The MediaGrid Privacy Policy

The MediaGrid Privacy Policy

Last updated: August 20, 2021

The MediaGrid respects your right to privacy. This Privacy Notice explains who we are, how we collect, share and use personal data about you and other individuals (“You”, “Your”) and how you can exercise your privacy rights. This Privacy Notice applies to personal data that we collect through the MediaGrid websites, applications and our other online properties (“Digital Properties”) and via our advertising-related products and services that we provide to businesses (“Services”). We refer to these businesses as “Customers” throughout this Privacy Notice. An individual whose personal information is processed by our Customers in the course of our Customer’s use of our Services is referred to herein as an “End User.”

If you have any questions or concerns about our use of your personal data, then please contact us using the contact details provided at the bottom of this Privacy Notice.


Quick links

We recommend that you read this Privacy Notice in full to ensure you are fully informed. However, if you only want to access a particular section of this Privacy Notice, then you can click on the relevant link below to jump to that section.


What does The MediaGrid do?

The MediaGrid is a provider of real-time online advertising support services. We are headquartered in New York, USA, but are a part of a group of affiliated companies all around the world. Our Services enable buyers and sellers of online media and media inventory to transact with each other.

For more information about The MediaGrid, please see the “About” section of our Website at


MediaGrid does not actively collect or use any data segments it considers sensitive such as those based on race, religion, sexual orientation or sensitive health categories to tailor ads on behalf of our Customers.

We may combine the information we collect about Users with demographic, geolocation, and interest-based segment data, along with event-based data, cookie information and hashed email addresses from third-party providers.


What information do we collect?

The table below outlines:

  • Data Subjects: Who we process personal information about;
  • Data Types: What personal information we collect;
  • How and Why we process it; legal grounds


Who we process information about? Information Types: What we collect and how we collect it Purposes – Why we collect and how we use it
Visitors to the MediaGrid Digital Properties Information that You provide directly to us: We collect personal data from You when You voluntarily provide such information, such as when You contact us with inquiries or register your interest in our Services. Depending on the context, such information may include:

  • name
  • contact details such as email address, job title, company name and phone number;
  • payment information; and
  • other information about you that we need in connection with your enquiry.


By voluntarily providing us with your information, You are acknowledging our use of it in accordance with this Privacy Notice. We collect and process this information:

We collect and process this information:

  • to enable you to access the Digital Properties or Services;
  • to personalize your experience with the Digital Properties (your information helps us to better respond to your individual needs);
  • to improve our Digital Properties (we continually strive to improve our website offerings based on the feedback we receive from you);
  • provide you customer service (your information helps us to more effectively respond to your enquiries, applications and support needs);
  • to administer a survey, competition, sweepstakes or other Digital Property feature (additional terms may apply);
  • to send communications to you about the Digital Properties or the Services including sending you marketing communications (unless you have opted out of receiving such communications); or
  • any other purpose with your informed consent.
Visitors to the MediaGrid Websites  

Data that we collect automatically: When you interact with the Digital Properties, we receive and store information about your use of the Digital Properties, such as:

  • internet protocol (IP) address
  • browser type
  • internet service provider (ISP)
  • referring/exit pages
  • operating system
  • date/time stamp; and
  • clickstream data

We collect this information passively using technologies such as cookies, beacons, tags, and scripts (see below for more about these technologies).

We may receive reports based on the use of these technologies by third party companies on an individual and aggregated basis.

We may use such information (together with other information that we obtain in accordance with this Privacy Notice):

  • to analyse and better understand the use of the Digital Properties;
  • to analyse and better understand the use of our Digital Properties (for example by monitoring the total number of visitors to our Digital Properties, the number of visitors to each page of our Website and how you interact with the Digital Properties);
  • to provide additional functionality to our Digital Properties; and
  • to gather demographic information about visitors to the Digital Properties; and
  • to either display advertising on our Digital Properties or to manage our advertising on other websites.
End-Users of Customer sites and other connected services. Data that we collect automatically in connection with the Services: In order to provide the Services to our Customers we collect and store information about End-User interactions with third-party websites and applications using cookies, advertising IDs, pixels, and server-to-server connections.

  • A “cookie” is a piece of information that the computer that hosts a site or advertisement sreves to an End-User’s browser when an End-User accesses that site or advertisement.
  • An “advertising ID” is a an alphanumeric identifier made available by a platform or operating system (such as Apple iOS or Google Android) that allows application developers and third parties to recognize a particular device in an application environment. It is associated with End-User Information and other information and, together with this associated information, is used in the performance of our Services, and in particular interest-based advertising activities.
  • A “pixel” is a piece of code which is used by a website or third party to assign online activities to a computer or browser.

Cookies and pixels are used to collect and store information about web browsers across web sites over time.

Information that we receive about you from our Customers and third party data sources: The information we receive from these third-parties includes information about your use of your connected devices. This information is collected automatically through SDK providers, ad requests (and similar signals) received from various analytics companies, advertising exchanges, platform and ad networks and includes:

  • the page an End-User has requested and the referring/exit pages;
  • Timestap information (i.e., the date and time the End-User has visited the page);
  • the device internet protocol (IP) address;
  • mobile device identifier (such as Apple IDFA or Google Advertising ID);
  • device model;
  • device operating system;
  • browser type;
  • carrier;
  • gender;
  • age;
  • geolocation (including GPS coordinates);
  • clickstream data;
  • cookie information;
  • first-party identifiers’; and
  • hashed email addresses
We use the information that we collect automatically via the Services and receive from our Customers, together with other information in our possession:

  • to provide our Services to our Customers such as media trading, ad selection, delivery, enrichment; measurement and reporting; personalization; data matching (to online and offline sources), device linking and other services connected to real-time advertising; and
  • to enable our Customers to fulfil their lawful purposes.

In pursuit of these purposes we may:

  • create profiles about End-Users using automated means but without causing significant legal effects for End-Users;
  • create end-User use specific identifiers to match End-Users;
  • support or enable our Customers to provide targeted advertising to End-Users based on the information collected by us unless the End-User has opted out;
  • assess the eligibility of End-User devices for interest and demographic-based segments;
  • facilitate ad delivery provide insights, and provide reporting back to Customers and partners, including statistical reporting in connection with the activity on a website, optimization of location of ad placement, ad performance, reach and frequency metrics, billing, and logging ads served on a particular day to a particular website;
  • provide information and inferences about End-User interests to Customers and partners that allow them to target advertising, personalize content, analyse behaviours and engage in other similar services;
  • to seed data for look-alike modelling for audiences; and
  • provide reporting metrics to our Customers related to End-User interactions with their online properties.

Please note that our Customers’ collection and use of End-User information and information that we provide to them is governed by their own privacy policies.

End-Users of Customer sites and other connected services. Data we receive about you from advertisers and other third-party data providers: We also receive information about End-Users from advertisers and/or their service providers (including third party data brokers) such as:

  • IP addresses;
  • Cookies;
  • Unique device identifiers;
  • Demographic and inferred interest information; and
  • post-conversion data (from both online and offline behaviour).


These third-party data providers will provide you with additional notice and choices about the processing of the information they may collect from you. Third-party data providers are required to represent that they are able to share your information with us.

We may combine the information we collect about End-Users with demographic, geolocation, and interest-based segment data, along with event-based data, cookie information and hashed email addresses from third-party providers.

We collect this information:

  • to supplement the Information that we receive about you from our Customers in order to fulfil the purposes listed above.


MediaGrid does not actively collect or use any data segments it considers sensitive such as those based on race, religion, sexual orientation or sensitive health categories to tailor ads on behalf of our Customers.

We may combine the information we collect about Users with demographic, geolocation, and interest-based segment data, along with event-based data, cookie information and hashed email addresses from third-party providers.


How do we protect your information?

We implement a variety of security measures to maintain the security of your personal data. The measures we use are designed to provide a level of security appropriate to the risk of processing your personal data. Nevertheless, transmission via the internet is not completely secure and we cannot guarantee the security of information about you.


Do we use cookies?

Yes – for more information see our Cookie Statement.

To opt-out of The MediaGrid cookie(s), please click here.


Do we disclose any information to third parties?

We generally do not sell, trade, or otherwise transfer your personal data to outside parties. This excludes trusted third parties and service providers who assist us in operating our website, conducting our business, or servicing you, so long as those parties agree to keep the information we share confidential and in accordance with your directions. We may also release your information when we believe release is necessary to comply with the law, enforce our site policies, or protect our or other’s rights, property, or safety. We may also provide visitor information to third parties for marketing, advertising or other uses in accordance with your directions.

We may disclose your personal data to the following categories of third parties:


  • to our affiliates, third party services providers and partners who provide data processing services to us (for example, to support the delivery of, provide functionality on, or help to enhance the security of our Website), or who otherwise process personal data for purposes that are described in this Privacy Notice or that you are notified of at the time we collect your personal data.
  • to any competent law enforcement body, regulatory, government agency, court or other third party where we believe disclosure is necessary (i) as a matter of applicable law or regulation, (ii) to exercise, establish or defend our legal rights, or (iii) to protect your vital interests or those of any other person;
  • to an actual or potential buyer (and its agents and advisers) in connection with any actual or proposed purchase, merger or acquisition of any part of our business, provided that we inform the buyer it must use your personal data only for the purposes disclosed in this Privacy Notice;
  • to any other person with your consent to the disclosure.


International data transfers

Your personal data may be transferred to, and processed in, countries other than the country in which you are resident. These countries may have data protection laws that are different to the laws of your country (and, in some cases, may not be as protective).

Specifically, some of our website servers are located in the USA and our group companies and third party service providers and partners operate around the world. This means that when we collect your personal data we may process it in any of these countries.

However, we have taken appropriate safeguards to require that your personal data will remain protected in accordance with this Privacy Notice. For any transfers out of the EEA, we will put in place appropriate safeguards in accordance with European law, such as executing the European Commission’s Standard Contractual Clauses for transfers of personal data between our group companies, which require all group companies to protect personal data they process from the EEA in accordance with European Union data protection law. We have implemented similar appropriate safeguards with our third party service providers and partners and further details can be provided upon request.


Data retention

We retain personal data we collect from you where we have an ongoing legitimate business need to do so (for example, to provide you with a service you have requested or to comply with applicable legal, tax or accounting requirements). When we have no ongoing legitimate business need to process your personal data, we will either delete or anonymise it or, if this is not possible (for example, because your personal data has been stored in backup archives), then we will securely store your personal data and isolate it from any further processing until deletion is possible.


Third-party links

Occasionally, at our discretion, we may include or offer third-party products or services on our website. These third-party sites have separate and independent privacy policies. We therefore have no responsibility or liability for the content and activities of these linked sites. Nonetheless, we seek to protect the integrity of our site and welcome any feedback about these sites.


Children’s Information

Our Website is intended for a general audience and is not directed at children who are under 13 years old. We do not knowingly collect personal information (as defined by the U.S. Children’s Online Privacy Protection Act) of children. We also do not knowingly “sell,” as that term is defined under the California Consumer Privacy Act, the personal information of minors under 16 years old who are California residents.


Additional Disclosures for Data Subjects in the EEA and UK-based individuals

Data protection laws in Europe distinguish between organizations that process personal data for their own purposes (known as “controllers”) and organizations that process personal data on behalf of other organizations (known as “processors”). The MediaGrid acts as a controller with respect to personal data collected as you interact with our Website.


Under European data protection law, there are various legal grounds, or bases, on which we can rely when processing your personal data or information. In some contexts more than one ground applies. We have summarized these grounds as Contract, Legal obligation, Legitimate Interests and Consent and outline what those terms mean in the following table. In connection with the processing of personal information that MediaGrid undertakes, we primarily rely on the legal grounds of consent and legitimate interests (as set out in the “table” above).

Term Legal Ground/Basis for processing Explanation Examples of when we rely on this legal ground/basis for processing
Contract The processing is necessary for performance of a contract with you or to take steps at your request to enter a contract This covers carrying out our contractual duties and exercising our contractual rights. N/A
Legitimate Interests Processing necessary for our or a third party’s legitimate interests We have legitimate interests in providing the Site and the MediaGrid Services as well as carrying on, managing and administering our business and processing your information effectively and properly in connection with those interests (see table above)

Your data will not be processed on this basis if our or a third party’s interests are overridden by your own interests, rights and freedoms.

For any legitimate interests processing identified in the table above, you are entitled to object to our processing.

  • to provide our Services to our Customers including: media trading, ad selection, delivery, enrichment, measurement and reporting, personalization, data matching (to online and offline sources), device linking and other services connected to the advertising industry;
  • to enable our Customers to fulfil their lawful purposes; and
  • to carry out marketing (although we do rely on specific consent for the collection of cookies and similar technologies and for sending electronic marketing messages).
Consent You have given specific consent to processing your data (this consent may have been provided to one of our Customers or third party data providers) We will process certain information where we have your consent to do so – meaning that the party who collected your information has collected consent from you to enable us to provide the Services.
  • for the automatic collection of data such as cookies from the device;
  • for sending electronic marketing communications (via email or text).
Legal obligation Processing necessary to comply with our legal obligations Ensuring we perform our legal and regulatory obligations. For example, complying with a court order. If we ask you to provide personal information to comply with a legal requirement or to perform a contract with you, we will make this clear at the relevant time and advise you whether the provision of your personal information is mandatory or not (as well as of the possible consequences if you do not provide it).



IAB Transparency and Consent Framework

The MediaGrid participates in the “Transparency & Consent Framework” (“TCF”), developed by the Interactive Advertising Bureau (IAB) and complies with its Specifications and Policies. The MediaGrid is registered with the IAB as a Vendor, our identification number within the framework is 686.

Your Data Subject Rights

You have the right to access, rectify, or erase any personal data we have collected about you. You also have the right to data portability and the right to restrict or object to our processing of personal data we have collected about you. In addition, you have the right to ask us not to process your personal data (or provide it to third parties to process) for marketing purposes or purposes materially different than for which it was originally collected or subsequently authorized by you. You may withdraw your consent at any time for any data processing we do based on consent you have provided to us.

To exercise any of these rights, please contact us as set out in the “How to contact us” section below and specify which right you are seeking to exercise. We will respond to your request within 30 days. We may require specific information from you to help us confirm your identity and process your request. If personal data about you has been processed by us as a processor on behalf of a client and you wish to exercise any rights you have with such personal data, please inquire with our Customer directly. If you wish to make your request directly to us, please provide the name of our Customer on whose behalf we processed your personal data. We will refer your request to that Customer, and will support them to the extent required by applicable law in responding to your request.

Please note that we retain information as necessary to fulfil the purposes for which it was collected, and may continue to retain and use information even after a data subject request for purposes of our legitimate interests, including as necessary to comply with our legal obligations, resolve disputes, prevent fraud, and enforce our agreements.

If you have any issues with our compliance, you may contact our Data Protection Officer at You also have the right to lodge a complaint with the data protection regulator in your jurisdiction.


Additional Disclosures for California Residents

Our Digital Properties are intended to provide information and services to job applicants and existing or potential business clients. You understand and agree that information collected about you is solely within the context of either (i) your status as a job applicant; or, (ii) your role as an employee, owner, director, officer, or contractor of a company conducting due diligence regarding The MediaGrid, or our affiliates, providing or receiving a product or service.

Customers who are residents of California may request (i) a list of the categories of personal information disclosed by us to third parties during the preceding calendar year for those third parties’ own direct marketing purposes; and (ii) a list of the categories of third parties to whom we disclosed such information. To exercise a request, please write us at the email or postal address set out in “How to contact us” below and specify that you are making a “California Shine the Light Request.” We may require additional information from you to allow us to verify your identity and are only required to respond to requests once during any calendar year.

As a California resident you can make choices about the sale and sharing of your personal information. Please click here for our CCPA Privacy Center for further details.


Changes to our Privacy Notice

If we decide to change this Privacy Notice, we will post those changes on this page, and/or update the Privacy Notice modification date at the top of this Notice.


How to contact us

If there are any questions regarding this Privacy Notice or your privacy rights you may contact us at

The Data Controller of your personal data is The MediaGrid Inc. of 625 Broadway, 10th Floor, New York, NY 10012, US.

The MediaGrid is a member of the IPONWEB Group of companies. For details regarding other Data Controllers in the IPONWEB Group, please see or their respective privacy notices.