Privacy Policy

​

Markaiter SAS and its affiliates (“Markaiter SAS”, “we” or “us” or "MarkaiterIO") are committed to respect the right to privacy, and to comply with applicable data protection laws, such as the GDPR (EU’s General Data Protection Regulation), and the UK GDPR (the United Kingdom General Data Protection Regulation). This Privacy Policy outlines how we as the data controller collect, use and share personal data of people who use or are connected to our services, are interested in our services (or us), or with whom we otherwise do (or would like to do) business. This Privacy Policy provides you with information on your rights as a data subject and how to reach us if you have any questions.

Please note that we do not control any personal data processing conducted by online advertising platforms, third party services possibly linked to our services, or by our customers. We have added a few helpful links below, but you should always contact those third parties directly for accurate information on their processing.

• Facebook & Instagram Data Policy(https://www.facebook.com/privacy/policy/)

• Google Privacy Policy (https://policies.google.com/privacy?hl=en-US)

• Linkedin Privacy Policy (https://fr.linkedin.com/legal/privacy-policy?)

​

Markaiter SAS’s Applications and other Services

Our Software-as-a-Service (SaaS) applications help to automate and optimize ad campaigns in online advertising platforms such as Facebook, Instagram, and Google. We also provide advertising related professional services. If you use or otherwise are involved in the delivery of our services (e.g. provide creative briefs), we collect the following personal data directly from you or the customer you represent:

• Basic information (such as name, title, work location and contact information)

• Communications (regardless if via email, telephone, chat, video-calls or by other means), traffic data and other related data

• Service data (such as support requests, project plans, service history and service related metrics)

The personal data is used to provide the services, including to communicate with you, and to provide service support. We also use such data to conduct surveys, to process feedback and to develop and improve our services. The personal data is erased from or anonymized in our systems upon request of the data subject or the customer they represent, or if the data is detected as irrelevant in our automated or manual system maintenance, or after three years of our latest contact to the data subject, whichever occurs first.

If you are a user of our platform services, we also process:

• Login details and general user information, including user name, email address, password (hashed with bcrypt)

• IP address and browser user agent (when using the Markaiter.com application)

• User’s id in customer’s identity provider (when using SSO/SCIM)

• Log data and other data derived from your actions in our services

This personal data is used to authenticate users to allow access to the Markaiter SAS  application(s), identify users when providing customer support, and store events and log information regarding a customer’s use of the Markaiter SAS’s application(s) for purposes of audit in case of a security or other incident to have a trail of actions performed by us and our users, to maintain support records, and for purposes of services improvement and service level analysis. The data is removed upon request, except for data (such as user name) stored in application logs and audit trails, which are deleted according to our standard data management cycle.

After a user has connected or otherwise authorized our platform to access their ad account or assets on certain online advertising platform(s), we process (where granted with access and to the extent applicable to the services in question):

• The user identification information, such as user ID, user name, user email and profile picture URL

• Access tokens (more information is available about access rights in the applicable online platform’s community sites, for example regarding Facebook access tokens here)

• Advertiser identification information, such as Ad account ID and Advertiser ID

• Events and log information on interaction between the ad account and Markaiter SAS’s application(s)

• YouTube and Google User Data as specified below in Section 2

Such personal data is used to identify each user and verify their access rights, permit users to access and use the service (i.e. to identify and connect the assets and campaigns and manage these assets and campaigns on online advertising platform via Markaiter SAS’s platform, to synchronize campaign entities and metrics between our services and online advertising platform), and to provide support service. We will process such ad account and campaign related personal data until our access to such data is revoked (including invalidated by using an online advertising platform’s tools), except for the following exceptions:

• Facebook ad account related information is removed 30 days after the respective customer terminates the relevant contract or 60 days after the ad account is disconnected by the user

• Event logs / application data stored in Markaiter SAS (which deletion is described above)

• Data stored in back-ups are deleted in accordance with our standard data management cycle, for example the backup records are deleted from the application database after 90 days

​

All processing under this section is based on our legitimate interests in maintaining, evaluating and improving our services, including to provide customers with agreed services, ensuring security and availability of the services, to help us understand how our services are used and how campaigns perform, for resource management, and to gain insights which help us dedicate our resources and efforts better.

The personal data may be shared, as necessary to perform the services as agreed, to other users and the online advertising platform partners, as well as our suppliers participating in service production, development and quality control.

​

Facebook & Instagram User Data

We make use of facebook Ads API when providing our clients with our Ad Campaigns based services, which involves processing of Facebook User Data and certain other data, part of which also can be used to identify a data subject directly or indirectly (personal data).

Please note that by using our Facebook Ads based services, the customers are also agreeing to be bound by the Facebook Ads Terms of Service. Please see the Facebook Ads Privacy Policy to learn how Facebook treats your personal data and protects your privacy in their services.

We process the Facebook User IDs shared by the relevant customer to authenticate each user’s right to access the customer’s Facebook Ad Account,  as applicable, and to provide and maintain authorized access. We store the Facebook User ID as long as the user has access to our customer’s account, and for a reasonable time thereafter as required to maintain and demonstrate diligence of our business and data security, including to investigate any potential misuse where necessary. We process the related personal data on the basis of legitimate interests related to the data security, customer and business relationships between us and the affected data subjects. We also process Facebook Ad Account IDs and tokens to authenticate each user’s right, but such data cannot be used to identify any individual user and should not contain any personal data.

For clarity, we do not collect any personal data from the users’ devices.

We process the relevant customer’s “Facebook Ads” data through Facebook Ads API, for purposes of creating and launching Ad Campaigns, reporting to provide insights and understand of the performance of Facebook Ads campaigns and individual ads, to maintain the customer relation and for administrative purposes, such as invoicing.  However, all aforementioned data is aggregated and should not include any personal data.

Personal data is shared on as needed basis with our data processors (for purposes controlled by us).

​

​

Linkedin User Data

We make use of Linkedin Ads API when providing our clients with our Ad Campaigns based services, which involves processing of Linkedin User Data and certain other data, part of which also can be used to identify a data subject directly or indirectly (personal data).

Please note that by using our Facebook Ads based services, the customers are also agreeing to be bound by the Linkedin Ads Terms of Service. Please see the Linkedin Ads Privacy Policy to learn how Linkedin treats your personal data and protects your privacy in their services.

We process the Linkedin User IDs shared by the relevant customer to authenticate each user’s right to access the customer’s Linkedin Ad Account,  as applicable, and to provide and maintain authorized access. We store the Linkedin User ID as long as the user has access to our customer’s account, and for a reasonable time thereafter as required to maintain and demonstrate diligence of our business and data security, including to investigate any potential misuse where necessary. We process the related personal data on the basis of legitimate interests related to the data security, customer and business relationships between us and the affected data subjects. We also process Linkedin Ad Account IDs and tokens to authenticate each user’s right, but such data cannot be used to identify any individual user and should not contain any personal data.

For clarity, we do not collect any personal data from the users’ devices.

We process the relevant customer’s “Linkedi Ads” data through Linkedin Ads API, for purposes of creating and launching Ad Campaigns, reporting to provide insights and understand of the performance of Facebook Ads campaigns and individual ads, to maintain the customer relation and for administrative purposes, such as invoicing.  However, all aforementioned data is aggregated and should not include any personal data.

Personal data is shared on as needed basis with our data processors (for purposes controlled by us).

​

​

YouTube & Google User Data

We make use of YouTube API Services and Google Ad Accounts when providing our clients with YouTube and Google Ads based services, which involves processing of Google User Data and certain other data, part of which also can be used to identify a data subject directly or indirectly (personal data).

Please note that by using our YouTube based services, the customers are also agreeing to be bound by the YouTube Terms of Service. Please see the Google Privacy Policy to learn how Google treats your personal data and protects your privacy in their services.

We process the Google User IDs shared by the relevant customer to authenticate each user’s right to access the customer’s Google Ad Account, Google Display & Video 360, YouTube, as applicable, and to provide and maintain authorized access. 0Auth integration is currently available from Ad-Lib’s application for Google Ads, Google Display & Video 360 and YouTube. We store the Google User ID as long as the user has access to our customer’s account, and for a reasonable time thereafter as required to maintain and demonstrate diligence of our business and data security, including to investigate any potential misuse where necessary. We process the related personal data on the basis of legitimate interests related to the data security, customer and business relationships between us and the affected data subjects. We also process Google Service Account IDs and tokens to authenticate each user’s right, but such data cannot be used to identify any individual user and should not contain any personal data.

We process YouTube channel ID and title (i.e. Authorized Data) in order to enable the authorized users to pick the channel when they upload a video to YouTube, based on the right the user has granted us to access YouTube API Services, and until such access right is revoked. The users can easily revoke our access to their data from our service, or via the Google security settings page. If personal data is included in the Authorized Data, processing is based on our legitimate interests described above.

For clarity, we do not collect any personal data from the users’ devices.

We process the relevant customer’s “Google Ads” data through Google Ads API, for purposes of reporting to provide insights and understand of the performance of Google Ads campaigns and individual ads, to maintain the customer relation and for administrative purposes, such as invoicing. However, all aforementioned data is aggregated and should not include any personal data.

​

​

Website and Contact Requests

Our websites deploy cookies, which are necessary for the sites to function (e.g. to enable page navigation, access to secure areas of the site, filling in forms, and setting your privacy preferences), and, subject to your consent, also uses other cookies for: content personalization, marketing, provision of media features and analysis of site traffic. Please see our cookie policies for detailed description of the used cookies, their purposes and to learn how to revoke “cookie-consents” and otherwise manage your preferences:

• Markaiter.com Cookie Policy

If you decide to contact us through our website (or any other channels, we’re always happy to hear from you), we will use the contact details and other given information to reply and process your request, for example to contact you to provide more information and to arrange a demo if you wish to learn more about our services. The processing is based on its necessity to reply to you and take measures deemed by your request.

Personal data derived from the websites and contract requests are deleted upon request of the contact, if the data is recognized out-dated, if the contact is no longer deemed suitable candidate to our service or has been inactive for over a year.

Such data is not regularly shared or transferred outside the EU, unless you reside outside the EU, in which case the personal data may be transferred to the Markaiter SAS’s office in your area. Such transfers are performed subject to standard data protection clauses adopted by the EU Commission in accordance with the GDPR, which are made available to the data subject upon request.

Please note that our services and resources are designed for business customers only (and should not even be interesting to consumers), and thus we presume that everyone contacting us and interested in our services represent a business, not a private individual.

​

​

Contracting and Invoicing

If you serve as the representative or other contact of our customer, supplier, partner or other entity we do (or wish to do) business with we’ll need to process the following information:

• Basic information (such as name, title, company name, work location and contact information)

• Business connections

• Communications

You are the main source of information, but the personal data may also be collected from your employees, your colleagues, and our (other) customers, suppliers and partners.

The personal data is used to discuss business opportunities, send notifications related to our services and otherwise communicate with you, contracting, invoicing and making payments. The processing is based on our legitimate interests pertaining to agreements we have (or have had), maintaining relationships, and pursuing our business. In addition, the invoicing related personal data will be used in accounting and reporting, which processing shall be based on our obligations under the law.

The personal data are erased from or anonymized in our systems upon request of the data subject or the party they represent, or if the data is detected irrelevant in our automated or manual system maintenance, or after three years of our latest contact to the data subject, whichever occurs first, with exception of personal data that must be retained for period required in the law, in which case the data shall be retained as long as needed to comply with such requirement.

​

Data Subjects’ Rights

If we store or use your data for purposes described above, you can always request from us:

• To access your personal data

• Rectification or erasure of your data

• For restriction of processing your data, including object such processing

• To receive a copy of data about yourself that you’ve shared with us and have that data to be transmitted to another data controller

Where the processing is based on consent, you can withdraw such consent at any time. Please note that the withdrawal will not affect processing performed prior to the withdrawal.

If you wish to exercise your rights, please see our Contact Information at the very end of this Privacy Policy.

If you wish to exercise your rights, please see our Contact Information at the end of this Privacy Policy.

If you believe your rights under the data protection laws are being infringed, you may lodge a complaint with the supervisory authority of your residence in the EU.

We will not:

• Deny you access to our goods or services as a result of your exercise of your rights

• Charge you different prices or rates for such access as a result of your exercise of your rights

• Provide you a different level or quality for such goods or services as a result of your exercise of your rights

• Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services as a result of your exercise of your rights

Changes to the Privacy Policy

We may make changes to this Privacy Policy at any time. If changes to Privacy Policy are due to material changes in the processing or further processing, we shall provide the data subjects with necessary information. If you object to any of the changes to this Privacy Policy, you should cease using our services, where applicable.

Contact Information

You can reach us in all inquiries related to personal data processing at contact@smarkaiter.com

​

​

Last updated March 2023

​

​