you. We require that these third parties and companies agree to keep all information shared with them confidential and to use the information only to perform their obligations to us. We do this by entering into agreements with all third parties who process personal data on our behalf to ensure that they process your personal data in accordance with our strict instructions and all applicable data protection laws.

Using Third Party Services on Our Sites.

Our Sites may contain links to other websites that we do not own or operate. We do not control, recommend or endorse the content, products, services, privacy policies or practices of these third party websites. For example, on Our Sites you will notice clickable icons which take you to the Zemanta Facebook page or the Zemanta LinkedIn page. If you choose to click on these links, you should know that Facebook and LinkedIn may send their own cookies to your device and they may independently collect personal data. It is therefore important that you read the Facebook and/or LinkedIn privacy policies.

Also see the Sharing section of this Privacy Policy.

(d) Your rights

The Terms of Service on Our Site govern the use of Our Site and also apply to you. You can stop using Our Site at any time. If you do, you may also want to remove any cookies that we have placed on any device used to access Our Site. If during your use of Our Sites you provided your email address, any email you receive from Zemanta includes an “unsubscribe” option.

For European Territory Visitors, Zemanta has implemented a consent management platform (powered by OneTrust) on Our Sites that provide visitors the opportunity to consent, or not consent, to cookies and similar tracking technologies on Our Sites. Upon accessing Our Sites, you will see a banner on the bottom of the page with information about the cookies we use. You may click the banner to reject any cookies that are not strictly necessary. Pressing “accept” on the banner or scrolling/clicking on Our Sites is an indication of your acceptance. Accordingly, Zemanta’s lawful basis for processing personal data on Our Sites is consent. You may withdraw your consent at any time by clicking this button: Cookies Settings.

Business Partners: You are a Business Partner when you register (or email with Zemanta) on behalf of the company you work for to use the the Zemanta One dashboard or any other of our services.

(a) What information we collect and why

You may provide certain personal data (such as email address) when you sign up for the Zemanta Services or otherwise communicate or interact with us. If you apply to become a Business Partner, we may request additional information from you via advertiser application forms, insertion orders and other forms. We automatically collect information about your username’s actions in the Zemanta dashboard.

We collect and process the personal data above in order to perform our obligations under our agreement as a Business Partner (or prospective Business Partner) with you including to:

respond to your questions and requests;
to provide you with access to certain functions and features of our Zemanta services (e.g., to provide and maintain your dashboard account);
verify your identity;
communicate with you about your account, our products, and available promotions relevant to your use of the Zemanta services.

(b) What cookies and other similar technologies we use

Please see this Cookie Table under “Business Partners” for a detailed list of the cookies (and their corresponding retention periods) we use with Business Partners.

(c) How we may share information with anyone

We may disclose certain Business Partner information to vendors, contractors, or others who assist the Zemanta in delivering the services (e.g., credit card processing). Also see the Sharing section of this Privacy Policy.

(d) Your rights
If as a Business Partner you wish to verify, correct, update or request the deactivation of your information, you may go the to the Zemanta dashboard edit your profile preferences or contact us at help@zemanta.com. If you are receiving Zemanta emails, you may “unsubscribe” using a link in the email. Note unsubscribing shall not opt you out notifications critical to providing the Zemanta services (e.g., email invoices).

Zemanta’s lawful basis for processing personal data of Business Partners is contractual.

Zemanta Users: You are a Zemanta User when you visit a page of a website or application where Zemanta’s technology is used to serve advertisements advertisements (“Zemanta One”).

(a) What Information we collect and why
We automatically collect the information listed below through tracking technologies such as cookies, pixel tags, beacons, and embedded scripts. We may also infer or collect additional information about you based on what we or our partners collect. Information is shared in the process of Programmatic Buying via the Open RTB (see our Glossary for more information.) This information helps provide our services and serve you ads which are most relevant to your interests.

Information Type	Description
Automatically collected information	Identifiers: Zemanta online identifier, (UUID) advertiser ID and IP address. The Zemanta UUID and / or advertiser ID a sequence of numbers and/or letters. This UUID attaches itself to your device and varies depending on which browser you use. In other words, Zemanta records a different UUID depending on which device and/or which browser you use when accessing publisher sites. For example, this means that you will have one UUID when you visit a site from your mobile phone using the browser Safari, and a different UUID when you visit a site from your iPad using the browser Safari. Zemanta will combine and consolidate a UUID from a mobile device (handheld or tablet) from a browser that then accesses an application (or vice versa) from that same device.
Internet or other electronic network activity information	● Page URL ● Browser Information (e.g. Safari or Chrome) ● Device Information (e.g. Macbook) ● Network carrier information (e.g. Wifi, 4G or Wired connection) ● Mobile application information (e.g. Application name or IDFA) ● User Interactions with ads served by Zemanta (e.g., the user interacted with mainly travel content)
Geolocation Information:	● Non-Precise Geolocation data: On web and web mobile, we collect non-precise location information at the country and/or city level that are derived from user IP Address. ● Precise Geolocation data: On mobile apps, when a user opts-in for Geo Location on the publisher’s app, precise user geolocation (latitude / longitude) may be transferred to Zemanta’s SDK by the mobile app however, Zemanta does not user this information to serve relevant ads to Users (although such information may be stored in raw data logs).

(b) What cookies and other similar technologies we use.

Cookies

Cookies are a short string of characters which Zemanta uses to uniquely identify browser and a device. Zemanta syncs these cookies with its partners in order to identify users across environments and know which segments our partners identify our users with. Please see this Cookie Table under “Zemanta Users” for a detailed list of the first party cookies Zemanta uses when you interact with sites where Zemanta One is used.

Pixel Tags

Pixel tags are transparent images or short snippets of Javascript that Zemanta’s partners and clients use to understand how their users interact with their properties online, including websites and mobile apps.

Zemanta advertisers may implement the Zemanta pixel on their websites. The Zemanta pixel determines whether the user reaching the page where the pixel is installed has a Zemanta UUID. If there is a UUID associated with such end user, Zemanta allows advertisers to retarget those UUIDs and/or provides advertisers with the total number of UUIDs that reached such page. If there was no Zemanta UUID on the page, the Zemanta pixel does not collect any information about the user.

We encourage advertisers to disclose use of the Zemanta pixel on their own websites. Zemanta does not combine pixel information with a UUID’s profile.

Mobile Advertising Identifiers

Mobile advertising IDs (like IDFA) are unique IDs associated with individual mobile devices. Users can reset them by instructing their device to do so.

General Web Analytics

Zemanta integrates with its client and partner’s Web Analytics software in order to observe how users behave after clicking on ads. Any data collection via web analytics software is governed by such client’s and/or third party’s privacy policy.

Zemanta Customer Technology

Zemanta’s clients and other third parties who use Zemanta services may use their own tags, pixels cookies or other technology (or those of their other affiliates) within their advertisements and on certain websites. In such cases you will be subject to their privacy policy.

(c) How we may share information

Zemanta may share some personal data (e.g., Zemanta UUID, device ID and IP address) with certain partners for the purpose of cookie syncing or based on technical requirements. Third parties may be able to ascertain you identity by using information we disclose to them in conjunction with other information they have.

Zemanta may share some personal data with the following categories of trusted third party:

Supply side platform;
Data management platform;
Exchanges; and/or
Ad networks.

For a more detailed description of the above categories please see our Glossary.

(d) Your rights

Zemanta Opt-Out

You may opt out of Zemanta’s personalised recommendations at any time. Opting-out means that Zemanta will cease to collect data while you remain opted-out. You can opt out of personalisation on your desktop and mobile web here.

Note that opting out of personalised recommendations in applications is through the settings on your device (e.g., by following instructions for iOS devices and for Android devices.).

IMPORTANT – even though you have opted out of Zemanta:

You will still see advertisements. Opting out of Zemanta tracking does not mean you will no longer receive advertisements. Instead, it means that the advertisements will not be interest-based or targeted based on your browser cookies.
The opt out is cookie based and device/browser specific.If you browse the web from several devices and/or browsers, you will need to opt out from each device and/or browser to ensure that we prevent personalization tracking on all of them. For the same reason, if you buy a new device, change browsers or delete (or clear) the opt out cookie, you will need to opt-out again. Opting out of personalization tracking is not the same as blocking cookies.
To ensure deletion of the profile tied to your UUID, do not opt in to Zemanta for at least 21 days. Your opt out is effective immediately. However, if your browser permits local storage and you opt into Zemanta’s personalized recommendations within 21 days of your opt out, it is possible your prior profile will be reconnected to your UUID. If you do not opt in within 21 days, your profile will be deleted and cannot be recovered.
As with most opt out cookies, the Zemanta browser opt out relies upon a cookie. The opt-out cookie is intended to be persistent to honor the user’s preferences. However, the “Intelligent Tracking Prevention” feature in iOS11 may impact the persistence of cookies across websites post a 24 hour window. We suggest using another browser or considering blocking all 3rd party cookies from the browser so that you are “opted out” without needing to rely on any company’s actual opt out methodology.
Additional Opt-Out Options.

You may also opt out of receiving personalized ads served by us or other advertising companies through industry powered tools such as the NAI and/or EDAA www.youronlinechoices.eu). Visiting the NAI or EDAA consumer choice pages allows you to opt out of all some or all of the participating members’ services. Like Zemanta’s opt out, these opt outs do not mean you will no longer receive any advertising – the advertisements will just not be tailored to you. You may continue to receive advertisements, for example, based on the particular website that you are viewing (i.e., contextually based ads). Also, if your browsers are configured to reject cookies when you visit the EDAA consumer choice pages, your opt out may not be effective.

How We Keep Information Safe, Transfers Outside the EEA, Sharing and Retention

Security

Zemanta has a dedicated security team. We maintain tight controls over the personal data we collect, retaining it in firewalled and secured databases with strictly limited and controlled access rights, to ensure it is secure. We have taken appropriate technical and organisational measures to protect the Information we collect about you from loss, misuse, unauthorized access, disclosure, alteration, destruction, and any other form of unauthorized processing.

Business Partners have access to certain password-protected features of the Zemanta service. They are responsible for keeping this password confidential. Please remember that unfortunately, the transmission of information via the internet is not completely secure. A common Internet scam is known as “spoofing” or “phishing.” This occurs when you receive an email from what appears to be a legitimate source requesting personal data from you. Please be aware that we will not send you any emails requesting you to verify credit card, bank information, or any other personal data. If you ever receive an email that appears to be from us requesting such information from you, do not respond to it, and do not click on any links appearing in the email. Instead, please forward the email to us at legal@outbrain.com, as we will investigate instances of possible Internet fraud.

Data Transfers Outside the EU/EEA

When we transfer personal data from the European Economic Area to other countries in which applicable laws do not offer the same level of data privacy protection as in the European Territories, we take measures to provide an appropriate level of data privacy protection. In other words, your rights and protections remain with your data. For example, we use approved contractual clauses and other measures designed to ensure that the recipients of your personal data protect it.

Sharing

In addition to the description of how we may disclose your personal data for each user type, we may also disclose personal data as follows:

Within the family of companies controlled by Outbrain Inc (Zemanta Inc’s parent company) for internal reasons, primarily for business and operational purposes;
If we go through a business transition, such as a merger, acquisition by another company, or sale of all or a portion of our assets, your personal data will likely be among the assets transferred;
When legally required to do so (e.g., to cooperate with law enforcement investigations or other legal proceedings); and/or
To respond to a genuine emergency.

In addition, we combine your personal data with those of other users in order to share trend information and aggregate user statistics with third parties, always in aggregated and anonymized form.

Data Retention

The retention period for each of the cookies Zemanta uses (whether its own or on our behalf by third parties) is stated on the Cookie Table.

Zemanta also maintains a Data Retention Policy that details the retention period for personal data based on our analysis of how long the specific data is reasonably required for legal or business purposes. When we no longer need personal data, we securely delete or destroy it. Aggregated data, which cannot identify a device/browser (or individual) and is used for purposes of reporting and analysis, is maintained for as long as commercially necessary.

Children

None of our services are directed to children under 16. We do not knowingly collect personal data from anyone under 16 years of age. If we determine upon collection that a Site Visitor, a User or a Business Partner is under 16, we will not use or maintain his/her personal data. If we become aware that we have unknowingly collected personal data from a child under the age of 16, we will make reasonable efforts to delete such information from our records. If you’re a kid, please go play in the yard, don’t use or interact with Zemanta!

European Territory Citizens

In compliance with European privacy laws, in particular the European General Data Protection Regulation (GDPR), Zemanta provides specific additional rights for citizens of the European Territories such as the right to access, rectification, right to object, to complaint, erasure and blockage. More specifically:

the right to request information about whether and which personal data is processed by us, and the right to demand that personal data is rectified or amended.
under certain circumstances, the right to request that personal data should be deleted.
under certain circumstances, the right to demand that the processing of personal data should be restricted.
withdraw your consent to the processing and use of your data completely or partially at any time with future application.
have the right to obtain your personal data in a common, structured and mechanically readable format.
contact our data protection officer if there are any questions, comments, complaints or requests in connection with our statement on data protection and the processing of your personal data.
the right to complain to the responsible supervisory authority if believed that the processing of your personal data is in violation of the legislation.

In addition to the above, we reference certain rights for European Territory citizens throughout this Privacy Policy. Pursuant to the GDPR, citizens from “European Territories” mean the European Economic Area (EEA) and Switzerland. For the purpose of this Privacy Policy, the term “European Territories” shall continue to include the United Kingdom, even after the United Kingdom leaves the European Economic Area following Brexit.

Please email Privacy@outbrain.com with any questions about exercising any of the above rights.

California Privacy Rights

(a) Your Rights

As a California resident, you have the rights listed below. However, these rights are not absolute, and in certain cases we may decline your request as permitted by law.

You can request the following information about how we have collected and used your Personal Information during the past 12 months:
- The categories of Personal Information that we have collected.
- The categories of sources from which we collected Personal Information.
- The business or commercial purpose for collecting and/or selling Personal Information.
- The categories of third parties with whom we share Personal Information.
- Whether we have disclosed your Personal Information for a business purpose, and if so, the categories of Personal Information received by each category of third party recipient.
- Whether we’ve sold your Personal Information, and if so, the categories of Personal Information received by each category of third party recipient.
You can request a copy of the Personal Information that we have collected about you during the past 12 months.
You can ask us to delete the Personal Information that we have collected from you.
Opt-out of sales.If we sell your Personal Information, you can opt-out. In addition, if you direct us not to sell your Personal Information, we will consider it a request pursuant to California’s “Shine the Light” law to stop sharing your personal information covered by that law with third parties for their direct marketing purposes.
Opt-in.We contractually prohibit our publishing and advertising clients from placing our technology on pages that target individuals younger than 16 years old. If we learn that you are younger than 16 years old, we will ask for your permission (or if you are younger than 13 years old, your parent or guardian’s permission) to sell your Personal Information before we do so.
Non-discrimination. You are entitled to exercise the rights described above free from discrimination. This means that we will not penalize you for exercising your rights by taking actions such as denying you services; increasing the price/rate of services; decreasing service quality; or suggesting that we may penalize you as described above for exercising your rights.

(b) How to exercise your rights. You may exercise your California privacy rights described above as follows:

Right to information, access and deletion. You can request to exercise your information, access and deletion rights by:
- calling us toll free on 1-866-I-OPT-OUT and entering service code 253# to leave us a message.
- emailing privacy@outbrain.com
- using the web formto submit your request(s) to us
Right to opt-out of the “sale” of your Personal Information.We do not sell your Personal Information in the conventional sense (i.e., for money). However, like many companies, we use services that help deliver interest-based ads to you. California law classifies our use of these services as a “sale” of your Personal Information to the companies that provide the services. This is because we allow them to collect information from our website users (e.g., online identifiers and browsing activity) so they can help serve ads more likely to interest you. To opt-out of this “sale”, click on this link which will take you to our a page where you can opt out of personalised recommendations.

We will need to confirm your identity and California residency to process your requests to exercise your information, access or deletion rights. We cannot process your request if you do not provide us with sufficient detail to allow us to understand and respond to it.

(c) Personal information that we collect, use and share

The chart below summarizes how we collect, use and share Personal Information by reference to the statutory categories specified in the CCPA, and describes our practices during the 12 months preceding the effective date of this Privacy Policy. Categories in the chart refer to the categories described above in the general section of this Privacy Policy.

Zemanta User Type	Statutory category of personal information (PI) (click for details)	Source of the PI	Purpose for collection	How we may share, disclose or “sell” information.
Site Visitors	Identifiers Online Identifiers Geolocation Data Inferences Internet or Network Information	Site Visitor	See Section 2(a) (Site Visitors).	See Section 2(c) (Site Visitors).
Users	Identifiers Online Identifiers Geolocation Data Inferences Internet or Network Information	Users	See Section 2(a) (Users).	See Section 2(c) (Users).
Business Partners	Identifiers Financial Information	Business Partners	See Section 2(a) (Business Partners).	See Section 2(c) (Business Partners).

“Do Not Track” Disclosure

Some browsers transmit Do Not Track (DNT) signals to websites. Because there is no common understanding of how to interpret the DNT signal, Zemanta does not currently alter, change, or respond to DNT requests or signals from these browsers. We will continue to monitor industry activity in this area and reassess our DNT practices as necessary. In the meantime, you can use the range of other tools we provide to control data collection and use, including the ability to opt out of receiving personalized recommendations in the Users section.

EU-US Data Protection Framework (DPF) Participation

Outbrain and its U.S. subsidiary, Zemanta comply with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. Outbrain has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF. Outbrain has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/

Please click here to view our certification.

Complaint and Dispute Resolution Procedure under the DPF

Outbrain’s internal complaints mechanism

In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF, Outbrain commits to resolve DPF Principles-related complaints about our collection and use of your personal information. EU and UK individuals with inquiries or complaints regarding our handling of personal data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF should first contact Outbrain at: DPO@outbrain.com

You may have the right to lodge a complaint with the data protection authority of your country of residence. If you live in the UK, you can make a complaint with the Information Commissioner’s Office (ICO) at this address. If you live in the EU, you can find the relevant data protection authority here. To submit a complaint to the FTC, click here.

Independent Recourse Mechanism

In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF, Outbrain commits to refer unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF to Judicial Arbitration and Mediation Services, Inc. (JAMS), an alternative dispute resolution provider based in the United States. If you do not receive timely acknowledgment of your DPF Principles-related complaint from us, or if we have not addressed your DPF Principles-related complaint to your satisfaction, please visit JAMS for more information or to file a complaint. The services of JAMS are provided at no cost to you. Please contact or visit the https://www.jamsadr.com/DPF-Dispute-Resolution for more information or to file a complaint.

The Federal Trade Commission has jurisdiction over Outbrain’s compliance with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF.

Arbitration

You may also be able to invoke binding arbitration for unresolved complaints but prior to initiating such arbitration, a resident of a European country (including Switzerland) participating in the DPF must first:

(1) contact us and afford us the opportunity to resolve the issue;

(2) seek assistance from JAMS (an independent recourse mechanism); and

(3) contact the U.S. Department of Commerce (either directly or through a European Data Protection Authority) and afford the Department of Commerce time to attempt to resolve the issue.

If such a resident invokes binding arbitration, each party shall be responsible for its own attorney’s fees. Please be advised that, pursuant to the DPF, the arbitrator(s) may only impose individual-specific, non-monetary, equitable relief necessary to remedy any violation of the DPF Principles with respect to the resident. The arbitration option may not be invoked if the individual’s same claimed violation of the Principles

(1) has previously been subject to binding arbitration;

(2) was the subject of a final judgement entered in a court action to which the individual was a party; or

(3) was previously settled by the parties.

For more details, please click here.

European Individual Rights Under The DPF

Outbrain must provide you:

Information on the types of personal data collected
Information on the purposes of collection and use
Information on the type or identity of third parties to which your personal data is disclosed
Choices for limiting use and disclosure of your personal data
Access to your personal data
Notification of the organization’s liability if it transfers your personal data
Notification of the requirement to disclose your personal data in response to lawful requests by public authorities
Reasonable and appropriate security for your personal data
A response to your complaint within 45 days
Cost-free independent dispute resolution to address your data protection concerns
The ability to invoke binding arbitration to address any complaint that the organization has violated its obligations under the DPF Principles to you and that has not been resolved by other means

OUTBRAIN’S LIABILITY IN CASES OF ONWARD TRANSFERS TO THIRD PARTIES

In the context of an onward transfer, Outbrain has responsibility for the processing of personal information it receives under the DPF Principles and subsequently transfers to a third party acting as an agent on its behalf. Outbrain remains liable under the DPF Principles if its agent processes such personal information in a manner inconsistent with the DPF Principles, unless Outbrain proves that it is not responsible for the event giving rise to the damage.

How This Privacy Policy May Change

We may change this Privacy Policy from time to time. We will place a prominent notice that will be visible to you as a Site Visitor or Business Partner, but we do not have a means of advising Users of an update. You should check back here periodically to see if the Privacy Policy has been updated. We will always show the date of the latest modification of the Privacy Policy at the top of the page so you can tell when it was last revised.