Ghostery

Website Privacy Policy

Add Comment

Your tracking optionsGhostery uses 1st-party tracking to understand how users like you move around our site so we can improve your experience. As a privacy company, we do NOT exchange data with third-party service providers to serve ads, follow your behavior around the web, or sell your data. The data collected is NOT used to identify you. Read our website privacy policy for more information.AcceptDecline Spring has sprung and so has a new Ghostery discount: now 30% off, our Plus subscription unlocks additional protection and intelligence within Ghostery’s privacy suite. Offer valid through April 25th. Learn more <ul> <li>Products <ul> <li>All Products</li> <li>Ghostery Browser Extension</li> <li>Ghostery Midnight</li> <li>Ghostery Browser</li> <li>Ghostery Insights</li> </ul> </li> <li>Pricing <ul> <li>Personal</li> <li>Business</li> <li>Enterprise</li> </ul> </li> <li>Blog</li> <li>Support <ul> <li>FAQs</li> <li>Submit a Tracker</li> <li>Data Request</li> </ul> </li> <li>My Account</li> <li>Get Started</li> </ul> <ul> <li>Products <ul> <li>All Products</li> <li>Ghostery Browser Extension</li> <li>Ghostery Midnight</li> <li>Ghostery Browser</li> <li>Ghostery Insights</li> </ul> </li> <li>Pricing <ul> <li>Personal</li> <li>Business</li> <li>Enterprise</li> </ul> </li> <li>Blog</li> <li>Support <ul> <li>FAQs</li> <li>Submit a Tracker</li> <li>Data Request</li> </ul> </li> <li>My Account</li> <li>Get Started</li> </ul> Ghostery’s Website Privacy Policy Effective Date: October 6, 2020 Please find below our statement on the processing of personal data by our company in accordance with the legal requirements, especially with the EU General Data Protection Regulation (GDPR – available at http://eur-lex.europa.eu/legal-content/EN/TXT/?uri=celex%3A32016R0679). Contents: I. General information <ol> <li>Definition of main terms</li> <li>Scope of validity</li> <li>Controller</li> <li>Data protection officer</li> </ol> II. Itemization of data processing operations <ol> <li>General information about the data processing operations</li> <li>Accessing our services</li> <li>Paid-for services</li> <li>Job Application</li> <li>Customer feedback</li> <li>Web Analysis</li> <li>Submit a Tracker</li> </ol> III. Product news and updates <ol> <li>Purpose of the data processing, legal basis, legitimate interests if applicable, and duration of storage</li> <li>Recipient of personal data</li> </ol> IV. Rights of data subjects <ol> <li>Right to object</li> <li>Right of access</li> <li>Right to rectification</li> <li>Right to erasure (“right to be forgotten”)</li> <li>Right to restriction of processing</li> <li>Right to data portability</li> <li>Right to withdraw consent</li> </ol> V. California I. General information This section of the privacy statement contains information on the scope of validity, the person responsible for data processing, the data protection officer and data security. It also begins with a list of definitions of important terms used in the data privacy statement. 1. Definition of main terms Browser: Computer program used to display websites (e.g., Chrome, Firefox, Safari) Cookies: Text files which the web server places on the user’s computer by means of the browser which is used. The stored cookie information may contain both an identifier (cookie ID) for recognition purposes and content data, such as login status or information about websites visited. The browser sends the cookie information back to the web server with each new request upon subsequent repeat visits to these sites. Most browsers accept cookies automatically. Cookies can be managed using the browser functions (usually under “Options” or “Settings”). The storage of cookies may be disabled in this way or it may be made dependent on the user’s approval in any given case or otherwise restricted. Cookies may also be deleted at any time. GDPR: Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), available at http://eur-lex.europa.eu/legal-content/EN/TXT/?uri=celex%3A32016R0679 Personal data: Any information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. Profiling: Any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location or movements. Services: Our offers to which this data privacy statement applies (cf. Scope of validity). Tracking: The collection of data and their evaluation regarding the behavior of visitors in response to our services. Tracking technologies: Actions can be tracked either via the activity records (log files) stored on our web servers or by collecting data from end devices via pixels, cookies or similar tracking technologies. Processing: Any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction. Pixel: Pixels are also called tracking pixels, web beacons or web bugs. These are small, invisible graphics in HTML emails or on websites. When a document is opened, this small image is downloaded from a server on the Internet and the download is registered there. This allows the operator of the server to see if and when an email has been opened or a website has been visited. This function is usually carried out by calling up a small program (JavaScript). Certain types of information can be detected on your computer system in this way and shared, such as the content of cookies, the time and date of the visit, and a description of the page on which the tracking pixel is located. 2. Scope of validity This data privacy statement applies to the following properties: <ul> <li>the websites of Ghostery, Inc, most notably those available at www.ghostery.com</li> <li>whenever reference is made to this data privacy statement from one of our properties (e.g., websites, subdomains, mobile applications, web services or integrations in third-party websites), regardless of the way in which it is accessed or used</li> </ul> All these properties are also collectively referred to as “services”. 3. Controller The following party is responsible for the processing of data in relation to the services, i.e., this is the person who determines the purposes and means of processing personal data: Ghostery, Inc 49 w 23rd Street, Floor 7, New York, NY 10010 Tel.: +1 (212) 627-1901‬ email: info@ghostery.com 4. Data protection officer You can contact our data protection officer via the contact data listed under 3., in the Data Protection Department, or via privacy@ghostery.com. II. Itemization of data processing operations This section of the data privacy statement contains detailed information about the processing of personal data in the context of our services. The information is subdivided for greater clarity into certain functions in connection with our services. In case of the normal use of the services, different functions and therefore also different processing operations can be implemented consecutively or simultaneously. 1. General information about the data processing operations The following applies to all the processing operations listed below, unless stated otherwise: a. No obligation to provide personal data &amp. consequences of failure to provide such data The provision of personal data is not required by law or contract, and you are under no obligation to provide any data. We will inform you during the data entry process when personal information needs to be provided for the relevant service (e.g., by indicating “mandatory fields”). In cases where the provision of data is required, the consequence of not providing data will be that the service in question cannot be provided. Otherwise, failure to provide data may result in our inability to provide our services in the same form and quality. b. Consent In various cases, you may also grant us your consent to the further processing of data (or some of the data, where applicable) in connection with the operations listed below. In this case, we will inform you separately in connection with the submission of the respective declaration of consent about all the procedures and the scope of the consent and about the purposes which we pursue in these processing operations. The processing operations based on your consent are therefore not listed again here (Art. 13, subs. 4, GDPR). c. Transfer of personal data to third countries Ghostery is a corporation of the United States, which is considered a “third country” by the GDPR, i.e., a country outside the European Union. The data transmitted to and within the United States and other third countries are transmitted strictly in compliance with the statutory conditions of admissibility. If the transmission of the data to a third country does not serve the purpose of fulfilling our contract with you, if we do not have your consent, if the transmission is not required for the establishment, exercise or defense of legal claims, and if no other exemption applies under Art. 49 GDPR, we will only transmit your data to a third country if in possession of an adequacy decision pursuant to Art. 45 GDPR or appropriate safeguards under Art. 46 GDPR. One of these adequacy decisions is the Commission Implementing Decision (EU) 2016/1250 of 12.07.2016 on the “EU-US Privacy Shield” for the USA. The level of data protection is generally considered to be appropriate according to Art. 45 GDPR for transfers to companies which are certified under the EU-US Privacy Shield. Alternatively or additionally, safeguards under Art. 46 subs. 2 c) GDPR through the conclusion of the EU standard data protection clauses adopted by the European Commission with the receiving body provide appropriate safeguards and an adequate level of data protection. Copies of the standard EU data protection clauses are available on the website of the European Commission at https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/model-contracts-transfer-personal-data-third-countries_en. d. Hosting at external service providers Our data processing work is carried out to a large extent with the involvement of hosting service providers who provide us with storage space and processing capacities at their data centers and who also process personal data on our behalf according to our instructions. It may be the case that personal data are transmitted to hosting service providers in respect of all of the functions listed below. These service providers process data either exclusively in the EU or subject to guaranteed levels of data protection which we have put in place based on the standard EU data protection clauses (cf. subsection c.). e. Transmission to government authorities We send personal information to government authorities (including law enforcement agencies) when required to fulfil a legal obligation to which we are subject (legal basis: Art. 6, subs. 1 c), GDPR) or when it is necessary for the assertion, exercise or defense of legal claims (legal basis: Art. 6, subs. 1 f), GDPR). f. Period of storage The time specified in the “period of storage” paragraph indicates how long we use the data for the purposes in any given case. At the end of this period, the data will no longer be processed by us but will be deleted at regular intervals, unless continued processing and storage are required by law (in particular, because it is necessary to fulfil a legal obligation or for the establishment, exercise or defense of legal claims) or unless you grant us extended consent. g. Data categories The category names listed below are used for specific types of data in the following sections: <ul> <li> Account data: Login/user ID and password</li> <li> Personal master data: Title, salutation/gender, forename, surname, date of birth</li> <li> Address data: Street, house number, additional address lines (where applicable), postcode, city, country</li> <li> Contact data: Telephone number(s), fax number(s), email address(es)</li> <li> Login data: Information about the service via which you logged on. times and technical information on login, authentication and logout. data entered by you when logging on</li> <li> Purchase order data: Ordered products, prices, payment and delivery information</li> <li> Payment data: Account information, credit card details, data for other payment services such as PayPal</li> <li> Newsletter user profile data: Opening of newsletter (date and time), contents, selected links, as well as the following information relating to the computer system accessing the newsletter: Internet Protocol address used (IP address), browser type, browser version, device type, operating system and similar technical information.</li> <li> Access data: Date and time of visit to our service. the page from which the system accessed our site. pages visited during the session. session identification data (session ID), as well as the following information relating to the computer system accessing the service: Internet Protocol address used (IP address), browser type, browser version, device type, operating system and similar technical information.</li> </ul> 2. Accessing our services The passages below set out how your personal data are processed when you access our services, such as loading and viewing our website. We would point out that it is impossible not to send access data to external content providers (cf. subsection b.) due to the technical processes involved in transmitting information over the Internet. The third-party providers are themselves responsible for the privacy-compliant operation of the IT systems which they use. The service providers are required to decide how long the data will be stored. a. Purposes of data processing, legal basis, legitimate interests (where applicable), and period of storage Data category Intended purpose Legal basis Legitimate interest, where applicable Period of storage Access data Establishing connection, presenting contents of the service, detecting attacks on our site due to unusual activities, fault diagnosis Art. 6, subs. 1 f), GDPR. in case of transmission to the USA also Art. 45 GDPR in conjunction with the Commission Implementing Decision (EU) 2016/1250 of 12.07.2016 on the “EU-US Privacy Shield” Proper functioning of services, (accelerated) display of content 4 Weeks   b. Recipients of personal data External Content Providers Data concerned Legal basis Legitimate interests, where applicable External content providers who provide content which is needed to display the service (e.g., images, videos, embedded postings from social networks, banner ads, fonts, update information Access data Art. 6, subs. 1 f), GDPR. in case of transmission to the USA also Art. 45 GDPR in conjunction with the Commission Implementing Decision (EU) 2016/1250 of 12.07.2016 on the “EU-US Privacy Shield” Proper functioning of services, (accelerated) display of content Vendor that provides webhosting and IT security services Access data Art. 6, subs. 1 f), GDPR. in case of transmission to the USA also Art. 45 GDPR in conjunction with the Commission Implementing Decision (EU) 2016/1250 of 12.07.2016 on the “EU-US Privacy Shield” Prevention of attacks through exploitation of security gaps / vulnerabilities 3. Paid-for services Ghostery offers premium products and advanced tools to its users that are available for a monthly or yearly fee, details which you may access through our website. The tables below set out how your personal data are processed when you use services which are subject to charges. a. Purposes of data processing, legal basis, legitimate interests (where applicable), and period of storage Data category Intended purpose Legal basis Legitimate interest, where applicable Period of storage Account data Identification and checking of authorization to access the service Art. 6, subs. 1 b), GDPR Duration of registration Login data Identification, establishment of contact, traceability of registration Art. 6, subs. 1 b), f), GDPR Proof of successful registration Duration of registration Payment data Processing of payments for the service Art. 6, subs. 1 b), GDPR Duration of the contractual relationship Purchase order data: Ordered products, prices, payment and delivery information Art. 6, subs. 1 b), GDPR Duration of the contractual relationship   b. Recipients of personal data Recipient category Data concerned Legal basis Legitimate interests, where applicable Payment service providers Payment data Art. 6, subs. 1 b), GDPR 4. Job Application Ghostery will often post job postings and career opportunities on our website. The tables below set out how your personal data are processed in connection with an application process between you and us. a. Purposes of data processing, legal basis, legitimate interests (where applicable), and period of storage Data category Intended purpose Legal basis Legitimate interest, where applicable Period of storage Address data, contact data Identification, establishment of contact, communication for initial contract negotiations Art. 6, subs. 1 b), GDPR 24 months Personal master data Identification, establishment of contact, age verification Art. 6, subs. 1 b), GDPR 24 months Images and documents uploaded by you, information on occupation / hobbies, knowledge, skills Candidate selection Art. 6, subs. 1 b), GDPR 24 months 5. Customer Support Ghostery invites its visitors and users to submit feedback to help us improve our products as well as to identify and fix errors and product defects. The tables below show how your personal data are processed when you contact our customer support. a. Purposes of data processing, legal basis, legitimate interests (where applicable), and period of storage Data category Intended purpose Legal basis Legitimate interest, where applicable Period of storage Personal master data, contact data, contents of enquiries / complaints, access data Processing of customer enquiries and user complaints Art. 6, subs. 1 b), f), Customer loyalty, improvement of our service We retain any personal data related to user-submitted support tickets during the processing of the inquiry. We delete these tickets after 6 months of inactivity, though they remain subject to the data storage parameters of our user support platform.   b. Recipients of personal data Recipient category Data concerned Legal basis Legitimate interests, where applicable Customer platform service provider Personal master data, contact data, contents of enquiries / complaint, access data Art. 6, subs. 1 f), b), GDPR. in case of transmission to the USA also Art. 45 GDPR in conjunction with the Commission Implementing Decision (EU) 2016/1250 of 12.07.2016 on the “EU-US Privacy Shield” Customer loyalty, improvement of our service e-mail delivery provider Personal master data, contact data, content of feedback Art. 6, subs. 1 f), b), GDPR Customer loyalty, improvement of our service Our Ghostery Feedback Forum is powered by Discourse, but we host the forum itself. Discourse’s privacy terms and Ghostery’s Privacy Policy apply. Please be aware, that any personal information you publish in our Feedback Forum will be open to the public. We suggest you use pseudonyms, if you do not want to reveal your identity to the public. 6. Web Analysis This website uses Matomo, an open-source, privacy-first software for the statistical evaluation of online visits. Matomo uses cookies and tracking to analyze utilization of the website. The information on the website is generated by cookies, which are stored on Ghostery’s first-party server. IP addresses are anonymized immediately after processing and prior to being stored. The data collected using Matomo is not used to identify the website visitor, nor is it combined with personal data of the bearer of the pseudonym.&nbsp. Users can prevent the installation of cookies by adjusting their browser settings accordingly.&nbsp. Period of Storage: Matomo stores its analytics data for 14 months before automatic deletion. As a privacy company, Ghostery does NOT exchange data with third-party service providers to do things like display ads to you, follow your behavior around the web, or sell your data. Purpose of Processing The analysis of user behavior by means of web analysis helps us to check the effectiveness of our services, to improve and adapt them to the needs of the users, and to correct errors. It also allows us to produce statistics on the use of our services, such as metrics related to actions taken on our website or the success of marketing campaigns. Legal Basis of Processing The legal basis for this processing of personal data is Art. 6, subs. 1 f), GDPR. The evaluation of information obtained through web analysis is necessary to optimize and ensure the greatest possible benefit for you. Via an opt-out process, users of this website may prevent their device from being assigned a web analysis cookie ID number, in which case Matomo will not record any data regarding their visits to this website. If you use our services on a new end device or in a different browser, or if you have deleted the cookies set by your browser, you will need to reconfirm your acceptance or refusal of consent.&nbsp. Matomo honors Do Not Track (DNT) requests and will not install any cookies or record any data from browsers that have this featured turned. 7. Submit a Tracker To ensure that we provide the most comprehensive tracker blocking tool possible, Ghostery invites our users to submit new trackers to us as candidates to include in our tracker database. The tables below show how your personal data are processed when you report new trackers through our website. a. Purposes of data processing, legal basis, legitimate interests (where applicable), and period of storage Data category Intended purposes Legal basis Legitimate interests, where applicable Period of storage Contact data Processing of customer reports Art. 6, subs. 1 b) improvement of our service During the processing of the enquiry   b. Recipients of personal data Recipient category Data concerned Legal basis Legitimate interests, where applicable Customer platform service provider Personal master data, contact data, contents of enquiries / complaint, access data Art. 6, subs. 1 f), b), GDPR. in case of transmission to the USA also Art. 45 GDPR in conjunction with the Commission Implementing Decision (EU) 2016/1250 of 12.07.2016 on the “EU-US Privacy Shield” Customer loyalty, improvement of our service III. Product news and updates Ghostery offers you the chance to stay up-to-date about product news and updates. Just subscribe to our mailing list, and you’ll receive all the latest information about the world of Ghostery. 1.Purpose of the data processing, legal basis, legitimate interests if applicable, and duration of storage Data category Purpose Legal basis Legitimate interests if applicable Storage duration Email address Verification of the subscription (double opt-in procedure). newsletter delivery Art. 6(1)(a), (b) GDPR Duration of subscription, plus 4 years Personal master data Personalization of the deliveries Art. 6(1)(a), (b), (f) GDPR Proof of successful subscription Duration of subscription, plus 4 years Subscription data Traceability of successful newsletter subscription / confirmation / unsubscription Art. 6(1)(a), (b), (f) GDPR Proof of successful newsletter subscription / confirmation / unsubscription Duration of subscription, plus 4 years Employer data Personalization of the deliveries Art. 6(1)(a), (b), (f) GDPR Proof of successful subscription Duration of subscription, plus 4 years 2. Recipient of personal data Recipient category Affected data Legal basis Legitimate interests if applicable Email delivery service Email address, personal master data Art. 6(1)(b), (f) GDPR, Art. 28 GDPR Sending the emails, ensuring delivery IV. Rights of data subjects 1. Right to object If we process your personal data for direct marketing purposes, you have the right to object at any time to the processing of personal data concerning you for such marketing with future effect, which includes profiling to the extent that it is related to such direct marketing.You also have the right, at any time with future effect and for reasons relating to your particular situation, to object to the processing of personal data concerning you which is based on Art. 6, subs. 1 e) or f), GDPR, including profiling based on these provisions. The right to object may be exercised free of charge. In order to be able to process your request faster, please reach us by emailing us at privacy@ghostery.com. 2. Right of access You have the right to obtain confirmation from us as to whether or not personal data concerning you are being processed and, where that is the case, access to the personal data and the other information listed in Art. 15 GDPR. 3. Right to rectification You have the right to obtain from us the rectification of inaccurate personal data concerning you without undue delay (Art. 16 GDPR). Taking into account the purposes of the processing, you have the right to have incomplete personal data completed, including by means of providing a supplementary statement. 4. Right to erasure (“right to be forgotten”) You have the right to obtain from us the erasure of personal data concerning you without undue delay if one of the reasons listed in Art. 17, subs. 1, GDPR is applicable and the processing operations are not required for one of the purposes approved in Art. 17, subs. 3, GDPR. 5. Right to restriction of processing You are entitled to obtain from us the restriction of the processing of personal data if one of the conditions laid down in Art. 18, subs. 1 a) to d), GDPR is met. 6. Right to data portability Under the conditions set out in Art. 20, subs. 1, GDPR, you have the right to receive the personal data concerning you which you have provided to us, in a structured, commonly used and machine-readable format and the right to transmit those data to another controller without hindrance on our part. In exercising your right to data portability, you have the right to have the personal data transmitted directly by us to another controller where technically feasible. 7. Right to withdraw consent If the processing is based on your consent, you have the right to withdraw your consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal. V. California For residents of California, please see our Privacy Policy Supplemental Notice – California   __________ Deutsche Übersetzung finden Sie hier. Ghostery <ul> <li>About Ghostery</li> <li>Values</li> <li>Careers</li> <li>Press Releases</li> <li>Legal</li> <li>Terms and Conditions</li> <li>Imprint</li> <li>Cliqz</li> </ul> Products <ul> <li>Ghostery Browser Extension</li> <li>Ghostery Midnight</li> <li>Ghostery Browser</li> <li>Ghostery Insights</li> </ul> Learning Center <ul> <li>Blog</li> <li>eBooks</li> </ul> Support <ul> <li>FAQs</li> <li>Submit a Tracker</li> </ul> Pricing <ul> <li>Personal</li> <li>Business</li> <li>Enterprise</li> </ul> Partner With Us <ul> <li>Partner With Us</li> <li>University Partnership</li> <li>GhostTesters</li> </ul> Follow Us Ghostery <ul> <li>About Ghostery</li> <li>Values</li> <li>Careers</li> <li>Press Releases</li> <li>Legal</li> <li>Terms and Conditions</li> <li>Imprint</li> <li>Cliqz</li> </ul> Partner With Us <ul> <li>Partner With Us</li> <li>University Partnership</li> <li>GhostTesters</li> </ul> Pricing <ul> <li>Personal</li> <li>Business</li> <li>Enterprise</li> </ul> Products <ul> <li>Ghostery Browser Extension</li> <li>Ghostery Midnight</li> <li>Ghostery Browser</li> <li>Ghostery Insights</li> </ul> Support <ul> <li>FAQs</li> <li>Submit a Tracker</li> </ul> Learning Center <ul> <li>Blog</li> <li>eBooks</li> </ul> Follow Us © 2010-2021 Cliqz International GmbH. All rights reserved. Ghostery, the Ghostery logos, Ghostery Insights and Ghostery Midnight are registered trademarks of Cliqz International GmbH.