taking privacy and web data protection seriously
Krux delivers technology to help website operators and users manage and protect consumer data. Our overarching goal is to make digital media less creepy and more productive for consumers, publishers, and advertisers. That's why we take data privacy and data piracy very seriously.
There are many practices on the web today that, while not illegal, are unethical and inappropriate. Two of the more egregious examples include the distribution of spyware or malware, and the emerging practice of reaching into a user's browser during a website visit to read and record past web surfing habits. Serious questions can also be raised about the increasing number of third parties who are skimming or stealing audience data from a website through rogue cookie and pixel activities.
We make Publishers (defined below) and other website operators aware of uninvited, unauthorized entities who are skimming data from their sites, and we give them tools to mitigate and control such data flow within the technical limitations induced by existing internet protocols and standards.
We use data collected via our technology to enhance our products, improve the performance and security of our systems and our customer’s systems, and support our customers' business needs within the bounds established by this privacy framework.
Krux is not in the business of setting industry standards, but we do all that we can to advance industry dialogue and improve standards of practice. To that end we will enable our clients to manage their data in a responsible way; we will empower consumers to determine what data is collected and how it is used; and we will expose inappropriate or unethical practices in data collection and ad targeting whenever we discover them. Through our technology, we will expose bad actors and their actions, educating the industry and consumers on the impact of any unethical, inappropriate, or illegal activities we discover.
In all of our work, we will seek to maintain alignment with standards established by groups such as the IAB, NAI, DAA, and OPA, and we are members in good standing of the IAB and OPA. When we feel industry standards fall short, we will take all reasonable steps to ensure that our customers and consumers receive greater protection. Above all, our priorities are to advance the interests of publishers and consumers and to expose and correct bad data practices. By doing so, we will enable the industry to become a more responsible steward of audience data.
How data is collected on the Internet
Should I disable or delete cookies?
Current web browsers that conform with industry standards contain a mechanism, known as a “Do Not Track” (“DNT”), that allows a user to elect to opt-out of the collection of certain browsing data by websites. As a user, you may elect to employ the DNT option if your browser supports it. The Krux platform recognizes these DNT signals from consumer browsers and ensures those users’ wishes are honored across all websites using our technology for data collection and targeting. Further, Krux offers a one click opt-out solution for users who have not made a DNT election but who wish to opt-out of any tracking and targeting via Krux.
We take commercially reasonable efforts to maintain security protections in accordance with industry “best practices” to protect data we collect from loss, alteration, destruction, misuse and unauthorized access or disclosure. We maintain strict control and physical security of the facilities used to store data and only allow access to authorized personnel. We restrict access to data to those employees, contractors and agents that have a need to know the information in order to provide and support our services. All Krux employees are bound by confidentiality obligations and may be subject to disciplinary or legal action if they fail to meet these responsibilities.
We process information in data centers located in the United States and the European Union, and to facilitate our operations, we may transfer data between locations and across international boundaries. You understand and agree to this transfer and our compliance with the laws of the country(ies) in which the data center(s) is/are located.
When you visit the Krux website (the "Krux Site"), you may be explicitly asked to provide some information about yourself in order for us to provide you services that you request (“Account Data”). This may include your name, home or business address, e-mail address, and/or telephone number, all of which is considered PII. You can chose to provide this information to us by entering it into the Krux Site when requested. We can only obtain this information from you if you choose to enter it into the Krux Site, and we will only use it to communicate with you and provide you, directly and through third parties, the services you requested. However, if you do not provide such information, we will be unable to provide some or all of the services you requested.
When you navigate to the Krux website, we will also collect non-PII related to your visit to the Krux Site (“Krux Session Data”). When you navigate to a Publisher website (the “Publisher Site”), the Publisher may also collect and transfer to Krux, certain non-PII related to your visit to their website (“Publisher Session Data”). This may include information about how you came to the Publisher Site, which search engine(s) and search terms you used to find the Publisher Site, your experience on the Publisher Krux Site, and similar information. Additionally, certain standard information that your browser sends to every website you visit, such as your IP address, browser type and language, access times, and referring Web site addresses is collected by Krux during visits to the Krux Site and by the Publisher during visits to the Publisher Site.
Certain types of data associated with a specific individual, such as Social Security Numbers or other Government-issued identifiers, financial account numbers, precise information about an individual’s past, present, or potential future health or medical conditions or treatments, including genetic, genomic, and family medical history, are highly sensitive (“Sensitive Data”) and Krux does not collect, use or store Sensitive Data.
How we use non-PII
Krux uses the Krux Session Data and the Publisher Session Data to operate and enhance the Krux Site, the Publisher Site (in accordance with the Publisher's request), and to facilitate Krux services. We do not use any Krux or Publisher Session Data that is more than ninety (90) days old for user profiling or targeting. The source data used to inform user profiling or targeting is stored by Krux for six (6) months, after which time it is purged. Non-PII may be stored and processed in the U.S. or any other country where Krux or its service providers, or its or their affiliates, conduct business.
How we use PII
In accordance with industry standards and the COPPA regulations, we do not knowingly collect, administer, or enable the commercial use of PII relating to children less than 13 years of age.
Krux will provide the ability for users to (i) obtain and correct or request destruction of any PII relating to them maintained by Krux by sending an email to [email protected] or by contacting us at the address noted below, (ii) control the delivery of promotional emails from Krux, (iii) "opt out" from receiving cookies (other than an “Opt-Out” cookie) from the Krux Site and participating Publisher Sites through the Krux “opt-out mechanism” located here and displayed on our site, and (iv) opt-out of any behavioral targeting or tracking through the use of your browser’s DNT feature.
Residents of the European Union or Switzerland
Krux complies with the US-EU Safe Harbor Framework and US-Swiss Safe Harbor Framework as set forth by the US Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries and Switzerland. Krux has certified that it adheres to the Safe Harbor Privacy Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement. To learn more about the Safe Harbor program, and to view our certification page, please visithttp://www.export.gov/safeharbor/
or postal mail at 181 South Park, #2, San Francisco, CA 94107.
Krux has further committed to refer unresolved privacy complaints under the US-EU and US-Swiss Safe Harbor Principles to an independent dispute resolution mechanism, the BBB EU SAFE HARBOR, operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed by Krux, please visit the BBB EU SAFE HARBOR web sitehere
for more information and to file a complaint.
Changes and questions
Last Updated: November 30, 2012