Crossix Products Privacy Notice for Consumers

Effective Date: September 14, 2020

This Crossix Products Privacy Notice describes how we collect, transfer, and use data in connection with the tailored advertising and measurement products that we make available to our advertiser clients, media owners and other clients.

We may update this notice from time to time to reflect changes in our products or practices, or for other operational, legal or regulatory reasons. Please re-visit this notice regularly to stay informed. The date at the top of this notice indicates when it was last updated.

What We Do

Crossix leverages data and analytics to help health brands communicate more effectively with consumers. To do this, we have developed tailored advertising and media measurement solutions which respect your privacy rights.

Audience Solutions (Tailored Advertising)

Relevant health communications enable consumers to make more informed choices about their health care. The most effective way for delivering relevant communications to the right consumers starts with a deep understanding of the intended audience. Crossix does this by using data and analytics to understand the demographic characteristics – including age, gender, lifestyle, geography, etc. – most relevant to certain health conditions. In order to perform these analytics, we may receive demographic and consumer information (collected in offline, non-digital environments by our partners); Crossix does not store or retain any identifiable demographic and consumer information.

Crossix and our partners use this understanding of the demographic characteristics of certain large population segments to create lists for marketing, also known as Audience Segments. Crossix Audience Segments can be used by health brands to deliver tailored advertising to relevant consumers via digital and TV advertisements. You can see a list of our Audience Segments here.

To make Crossix Audience Segments available for Tailored Advertising in digital environments, we may ask our partners to identify devices or browsers of users with specific demographic and consumer attributes, and the users of these identified devices or browsers may receive Tailored Advertising in their web browsers, within mobile applications, and on connected TVs.

Measurement Solutions

Crossix measurement solutions help healthcare marketers answer critical marketing and business questions. For example, are the marketer’s communications reaching the right audience? Also, what impact do these communications have on patient behavior?

Methodology

To measure the impact of health marketing, we connect media exposure data to de-identified health data. We report only aggregated insights to our customers; we never report person- or device-level information.

We receive hashed identifiers that have received client advertising, as well as associated campaign metadata (i.e., information related to what ad was shown, on what web property or app, on what device, and when), from an identity resolution partner or directly from a media owner. We are not able to associate these identifiers with any Personally-Identified or Device-Identified Information (as those terms are defined in the Network Advertising Initiative (“NAI”) Code of Conduct). We retain these hashed identifiers for a maximum of 1 year from last contracted use, at which point the user-level data is aggregated for long-term storage.

All personal information received by Crossix for its measurement services is certified by Expert Determination to satisfy the Privacy Rule’s de-identification standard under the Health Insurance Portability and Accountability Act (“HIPAA”). This de-identified health information, as it is no longer considered protected health information, may be legally used and disclosed by Crossix and its partners. Similarly, Crossix and its partners employ the relevant technical and process safeguards required by the California Consumer Privacy Act (“CCPA”) for the data it receives to be considered de-identified under the CCPA.

Our Marketing Partners

Crossix partners with reputable companies who collect and manage personal information for various purposes, including digital advertising, identity management, and database marketing (Marketing Data Partners).

Tailored Advertising and Your Rights

You may opt out of personalized advertising and cross-device linking in web browsers by visiting http://optout.aboutads.info. To help preserve the choices that you make in the DAA’s WebChoices page, you can install the DAA’s “Protect My Choices” extension that is available at aboutads.info/PMC.

If you would like to opt out of being included in Crossix advertising and measurement products, you may do so through our Marketing Data Partner, LiveRamp. https://liveramp.com/opt_out. According to LiveRamp’s privacy policy, cookies expire after 90 days, and if personal data is not collected for any lawful purpose, it will be deleted.

For more information about tailored advertising and cross-device linking, please visit the Network Advertising Initiative (“NAI”) website. We are a member of the NAI and we adhere to the NAI’s Code of Conduct. We also adhere to the DAA’s Self-Regulatory Principles for Online Behavioral Advertising by providing you enhanced notice, transparency and control of our digital marketing practices.

California Residents

Under the CCPA, California consumers have the right, subject to certain limitations, to:

  • Request to know what personal information a business collects, stores, shares, and sells about them (“right to know”);
  • Request to delete the personal information that a business has on file about them (“right to delete”); and
  • Request to opt-out of the sale of their personal information (“right to opt-out”).

Unless you have interacted with a Crossix employee on a one-to-one basis or have chosen to engage with us by providing identifiable personal information through our website or other digital means, we do not have any identifiable personal information about you and will not have any reasonable method by which we can verify your request to know or request to delete due to our privacy-by-design approach to maintaining browser and device information. As noted above, if you would like to opt out of being included in Crossix advertising and measurement products, you may do so through our Marketing Data Partner, LiveRamp. https://liveramp.com/opt_out

For more information about the CCPA, including how to submit a request, please review the CCPA privacy statement of our parent company, Veeva, available at https://www.veeva.com/privacy/ccpa.

Questions

If you have any additional questions about your data rights and our privacy-by-design approach to marketing analytics, please contact Crossix_privacy@veeva.com.