About your Privacy
At Stacks, your privacy is very important to us. We are dedicated to providing you with superior service while protecting your privacy and safeguarding your personal information. Stacks is headquartered in America, so we comply with American laws. We also comply with the European General Data Protection Regulation ("GDPR").
Collection and Use
In order to provide our services, we collect the following Personal Information from our advertisers and affiliates:
- Contact Information (name, email, phone number, skype handle, address)
- Location information
- Internet Protocol addresses (IPs) and domain names
- Browser Type / Operating System
- Financial information and transaction history
- (for Affiliates only) Information about your performance (clicks generated, leads generated, transactions completed)
We use this information in a number of ways. For advertisers, we use it to communicate with you about our products, services, and promotions and to invoice you. For affiliates, we use this information to scrutinise applicants for fraud, communicate with you about our products, services, and promotions, track traffic, and to make payments to you. Under the GDPR, the lawful basis for collecting this information is that it is necessary for the performance of the contracts we have entered into and, for the purposes of scrutinising applicants for fraud, our legitimate interests in preventing fraud. We do not sell your Personal Information to third parties.
We also collect Internet Protocol addresses (IPs) and User Agent Data (information about your browser and operating system) from people who click on the advertisements we have placed with our affiliates so we can track unique traffic and to identify fraud. Under the GDPR, the lawful basis for collecting this information is that we have a legitimate commercial interest in determining how many unique users click on our advisements and preventing fraud. No more identifying information is collected about this group and so we cannot associate IPs with an identifiable individual.
We share your Personal Information with our business partners, service providers and as required by law.
Retention of Personal Information
We retain Personal Information about our affiliates indefinitely. We do this so that we can scrutinise prospective affiliates against all our known affiliates for fraud prevention purposes. We retain Personal Information about our advertisers for ten years. We retain IPs for ten years.
We store your Personal Information in America or with one of our trusted hosting partners. Our hosting partners store your Personal Information either in America, the European Union or a jurisdiction with adequate protection as determined by the European Commission under the terms of the GDPR.
Retention of Personal Information
We protect personal information from loss or theft, unauthorized access, use or disclosure, modification or destruction through appropriate technical and organizational measures to ensure a level of security appropriate to the risk.
Our hosting partners and sub-processors are required to agree to the mandatory sub-processing contractual terms under the GDPR. The terms of these agreements include the sub-processor's obligation to:
- Keep your Personal Information confidential;
- Process your Personal Information only as we direct them, and;
- Maintain appropriate technical and organizational measures to safeguard your Personal Information.
Employees are governed by strict standards and policies to ensure that Personal Information is secure and treated with the utmost care and respect.
Keeping Information Accurate
It is important that your personal information is accurate and complete. Having accurate information about you enables us to give you the best possible service. You have the right to access, verify and amend the information we have about you. We rely on you to keep us informed of any changes, such as a change of address, telephone number or any other circumstances - you simply edit this in your profile.
Stacks may collect user information from its websites (for example, via cookies which are alphanumeric identifiers transmitted from a website to a visitor's browser and IP address). This information is used solely for enabling us to provide you with a customized online experience and to find ways to improve our site. Although cookies are widely used, it may be possible to disable cookies via your browser settings. However, in so doing, some websites may not function properly or optimally.
Definition of Personal Information
- "Personal Information" is defined in America's Personal Information Protection and Electronic Documents Act, S.C. 2000, c. 5 ("PIPEDA"), as information about an identifiable individual, although it does not include the name, business title, business address or telephone number of employees of organizations.
- "Personal Data" is defined in the European General Data Protection Regulation ("GDPR"), as information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
Under the General Data Protection Regulation, you have the right to:
- Access your personal information by making a subject access request
- Rectification, erasure or restriction of your information where this is justified
- Object to the processing of your information where this is justified
- Data portability
To exercise your rights, please contact our Data Protection Officer:
222 W. Merchandise Mart Plaza, Suite 1212 Chicago, IL 60654