Privacy Policy
ANNUAL CONSUMER RIGHTS REQUEST STATISTICS:
NOTE: The denials reported below represent either requests where a consumer was not verified (where verification was required) or instances where Vericast did not have the consumer’s Personal Information in its records. Moreover, consumers typically include more than one right in their requests, including rights that require verification. This can impact the response time for the request as a whole, as reflected in the statistics below. Vericast is committed to privacy compliance, and we continue to refine and enhance our consumer rights request processes to improve response time.
Do Not Sell:
Received: 477
Complied with in whole or in part: 435
Denied: 42
Mean # days to respond: 23.4*
Median # of days to respond: 17
Limit the Use of Sensitive Personal Information:
Received: 154
Complied with in whole or in part: 126
Denied: 28
Mean # of days to respond: 38.9
Median # of days to respond: 39.2
Delete Personal Information:
Received: 184
Complied with in whole or in part: 138
Denied: 46
Mean # of days to respond: 38.4
Median # of days to respond: 39.1
Opt Out of Automated Decision-making:
Received: 164
Complied with in whole or in part: 127
Denied: 37
Mean # of Days to Respond: 40.0
Median # of Days to Respond: 40.0
*In the middle of 2023, we changed the system by which we receive, process, and respond to consumer privacy requests. Even with testing, the change inadvertently resulted in an issue that led to a temporary increase in processing time for requests that included the right to know and/or correct. All impacted consumers have since received responses. Requests impacted by that issue have been removed from the calculations for the above metrics, to reflect response time more accurately for the rights above.
Know Categories of Information
Received: 62
Complied with in whole or in part: 31
Denied: 31
Mean # of days to respond: 27.7
**Median # of days to respond: 26.6
Know Specific Pieces of Information
Received: 59
Complied with in whole or in part: 30
Denied: 29
Mean # of days to respond: 27.8
Median # of days to respond: 26.6
Correct Inaccuracies in Information
Received: 30
Complied with in whole or in part: 12
Denied: 18
Mean # of days to respond: 29.7
Median # of days to respond: 26.6
**As noted, changes to our system last year led to a temporary increase in processing time for requests that required verification. The response times in this section have been adjusted to reflect the actual response time once that issue was corrected.
SECTION JUMP LINKS
IMPORTANT INFORMATION TO HELP YOU UNDERSTAND THIS POLICY
- Who Is Vericast?
- Purposes Of This Policy
- Your Acceptance Of These Terms
- Changes To The Policy
- Personal Information Pertaining To Individuals Under Age 18
- Links, Other Websites, And Other Third Parties
- Security
- How We May Use Or Share Your Information In Ways Unrelated To Our Solutions
- Feedback
- Data Retention
INTERACTIONS WITH OUR WEBSITES
- What Information Do We Collect Or Process?
- Information We Collect Automatically
- Information You Provide to Us Directly or Indirectly
- How We Use Your Information
- Social Media Plug-Ins
- Opt-Out Options For Interactions With Our Websites
- Consumer Information We Process As A Business
- What Information Do We Collect Or Process
- How We Use Your Information
- How We Share Your Information
- Retention
- Marketing Solutions Opt-Out Options
- Consumer Information We Process For Clients As A Service Provider
- What Information Do We Collect Or Process?
- How We Use This Information
- How We Share This Information
- Retention
- Opt-Out Options
- Consumer Privacy Rights
- Exercising Your Consumer Privacy Rights
- Exercising Rights Through An Authorized Agent
- Response Timing And Appeals Process
- Shine The Light
HOW TO CONTACT US
If you have any questions about this Privacy Policy, please contact us via email at: privacyrequests@vericast.com or via mail to:
Vericast
Information Security and Privacy Group
15955 La Cantera Pkwy
San Antonio, TX 78256
Data Privacy Policy
Last Updated: August 1, 2023
INTRODUCTION
Welcome to Vericast’s Data Privacy Policy (“Policy”). In this Policy, we use the terms “Vericast,” “our,” “us,” and “we” to refer to Vericast Corp. and our businesses, including Harland Clarke Corp., QuickPivot, Valassis (including Valassis Communications, Inc., Valassis Direct Mail, Inc., Valassis Digital Corp., ValassisList.com, and Save.com), and NCH Marketing. To make our disclosures in this Policy as clear as possible, we specify when something applies to only certain of our businesses.
Vericast is committed to protecting the privacy of individuals (“users,” “you,” and “your”) when we collect or process data about you, provide our products, services, or solutions (“Solutions”) directly to you or to our business entity clients (our “Clients”), and when you visit our websites, such as www.vericast.com, save.com, harlandclarke.com (and other Harland Clarke-hosted check ordering websites), valassislist.com, as well as other websites we may add in the future (the “Websites”).
Although this Policy is long, you should read it in its entirety to make sure you don’t miss anything. But if needed, you can click through to specific sections using the links provided to the left. We have also organized this Policy according to the Solutions that we provide, so that you can better understand our practices and your rights.
IMPORTANT INFORMATION TO HELP YOU UNDERSTAND THIS POLICY
Who Is Vericast?
Vericast is reimagining marketing solutions one business-to-human connection at a time. By influencing how over 120 million households eat, shop, buy, save, and borrow, Vericast fuels commerce, drives economic growth, and directly accelerates revenue potential for thousands of brands and businesses. Our Solutions include:
- Marketing Solutions:
- Customer data management, insights, analytics, and measurement for marketing purposes, across a wide range of industries including consumer packaged goods, financial services, grocery, healthcare, restaurant, and retail
- Custom audience creation and licensing
- Omnichannel advertising solutions, including print and digital advertising, email and SMS marketing, as well as digital coupons
- Demand-side platform (DSP) services (DSP is a type of software that allows an advertiser to buy digital advertising with the help of automation)
- Licensing of Valassis Lists for advertising or approved analytical purposes
- Savings for consumers through marketing emails when consumers sign- up through Save.com
- Financial Services Solutions:
- Non-marketing related Solutions to support our financial institution clients, including contact center services, fraud protection, check-printing, forms-printing, and card manufacturing and issuance
- Checks and related accessories for consumers, businesses, and organizations, ordered through our (or our Clients’) check order websites
- Coupon Processing Solutions:
- Coupon audit, settlement, analysis, and fraud management services for retailers and manufacturers
Some of Vericast’s businesses are active members of certain industry associations that we believe further help us protect consumer privacy, including at the time this Policy was written:
Valassis Digital is an active member of the Interactive Advertising Bureau in the U.S. (“IAB”) and the Digital Advertising Alliance (“DAA”) in the U.S. and Canada. As applicable to our Solutions, we comply with the DAA’s “Self-Regulatory Principles for Online Behavioral Advertising” in the U.S. and Canada.
Purposes Of This Policy
This Policy explains how Vericast collects and processes personal information, sometimes called personal data, about you as a consumer (we’ll call it “Personal Information”). We may collect your Personal Information directly or indirectly through our Solutions or when you visit our Websites, as described in more detail in this Policy. With respect to Personal Information that we collect directly for our business purposes—and not on behalf of our Clients—we are the Business, Controller, or similar term (sometimes that includes when we purchase or license Personal Information to better serve you or our Clients). We may also collect or process Personal Information on behalf of our Clients as we describe in more detail below, and when we do that, we are most often acting as a Service Provider, Processor, or similar term. We also engage in cross-contextual behavioral advertising, and under certain laws, that may qualify as a “sale” of your Personal Information to us, even though our contracts with Clients limit what we can do with Client-provided Personal Information.
This Policy explains our practices regarding our collection, use, disclosure, sale, and retention of Personal Information, the steps we take to protect it, the parties to whom we disclose or sell it, and the choices and rights that you have with respect to your Personal Information. You should read this Policy carefully so that you are fully aware of how and why we are using your Personal Information.
Your Acceptance Of These Terms
You agree to this Policy when you purchase or otherwise engage with Vericast Solutions or use our Websites. If you do not agree with this Policy, please do not purchase or engage with Vericast Solutions or use our Websites. To better understand your privacy rights and choices, please see the STATE PRIVACY LAWS section, below.
Changes To The Policy
We may revise this Policy at any time. The date of the last update can be found at the top of the Policy. We review this Policy annually, but we may revise it more often, including, for example, if there are material changes to our data practices. If you would like to stay up-to-date on our most current policies and practices, you should periodically review this Policy.
Personal Information Pertaining To Individuals Under Age 18
Our Solutions are designed for and marketed to businesses and people 18 years old and above. We don’t knowingly collect, process, store, or sell Personal Information of individuals under age 18. If we’re made aware that we have received Personal Information from or about a person under age 18, we will use commercially reasonable efforts to remove that data from our records.
Notice To Residents Of Countries Outside The United States
Vericast is headquartered in the United States. Personal Information may be accessed by us or transferred to us in the United States or accessed by or transferred to our affiliates, Clients, business partners, service providers, vendors, merchants, or consultants elsewhere in the world, other than as restricted by law or contract. If you are located outside of the United States, any information you provide to us will be transferred to and stored in the United States. By submitting information to us, you explicitly authorize its transfer and storage within the United States. You also acknowledge and agree that Personal Information may be subject to access requests from governments, courts, law enforcement officials, and national security authorities in the United States, in accordance with United States laws. We will treat Personal Information in accordance with this Policy, regardless of where it is processed or stored.
Links, Other Websites, And Other Third Parties
This Policy relates solely to the Personal Information we collect and process about you as described in this Policy. Our Websites or apps (our “Digital Properties”) may contain links to other Digital Properties, our Clients may maintain their own Digital Properties, or we may co-host websites with them, and the digital ads we deliver for our Clients may run on a variety of other Digital Properties. Clicking on those links, accessing other Digital Properties, or enabling those connections may allow third parties to collect or share data about you. We do not control third-party Digital Properties and are not responsible for their privacy practices. You should refer to the privacy statements of such third-party Digital Properties to find out how they collect and use your Personal Information. Also, as explained below in the section INTERACTIONS WITH OUR WEBSITES, third parties may process Personal Information from you when you visit our Websites, and that processing is governed by their privacy policies.
Security
We use commercially reasonable technical, administrative, and physical safeguards to protect your Personal Information against loss or unauthorized access, use, modification, or deletion. But no security program is 100% secure, so we can’t guarantee the absolute security of your information.
How We May Use Or Share Your Information In Ways Unrelated To Our Solutions
Most of the information we collect and process is for the purpose of our Solutions. But like any company, we may need to use or share your information, including Personal Information, for other purposes. For example, we may be called upon to release information in response to a court order, subpoena, search warrant, law, or regulation. We will cooperate in responding to such requests when we have a good faith belief that we are obligated to do so. We also reserve the right to use or share your information when we have a good-faith belief it is necessary to: detect, prevent, or address fraud, violations of our terms or policies, or other harmful or illegal activity; protect ourselves, you, or others, including as part of investigations or regulatory inquiries; or prevent death, imminent bodily harm, or injury to persons or property.
We may also use or share your information in circumstances including but not limited to:
- In connection with, or during negotiations of, any merger, sale, financing, or acquisition involving our business;
- Between and among Vericast and any current or future parent, subsidiary, and/or affiliated company;
- With our business partners for the purposes described in this Policy; or
- With your consent or at your direction.
Feedback
If you provide feedback to us, we may use and disclose that feedback for any purpose, provided we don’t associate feedback with your Personal Information. We will collect any information contained in such feedback and will treat the Personal Information in it in accordance with this Policy. You agree that any such comments and any communication we receive becomes our property. We may use feedback for marketing purposes or to add to or modify our Solutions without paying any royalties or other compensation to you.
Data Retention
We provide more information on data retention below, but generally, we will retain your Personal Information for as long as reasonably necessary for the purposes described in this Policy. We may also be required to retain your Personal Information for legal or regulatory reasons, such as for tax or accounting purposes.
INTERACTIONS WITH OUR WEBSITES
This section explains the type of information we collect when you interact with our Websites, meaning when you visit our Websites and click through various pages or links. Not everyone who visits our Websites places orders or signs up for consumer marketing emails, and this section does not cover those interactions. For more on those, please see our MARKETING SOLUTIONS and FINANCIAL SERVICES SOLUTIONS sections.
What Information Do We Collect Or Process?
Information We Collect Automatically
As is true of most websites, we may collect certain technical information about your visits to our Websites without you actively submitting such information. This information can make your use of our Websites easier and more meaningful by allowing us to provide better service, customize our Websites based on user preferences, compile statistics, provide you with more relevant information, analyze trends, and otherwise administer and improve our Websites. Some of the types of technical information we may collect automatically when you visit our Websites include:
- Log Data. When you use our Websites, our servers (or service providers’ servers) automatically record information (“log data”), including information that your browser or mobile app sends whenever you visit or use our Websites. This log data may include your Internet Protocol address (“IP Address”), which is a number that is automatically assigned to your computer when you use the Internet. In some cases, your IP Address stays the same from browser session to browser session, but if you use a consumer internet access provider, your IP Address probably varies from session to session. This log data may also include cookie data, device information, and usage information:
- Cookie Data. Depending on how you are accessing our Websites, we may place small data files on your computer or other device. These data files may be cookies, pixel tags, Flash Cookies, Silverlight Cookies, or other local storage provided by your browser or associated applications or similar technologies to record log data (“Cookies”). When we use Cookies, we may use “session” cookies (that last until you close your browser) or “persistent” cookies (that last until you or your browser delete them). In order to use our Websites, your web browser must accept Cookies.
- Device and Usage Information. In addition to log data, we may also collect information about the device you are using to access our Websites and usage information, including: what type of device it is, what operating system you are using, device settings, unique device identifiers, crash data, online identifier/browser fingerprint, domain name, browser type, mobile services provider, MAC address, precise or approximate geolocation or similar geospatial information, applications installed on the device, searches and web pages viewed, access date and time, referring website address, and website address of the web page you visit after you leave our Website. Whether we collect some or all of this information often depends on what type of device you are using and its settings. For example, different types of information are available depending on whether you are using a MAC or a PC, or an iPhone or an Android phone. To learn more about what information your device makes available to us, please check the policies of and settings for your device or software.
Information You Provide to Us Directly or Indirectly
You may provide and we may collect chat and messaging transcripts, surveys, transcripts, and records of your communications to us, via your participation in one of our promotions, when you submit a technical support request, when you apply for or otherwise express interest in employment, or when you request information, news, or other content.
If you send an email to us, we will collect your email address and the full content of your email, including attached files, and other information you provide. We may use and display information about you, such as your full name and email address, when you send an email or notification to a friend through our Solutions, Website, or the social network from which you have connected to our Solutions or Website (such as in an invitation, or when sharing content). Additionally, we may use your email address to contact you on behalf of your friends (such as when someone sends you a personal message). We may use your email address to contact you.
Prospective customers, employees, or partners may provide information through our Websites to find out more about Vericast and to be contacted by a Vericast representative or by interacting with emails we have sent or materials we have made available. For example, if you seek to do business with us as a partner or Client (rather than as a consumer), you may provide us information about yourself, including your name, email, phone number, company or employer name, title, and other information as you fill out and submit our marketing webform. Or you may provide us with similar information when seeking or otherwise expressing interest in employment with us. Such information from business contacts or prospective employees may qualify as “Personal Information” under some laws, and we may collect this information if you provide it to us. Vericast (and its agents and service providers) may use this information to respond to your request, to send you marketing or potential employment communications, and for other business purposes. We will not rent or sell this information to other companies.
How We Use Your Information
Information collected automatically through our Websites may be used by partners, advertisers, and ad servers to promote third-party products and/or services, such as through online interest-based advertising. We also use Google Analytics and Hubspot (and may use other, similar tools) to help collect and analyze certain information on the Websites. We use the information you provide to us directly or indirectly—and any other information submitted on our Websites—for the purpose for which it was collected, including to respond to your inquiry. Other purposes include to:
- Recognize you (for example, as a customer, client, partner, or potential employee);
- Customize our content and advertising, including delivering more meaningful ads;
- Measure promotional effectiveness;
- Help ensure that your account security is not compromised;
- Mitigate risk and prevent fraud;
- Promote trust and safety;
- Make our Websites and Solutions more useful;
- Tailor and enhance the online experience with us; and
- Ensure our Websites and Solutions meet your special interests and needs.
One way we deliver more meaningful advertisements is through a common form of online interest-based advertising known as “retargeting” or “remarketing.” Retargeting works by serving ads on one site based on consumers’ online activities on a different site. To do this, we or our advertising vendors may use a device ID, cookie, pixel, tag, or similar technology placed by us or the advertising vendor when you visit our Websites or third-party websites or apps. Our advertising vendors may use information about your activities on our Websites to provide you retargeted ads on other websites and apps. The placing of these technologies may enable your device to be recognized across multiple websites. For information about opting out, please see below under Opt-Out Options For Interactions With Our Websites.
Social Media Plug-Ins
Certain pages of our Websites may contain “social media” plug-ins, such as Facebook’s “Like” button, LinkedIn “comment” / “thumbs up,” and Twitter’s “comment” / “Retweet” / “♡” buttons. When you visit a page that displays one or more of these buttons, your browser will establish a direct connection to the relevant social media server and load the button from there. The provider of the social media service will know that the relevant page on the Website has been visited.
We have no influence on the data that any such social media provider collects on the basis of the buttons. As we understand it, if you do not click on the respective buttons, none of your Personal Information will be collected and stored, unless you have logged onto your social media account. In that case, certain user data (including your IP Address at the time) may be collected and linked to the account information already present at the social media service. If you wish to prevent this, please log out of your social media accounts before visiting our Websites.
Clicking a button may lead to a collection of certain data, such as your IP Address. Social media providers such as Facebook, Instagram, YouTube, or Twitter may set cookies as well, unless you have disabled the acceptance and storage of cookies in your browser settings (see Opt-Out Options For Interactions With Our Websites, below).
We receive no information from social media providers about which social media buttons you may have clicked or seen on our Websites. We may receive a summarized, non-personalized statistical report on the use of the buttons. For more information, please visit the privacy policies of your social media providers.
Opt-Out Options For Interactions With Our Websites
You can opt out of online interest-based ads by companies that participate in the DAA (US) WebChoices opt-out program by clicking here. If you want to limit the information that is automatically collected while you use our Websites, most Web browsers allow you to disable cookies. As noted above, we use Google Analytics and Hubspot. You may opt out of the use of cookies by Google Analytics here, and learn more about Hubspot by reviewing Hubspot’s current Privacy Policy here. If you choose to disable cookies, you may not be able to use or participate in some or all of the features offered through our Websites.
You may opt out of receiving promotional emails from Vericast by following the instructions in those emails. If you opt out, we may still send you non-promotional communications, such as emails about your account or our ongoing business relations.
MARKETING SOLUTIONS
Consumer Information We Process As A Business
What Information Do We Collect Or Process?
One of our Marketing Solutions is Digital Advertising. Our Digital Advertising includes our services as a DSP, enabling our clients to serve ads that you see on devices—such as your computer, smartphone, connected television, or over-the-top television (“OTT TV”) devices—or other screens you may encounter, such as screens displayed at retail locations, as well as ads that we serve through social media platforms.
To enable our Clients to provide you with digital ads that are relevant to your interests, we automatically collect information about your browsers and devices when you (or others using your browsers or devices) access or use Digital Properties that incorporate our Solutions. Here’s how it works:
We use various business relationships and technologies to automatically collect data, including cookies, pixels, tags, web beacons, server logs, browser fingerprinting, HTML5 local storage, Flash local shared objects, statistical identifiers, mobile advertising identifiers such as IDFA and Android Advertising ID (a “MAID”), software development kits, server-to-server transfers, and non-cookie technologies. For example, we or our third-party partners may place pixels or tags on advertisements or on websites. These pixels or tags enable us to collect information that we use to provide and improve our Solutions, including but not limited to use for cross-contextual behavioral advertising, online interest-based advertising, targeted advertising, viewability, billing, accounting, and brand safety purposes. Vericast also receives data when we bid on digital advertising space, and we collect additional data when we deliver an ad. The sources of this data include media supply sources, such as publishers and exchanges. The data we collect in this manner may include:
- Information about your browsers and devices, including: your browser type (e.g., Chrome), browser language (e.g., English or Spanish), device type, IP Address, Internet Service Provider (e.g., Comcast or Verizon), user agent string, operating system (e.g., MAC OS or Windows), mobile carrier, imprecise location (e.g., country or zip code), and identifiers assigned to your browser or device, such as cookie IDs, MAIDs, or other advertising identifiers assigned by platform providers, or statistical identifiers that allow us to recognize your device, which we infer from the other information that we collect about your device.
- Usage Data: information and related inferences about your web browsing and application usage, including the date and time your browser or device accesses websites and applications, the specific pages accessed, the names or types of mobile applications accessed, actions taken on the page, conversions or transactions, advertisements viewed, and advertisements clicked (“Usage Data”).
- Device Location Information: If permitted by your browser or device, and with your consent where required, we may collect your location information for the purposes of serving ads that may be more relevant to you or helping to understand how you responded to ads served to you. The information we receive about your location may depend on your browser and device settings. For more details, please see Marketing Solutions Opt-Out Options, below.
We may assign a unique identifier to your browser, your device, or another screen you may encounter when we serve an ad to it or when you use it to access a Client’s or partner’s Digital Properties. This unique identifier may be a MAID or it may be a proprietary ID that we assign. For consumers in the United States, we also may assign a unique identifier to a collection of devices that we correlate to what we call a “Digital Household” using our patented Household ConnectTM technology.
A Digital Household is a concept that enables us to target a collection of devices that we have grouped together based on commonalities in data that we observe. We “home” these devices to a physical location known as a parcel that we can correlate to a physical address for advertising purposes, such as reaching a digital audience in a particular neighborhood, matching first-party data onboarded from our Clients to digital audiences, or pairing digital with print advertising in a given geographic area. For example, a Digital Household may consist of a home computer, two smartphones, a tablet, and a connected television that have similar marketing characteristics (including geolocation signals or an IP address matched to a parcel) indicating the same person or people use them. If that Digital Household has an interest in sports, for example, then that Digital Household might be included in an audience for a sports-related product being promoted at a local sporting goods store. Delivering targeted ads across multiple browsers or devices is sometimes referred to as cross-device advertising. We may use cross-device advertising when we target a set of similar Digital Households, to help our Clients reach the most relevant audience.
Assigning a unique identifier enables us to determine within a reasonable level of confidence that a browser, device, or Digital Household is the same one with which we have previously interacted. For example, this allows us—sometimes with the help of our Clients or third-party partners—to connect data points, including for example, connecting purchases or store visits with ads that were shown. This unique identifier is also associated with the other categories of data that we collect (as explained in this Policy) so that we can create audiences that are more likely to be interested in particular ads and offers and provide reporting to our Clients.
Our Marketing Solutions also include print advertising in the United States. Our print advertising products include both “saturation” products—which are sent to entire geographies, such as our Save Mailer that is delivered across entire Postal Carrier Routes—and more targeted products, such as post cards sent directly to specific households.
Our print advertising relies primarily on our Valassis National Enhanced File (“VNEF”), which is a proprietary list that includes nearly 100% coverage of U.S. mailing addresses, including residential households. We update the VNEF’s accuracy and augment mailing address information with additional data, including Personal Information, obtained from third parties, including our business partners, data providers, other advertising companies, and publicly available sources, as described in more detail, below.
Our Marketing Solutions also include email marketing campaigns in the United States. We may use email addresses that are provided by Clients, directly from consumers on our Save.com website, or through third-party partners. We may associate consumer email addresses with other data that we collect about consumers to better understand which consumers to email. And we may collect information about consumers based on their interactions with the marketing emails that we send, such as whether an email was opened or links were clicked.
In addition to the information described above, we may also obtain information from other sources or draw inferences based on information available to us, including information we collect or purchase about you from third parties, including our affiliates, business partners, data providers, other advertising companies, and publicly available sources. We may combine any of this information to better inform the Marketing Solutions we offer. Depending on how this information is combined, it may be deemed Personal Information. This information may include the following:
Category | Specific Pieces of Information |
Identifiers | Full name, alias, postal address, unique personal identifier, online identifier, IP address, email address, telephone or mobile phone number, or other similar identifiers |
Customer records | Name, address, telephone number, and similar information |
Characteristics of protected classifications under state or federal law | Age (may include birth month or year), sex, gender, familial status, marital status, and similar information |
Commercial information and economic indicators | Records of personal property (may include home value, home sale date and price, original mortgage amount, length of residence, lot size, square footage, year home was built, dwelling type), products or services purchased, purchasing or consuming histories, home ownership status, income range, occupancy (new mover, seasonal), or estimated net worth, credit worthiness, and similar information |
Internet or other electronic network activity information | Usage Data described above and similar types of data |
Geolocation data | Latitude and longitude data |
Professional or employment-related information | Occupation, and similar information |
Education information | Highest level of education attended, and similar information |
Inferences used for marketing purposes | Interests (such as DIY or health and fitness), preferences, characteristics, trends, predispositions, purchase behavior, and similar inferences |
Other | Whether children are present in the home, household size, number of children, number of generations, whether a charitable donor, whether a mail order buyer, whether there are pets in the home, political party, and similar information |
This information may also include the following types of Sensitive Personal Information, as that term is defined by various state laws:
- precise geolocation
- race or ethnicity
- religion
- health information
- union membership
How We Use Your Information
We use the consumer information we collect and process as a Business to provide, maintain, and improve our Marketing Solutions, including:
- Serving advertisements: We use the information we collect to select and serve advertisements that we or our Clients think may be of interest to you. These advertisements may be served on the browser or device from which the information was collected; on a different browser or device that we have linked to the browser or device from which the information was collected; or to a social media account that we have linked to you or your browser or device; via email; or physically delivered to you through the mail or a private carrier (these forms of advertising are sometimes referred to as cross-contextual behavioral advertising, online interest-based advertising, or targeted advertising). These advertisements may be targeted at you as part of a larger audience. We also use this information to manage the frequency and type of advertisements you see across your devices.
- Measuring the effectiveness of advertisements: We use the information we collect to measure and analyze trends, usage, and the effectiveness of our Marketing Solutions and the advertisements we and our business partners serve, including clicks and views of advertisements and any resulting purchases, as well as physical visits to retailers or other businesses.
- Creation of audience segments: We develop audience segments which consist of combinations of various data, including consumer location activity, purchase intent, and online and offline interests based in part on your online activity. We may offer these audience segments for licensing by third-party data providers and cloud marketing providers.
- Cross-device linking: We use the information we collect to establish connections among related web browsers and devices (such as smartphones, tablets, and computers) for targeted advertising, analytics, and reporting purposes. For example, we may match a user’s browsers or devices if they share similar attributes that support an inference that they are used by the same person or household. This means that information about website activities or application usage history on your current browser or device may be combined and used with information collected from your other browsers or devices. So, for example, if you browse for new cars on your tablet, you may see an advertisement for new cars on your smartphone.
- Building Customer Profiles: Our business partners may provide us with their customer data (which could consist of postal or email addresses or purchasing data), and we may match that customer data with the applicable Digital Households and enrich each Digital Household profile with real-time interest and location activity. For more information on how we work with Client-provided information, please see the section Consumer Information We Process For Clients As A Service Provider, below.
- Creating and Licensing Valassis Lists: As noted above, we use consumer information in the United States, including Personal Information, to create lists that we rent or license to our Clients for advertising purposes or for approved analytical uses, either through our online data platforms (i.e., www.valassislist.com) or other secure delivery methods.
- Email Marketing Campaigns: As noted above, we use consumer information, including Personal Information, for the purpose of planning, executing, tracking, and measuring the success of email marketing campaigns in the United States.
- Other Uses: We also use the information to operate our Marketing Solutions, including:
- personalizing the types of information that you receive from us;
- assessing trends in use of our Marketing Services or purchases of our Clients’ products or services;
- customizing, improving, and developing content and functionality that helps us better serve your needs or our Clients’ needs;
- facilitating communication between us or our Clients and you;
- effectuating your opt-out or other consumer rights request(s);
- developing aggregate, non-identifiable data that may be used for our business purposes;
- for promotions you may enter into; and
- preventing fraud and other prohibited or illegal activities.
We and our Clients or business partners also may combine different types of information collected from or about you through various sources, including Personal Information, and use the combined information for the purposes described in this Policy.
How We Share Your Information
When it comes to our Marketing Solutions, we may share any of the information listed above, including Personal Information, with our vendors, business partners, and other service providers who need access to the information to carry out work or perform services on our behalf, including for the purpose of targeted advertising. We may also share the information between and among Vericast and any current or future parent, subsidiary, or affiliated company. We share your information with our Clients, such as when we report on advertising campaigns. Reporting may include Personal Information or it may be aggregated. We also share your information, including Personal Information, with Clients who rent or license our lists through ValassisList.com. And we share your information, including Personal Information, with business partners or Clients when we create and license audiences for digital advertising purposes, including targeted advertising.
We may also share aggregated information with third parties. For example, we may share aggregated information with our business partners to help them optimize their services.
For more information about Google’s use of data via our relationship with Google, please review How Google Uses Data.
Retention
Information that we, as a Business, collect or process for our Marketing Solutions is typically kept current, replacing outdated information. What this means in practice varies, depending on the type of Solution and Personal Information involved. For example, our VNEF may have name, address, and demographic information about you that has been the same for years, because you haven’t moved and still have the same marital status. But we may replace digital advertising interest information about you every year, or more often, because your online interests and what you are shopping for may change much more frequently. As noted above in this Policy, we also have to retain certain information for longer periods, as required by contract or law such as for tax or audit purposes.
Marketing Solutions Opt-Out Options
In this section, we provide you with information specific to certain aspects of our Marketing Solutions, such as how to opt out of online interest-based advertising using your web browser or how to unsubscribe from marketing emails. If you would like to exercise consumer rights under state privacy laws, please see the STATE PRIVACY LAW REQUIREMENTS section further below for more information and use our consumer rights request webform.
Digital Advertising
You have opt-out options when it comes to our use of information about your web browsing or mobile application usage for online interest-based advertising purposes. Because we use different technologies to collect information across web browsers and mobile applications, we provide different choices for each environment. You can follow the instructions below to opt out in web browsers or to change your mobile application or location settings. Please note that your choices will only apply to the specific browser or device from which you make your selection, and therefore you will need to opt out or adjust settings separately for each device and each web browser that you use and to which you wish to apply your changes.
Vericast’s Valassis Digital business adheres to the DAA (U.S.) Self-Regulatory Principles, as well as the DAA (Canada) Self-Regulatory Principles. To learn more about online advertising and to opt out of having certain information used for online interest-based advertising purposes on web browsers, please visit the DAA (U.S.) website or the DAA (Canada) website. We also participate in the DAA (U.S.)’s AppChoices opt-out program, which you can learn more about at http://youradchoices.com/appchoices. You can opt out of online interest-based ads by companies that participate in the DAA (U.S.) WebChoices opt-out program by clicking here. To learn about the opt-out tools available through DAA (Canada), please click here.
When you opt out in this manner, we will place an opt-out cookie on your browser. This cookie is only effective as to the device and browser where the opt out is made. If you want to opt out for multiple browsers or devices, you must opt out on each browser and device individually. You may need to enable cookies in order to opt out using any of these methods, and if you delete your cookies, you may need to renew your opt-out choice. You can download the DAA (US)’s Protect My Choices browser extension to help preserve your opt-out preferences.
Please note that when you delete or clear cookies from your browser, you will not necessarily delete the Flash Local Shared Objects stored on your computer. You can review Adobe’s Website Storage Settings panel to view, delete, and control Flash Local Shared Objects.
When you opt out of online interest-based advertising in web browsers, as described above, we will no longer serve ads that are targeted based on your web browsing activity to the browser from which you have opted out. In addition, we will not use information collected from the browser from which you have opted out to serve you targeted ads on other browsers that we have linked to that browser. Similarly, we will not use information collected from other, linked browsers to serve you ads on the browser from which you have opted out. Please note, however, that we may continue to serve you ads that are not based on your web browsing.
Your mobile device may provide you with a setting that allows you to opt out of having your data used for certain advertising activities. For example, you may be able to limit the availability of certain information, such as your MAID. In that event, Vericast will not have access to your MAID but may still indirectly collect and use information from your web browsing and mobile application usage on that device for advertising purposes through the use of your IP address or statistical IDs. This may include serving you targeted and non-targeted ads on browsers or devices that we have linked to that IP address or statistical ID, such as through our Household ConnectTM technology.
For device location data, when you first download or open any applications that incorporate digital advertising in any form, you may be asked to consent to the collection of location information from your device. If you consent to the collection of this information but later wish to withdraw your consent, you may do so at any time by either changing the settings on your mobile device or deleting the mobile application. Even if you make these changes, a digital advertiser (including Vericast) may have access to your device’s approximate location.
Vericast does not currently honor Do Not Track (DNT) requests. But if we receive and are able to recognize and support a global opt-out signal, we will honor that signal and not collect Personal Information related to that user. For example, if we receive a do-not-sell signal through the Internet Advertising Bureau’s (IAB) CCPA Framework, we do not retain any Personal Information for that user.
Print Advertising
You can stop receiving Vericast’s Save Mailer by providing your address on our Unsubscribe page or calling the Vericast consumer line at (800) 437-0479. Please note that it can take up to six weeks for the mailings to stop, as our advertising programs are prepared several weeks in advance. If you continue to receive the mailings after six weeks have passed, it is possible that there is a carrier delivery error, which we will do our best to help correct.
Email Marketing
To unsubscribe from marketing emails, please use the unsubscribe link provided in the email.
Consumer Information We Process For Clients As A Service Provider
What Information Do We Collect Or Process?
When we provide our Marketing Solutions to Clients, many of them entrust us with their first-party and zero-party data, including Personal Information of their customers. Zero-party data is data that you intentionally and proactively shared with a company (such as your product preferences), whereas first-party data is data that you voluntarily provide to a company (such as your name and address for shipping or loyalty program purposes). This data typically includes information such as: full name, address, email address, phone number, transaction information (such as date, time, product purchased, amount spent, etc.), and unique identifiers (such as a loyalty program ID). This data may also include demographic information or other attributes that are helpful for marketing purposes, including information similar to that described above in the section Consumer Information We Process As A Business.
When it comes to our Marketing Solutions, we prefer to avoid processing the following types of Sensitive Personal Information, some of which may be protected and governed by industry-specific federal laws: Social Security numbers, driver’s license numbers, financial account numbers, and similar sensitive identifiers. But some of our Clients rely on these identifiers to organize their consumer information and may pass them on to us. In these instances, we take measures to appropriately safeguard the information.
Client-provided data may be transferred to us directly from the Client, from a third-party working with us or the Client, or we may collect it directly on our Client’s behalf, such as when we host a landing page for a Client.
For some of our Clients’ ad campaigns, we may place a pixel or tag on their ads or websites so that we, or our service providers, can collect information to help measure and report on campaign performance, including learning more about that Client’s consumers for the purpose of that Client’s future advertising. Vericast’s pixel will capture the following unless a consumer has opted out via the opt-out tool on the DAA’s website (described above under Marketing Solutions Opt-Out Options: Digital Advertising):
- IP address
- User agent
- Cookie ID
- Domain
- Page URL
- Device information (e.g., operating system and version, device type, browser and version, etc.)
For reporting and measurement purposes, Vericast typically relies on data from the Client or third parties, which may provide information regarding sign-ups, orders, or other conversion-related information (“conversion” means that a consumer responded to a call-to-action in an ad, so for example, making a purchase or signing up for a deal). Other measurement information may include simple interactions with the ad units, such as clicks or video views.
Sometimes an advertising campaign we run for a Client will include information or promotions delivered via SMS text messaging. For example, an ad may provide a QR code or direct a consumer to a website, where the consumer can input their mobile phone number to receive an SMS text with information or an offer. When a consumer provides a mobile phone number in this context, we do not maintain these mobile phone numbers or use them for any other purpose. But as noted above, we may have consumer mobile phone numbers in our records that are collected or processed for other business reasons, as explained in this Policy.
How We Use This Information
Our Clients may provide us with this data so that we can help them manage the data; determine which consumers to target with relevant advertising and offers, through various digital and print advertising channels—for example, digital display, emails, or direct mail; suppress certain consumers from an advertising audience (for example, if the goal is to find only new customers); and/or better understand how to direct their marketing efforts.
We may connect Client-provided data to additional data so that it is more useful in providing our Marketing Solutions to that Client. That additional data may include data that we collect on the Client’s behalf (such as through a pixel placed on that Client’s ad) or data that we collect as a Business and have available to use for any of our Clients.
We only use Client-provided Personal Information for that Client’s marketing, but where permitted by contract, we may use learnings from that marketing or aggregated information (not Personal Information) to improve our Marketing Solutions.
How We Share This Information
We only share Client-provided Personal Information with vendors, business partners, service providers, and other subcontractors (or subprocessors) as needed to provide that Client with our Marketing Solutions, including cross-contextual behavioral advertising, online interest-based advertising, and targeted advertising. We never sell Client-provided Personal Information.
Retention
Information that we process on behalf of our Clients is retained for at least as long as necessary to provide the Client with our Marketing Solutions and is typically retained until the Client requests deletion. Retention of Client-provided data is often governed by the terms of our contract with that Client.
Opt-Out Options
If you receive SMS messages, you may opt out by following the opt-out instructions provided by the brand you are communicating with or by contacting the brand directly. If you want to make a consumer rights request with respect to Client-provided Personal Information, you need to reach out to the Client directly (meaning the companies and brands with which you interact, such as a retailer where you shop). When you make a consumer rights request directly to us, your request will only extend to the Personal Information that we process as a Business.
FINANCIAL SERVICES SOLUTIONS
The consumer information that we process for our Financial Services Solutions is provided to our Harland Clarke business as a financial institution. Harland Clarke maintains policies and procedures designed to ensure that your Personal Information is used appropriately and within the scope of the Gramm-Leach-Bliley Act (GLBA), which is the federal law that regulates consumer financial privacy. These policies and procedures apply to all Personal Information that is provided to Harland Clarke in connection with its check websites, check printing services, and other Financial Services Solutions, as well as to data provided by our Financial Institution Clients. Because this information is collected and processed subject to GLBA, state privacy laws (including consumer rights requests) do not apply to it.
For more information about the information collected and processed for our Financial Services Solutions, please see this Privacy Notice.
COUPON PROCESSING SOLUTIONS
Our Coupon Processing Solutions include coupon audit, settlement, analysis, and fraud management services for retailers and manufacturers through our NCH business. In providing these Solutions, we do not process any Personal Information.
STATE PRIVACY LAWS
This portion of the Policy is designed to meet specific requirements from applicable state privacy laws, including:
- California Consumer Privacy Act of 2018 (as amended by the California Privacy Rights Act of 2020 (collectively, and together with any implementing regulations, the “CCPA”))
- Colorado Privacy Act
- Connecticut Act Concerning Personal Data Privacy and Online Monitoring
- Nevada Privacy Law – SB 220
- Utah Consumer Privacy Act
- Virginia Consumer Data Protection Act, and
- New or amended state privacy laws and their regulations, if any, that may be passed, when they require the same or similar information as what is already provided here
We may refer to these collectively as “State Privacy Laws.” Some of the State Privacy Law requirements for disclosures are met above, in the main text of this Policy. Please read this Policy in its entirety to ensure you don’t miss important information.
THE ENTITY MAINTAINING THIS WEBSITE IS A DATA BROKER UNDER TEXAS LAW. TO CONDUCT BUSINESS IN TEXAS, A DATA BROKER MUST REGISTER WITH THE TEXAS SECRETARY OF STATE (TEXAS SOS). INFORMATION ABOUT DATA BROKER REGISTRANTS IS AVAILABLE ON THE TEXAS SOS WEBSITE.
Consumer Privacy Rights
In this section, we explain the various rights that consumers have under State Privacy Laws and how to exercise those rights with us. As noted above, when you make a consumer rights request to us, it extends to the Personal Information we process as a Business and does not include Client-provided Personal Information that we process as a Service Provider.
We generally try to treat all consumers the same, but sometimes for business reasons we can only extend certain protections to residents of certain states where required by law. We note below where certain rights are limited to residents of certain states.
Please note that consumer privacy rights are not absolute. They are subject to certain exceptions and exemptions. We will process your rights in accordance with applicable laws and will retain records of rights requests consistent with our legal obligations.
Please also note that making a consumer privacy rights request does not impact whether you receive our Save Mailer, because that mailing is not based on Personal Information. To stop receiving our Save Mailer, please make a “Do Not Deliver” request here: https://save.com/mailing/delivery-options.
The following consumer privacy rights do not require that we verify your identity. But we still need you to provide us with the information we need to find you in our records and ensure we are handling the right consumer’s information:
- Do Not Sell Or Share My Personal Information – You have the right to direct us not to sell or share your Personal Information. To request that we not sell or share your Personal Information, click here: “Do Not Sell or Share My Personal Information.”
- Limit The Use Of My Sensitive Personal Information – You have the right to direct us to limit the use and disclosure of your Sensitive Personal Information. For residents of Colorado, Connecticut, and Virginia, we do not knowingly collect or process your Sensitive Personal Information without your consent, which may be obtained by our vendors, business partners, other service providers, or Clients. You can withdraw your consent by asking us to limit the use and disclosure of your Sensitive Personal Information or making a deletion request.
- Delete My Personal Information – You have the right to direct us to delete your Personal Information.
- Opt Me Out Of Automated Decision-Making (Profiling) / Targeted Advertising – You have the right to direct us to opt you out of automated decision-making, which includes the profiling of individual consumers that Vericast engages in as a Business (if you want a particular brand or company to stop profiling you, you will need to make that request directly to the brand or company). Similarly, you have the right to direct us to opt you out of targeted advertising.
Please note that honoring any of the requests listed above may require us to delete all of your Personal Information that is not otherwise subject to an exception or exemption.
The following consumer privacy rights requests require that we verify your identity. Therefore, we will ask you to provide us with the information we need to find you in our records and ensure we are handling the right consumer’s information, but we will also require you to provide us with additional information to verify your identity. These rights are:
- Right To Know Categories or Specific Pieces of Personal Information – We are required to disclose in this Policy what Personal Information we collect and process, including the categories of Personal Information, the categories of sources from which the Personal Information was collected, the business or commercial purpose for collecting, selling, or sharing Personal Information, the categories of third parties to whom we disclose Personal information, and the specific pieces of Personal Information we collect or process. Our Policy provides this information above, so please review this Policy carefully and in its entirety. But you also have a right to request that we tell you this information as it relates to you individually.
- Right To Correct Inaccuracies In Your Personal Information – You have a right to request that we correct inaccurate Personal Information that we maintain about you.
If you ask us to disclose categories of Personal Information, we will need to verify your identity to a reasonable degree of certainty. If you ask us to disclose specific pieces of Personal Information or correct inaccuracies, we will need to verify your identity to a reasonably high degree of certainty. We may require you to provide a signed declaration under penalty of perjury that you are the consumer whose personal information is the subject of the request. We will retain signed declarations as part of our record-keeping obligations.
Consistent with State Privacy Laws, we will not disclose Personal Information that could create a security risk, such as financial account numbers or security questions and answers, in response to a request.
Exercising Your Consumer Privacy Rights
To exercise the rights described above, please use our webform. Our webform is our preferred method to make sure we get the information we need from you to process your request. If you can’t use the webform, or need help or additional information, you can email us here: privacyrequests@vericast.com or call us at 1-800-437-0479.
Exercising Rights Through An Authorized Agent
You may designate an authorized agent to make consumer privacy rights requests on your behalf, but that agent will either have to provide us with written permission signed by you or be acting under power of attorney pursuant to applicable state laws. In the case of signed permission, we may have to request additional information, including directly from you, to complete requests to know or correct inaccuracies. If you have signed up with a company to have them execute requests on your behalf, please know that we do our best to work with those companies but their automated processes often do not provide us with the information we need to verify you or even locate you in our records.
Response Timing And Appeals Process
We endeavor to respond to a consumer privacy rights request within 15-45 days of its receipt, depending on legal requirements. If we need more time (up to 90 days), we will let you know why. If we can’t comply with a request, our response will explain why and, for states where required, will include information on how to appeal. For right to know requests, we will provide your personal information in a secure, portable format that should allow you to easily transmit the information to another entity.
If your request is manifestly unfounded or excessive—such as repetitive requests—we may refuse your request and will tell you why we are refusing.
Shine the Light
Pursuant to Section 1798.83-.84 of the California Civil Code, residents of California have the right to request from a business, with whom the California resident has an established business relationship, what types of personal information, if any, the business shares with third parties for direct marketing purposes by such third party and the identities of the third parties with whom the business has shared such information in the immediately preceding calendar year. To access this information, please contact us by emailing privacyrequests@vericast.com with “CA Shine the Light Request” in the subject line. Please note that, under the law, we are not required to respond to your request more than once in a calendar year, nor are we required to respond to any requests that are not sent to the above-designated email.