Last updated: September, 2021
The Advertising Research Foundation (“ARF”), including its subsidiary MSI, believes in protecting your privacy and the confidentiality of your Personally Identifiable Information (“PII”) . For purposes of this Policy, PII is defined as information: (i) that directly identifies an individual (e.g., name, address, social security number or other identifying number or code, telephone number, email address, etc.) or (ii) which, taken together with other collected data elements (i.e. birth date, geographic location) can be used to “indirectly” identify specific individuals. ARF treats information permitting the identification and/or physical or online contacting of a specific individual in the same manner as PII. Any information that cannot be used to identify a discrete individual (such as aggregated statistical information) is not PII .
INSTRUCTIONS REGARDING HOW TO WITHDRAW YOUR CONSENT (“Opt-Out’) TO APPLICABLE USES OR DISCLOSURES OF YOUR PII ARE SET FORTH AT THE END OF THIS POLICY.
WHEN PROVIDING YOUR PII TO THE ARF VIA ARF SERVICES, YOU WILL BE ASKED TO CONSENT TO THE USE OF YOUR DATA AS SET FORTH HEREIN AND TO THE STORING AND PROCESSING OF YOUR PII IN THE UNITED STATES. AS A RESULT, THE U.S. GOVERNMENT, COURTS, OR LAW ENFORCEMENT OR REGULATORY AGENCIES MAY BE ABLE TO OBTAIN DISCLOSURE OF YOUR PII UNDER U.S. LAWS.
PURPOSE OF COLLECTION, USE AND DISCLOSURE OF PERSONAL INFORMATION
ARF may collect, use, and disclose your PII in our normal course of business. The information may be used to manage our membership base, deliver ARF Services, conduct research, plan new ARF Services, gauge member or customer satisfaction, measure awareness of ARF Services, or to test reaction to ARF Services or communications.
Below are the primary uses of this information supplied to us:
- Establishing and maintaining communications with you;
- Providing relevant content or ARF Services;
- Responding to your requests for or inquiries about content and ARF Services;
- Processing transactions through service providers;
- Registration for conferences, training, and other events;
- Meeting legal, security, processing, and regulatory requirements;
- Protecting against fraudulent, suspicious, or other illegal activities; and
- Compiling statistics for analysis of our sites and our business.
WHAT INFORMATION WE COLLECT
The information gathered by ARF falls into two categories: (1) information voluntarily supplied by visitors to the ARF Website and ARF Services, and (2) tracking information gathered as visitors navigate through our the ARF Website.
Information Provided by You
ARF only collects the PII required to operate our applications and perform ARF Services.. Our PII collection includes:
- First and last name
In addition, ARF may, from time to time, collect additional information about you, your interests and your activity on the ARF Website.
All data you provide to ARF remains your property in accordance with applicable state law. As such, you are responsible for ensuring your own compliance with applicable law in the provision of such data.
ARF does not sell data, either in anonymized or aggregate form.
ARF does not license, sell or share PII for research purposes or make data available for commercial research. PII may be used for research purposes only with explicit agreement from the owners of the data and only for the limited duration of a defined research project (e.g. a time-bound efficacy study).
Below are some additional ways we collect data:
Website Navigational Information
As you navigate the ARF Website, we may also collect information through commonly used information-gathering tools, such as cookies (collectively “Website Navigational Information”). Website Navigational Information includes standard information from your web browser (e.g., browser type, browser language), your Internet Protocol (“IP”) address, and the actions you take on the ARF Website (such as the web pages viewed, files downloaded, and the links clicked).
There are different kinds of cookies with different functions:
- Session cookies: a session cookie is only stored on your computer during your web session. They are automatically deleted when the browser is closed. They usually store an anonymous session ID allowing you to browse a website without having to log in to each page. They do not collect any information from your computer.
- Persistent cookies: a persistent cookie is one stored as a file on your computer, and it remains there when you close your web browser. The cookie can be read by the website that created it when you visit that website again.
- First-party cookies: the function of a first-party cookie is to retain your preferences for a particular website for the entity that owns that website. They are stored and sent between ARF’s servers and your computer’s hard drive. They are not used for anything other than for personalization as set by you. These cookies may be either Session or Persistent cookies.
- Third-party cookies: the function of a third-party cookie is to retain your interaction with a particular website for an entity that does not own that website. They are stored and sent between the third party’s server and your computer’s hard drive. These cookies are usually persistent cookies.
- Where strictly necessary: These cookies are essential to enable you to move around the ARF Website and use its features, such as accessing secure areas of the ARF Website. Without these cookies, services you have asked for, such as logging into your account, cannot be provided.
- Performance: These cookies collect information about how visitors use the ARF Website (e.g., which pages visitors go to most often, if they get error messages from web pages). They also allow us to record and count the number of visitors to the ARF Website, all of which enables us to see how visitors use the ARF Website in order to improve the way that our the ARF Website works. These cookies do not collect information that identifies a person, as all information these cookies collect is anonymous.
- Functionality: These cookies allow the ARF Website to remember choices you make (e.g., your user name, your language, region you are in) and provide enhanced features. For instance, a the ARF Website may be able to remember your login details, so that you do not have to repeatedly sign in to your account when using a particular device to access our the ARF Website. These cookies can also be used to remember changes you have made to text size, font, and other parts of web pages that you can customize. They may also be used to provide services you have requested, such as viewing a video or commenting on an article. The information these cookies collect is usually anonymized. They do not gather any information about you that could be used for advertising or remember where you have been on the internet.
- The major browsers have attempted to implement the draft “Do Not Track” (“DNT”) standard of the World Wide Web Consortium (“W3C”) in their latest releases. As this standard has not been finalized, the ARF Website is not compatible with DNT.
DISCLOSURE OF INFORMATION TO OTHERS
Third parties to whom we disclose information are required by law and contractual undertakings to keep your PII confidential and secure and to use and disclose it for purposes that a reasonable person would consider appropriate in the circumstances, in compliance with all applicable legislation, which purposes are as follows:
- To provide the ARF Services and services you have requested from us;
- To notify you or allow our affiliated companies to notify you of certain products or services offered by our affiliated companies;
- To process transactions through data processing service providers; and
- To fulfill joint marketing agreements with affiliates and partners.
If these third parties wish to use your PII for any other purpose, they will have a legal obligation to notify you of this and, where required, to obtain your consent. Contact us on email@example.com for more information on these third parties.
In the normal course of performing ARF Services, PII may be shared within ARF and with our affiliates solely for the purposes set forth herein.
ARF’s service providers are required to adhere to their contractual obligations, as well as industry standard protections, regarding the collection, use, and retention of data as we do.
Other Legally Required Disclosures
ARF reserves the right to disclose without your prior permission any PII about you or your use of the ARF Website or other Products if ARF has a good faith belief that such action is necessary to (1) protect and defend the rights, property, or safety of ARF, employees, or other users of the ARF Website or the public; (2) enforce the terms and conditions that apply to use of the ARF Website; (3) comply with a legally valid request from a competent governmental authority; or (4) respond to claims that any content violates the rights of third parties. We may also disclose PII as we deem necessary to satisfy any applicable law, regulation, legal process, or governmental request.
CALIFORNIA’S “SHINE THE LIGHT” LAW
California Civil Code Section 1798.83 requires any operator of a website to permit its California-resident customers to request and obtain from the operator a list of what personal information the operator disclosed to third parties for direct marketing purposes for the preceding calendar year, as well as the addresses and names of such third parties. ARF does not share any personal information collected from this site with third parties for their direct marketing purposes.
European Union’s “General Data Protection Regulation (GDPR)” Law
The General Data Protection Regulation (GDPR) (EU) 2016/679 is a regulation in EU law on data protection and privacy for all individuals within the European Union. It also addresses the export of personal data outside the EU. The GDPR aims primarily to give control to citizens and residents over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU. In compliance of this law, ARF does not utilize data for any reasons other than to fulfill commitments to existing ARF Services and services. ARF does not share any personal data or information collected from this site with third parties for their direct marketing purposes. The ARF has data retention and storage mechanisms in place to control who has access to the data and has placed limits on what purposes the data can be used for.
CALIFORNIA’S “California Consumer Privacy Act (CCPA)” LAW
The California Consumer Privacy Act (“CCPA”) applies to California residents only, below is a listing of the rights you have the ability to exercise:
- Right to Know: You have the right to request that we disclose to you the PII we collect, use, or disclose, and information about our data practices;
- Right to Request Deletion: You have the right to request that we delete your PII that we have collected from you;
- Right to Non-Discrimination: We will not discriminate against you for exercising any of these rights.
In compliance of this law, ARF does not utilize data for any reasons other than to fulfill commitments to deliver ARF Services. ARF does not share any personal data or information collected from this site with third parties for their direct marketing purposes. The ARF has data retention and storage mechanisms in place to control who has access to the data and has placed limits on what purposes the data can be used for.
Your knowledge of and consent to ARF’s collection, use, and disclosure of your PII is critical. When providing your PII to the ARF via ARF Services, you will be asked to consent to the use of your data as set forth herein and to the storing and processing of your PII in the United States. As a result, the U.S. government, courts, or law enforcement or regulatory agencies may be able to obtain disclosure of your PII under U.S. laws.
Subject to certain legal or contractual restrictions and reasonable notice, you may withdraw this consent at any time. ARF will inform you of the consequences of withdrawing your consent. In some cases, refusing to provide certain PII or withdrawing consent for ARF to collect, use, or disclose your PII could mean that we cannot provide the requested ARF Services, services, or information for you. If you wish to withdraw your consent, please refer to the “Questions or to Withdraw Consent (“Opt-Out”)” section below.
LIMITING COLLECTION AND RETENTION OF PERSONAL INFORMATION
ARF will collect, use, or disclose PII that is necessary for the Identified Purposes or as permitted by law. If we require PII for any other purpose, you will be notified of the new purpose and, subject to your consent (where appropriate), that new purpose will become an Identified Purpose.
ARF will collect PII by fair and lawful means. We will normally retain PII as long as necessary for the fulfillment of the Identified Purposes. However, some PII may be retained for longer periods as required by law, contract, or auditing requirements.
We have in place physical, electronic, and procedural safeguards appropriate to the sensitivity of the information we maintain. Safeguards will vary depending on the sensitivity, format, location, amount, distribution, and storage of the PII . They include physical, technical, and managerial measures to keep PII protected from unauthorized access. Among such safeguards are the encryption of communications via SSL, encryption of information while it is in storage, firewalls, access controls, separation of duties, and similar security protocols. However, due to the nature of the Internet and related technology, we cannot absolutely guarantee the security of PII , and ARF expressly disclaims any such obligation.
ACCURACY, ACCOUNTABILITY, OPENNESS, AND CUSTOMER ACCESS
Our knowing about changes to some of your PII (e.g., email address) may be key to effectively communicating with you at your request. If any of your details change, you can update us by emailing us. Please keep us informed of changes to your PII .
You have the right to access your PII and request rectification of any PII in the file that may be obsolete, incomplete, or incorrect. However, to secure your PII , ARF does not currently provide online access to our customers to view or amend PII in our database.
QUESTIONS OR TO WITHDRAW CONSENT (“Opt-Out”)
You may exercise your right to withdraw your consent to applicable uses or disclosures of your PII (which may limit or terminate the ARF Services that ARF provides to you) by writing or sending an email to us at the following address:
The Advertising Research Foundation
432 Park Ave South
New York, NY 10016
We will need to validate the identity of anyone making such a request to ensure that we do not provide your information to anyone who does not have the right to such information. Normally, we will respond to access requests within 30 days.
In addition, you can change your email preferences at https://members.thearf.org/TheARF/Contacts/ContactLayouts/AccountPage.aspx?My_Account=4#My_Account
The Advertising Research Foundation
432 Park Ave South
New York, NY 10016
Complaints can be directed to: firstname.lastname@example.org