General Privacy Policy of the 1plusX DMP - 1plusX

Data Privacy Policies

Last update: Sept 29, 2023
For privacy inquiries, please write to privacy[at]1plusx.com

1plusX Data Privacy Policies

In the following policy, we would like to provide information about how we handle your personal data in accordance with Art. 13 of the General Data Protection Regulation (GDPR).

1. Controller

The controller for the data collection and processing described below is 

1plusx GmbH

Eichenstrasse 2

8808 Pfäffikon

Switzerland

Email: [email protected]

 

2. Representative in the EU

According to GDPR Article 27, data subjects who are in the EU can also contact our representative in the EU, Arthur Cox LLP, FAO Company Compliance and Governance, Ten Earlsfort Terrace, Dublin, D02 T380, Ireland; Email: [email protected]

 

3. Data processing for our website’s operations

In the following, we would like to inform you about how we handle your personal data when you visit our website.

 

3.1 Usage data

When you visit our webpage, usage data is temporarily processed on our web server to technically enable you to call up our web pages. 

This data record consists of

  • the name and address of the requested content
  • the date and time of the request
  • the amount of data transferred
  • the access status (content transferred, content not found)
  • the description of the web browser and operating system used
  • the referral link, which indicates the page from which you came to ours
  • the IP address of the requesting computer, which is shortened so that a personal reference can no longer be established.

We process your usage data in accordance with Art. 6 (1) p. 1 lit. f GDPR in our legitimate interest to be able to provide you with a functional website.

Subsequently, the data records are anonymized by shortening your IP address to evaluate them for statistical purposes and improve the quality of our websites and to store them in a log.

 

3.2 Cookiebot Consent Banner

On our websites, we use the consent banner “Cookiebot” of the provider Cybot A/S, Havnegade 39, 1058 Copenhagen, Denmark, within the scope of a commissioned processing relationship according to Art 28 GDPR. The data processing by Cookiebot is carried out on the basis of Art. 6 para. 1 p. 1 lit. f GDPR for the purpose of and in our legitimate interest to be able to use cookies and similar technologies on our websites in a data protection compliant manner and to enable you to easily withdraw your consent.

If you provide consent via our Consent Banner, Cybot processes the following data:

  • Your IP address
  • the date and time of consent
  • the user agent of the end user’s browser
  • the URL from which the consent was sent
  • a pseudonymous, random and encrypted key (key)
  • Your consent status, which serves as proof of your consent.

Your data is logged on Cybot’s servers. Your IP address is shortened by removing the last three digits so that a personal reference can no longer be established. Your key and consent status are also stored in the cookie “CookieConsent” in the browser of your end device for a period of 12 months. In this way, our website is able to check your consent status for all subsequent and future page views and to activate or deactivate them in accordance with your decision to use cookies and other technologies when you return to the page. The verification is done by matching the key and consent status from the “CookieConsent” cookie with the values provided to Cybot when you gave your consent to ensure that the status of your original consent has not changed.

For more information about Cybot’s handling of personal data, please visit https://www.cookiebot.com/de/privacy-policy/.

 

3.3 Cookie policy of 1plusX.com

Below you will find our guidelines and explanations on the use of cookies and similar techniques on our websites. The content is automatically displayed as a script via our Consent Banner System (CookieBot). For proper display and function, your browser settings must allow for the loading of scripts.  Our Consent Banner can also be retrieved at any given time via the link Privacy settings in our footer at the bottom of the page.


3.4 Google Tag Manager

On our website, we integrate the “Google Tag Manager” of Google LLC, 1600 Amphitheatre Parkway, Mountain View, California 94043, USA.

In the European Union (EU) and the European Economic Area (EEA), Google Tag Manager is offered as a service by Google Ireland Limited Gordon House, Barrow Street, Dublin 4, Ireland.

Google Tag Manager is a tag management system (TMS) that allows us to integrate and manage additional website content in JavaScript or HTML code. 

In particular, so-called tags can be integrated and managed on our website. Tags are small code fragments or markings (web beacons, tracking pixels or similar markings) that allow services to distinguish or identify users for website analysis or user tracking purposes. 

The analysis of website visits or user tracking is not carried out by the Google Tag Manager, but by the services used for these purposes, such as Google Analytics or other third-party solutions. Rather, the Google Tag Manager merely serves to integrate and manage the tags necessary for analysis or tracking into our website. Since the Google Tag Manager is provided by Google and is reloaded from its servers when the page is called up, the usage data technically required for calling up the page is also transmitted. Google also receives your IP address, which is technically required to retrieve the content. 

The data processing is based on Art. 6 para. 1 p. 1 lit. f GDPR. The purpose and our legitimate interest are to efficiently manage our website content. Data processing may also take place outside the EU or EEA in third countries. There is a risk that authorities in third countries may access the data for security and monitoring purposes without you being informed or having legal recourse. We, therefore, take measures in accordance with Art. 44 et seq. GDPR to ensure an adequate level of data protection despite these risks. In principle, we have no influence on further data processing by the third-party provider.

Further information on the handling of personal data by Google can be found at https://policies.google.com/privacy?hl=de.

 

3.5 Website analytics and tracking

3.5.1 Google Analytics

We use the web analytics service “Google Analytics” of Google LLC, 1600 Amphitheatre Parkway, Mountain View, California 94043, USA, for the demand-oriented design of our website. In the European Union (EU) and the European Economic Area (EEA), Google Analytics is offered as a service by Google Ireland Limited Gordon House, Barrow Street, Dublin 4, Ireland, which supports us as a processor according to Art. 28 GDPR. Google Analytics creates usage profiles based on pseudonyms and usage data. In the process, user interactions such as button clicks, scroll depth, and the use of filtering and search functions are also recorded. For this purpose, permanent cookies are stored on your terminal device and read by us. In this way, we are able to recognize returning visitors and count them as such. Collected data is stored by us in Google Analytics for a period of 26 months. Data processing is based on your consent pursuant to Art. 6 para. 1 p. 1 lit. a GDPR, provided you have given your consent via our Consent banner. Your consent is voluntary and can be withdrawn at any time with effect for the future pursuant to Art. 7 (3) GDPR. You can withdraw your consent at any time by clicking on “Change your consent” or via the link, “Privacy settings”.

In this context, the processing of your data may also take place in countries outside the European Union (EU) and the European Economic Area (EEA) in third countries without an adequate level of data protection, in particular in the USA. If your data is transferred to third countries, there is a risk that authorities there may access your data for security and monitoring purposes without you being informed or being able to appeal. We transfer your data to third countries on the basis of your consent pursuant to Art. 49 (1) p. 1 lit. a GDPR. In principle, we have no influence on further data processing by the third-party provider.

For more information on the handling of personal data by Google, please visit https://policies.google.com/privacy?hl=de.

 

3.5.2 Google Ads Conversion Tracking

On our websites, we integrate the “Google Ads Conversion Tracking” of Google LLC, 1600 Amphitheatre Parkway, Mountain View, California 94043, USA. In the European Union (EU) and the European Economic Area (EEA), Google Ads conversion tracking is offered as a service by Google Ireland Limited Gordon House, Barrow Street, Dublin 4, Ireland. If an ad placed by us via Google Ads is displayed to you on other websites or if you click on it, these other websites store a Google Ads conversion tracking cookie with a pseudonym assigned to us in your terminal device on the basis of your consent given there. If you subsequently visit our websites within the storage period of this cookie, this cookie will be read by Google ad conversion tracking on our website. In this way, Google can determine that you were shown an advertisement placed by us or that you clicked on it and subsequently visited our websites as well as, if applicable, how you subsequently used our websites. 

The conversion of an advertisement into action by the website visitor is referred to as a conversion. From this information, Google Ads creates statistics for us, from which we can see how many users have responded to our advertisements and in what way. Based on these statistics, we can optimize the effectiveness of our advertising and control our advertising strategy. Data processing is based on your consent pursuant to Art. 6 para. 1 p. 1 lit. a GDPR, provided you have given your consent via our Consent banner. Your consent is voluntary and can be withdrawn at any time with effect for the future pursuant to Art. 7 (3) GDPR. You can withdraw your consent at any time by clicking on “Change your consent” or via the link, “Privacy settings”.

In this context, the processing of your data may also take place in countries outside the European Union (EU) and the European Economic Area (EEA) in third countries without an adequate level of data protection, in particular in the USA. If your data is transferred to third countries, there is a risk that authorities there may access your data for security and monitoring purposes without you being informed or being able to appeal. We transfer your data to third countries on the basis of your consent pursuant to Art. 49 (1) p. 1 lit. a GDPR. In principle, we have no influence on further data processing by the third-party provider.

For more information on the handling of personal data by Google, please visit https://policies.google.com/privacy?hl=de.

 

3.5.3 Crazy Egg

We use the UX tool Crazy Egg on our website (Crazy Egg, Inc., 6220 E. Ridgeview Lane, La Mirada, CA, 90638, USA. Crazy Egg). The tool uses cookies to help to analyze anonymous user clicking behavior and navigation. This information generated by the cookie about your use of the 1plusX website is transferred to Crazy Egg’s servers in the USA and stored there. If you don’t wish to be tracked, you can stop Crazy Egg from collecting cookie data related to your website usage (IP address included) and terminate processing of data by Crazy Egg, you can opt-out here:

http://www.crazyegg.com/opt-ou…

In-depth information about  data collection and processing  by Crazy Egg can be found here:

http://www.crazyegg.com/privac…

 

3.5.4 LinkedIn Insight Tag

We use the LinkedIn Insight Tag, a piece of java script code to track conversions, retarget website visitors, and analyze additional user interaction with our LinkedIn posts and advertising. The LinkedIn Insight Tag enables the collection of metadata such as IP address information, timestamp, and events such as page views. All data is encrypted. The LinkedIn browser cookie is stored in a visitor’s browser until they delete the cookie or the cookie expires (there’s a rolling six-month expiration from the last time the visitor’s browser loaded the Insight Tag). You can opt-out of cookies on your LinkedIn settings page. Visit their Cookie Policy for more information.

The data processing is based on your consent pursuant to Art. 6 para. 1 p. 1 lit. a GDPR, provided that you have given your consent via our Consent Banner. Your consent is voluntary and can be withdrawn at any time with effect for the future pursuant to Art. 7 (3) GDPR. You can withdraw your consent at any time by clicking on “Change your consent” or via the link, “Privacy settings”.

Data processing may also take place outside the EU or EEA in third countries. There is a risk that authorities in third countries may access the data for security and monitoring purposes without you being informed or having legal recourse. We transfer your data to third countries on the basis of your consent pursuant to Art. 49 (1) p. 1 lit. a GDPR. In principle, we have no influence on further data processing by the third-party provider.

For more information on the handling of personal data by Hotjar, please visit https://de.linkedin.com/legal/cookie-policy.

 

3.6 Google ReCaptcha

To protect our web forms from automated requests, we use so-called Captchas. Within the captcha function, you may be asked to solve tasks or click on checkboxes. The user input in this context and, if necessary, the mouse movements are used to estimate whether the input comes from a human being or an automated program. The Captcha embedding is based on Art. 6 para. 1 p. 1 lit. f GDPR and in the interest of protection against spam and abuse.

If you do not wish this data processing, please refrain from using our web forms.

 

3.7 ‘Contact Us’ form

You have the possibility to contact us via our contact form. To use our contact form, we need the data provided in the contact form from you. These are email address, subject and the message or request itself.

We use this data on the basis of Art. 6 para. 1 p. 1 lit. f GDPR to be able to answer your inquiry as promptly and accurately as possible. Your data will only be processed to answer your inquiry. We will delete your data if it is no longer required and there are no legal retention obligations to the contrary. With regard to processing pursuant to Art. 6 (1) p. 1 lit. f GDPR, you have the right to object at any time. For this purpose, please contact the e-mail address stated in the imprint.

You may also subscribe to the 1plusX newsletter and other marketing communications by registering your email and opt-in found in the footer of each page on our website. Please refer to section 3.10 in this privacy policy.

 

3.8 Content downloads

Content downloads: when you download content off our content hub or other parts of our site, we store the data you submit through the form. This data is only used to deliver the requested content, and to keep a record that we have been in touch with you. 

You may also subscribe to the 1plusX newsletter and other marketing communications by registering your email and opt-in found in the footer of each page on our website. Please refer to section 3.10 in this privacy policy.

 

3.9 ‘Book a demo’ form

You have the option to contact us by clicking on “Book a Demo”. 

To be able to contact you as an interested party and potential customer with a view to initiate further contact, we collect and process the data to be entered in the input mask. These are your first and last name, your email address, your company, country as well as telephone number and your request itself. The legal basis is the necessity to carry out pre-contractual measures according to Art. 6 para. 1 p. 1 lit. b) GDPR or the legitimate interest according to Art. 6 para. 1 p. 1 lit. f) GDPR to contact you for an interest in concluding a contract with the company for which you have requested us. Your data will only be processed to respond to your inquiry. We delete your data if they are no longer required and there are no legal retention obligations to the contrary. With regard to processing pursuant to Art. 6 (1) p. 1 lit. f GDPR, you have the right to object at any time. For this purpose, please contact the email address stated in the imprint. 

You may also subscribe to the 1plusX newsletter and other marketing communications by registering your email and opt-in found in the footer of each page on our website. Please refer to section 3.10 in this privacy policy.

 

3.10 Marketing communications

On each page of our website, we offer you the opportunity to subscribe to 1plusX marketing communications, such as our newsletter. As part of the registration process, we process your email address to inform you by email about our products, services, events and promotions.

In addition, as part of our newsletter or marketing communications tracking, we process data at the time you opened the respective email as well as on your other interactions with the content, e.g. clicks on further links or the percentage at which you read the email. We process this data to check the effectiveness of our marketing communication and to optimize our relevant content. The legal basis for data processing is your consent pursuant to Art. 6 (1) p. 1 lit. a GDPR. Your consent is voluntary and can be withdrawn at any time with effect for the future pursuant to Art. 7 (3) GDPR.

If you no longer wish to receive 1plusX communications, you can unsubscribe at any time by using the unsubscribe link that you will find in every newsletter or marketing communication we send you.

You can also declare your wish to cancel all 1plusX marketing communications by sending an to [email protected].

In the context of our marketing communications, we transmit your data to Hubspot, Inc., 25 First Street, Cambridge, MA 02141 USA , which is a strictly instruction-bound and accordingly contractually obligated service provider vis-à-vis us, within the scope of order processing pursuant to Art. 28 GDPR. Further information on the handling of personal data can be found at https://legal.hubspot.com/privacy-policy. Data processing may also take place outside the EU or EEA in third countries. There is a risk that authorities in third countries may access the data for security and monitoring purposes without you being informed or being able to appeal. We therefore take measures in accordance with Art. 44 et seq. GDPR to ensure an adequate level of data protection despite these risks.

 

3.11 Social Plugins

We enable you to use social plugins for Twitter, Facebook and LinkedIn. For reasons of data protection, however, we only integrate the social plugins we use in deactivated form. When you call up our websites, no data is therefore transmitted to social media services. However, you have the option of activating and using the social plugins integrated into our websites. For this purpose, we use a solution that results in all data and functions required to display the social plugin being provided by our web server in a first step. Only when you decide to activate the respective social plugin and click on the corresponding preview image or icon, a connection to the servers of the operator of the respective social media service is established by your browser in a second step.

When you activate a plugin, the social media service receives in particular your IP address and, among other things, knowledge about your visit to our websites. This occurs regardless of whether you have an account with the respective social media service. If you are logged in, the data can be directly assigned to your social media profile. Overall, we have no influence on whether and to what extent the respective social media service processes personal data after activation. However, it is likely that the social media service will create usage profiles from your data and use them for the purpose of personalized advertising. In addition, your data will be used to inform other users of the social media service about your activities on our websites.  The embedding is based on your consent pursuant to Art. 6 para. 1 p. 1 lit. a GDPR, provided that you have given your consent by clicking on the preview image. Please note that the embedding of many social plugins leads to your data being processed outside the EU or EEA. In some countries, there is a risk that authorities may access the data for security and monitoring purposes without you being informed or being able to appeal. If we use providers in unsafe third countries and you consent, the transfer to an unsafe third country will be based on Art. 49 (1) lit. a GDPR. 

If you no longer wish your personal data to be processed by the activated social plugins, you can prevent future processing by no longer clicking on the preview image or icon of the respective social plugin.

 

3.12 Job applications via our website

When you click on one of the job advertisements on our website, you will be taken to the page of one or more of the vendors we use to manage our recruitment related activities, which could include, for example, communicating with you and responding to your requests, updating you on the status of your application, informing you about new vacancies, setting up and conducting interviews and tests for applicants, backgrounds checks processing and similar services related to processing your job application. When we collect or receive information from a third-party, such as from a job recruiting site, your provision of and our access to information will be governed by those parties’ own policies and applicable laws.

If you are located outside of the United States, your personal data may be transferred to the United States once you submit it through one of these sites. The transfer to the United States will be subject to appropriate additional safeguards under contractual agreements.

Your personal data will be retained for as long as reasonably necessary to evaluate your application for employment and related administration, in accordance with applicable laws or regulatory requirements.

 

4. Further data processing activities

In the following, we would like to inform you about other data processing activities in which we may process your personal data.

 

4.1 General processing of business contact data

If you are in contact with us or have a contractual relationship with us, for example as a supplier, customer, interested party or business partner, we may process your data in our programs, such as our CRM systems, to the extent necessary for the respective purpose. We process and store this data there for as long as necessary or as long as statutory retention obligations may exist. The legal basis is our legitimate interest in a practicable implementation and maintenance of our business relationships in accordance with Art. 6 para. 1 p. 1 lit. f) GDPR.

 

4.2 Data processing for the assertion, exercise or defense of legal claims

In addition, we process your data in individual cases for the purpose and in the interest of asserting, exercising and defending legal claims, provided that your data is relevant to a legal dispute. The legal basis for the processing of your data is Art. 6 para. 1 p. 1 lit. f GDPR. If necessary, your data will be transmitted in individual cases to the required extent to investigating authorities, lawyers, experts, courts or bailiffs.

 

4.3 Data processing for the documentation of data protection compliance

Insofar as you provide us with a declaration of consent on our websites, we process your personal data in order to be able to prove that you have consented to the data processing in question as part of the accountability obligation incumbent upon us under Article 5 (2) GDPR. Insofar as you exercise your data subject rights under the GDPR towards us, we also process your personal data in order to be able to prove within the scope of the accountability obligation pursuant to Art. 5 (2) GDPR that we have complied with the GDPR when processing your request. In addition, it may happen that we forward your personal data in connection with an inquiry to our company data protection officer, who advises us on all data protection issues and supports us in particular in processing inquiries from data subjects in connection with the assertion of the rights mentioned below. In each case, the processing is carried out on the basis of Art. 6 para. 1 p. 1. lit. c GDPR.

 

4.4 Data processing for the fulfillment of other legal obligations

Finally, we process personal data if this is necessary for the fulfillment of a legal obligation. The legal basis for the processing of your data in these cases is Art. 6 para. 1 p. 1 lit. c GDPR in conjunction with the respective legal norm that imposes such an obligation on us. If necessary, your data will be transmitted in individual cases to the required extent to auditors, financial or investigative authorities, lawyers, experts or courts.

 

4.5 Data transfer to independent third parties in the event of company restructuring

For the purpose of and in the interest of preparing and carrying out the sale of individual legal assets of our company or individual parts of our company for the purpose of making a profit, we transfer personal customer data to acquirers. The legal basis for this is Art. 6 para. 1 p. 1 lit. f GDPR.

 

5. Recipients or categories of recipients of personal data

The recipients of your data as well as data transfers to third countries have already been indicated separately in some cases in the data processing described above. Furthermore, we may transfer your data to service providers who support us, for example, in the operation of our websites or communication tools used, for example, as hosting or cloud services providers, if the legal data protection requirements are met. For example, if the data protection requirements are met, we transmit personal data to authorities, such as billing data, if applicable, to tax authorities. If contracts under data protection law are required for the transfers, we have concluded corresponding contracts with the service providers. Insofar as data processing may also take place outside the EU or EEA in third countries, there is a risk that authorities in third countries may access the data for security and monitoring purposes without you being informed or having the right to appeal. We therefore take measures in accordance with Art. 44 et seq. GDPR to ensure an adequate level of data protection despite these risks, for example by concluding standard contractual clauses with our service providers in conjunction with further technical measures.

 

6. Storage period of data

Unless a specific storage period is specified separately for the data processing described above, we process your data as long as this is necessary to achieve the stated purposes or a separately granted declaration of consent to longer storage is available. We then delete your data from all our operational systems. We proceed in the same way if, in the case of processing based on the consent granted to us pursuant to Art. 6 (1) sentence 1 lit. a GDPR, you exercise your right of revocation pursuant to Art. 7 (3) GDPR or, in the case of processing based on legitimate interests pursuant to Art. 6 (1) sentence 1 lit. f GDPR, you exercise your right of objection pursuant to Art. 21 GDPR and the conditions stated therein are met.

In particular, insofar as in the event of your objection there are demonstrably compelling grounds for further processing by us that outweigh your interests, rights and freedoms as a data subject, this would continue to be permissible. The same applies if the processing serves the assertion, exercise or defense of legal claims by us. Insofar as the fulfillment of a legal retention obligation imposed on us precludes deletion, we transfer the data concerned to archives and restrict further processing for the duration of the retention period. In this case, final deletion will only take place after the retention period has expired.

 

7. Voluntariness of the provision of your data

The provision of your personal data is neither legally nor contractually required. However, in certain cases, it is necessary for you to be able to use the services offered on our websites. Failure to provide personal data may result in our websites being restricted in their functions or in you not being able to use the services offered.

 

8. Your rights

When processing your personal data, the GDPR grants you certain rights as a data subject:

 

8.1 Right of access by the data subject (Art. 15 GDPR)

You have the right to obtain confirmation as to whether personal data concerning you is being processed; if this is the case, you have a right to be informed of this personal data and to receive the information specified in Art. 15 GDPR.

 

8.2 Right to rectification (Art. 16 GDPR)

You have the right to rectification of inaccurate personal data concerning you and, taking into account the purposes of the processing, the right to have incomplete personal data completed, including by means of providing a supplementary statement without delay.

 

8.3 Right to erasure (Art. 17 GDPR)

You have the right to obtain the erasure of personal data concerning you without undue delay if one of the reasons listed in Art. 17 GDPR applies.

 

8.4 Right to restriction of processing (Art. 18 GDPR)

You have the right to request the restriction of processing if one of the conditions listed in Art. 18 GDPR is met, e.g. if you have objected to the processing, for the duration of our examination.

 

8.5 Right to data portability (Art. 20 GDPR)

In certain cases, which are listed in detail in Art. 20 GDPR, you have the right to receive the personal data concerning you in a structured, commonly used and machine-readable format, or to request that this data be transferred to a third party.

 

8.6 Right to object (Art. 21 GDPR)

If data is collected on the basis of Art. 6 (1) 1 f GDPR (data processing for the purpose of our legitimate interests) or on the basis of Art. 6 (1) 1 e GDPR (data processing for the purpose of protecting public interests or in the exercise of official authority), you have the right to object to the processing at any time for reasons arising from your particular situation. We will then no longer process the personal data unless there are compelling legitimate grounds for the processing which override your interests, rights and freedoms or if data is still needed for the establishment, exercise or defence of legal claims.

 

8.7 Right to withdraw consent (Art. 7 GDPR)

If the processing of data is based on your consent, you are entitled to withdraw your consent to the use of your personal data at any time in accordance with Art. 7 (3) GDPR. Please note that the withdrawal is only effective for the future. Processing that took place before the withdrawal is not affected. 

 

8.8 Right of complaint to a supervisory authority (Art. 77 GDPR)

According to Art. 77 GDPR, you have the right to lodge a complaint with a supervisory authority if you believe that the processing of your data violates data protection regulations. This right may be asserted in particular with a supervisory authority in the Member State of your habitual residence, your place of work or the place of the suspected infringement. 

 

9. Contact details of the data protection officer

Our company data protection officer will be happy to provide you with information or suggestions on the subject of data protection. Please contact us at: [email protected]

 

10. Amendment of this data protection declaration

This data protection declaration was last updated on 14.12.2021.

 

1plusX's Privacy Policy
Data Management Platform

1plusX collects and processes data as a data processor on behalf of our customers. Data collection is used among other things, to deliver relevant advertising or content, to improve the user experience and to enhance analytical skills for our customers.

Our customers have privacy policies in place which explain the usage, the data security and your choices as a user regarding your data. If you have a cookie from us set in your browser, it means it has been set from us as a data processor to enable our service to our customers, the data controllers. All your user rights can be executed directly on the privacy policies of our customers.

Partners of 1plusX

While 1plusX actively communicates high data protection standards to its partners through contractual agreements and other measures, the partners themselves are responsible for compliance and therefore 1plusX cannot be held liable for any violation of the 1plusX data protection guidelines by one of the partners used by 1plusX.

1plusX works together with the following partners for the playout of advertising:

  • Adform
  • Adition Technologies
  • Contact Impact
  • DreamLab
  • Facebook
  • Google Ad Manager
  • Google Display & Video 360
  • Improve Digital
  • Madvertise
  • MediaMath
  • MailChimp
  • One by AOL
  • Rubicon Project
  • Smart Ad Server
  • Xandr
  • YieldLab

When working with these partners, some data is also transmitted to their ad servers, some of which may be located in countries outside the European Union. This is pseudonymised cookie information (cookie ID or device ID) and the assignment to relevant advertising segments. In this respect, it is ensured that an appropriate level of data protection exists in each case.

Opt-in and Opt-out

1plusX adheres to the Europe-wide principles of the EDAA, the Online Behavioral Advertising Framework. 1plusX is also an official vendor of the IAB Transparency and Consent Framework, as listed here.

You can perform a cross-customer opt-in and a cross-customer opt-out, via the “Your Ad Choices” management by our partner Your Online Choices. To opt-out or opt-in, click https://www.youronlinechoices.com/uk/your-ad-choices

Additional Requests related to the 1plusX Data Management Platform

For additional requests related to the data collection and data processing of 1plusX’s Data Management Platform please send an email to  [email protected]. According to GDPR Article 27, data subjects who are in the EU can also contact our representative in the EU, Mr. Marco Dohmen, 1plusX GmbH c/o WorkRepublic, Neuer Wall 71, 20354 Hamburg, Germany; E-Mail: [email protected]

1plusx and CCPA

Description of consumer’s rights

If you are a California resident, California law, including the California Consumer Privacy Act (“CCPA”) and California Civil Code section 1798.83, provides you with additional rights regarding our collection and use of your personal information.

Right to Know

You can request a summary of the personal information 1plusX has collected about you in the last 12 months.

You can find the respective form to submit your request on our Privacy Policy page on the customer’s websites where we have placed our cookie.

Alternatively, you can request this information by sending an email to [email protected], after which you will receive a web link to activate the data access request.

Right of Deletion

You can request Data Deletion by selecting the respective option on our Privacy Policy page on the customer’s websites where we have placed our cookie.

Right to non-discrimination

1plusx does not discriminate against any consumer and allows consumers to freely exercise their CCPA rights.

Right to opt-out

You are able to opt-out of the sale of personal information we have collected. By selecting the respective call to action “Do not sell my personal information” on our Privacy Policy page on the customer’s websites where we have placed our cookie.

The result of opting out from the sale of your personal information will be to stop tracking your behavior and interactions whatsoever. In addition, you will not be part of any segment and no personalization shall take place.

How to submit a request

California Law permits residents of California to request specific details on how their data is shared with third-party companies or affiliates for direct marketing or other business-related purposes.

If you are a California resident and you need to submit such a request, send an email to [email protected] with the subject “California Privacy Rights”.

Additionally, due to the nature of 1plusX’s business, in the properties of our customers, we provide you specific web forms that allow Californian Residents to exercise their rights. More specifically, we provide clear call to actions to:

  • Request Deletion
  • Opt-out from Sale
  • Request Data Access

List of PI categories collected or shared by the business in the last 12 months

1plusX collects and processes data on behalf of our Customers as a Service Provider. According to CCPA, Personal Information is defined as the information which can potentially identify, relate to, describe, reference, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or device.

1plusX upon Customer’s request shall collect the following categories of information (according to the categories mentioned in CCPA §1798.140). These are the categories of information that have been collected in the past 12 months.

  • Identifiers (refers mainly to online identifiers, IP addresses, encrypted email addresses)
  • Internet or other electronic network activity information
  • Geolocation Data
  • Inferences

It must be highlighted that 1plusX uses industry-standard encryption and security measures designed to protect any personal data from re-identification.

The sources of the collected data may be the following:

  • Customer’s web/mobile properties where the user’s activities are observed and recorded either via cookie, an SDK or a Data Layer
  • Online/ Offline Databases or Data Marketplaces
  • Ad Networks (including SSPs, DSPs, Ad Servers)

1plusX shares only anonymized information with Service Providers and Third Parties only to the extent that is required to fulfill the service. 1plusX does not share any information among customers with respect to user privacy, thus the data for each customer is siloed and cannot be exposed or transferred.

More specifically, the online identifiers (e.g. hashed cookie ID, hashed emails) will be shared with Advertising Networks, Data Management Platforms, and Data Analytics Providers. This information is often accompanied by Internet/ Electronic network activity information, Geolocation Data, and Inferences. At 1plusX we make sure that by providing this information the other party will be unable to re-identify a specific individual or household. The information that we share with 3rd parties cannot be linked to a specific individual or household due to the hashing functions that we apply on the identifiers (e.g. cookie, login ID, email address).

The collection of the information allows 1plusX to move towards its business goal. In that context, the main purposes for collecting the previously mentioned categories are:

  • Internet-based marketing
  • Data Analysis & Behavioural reporting
  • Other operational purposes