Taking privacy and web data protection seriously
Krux delivers technology to help website operators and users manage and protect consumer data. Our overarching goal is to make digital media less creepy and more productive for consumers, publishers, and advertisers. That's why we take data privacy and data piracy very seriously.
There are many practices on the web today that, while not illegal, are unethical and inappropriate. Two of the more egregious examples include the distribution of spyware or malware, and the emerging practice of reaching into a user's browser during a website visit to read and record past web surfing habits. Serious questions can also be raised about the increasing number of third parties who are skimming or stealing audience data from a website through rogue cookie and pixel activities.
We make Publishers (defined below) and other website operators aware of uninvited, unauthorized entities who are skimming data from their sites, and we give them tools to mitigate and control such data flow within the technical limitations induced by existing internet protocols and standards.
We use data collected via our technology to enhance our products, improve the performance and security of our systems and our customer’s systems, and support our customers' business needs within the bounds established by this privacy framework.
Krux is not in the business of setting industry standards, but we do all that we can to advance industry dialogue and improve standards of practice. To that end we will enable our clients to manage their data in a responsible way; we will empower consumers to determine what data is collected and how it is used; and we will expose inappropriate or unethical practices in data collection and ad targeting whenever we discover them. Through our technology, we will expose bad actors and their actions, educating the industry and consumers on the impact of any unethical, inappropriate, or illegal activities we discover.
In all of our work, we will seek to maintain alignment with standards established by groups such as the IAB, NAI, DAA, and OPA, and we are members in good standing of the IAB, NAI, and OPA. When we feel industry standards fall short, we will take all reasonable steps to ensure that our customers and consumers receive greater protection. Above all, our priorities are to advance the interests of publishers and consumers and to expose and correct bad data practices. By doing so, we will enable the industry to become a more responsible steward of audience data.
How data is collected on the Internet
Should I disable or delete cookies?
Current web browsers that conform with industry standards contain a mechanism, known as a "Do Not Track" ("DNT"), that allows a user to elect to opt-out of the collection of certain browsing data by websites. As a user, you may elect to employ the DNT option if it is supported by your browser. The Krux platform recognizes these DNT signals from consumer browsers. Further, Krux offers a one click opt-out solution here for users who have not made a DNT election but who wish to opt-out of any tracking and targeting by Krux. When you out-out or activate the DNT, Krux deletes any user data it may have for you, and will no longer target you using our technology. You will likely still receive advertisements, but Krux will have no input or impact on those ads. You must repeat the opt-out or DNT on all browsers on all computers, or if you delete cookies. To find out more about third-party online advertising and to opt out of this type of advertising, visit the Network Advertising Initiative website or www.aboutads.info
We take commercially reasonable efforts to maintain security protections in accordance with industry "best practices" to protect data we collect from loss, alteration, destruction, misuse and unauthorized access or disclosure. We maintain strict control and physical security of the facilities used to store data and only allow access to authorized personnel. We restrict access to data to those employees, contractors and agents that have a need to know the information in order to provide and support our services. All Krux employees are bound by confidentiality obligations and may be subject to disciplinary or legal action if they fail to meet these responsibilities.
We process information in data centers located in the United States and the European Union, and to facilitate our operations, we may transfer data between locations and across international boundaries. You understand and agree to this transfer and our compliance with the laws of the country(ies) in which the data center(s) is/are located.
Krux is an agent on behalf of our clients. We will not, and will not enable website owners or operators that use our technology ("Publishers") to, use our technology to associate or link any personally identifiable information (defined below) ("PII") to any cookies or non-personally identifiable information ("non-PII"). We will actively work to prevent our Publishers from engaging in any activity that results in linking PII to non-PII. Krux shares data in the aggregate only.
When you visit the Krux website (the "Krux Site"), you may be explicitly asked to provide some information about yourself in order for us to provide you services that you request ("Account Data"). This may include your name, home or business address, e-mail address, and/or telephone number, all of which is considered PII. You can choose to provide this information to us by entering it into the Krux Site when requested. We can only obtain this information from you if you choose to enter it into the Krux Site, and we will only use it to communicate with you and provide you, directly and through third parties, the services you requested. However, if you do not provide such information, we will be unable to provide some or all of the services you requested.
When you navigate to the Krux website, we will also collect non-PII related to your visit to the Krux Site ("Krux Session Data"). When you navigate to a Publisher website (the "Publisher Site"), the Publisher may also collect and transfer to Krux certain non-PII related to your visit to their website ("Publisher Session Data"). This Session Data may include information about how you came to the Publisher Site, which search engines you use, the search terms used to find the Publisher Site, your experience on the Publisher Krux Site, information about how you interact with the Publisher's Site, and information with how you interact with advertisements on the page. We make this data is accessible only for the Publisher. The Publisher may use this data to enhance their advertising campaigns to ensure better ads are served to the user or to find interested users and bring them back to the site. The Publisher may improve user experience by using the data to personalize the site's content. This is done through user segments which made be made accessible outside the Publisher. Additionally, your browser sends certain standard information to every website you visit, such as your IP address, browser type and language, access times, and referring Web site addresses is collected by Krux during visits to the Krux Site and by the Publisher during visits to the Publisher Site. The data Krux collects may be combined with other 3rd party data in order to better target advertisements.
Krux does not collect, use, or store highly sensitive information ("Sensitive Data") or PII. Highly sensitive information ("Sensitive Data") includes certain types of information associated with a specific individual, such as Social Security Numbers or other Government-issued identifiers, financial account numbers, sexual orientation, precise information about an individual's past, present, or potential future health or medical conditions or treatments (such as diabetes, heart attacks, etc), including genetic, genomic, and family medical history. Krux's clients therefore cannot target advertisements to precise medical conditions or other Sensitive Data. Publishers may request that Krux collect non-sensitive data for items such as skin care products, diet pills, allergies medications, and cold and flu treatments, in order to target advertisements. Krux does not make further decisions on what data to collect, and will advise clients as to what data should not be collected or used.
How we use non-PII
Krux uses the Krux Session Data and the Publisher Session Data to operate and enhance the Krux Site, the Publisher Site (in accordance with the Publisher's request), and to facilitate Krux services. We do not use any Krux or Publisher Session Data that is more than six (6) months for user profiling or targeting. The source data used to inform user profiling or targeting is stored by Krux for six (6) months, after which time it is purged. Non-PII may be stored and processed in the U.S. or any other country where Krux or its service providers, or its or their affiliates, conduct business. Krux does not share an individual's PII or non-PII with either partners or third-parties. Publishers may choose to share non-PII data collected on their site with others at their discretion, and Krux may assist them to share user data collected on those Publisher's sites. All reporting is done at the aggregate level, with no individually discernable information accessible.
How we use PII
In accordance with industry standards and the COPPA regulations, we do not knowingly collect, administer, or enable the commercial use of PII relating to children less than 13 years of age.
Krux will provide the ability for users to (i) obtain and correct or request destruction of any PII relating to them maintained by Krux by sending an email to firstname.lastname@example.org or by contacting us at the address noted below, (ii) control the delivery of promotional emails from Krux, (iii) "opt out" from receiving cookies (other than an "Opt-Out" cookie) from the Krux Site through the Krux "opt-out mechanism" located here and displayed on our site, and (iv) opt-out of any behavioral targeting or tracking through the use of your browser's DNT feature.
Residents of the European Union or Switzerland
Krux complies with the US-EU Safe Harbor Framework and US-Swiss Safe Harbor Framework as set forth by the US Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries and Switzerland. Krux has certified that it adheres to the Safe Harbor Privacy Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement. To learn more about the Safe Harbor program, and to view our certification page, please visit http://www.export.gov/safeharbor/
Krux has further committed to refer unresolved privacy complaints under the US-EU and US-Swiss Safe Harbor Principles to an independent dispute resolution mechanism, the BBB EU SAFE HARBOR, operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed by Krux, please visit the BBB EU SAFE HARBOR web site here for more information and to file a complaint.
Changes and questions
Last Updated: May 28, 2013