This policy was last modified on and has an effective date of Oct 1, 2021.
If you are a resident in the European Economic Area (EEA) and want to find out more about your data protection rights, please see Data Subject Requests.
Our Platform is intended for use by our clients – and for the most part – we collect and process personal information through the Platform as a data processor on behalf of our clients (the client is the data controller). Please also note that in certain use cases this policy applies to the personal information we collect and process through the Platform as a data controller.
We are not responsible for the privacy or security practices of our clients, which may differ from those set forth in this policy. We require our clients to comply with all applicable laws and regulations and to provide you with notice of the collection of data as outlined in this policy. To understand how clients will use your personal information, please refer to the relevant privacy policies for those clients.
Information We Collect
How We Collect Usage Data
How We Use Your Information
How We Share Your Information
Your Privacy Choices & Opting Out
Additional Notice for EEA Residents
Data Subject Requests
How to Contact Us
Our Platform helps clients collect, manage and distribute their data to better recognize, understand and market to their consumers.
The Signal Platform enables our clients to:
In order to provide the Platform, our clients must configure the Platform to collect data from users of our clients’ websites, mobile applications, advertising impressions, email campaigns, retail stores and other sources (“Data Sources”) that use our Platform. Signal does not have any relationship, contractual or otherwise, with the users of the Data Sources, the client maintains these relationships.
The Platform deploys various cookies and similar tracking technologies (See How We Collect Usage Data) to automatically collect certain information about your device when you visit or interact with Data Sources that use our technology (“Usage Data”) as well as information about how you interact with ads. This includes certain unique identifiers that may be considered personal data in certain jurisdictions, including the European Economic Area.
We collect this information by assigning a random unique identifier (“UID”) to your device the first time you interact with a Data Source that uses our technology. The UID is then used to establish linkages between you and other information the client and Platform may have about you.
The information we automatically collect includes:
We do not collect any “sensitive” or “special categories of personal data” as defined under European data protection laws.
We may also enhance the Usage Data, with information collected from third parties, such as other web-based and mobile networks, exchanges and websites (“Partners”) or our clients (for example, they may upload certain “offline” data into the Platform). In addition, the information we automatically collect may be associated with profile information that we infer about you. This information may include, for example, hashed identifiers derived from other information (such as email addresses), mobile device IDs, demographic or interest data, and content viewed or actions taken on a Data Source.
Signal’s Tag Manager (Data Hub) itself [including the domain thebrighttag.com] does not have usage tracking about the on-page firing. With no tags deployed, Signal does not collect any information. When used by a business customer of Signal, Signal Data Hub will deliver the library containing the customer specified tags to the customer’s owned property. A customer may choose to use custom Signal tags to track information about the usage of their own properties. This first-party data is only accessible to the client that collected it and is never made available to other clients or to Signal itself for any other usage.
In order to monitor system stability and performance, Signal may collect some aggregated data about tag firing. This firing data does not include user IP addresses or any user-specific identifiers that could be associated with a particular individual. Other than data in standard HTTP request logs, all of which are deleted within 14 days of being received, and aside from the first-party use case described above, Signal does not collect, retain, or share any information about visitors to our customers’ properties, including page URLs visited.
Cookies and Local Storage. Cookies and local storage are data files placed within a browser on a device when it is used to visit a website. Both cookies and local storage can be used to store digital identifiers whenever you visit one of our client’s websites. Most browsers provide you with the ability to disable or decline cookies and local storage.
Web Beacons. Web Beacons are small graphic images or other web programming code called web beacons (also known as “1×1 GIFs” or “clear GIFs”) that are included in our clients’ websites or emails.
Embedded Scripts. An embedded script is programming code that is designed to collect information about your interactions with a website. The code is temporarily downloaded onto your device from our web server, is active only while you are connected to the website, and is deactivated or deleted thereafter.
SDKs and APIs. SDKS and APIs are programming codes that collect information about your interactions with mobile apps and websites. This code is installed on a device, typically within our clients’ applications that you choose to download onto your mobile device.
Signal is based in the United States. Therefore, we and our service providers may transfer your information to, or store or access it in, jurisdictions that may not provide equivalent levels of data protection as your home jurisdiction.
You may opt out of our behavior-based advertising by following the instructions below for web browsers and mobile apps. Please note that web browsers and mobile apps operate using different identifiers. You must opt out separately in each web browser and for each computer or device that you would like to be opted-out on.
Mobile App Opt Out. For mobile apps, you can typically limit ad tracking using the settings on your phone, tablet or other mobile device using the “Ads” menu, “Ad Tracking” setting, or similar setting on your device. Mobile device operating systems such as Apple iOS or Google Play Services provide mechanisms that allow users to opt out of the use of information about their usage of mobile apps to deliver targeted ads based on their interests.
Please be aware that opting out does not mean that you will no longer receive targeted marketing messages in your mobile apps or Web browsers. You may still receive generic advertisements and you may see targeted advertisements based on information collected and used by entities other than us.
Location. Most mobile devices offer you the ability to stop the collection of location information at any time by changing the preferences on your device. You may also be able to stop the collection of location information by particular apps by adjusting the settings for individual apps or following the standard uninstall process to remove specific mobile apps from your device.
If you are a resident of the EEA, you have some additional rights which are explained below in “Additional Notice for EEA Residents”.
We retain data for no longer than two years from when we last collect information about a user. Every time our technology collects new data about a user or a client uploads or changes a user record, this two-year counter begins again. We also retain data as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
If you are a resident of the EEA, you have certain rights and protections under the law regarding the processing of your personal data.
Legal Basis for Processing
If you are a resident of the EEA, we will only process your personal data:
If you have questions about or need further information concerning the legal basis on which we collect and use your personal information, please contact us using the contact details provided under the “How to Contact Us” heading below.
If you are a resident of the EEA, you have the right to access personal data we hold about you and to ask that your personal data be corrected, erased, or transferred. You may also have the right to object to, or request that we restrict, certain processing. If we have collected and process your personal information with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your personal information conducted in reliance on lawful processing grounds other than consent.
To make any of these requests please email [email protected]. We will respond as soon as practicable and no later than one month after receipt of your request.
Please note that because most of the information we store can only identify a particular browser or device, and cannot directly identify you personally, we can only provide information regarding IDs we can verify ownership of such as the email address from which the request has originated. We may deny or restrict fulfillment of your request in some cases, such as when your access to data places another individual’s privacy rights at risk, or the continued processing of your data is necessary to comply with a legal obligation. If so, we will notify you of the reason(s) for this denial.
Questions or Complaints
If you are a resident of the EEA and have a concern about our processing of personal data that we are not able to resolve, you have the right to lodge a complaint with the Data Protection Authority where you reside. For contact details of your local Data Protection Authority, please see http://ec.europa.eu/justice/data-protection/article-29/structure/data-protection-authorities/index_en.htm.
If you have questions or comments about this Policy, you can contact us at: [email protected] or by post, using the contact details below:
Signal Digital Inc.
555 W Adams Street
To comply with our obligations under EU data protection legislation, we have appointed a Data Protection Officer (DPO). Our DPO is contactable at [email protected] or by mail using the details provided above.
In accordance with EU data protection legislation, we have appointed the following company as our official EU Representative:
Cork Airport Business Park,
Cork, Ireland T12KV8R
Contact: [email protected]