Privacy Policy

AdReactor (referred to as "AdReactor" or "we" or "us" or "our") is committed to protecting and respecting your privacy and handling your personal data in an open and transparent manner. The personal data that we collect and process may vary depending on the service we provide to you. This privacy policy will inform you how AdReactor collects and processes your personal data, and informs you about your rights under the EU General Data Protection Regulation ("GDPR") and any national law supplementing or implementing the GDPR.

Our Data Protection Principles

We adhere to the principles relating to processing of personal data set out in the GDPR which require personal data to be:

  1. processed lawfully, fairly and in a transparent manner in relation to the data subject ('lawfulness, fairness and transparency');
  2. collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes; further processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes shall, in accordance with Article 89(1), not be considered to be incompatible with the initial purposes ('purpose limitation');
  3. adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed ('data minimization');
  4. accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay ('accuracy');
  5. kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed; personal data may be stored for longer periods insofar as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in accordance with Article 89(1) subject to implementation of the appropriate technical and organizational measures required by this Regulation in order to safeguard the rights and freedoms of the data subject ('storage limitation');
  6. processed in a manner that ensures appropriate security of the personal data, including protection against unauthorized or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organizational measures ('integrity and confidentiality').
  7. Not transferred to another country without appropriate safeguards being in place (Transfer Limitation).
  8. Made available to data subjects and data subjects allowed to exercise certain rights in relation to their Personal Data (Data Subject's Rights and Requests).
  9. We are responsible for and must be able to demonstrate compliance with the data protection principles listed above (Accountability).

Data controller

This privacy policy applies where we are acting as a data controller with respect to your personal data and therefore determine the purposes and means of the processing of that personal data. We will ask you to consent to our use of cookies in accordance with the terms of this policy when you first visit our Website. Our Website incorporates privacy controls you can use to specify whether you would like to receive marketing, limit the publication or any other use of your information. You can access such privacy controls via

How we collect your personal data

We obtain your personal data mainly through any information you provide directly to us or through information provided by third parties. We collect personal data directly from you when you complete Publisher or Advertiser registration forms on our website, when you enter and use our Website, and/or performing contractual obligations, and when you contact us for any enquiries, complaints or for any other reason.

Personal Data We Use, Purposes and Legal Grounds

We may collect the following personal data from you depending on the service we provide to you. We will only process your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:

Type of information Purpose Legal basis of processing
Profile data.

Your name, address, telephone number, email address, PayPal address, your bank account data.
Operating our Website, providing our services, communicating with you. Fulfilment of KYC/AMLprocedures. Legitimate interests in the proper administration of our Website.

Performing the contract we have with you.
Transaction data.

The transaction data your contact details, your card details and the transaction details.
The transaction data may be processed for the purpose of payments and keeping proper records of those transactions. Performing the contract we have with you.
Notification data. The notification data may be processed for the purposes of sending you the relevant notifications and/or newsletters. Consent. Performing the contract we have with you.
Correspondence data.

The communication content and metadata associated with the communication.
The proper performance of our contractual obligation before you. Consent. Performing the contract we have with you.
Any of your personal data identified in this policy. Exercise or defence of legal claims, whether in court proceedings or in an administrative or out-of-court procedure, the protection and assertion of our legal rights, your legal rights and the legal rights of others. Our legitimate interests.
Any of your personal data identified in this policy. The obtaining or maintaining insurance coverage, managing risks, or obtaining professional advice. Our legitimate interests.
Information We May Provide to Third Parties

We may disclose your personal data to the third parties listed below. When we do so, we require those third parties to have appropriate technical and organizational measures in place to protect your personal data. We will not share any of your personal data for any purpose other than the purposes described in this privacy policy, nor will we sell your personal data to anyone.

  • Any member of our group of companies (this means our subsidiaries, our ultimate holding company and all its subsidiaries) so far as reasonably necessary for the purposes, and on the legal bases, set out in this privacy policy.
  • To our insurers or professional advisers so far as reasonably necessary for the purposes of managing risks, obtaining professional advice, or the establishment, exercise or defense of legal claims, whether in court proceedings or in an administrative or out-of-court procedure.
  • Payment services providers we have chosen to support us with financial transactions relating to our Website. We will share transaction data with our payment services providers only to the extent necessary for the purposes of processing your payments, refunding such payments and dealing with complaints and queries relating to such payments and refunds.
  • Governmental and regulatory bodies, including law enforcement authorities, in connection with enquiries, proceedings or investigations by such parties or in order to enable AdReactor to comply with its legal and regulatory requirements.
  • Partners, contractors and/or vendors in order to perform contract we have with you.
Your data protection rights

Under the Data Protection legislation you have the following rights in terms of the personal data we hold about you.

The right to be informed about the collection and the use of their personal data

AdReactor is publishing this privacy policy to keep you informed as to what we do with your personal data. You can ask us for information regarding any data of yours that we keep at any time. This information concerns, among other things, the data categories we process, for what purposes we process them, the origin of the data if we did not acquire them directly from you and, if applicable, the recipients to whom we have sent your data.

The right to access personal data and supplementary information

This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it. You can obtain a copy of your data from us free of charge. If you are interested in other copies, we reserve the right to charge for the additional copies.

The right to have inaccurate personal data corrected, or completed if it is incomplete

You can request that we correct your data. We will initiate appropriate measures to keep the data of yours that we continuously process correct, complete, and up to date, based the latest information available to us.

The right to erasure (to be forgotten)

You can request that we delete your data provided the legal requirements have been met. In accordance with Article 17 the GDPR, this can be the case if:

  • the data are no longer required for the purposes they were acquired or otherwise processed;
  • you revoke your consent, which is the basis of the data processing, and there is no other legal basis for the processing;
  • you object to the processing of your data and there are no legitimate reasons for the processing or you object to data processing for the purposes of direct advertising;
  • the data have been processed illegally.

Where the processing is not necessary:

  • To ensure adherence to a legal obligation that requires us to process your data
  • In particular with regard to legal retention periods
  • To assert, exercise or defend against legal claims

The right to restrict processing in certain circumstances

You can request that we restrict the processing of your data if

  • You dispute the correctness of the data – for the period of time we need to check the correctness of the data;
  • The processing is illegal but you do not wish to have your data deleted and request a restriction of use instead;
  • We no longer need your data, but you need them to assert, exercise or defend against legal claims;
  • You have filed an objection to the processing, though it has not yet been decided whether our legitimate grounds outweigh yours.

The right to data portability, which allows the data subject to obtain and reuse their personal data for their own purposes across different services

At your request, we will transfer your data– where technically possible – to another responsible entity. However, this right only applies if the data processing is based on your consent or is required to fulfill a contract. Instead of receiving a copy of your data, you can ask us to send the data directly to another responsible entity that you specify.

The right to object to processing in certain circumstances

You can object to the processing of your data at any time for reasons that arise from your special situation provided the data processing is based on your consent or our legitimate interest or that of a third party. In this case, we will no longer process your data. The latter does not apply if we are able to prove there are compelling, defensible reasons for the processing that outweigh your interests or we require your data to assert, exercise or defend against legal claims.

The right to withdraw consent at any time

Withdraw the consent you gave us with regard to the processing of your personal data for certain purposes, such as to allow us to promote our products and services to you.

Retaining and Deleting Personal Data

We will keep your personal data for as long as is necessary for the purpose for which we initially collected them. Once such period has ended, we will keep your personal data for the longest of the following periods: a) any retention period set out in our retention policy which is in line with regulatory requirements relating to retention; or (b) the end of the period in which legal action or investigations might arise in respect of the services provided. Once the retention period of your personal data lapses, we will ensure that your personal data are either irreversibly anonymized or securely destroyed.

Confidentiality and Security

We deploy various security measures such as encryption and authentication tools in line with the current state of the art to protect and maintain the security, integrity and availability of your personal data. 100% protection against unauthorized access in the case of data transfers across the internet or a website cannot be guaranteed, but we and our service providers and business partners do our utmost to protect your personal data in line with the prevailing data protection legislation by means of physical and electronic physical precautions. Among other things, we use the following measures:

  • Strict criteria for authorization to access your personal data on a "need-to-know" basis only and exclusively for the specified purpose;
  • Transfer of acquired data in secured form;
  • Storage of confidential data in our secure servers;
  • Firewall safeguarding of IT systems to provide protection against unauthorized access, and
  • Continuous monitoring of access to IT systems to detect and prevent the misuse of personal data.

If you have received a password from us in order to be able to access certain parts of our Website, you are responsible for keeping this password confidential and for compliance with all other security procedures which we make you aware from time to time. We ask you not to share your password with anyone.

Changes to this privacy policy

We may update this privacy policy from time to time by publishing a new version on our Website. We will notify you appropriately when we make changes to the privacy policy and we will amend its revision date so that you know when we last amended it. We do however encourage you to review this statement periodically so as to always be informed about how we are processing and protecting your personal information. We may notify you of changes to this policy by email or through the private messaging system on our Website.


If you have any questions about our privacy policy or wish to obtain more information in relation to the personal data we process about you or wish to exercise any of your rights please contact us via email at:

Date: September 4, 2018