The Policy covers all information that You share with SoMo on this website as well as information shared by Customers of the following websites: https://touchplatform.com/privacy-policy.php & https://mobileadtrading.com/ . It does not cover information that You share with any other entity or any other website or that SoMo obtains from You from any other website or source.
Reservation Of Rights
Because the Policy may be modified at any time, You should review the Policy every time You visit to review any changes or modifications.
Incorporation in Agreements Between Customer & SoMo
This Policy is an integral part of Agreements between Customer (and any entity on whose behalf Customer acts) & SoMo with respect to all the services it provides.
Who Is SoMo & What Is Our Service?
We are a software company whose Service includes: (a) operating a software platform that matches Advertisers with media inventory of Publishers (collectively, "Customers") to place advertising targeted to users of mobile devices ("User(s)") and (b) providing software solutions to assist Advertisers in targeting their marketing to interested Users (the "Service"). SoMo has no direct interaction with User’s that visit Customers’ websites.
Information Collection & Use
We do not collect Personally Identifiable Information ("PII") of Users. PII is information that can be used on its own or with other information to identify, contact, or locate a User, including Your name, Your company name, Your email address, password, billing information and geographic location. SoMo contractually prohibits Customers from sharing Users’ PII with SoMo.
We collect PII of Visitors who wish to become Customers of SoMo through accessing this website and voluntarily provide such information to Us.
Aggregated & Analytical Information
We collect Non Personally Identifiable Information ("NPII") of Users and Visitors to this Website. We obtain this Information from our Customers or through our Customers’ use of SoMo software. We collect Your NPII when You access our website. We use such information to maintain, support and improve our software, to target our Customers’ advertising to Users and to enhance the User’s mobile experience when visiting websites that display our Customers’ advertising by, for example, limiting the repetition of advertisements or displaying relevant advertising to Users; to study and analyze the functionality of the Service and Customers’ and Users' activities, to provide support, to measure Service activity for pricing purposes.
We use a variety of tools to collect NPII including, but not limited to, cookies, tags, beacons and Internet Protocol address tracking to gather NPII. "Cookies" are pieces of code/text that gets placed on Your computer when You browse our Website. Cookies may be placed by us or our Customers on Your mobile device or browser. "Tags" and web beacons refer to code scripts that are primarily used to track visitors’ activities on our Site by web analytics software. The types of NPII and the tools we use to gather it may change over time.
We may share NPII with our Customers, for a variety of reasons, including but not limited to monitoring the success of Customers’ advertisements or marketing our services.
Sharing Personally Identifiable Information With Others
We will share Your personally identifiable information with service providers and other third parties, if necessary to fulfill the purposes for collecting the information, provided that any such third party will commit to protect Your privacy as required under the applicable law and the Policy.
We will also share personally identifiable information with companies or organizations connected, or affiliated with us, with the express provision that their use of such information must comply with the Policy.
We will report and share user personally identifiable information, if we believe that we are required to do so by law. We will need to disclose personally identifiable information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
Additionally, a merger, acquisition or any other structural change will require us to transfer Your personally identifiable information to another entity, as part of the structural change, provided that the receiving entity will comply with the Policy.
We retain different types of personally identifiable information for different periods, depending on the purposes for processing the information, our legitimate business purposes as well as pursuant to legal requirements under applicable law.
For example, we will need to keep the information for several years due to tax related requirements, for accounts settling, record keeping, archiving and legal issues.
We will maintain Your contact details, to help us stay in contact with You. At any time before or after the termination of Your account, You can contact our data protection officer at: email@example.com and request to delete Your contact details. Note that we will keep Your details without using them unless necessary, and for the necessary period, for legal requirements and proceedings.
We will keep aggregated non-identifiable information without limitation, and to the extent reasonable we will delete or de-identify potentially identifiable information when we no longer need to process the information.
As a Customer, as long as You use the Service, we will keep information about You, unless the law requires us to delete it, or if we decide to remove it at our discretion, according to the terms of the Policy
EU Residents Consent For Transfer Of Personally Identifiable Information
If You are a resident in a jurisdiction where transfer of Your personally identifiable information to another jurisdiction requires Your consent, then You provide us Your express and unambiguous consent to such transfer.
To the extent necessary under EU privacy laws and regulations, we will implement data onward transfer instruments, such as the Controller to Processor SCCs, the Controller to Processor SCCs, the Privacy Shield Framework and a statement of compliance with the Privacy Shield Principles, and such other lawful instruments to transfer personally identifiable information, as may be available from time to time.
SoMo is located in the United States of America, and our website and services are directed toward persons located within the United States of America. If You are visiting from the any other country with laws, rules, or regulations ("Laws") governing data collection and use that may differ from U.S. Laws and have different definitions of PII and NPII, You should be aware that by choosing to access this website or to use SoMo’s services, You understand, acknowledge and consent to the definitions of and rules governing PII and NPII in the United States and to the exclusive jurisdiction of the Federal and State courts of New York County, New York.
We store the information that we collect on our servers and we use standard security procedures and practices to protect information from unauthorized access, destruction, use, modification, or disclosure. Notwithstanding the foregoing, SoMo cannot guarantee that some third party may illegally access information stored on its servers. By interacting with this site, You expressly acknowledge and agree that SoMo does not guarantee the security of any data provided to or received by us through this site so that any data or information You provide to us is provided at Your own risk, which You expressly assume.
This Website Is Not Directed To Individuals Under 18
This Website does not target individuals under 18 years of age. We do not knowingly collect PII from children under 13. If a parent or guardian becomes aware that his or her child has provided us with PII without their consent, he or she should contact us immediately at firstname.lastname@example.org If SoMo becomes aware that a child under 13 has provided us with PII, we will delete such information from our files.
All transactions are non-refundable.
Opt Out of Targeted Advertising
At any time, You can disable Your account through Your account page.
At any time, You can exercise Your following opt-out options: (i) object to the disclosure of Your personally identifiable information to a third party, other than to third parties who act as our agents to perform tasks on our behalf and under our instructions, or (ii) object to the use of Your personally identifiable information for a purpose that is materially different from the purposes for which we originally collected such information, pursuant to the Policy, or You subsequently authorized such use.
California Privacy Rights
Pursuant to California Civil Code Section 1798.83, residents of the State of California have the right to request from companies conducting business in California certain information regarding SoMo’s disclosure within the immediately preceding calendar year of certain categories of that California resident’s personal information to third parties (and in some cases affiliates) for their direct marketing purposes. To make such a request, please contact us at: email@example.com.
Accessing Your Personally Identifiable Information
If You find that the information on Your account is inaccurate, please provide us the necessary information to correct it.
At any time, You can contact us at: firstname.lastname@example.org and request to access the personally identifiable information that we keep about You. We will need to request that You provide us with credentials to ascertain that You are who You claim to be and to the extent required under the applicable law. We will make good-faith efforts to locate Your personally identifiable information that You request to access.
If You are eligible for the right of access under the applicable law, You can obtain confirmation from us of whether we are processing personally identifiable information about You, and receive a copy of that data, so that You may:
We will use our discretion to redact from the data which we will make available to You, personally identifiable information of others.
EU Data Subject Rights
If EU data protection laws apply to the processing of Your personal data by SoMo, then the following terms apply::
For the purposes of SoMo platform services, we are a data processor and our customers are data controllers, or data processors as well. In SoMo’s other services, SoMo may be either a data controller or data processor or both. SoMo's data processing addendum, directly below or upon request, applies to any such processing where SoMo acts as either a data processor or data controller..
Where we process Your personal data as a data controller, the processing is based on the following lawful grounds:
In addition to Your rights under other sections in the Policy, You have the following rights:
Note that when You send us a request to exercise Your rights, we will need to reasonably authenticate Your identity and location. We will ask You to provide us credentials to make sure that You are who You claim to be and will further ask You questions to understand the nature and scope of Your request.
If we need to delete Your personal data following Your request, it will take some time until we completely delete residual copies of Your personal data from our active servers and from our backup systems.
If You have any concerns about the way we process Your personal data, You are welcome to contact our privacy team at: email@example.com. We will look into Your inquiry and make good-faith efforts to respond promptly
SoMo assesses its data processing and privacy practices periodically, to ensure that SoMo complies with the Policy, to update the policy when needed, and to verify that the policy is displayed properly and accessible.
If You have any concerns about the way SoMo processes Your personal information, You are welcome to contact SoMo’s data protection officer at: firstname.lastname@example.org or write to us at:
SoMo Audience Corp.,
Attn: Privacy Team / Dispute Resolution
18 Bank Street, Suite 206
Summit NJ 07901
SoMo will look into Your enquiry and make good-faith efforts to resolve any existing or potential dispute with You. If You remain unhappy with the response You received, You can also refer the matter to the data protection authorities in Your country.
If You have any comments, questions, concerns or suggestions regarding the Policy, please contact us at email@example.com
1. THIS DATA PROCESSING ADDENDUM
This Data Processing Addendum ("DPA") reflects the parties’ agreement on the Processing of Personal Information that Privacy Laws and Regulations apply in regard thereof.
All capitalized terms not defined herein will have the meaning set forth in the Agreement between SoMo and Customer. All terms under the Agreement apply to this DPA, except that the terms of this DPA will supersede any conflicting terms under the Agreement.
In the course of providing services to Customer pursuant to the Agreement (the "Services"), SoMo may Process Personal Information on behalf of Customer. The parties agree to comply with the following provisions under this DPA with respect to Customer’s Personal Information processed by SoMo on behalf of Customer as part of the Services.
2.1. "Affiliate" means any legal entity directly or indirectly controlling, controlled by or under common control with a party to the Agreement, where "control" means the ownership of a majority share of the voting stock, equity, or voting interests of such entity.
2.2. "SoMo" means SoMo Audience Corp. and its Affiliates.
2.3. "SoMo Information Security Policy" means the information security documentation applicable to the specific Service purchased by Customer, as updated from time to time, and made available by SoMo upon request.
2.4. "Individual" means a natural person to whom Personal Information relates, also referred to as "Data Subject" pursuant to EU data protection laws and regulations.
2.5. "Personal Information " means information about an identified or identifiable Individual, also referred to as "Personal Data " pursuant to EU data protection laws and regulations, which SoMo Processes under the terms of the Agreement.
2.6. "Personnel" means the employees, agents, consultants, and contractors of Customer and Customer’s Affiliates.
2.7. "Privacy Laws and Regulations" means Regulation (EU) 2016/679 (GDPR), when it takes effect, as applicable to the Processing of Personal Information under the Agreement.
2.8. "Privacy Shield" means the EU-US Privacy Shield Framework, as administered by the U.S. Department of Commerce and approved by the European Commission pursuant to Decision C(2016)4176 of July 12, 2016.
2.9. "Privacy Shield Principles" mean the Privacy Shield Principles, as supplemented by the Supplemental Principles and contained in Annex II to the European Commission Decision C(2016)4176 of July 12, 2016, as may be amended, superseded or replaced.
2.10. "Process" or "Processing" means any operation or set of operations which is performed upon Personal Information, whether or not by automatic means, such as collection, organization, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination, or otherwise making available, alignment or combination, blocking, erasure or destruction.
3. DATA PROCESSING
3.1. Scope and Roles. This DPA applies when Personal Information is Processed by SoMo as part of SoMo’s provision of the Services, as further specified in the Agreement and the applicable order form. In this context, to the extent that provisions under the GDPR apply to Personal Information that SoMo processes for Customer under the Agreement, Customer is the Data Controller and SoMo and applicable Affiliates are the Data Processor under such laws and regulations.
3.2. Instructions for SoMo’s Processing of Personal Information. SoMo will only Process Personal Information on behalf of and in accordance with Customer’s instructions. Customer instructs SoMo to Process Personal Information for the following purposes: (i) Processing in accordance with the Agreement and applicable order forms, including, without limitation to provide the Services, and for back-up and disaster recovery, cyber security, operations, control, improvements and development of SoMo’s Services, fraud and service misuse prevention and legal and administrative proceedings; and (ii) Processing to comply with other reasonable instructions provided by Customer where such instructions are consistent with the terms of the Agreement and comply with applicable Privacy Laws and Regulations. Processing outside the scope of this DPA (if any) will require prior written agreement between SoMo and Customer on additional instructions for processing, including agreement on any additional fees Customer will pay to SoMo for carrying out such instructions.
4. NOTICE AND CONSENT
4.1. Customer undertakes to provide all necessary notices to Individuals and receive all necessary permissions and consents, as necessary for SoMo to process Personal Information on Customer’s behalf under the terms of the Agreement and this DPA, pursuant to the applicable Privacy Laws and Regulations.
4.2. To the extent required under the applicable Privacy laws and regulations, Customer will appropriately document the Individuals’ notices and consents.
5. RIGHTS OF INDIVIDUALS
5.1. Requests. SoMo will, to the extent legally permitted, promptly notify Customer if SoMo receives a request from an Individual, who’s Personal Information is included in Customer’s Personal Information, or a request by the Individual’s legal guardians, to exercise the right to access, correct, amend, or delete Personal Information related to the Individual, or to exercise such other personal right that the Individual is entitled to pursuant the applicable Privacy laws and regulations.
5.2. Assistance. SoMo will provide Customer with commercially reasonable cooperation and assistance in relation to handling the Individual’s request, to the extent legally permitted and to the extent Customer does not have access to such Personal Information through its use of the Services. Except if not permitted under the applicable Privacy laws and regulations, Customer will reimburse SoMo with any costs and expenses related to SoMo’s provision of such assistance.
5.3. Customer undertakes to direct individuals who wish to revoke their consent or to exercise their right to be forgotten to SoMo’s opt-out feature above.
6. ASSISTANCE IN COMPLIANCE
At Customer’s written request, SoMo will cooperate with and make commercially reasonable efforts to assist Customer in complying with Customer’s obligations pursuant to Articles 32 to 36 to the GDPR, taking into account the nature of processing and the information available to SoMo.
7. SoMo PERSONNEL
7.1. Limitation of Access. SoMo will ensure that SoMo’s access to Personal Information is limited to those personnel who require such access to perform the Agreement or provide its services.
7.2. Confidentiality. SoMo will impose appropriate contractual obligations upon its personnel engaged in the Processing of Personal Information, including relevant obligations regarding confidentiality, data protection, and data security. SoMo will ensure that its personnel engaged in the Processing of Personal Information are informed of the confidential nature of the Personal Information, have received appropriate training in their responsibilities, and have executed written confidentiality agreements. SoMo will ensure that such confidentiality agreements survive the termination of the employment or engagement of its personnel.
8. AFFILIATES AND THIRD-PARTY SERVICE PROVIDERS
8.1. Affiliates. Some or all of SoMo’s obligations under the Agreement may be performed by SoMo Affiliates.
8.2. Agents. Customer acknowledges and agrees that SoMo and SoMo’s Affiliates respectively may engage third-party service providers in the performance of the Services on Customer’s behalf. All Affiliates and agents (also referred to as ‘other processors’ under the GDPR) to whom SoMo transfers Personal Information to provide the Services on behalf of Customer have entered into written agreements with SoMo or such other binding instruments that bind them by substantially the same material obligations under this DPA.
8.3. Liability. SoMo will be liable for the acts and omissions of its Affiliates and agents to the same extent that SoMo would be liable if performing the Services of each Affiliate or agent directly, under the terms of Agreement.
8.4. Objection. To ensure compliance with applicable Privacy Laws and Regulation, Customer may object to any engagement by SoMo with a new agent to Process Customer Personal Information on Customer’s behalf, within five (5) business days following SoMo’s notice to Customer of its engagement with the new agent. If Customer sends SoMo a written objection to the new agent, SoMo will make commercially reasonable efforts to provide Customer the same level of Services without the using the new agent to Process Customer Personal Information. Nothing in this section prejudices the parties’ rights and obligations under the Agreement.
9. ONWARD AND TRANS-BORDER TRANSFER
9.1. Transfer of Personal Information related to Individuals within the EU to SoMo’s data hosting services in the US is made in accordance with such hosting services’ self-certification with the Privacy Shield.
9.2. All SoMo Affiliates and agents to whom SoMo transfers Personal Information to provide the Services are certified to the Privacy Shield, or provide at least the same level of protection for the Personal Information as is required by the relevant principles of the Privacy Shield and comply with the requirements under the Privacy Shield for the onward transfer of Personal Information to agents, or have executed such other lawful instruments for lawfully transferring Personal Information related to Individuals within the EU to other territories, such as by executing the Standard Contractual Clauses in the form attached and incorporated by reference to this DPA as Exhibit A, or any successor thereof or an alternative lawful data transfer mechanism, or alternatively the Personal Information is transferred to a country with an adequacy recognition by the EU Commission.
10. INFORMATION SECURITY
10.1. Controls. SoMo will maintain administrative, physical and technical safeguards for the protection of the security, confidentiality and integrity of Customer’s Personal Information pursuant to the SoMo Information Security Policy. SoMo regularly monitors compliance with these safeguards. SoMo will not materially decrease the overall security of the Services during the term of the Agreement.
10.2. Policies and Audits.
Customer may audit SoMo’s compliance with its obligations under this Data Processing Addendum up to once per year ("Data Protection and Security Audit"), provided, however, that any Data Protection and Security Audit is subject to the following cumulative conditions: (i) The Data Protection and Security Audit will be pre-scheduled in writing with SoMo, at least 60 days in advance; (ii) All Customer personnel who perform the Data Protection and Security Audit, whether employed or contracted by Customer, will execute SoMo’s standard non-disclosure agreement prior to the initiation of the Data Protection and Security Audit, and a third party auditor will also execute a non-competition undertaking; (iii) Customer will take all necessary measures and verify that the auditors do not access, disclose or compromise the confidentiality and security of non-Customer data on SoMo’s information and network systems; (iv) Customer will take all measures to prevent any damage or interference with SoMo and its Affiliates’ information and network systems; (v) Customer will bear all costs and assume responsibility and liability for the Data Protection and Security Audit and for any failures or damage caused as a result thereof; (vi) Customer will keep the Data Protection and Security Audit results in strict confidentiality, will use them solely for the specific purposes of the Data Protection and Security Audit under this section, will not use the results for any other purpose, or share them with any third party, without SoMo’s prior explicit written confirmation; and (vii) If Customer is required to disclose the Data Protection and Security Audit results to a competent authority, Customer will first provide SoMo with a prior written notice, explaining the details and necessity of the disclosure, and will provide SoMo with all necessary assistance to prevent the disclosure thereof.
11. SECURITY BREACH MANAGEMENT AND NOTIFICATION
11.1. Breach prevention and management. SoMo will maintain security incident management policies and procedures and will, to the extent required by law, promptly notify Customer of any unauthorized access to, acquisition of, or disclosure of Customer Personal Information, by SoMo or its Affiliates or agents of which SoMo becomes aware of (a "Security Incident").
11.2. Remediation. SoMo will promptly make reasonable efforts to identify and remediate the cause of such a Security Incident.
12. DELETION AND RETENTION OF PERSONAL INFORMATION
12.1. Data Deletion. After the end of the provision of the Services, SoMo will return Customer’s Personal Information to Customer or delete such data, including by de-identifying thereof.
12.2. Data Retention. Notwithstanding, Customer acknowledges and agrees that SoMo may retain copies of Customer Personal Information as necessary in connection with its routine backup and archiving procedures and to ensure compliance with its legal obligations and its continuing obligations under the applicable law, including to retain data pursuant to legal requirements and to use such data to protect SoMo, its Affiliates, agents, and any person on their behalf in court and administrative proceedings.
13. DISCLOSURE TO COMPETENT AUTHORITIES
SoMo may disclose Personal Information (a) if required by a subpoena or other judicial or administrative order, stock exchange or if otherwise required by law; or (b) if SoMo deems the disclosure necessary to protect the safety and rights of any person, or the general public.
14. ANONYMIZED AND AGGREGATED DATA
SoMo may process data based on extracts of Personal Information on an aggregated and non-identifiable forms, for SoMo’s legitimate business purposes, including for testing, development, controls, and operations of the Services, and may share and retain such data at SoMo’s discretion, provided that such data cannot reasonably identify an Individual.
This DPA will commence on the same date that the Agreement are effective and will continue until the Agreement are expired or terminated, pursuant to the terms therein.
16.1. SoMo’s compliance team is responsible to make sure that all relevant SoMo’s personnel adhere to this DPA.
16.2. SoMo’s compliance team can be reached at: firstname.lastname@example.org
17. DISPUTE RESOLUTION
Each Party will create an escalation process and provide a written copy to the other Party within five (5) business days of any dispute arising out of or relating to this DPA. The escalation process will be used to address disputed issues related to the performance of this DPA, including but not limited to technical problems. The Parties agree to communicate regularly about any open issues or process problems that require prompt and accurate resolution as set forth in their respective escalation process documentation. The Parties will attempt in good faith to resolve any dispute arising out of or relating to this DPA, before and as a prior condition for commencing legal proceedings of any kind, first as set forth above in the escalation process and next by negotiation between executives who have authority to settle the controversy and who at a higher level of management than the persons with direct responsibility for administration of this DPA. Any Party may give the other Party written notice of any dispute not resolved in the normal course of business. Within two (2) business days after delivery of the notice, the receiving Party shall submit to the other a written response. The notice and the response will include (a) a statement of each Party’s position and a summary of arguments supporting that position and (b) the name and title of the executive who will represent that Party and of any other person who will accompany the executive. Within five (5) business days after delivery of the disputing Party’s notice, the executives of both Parties shall meet at a mutually acceptable time and place, including telephonically, and thereafter as often as they reasonably deem necessary, to attempt to resolve the dispute. All reasonable requests for information made by one Party to the other will be honored. All negotiations pursuant to this clause are confidential and will be treated as compromise and settlement negotiations for purposes of applicable rules of evidence.
18.1. Any alteration or modification of this DPA is not valid unless made in writing and executed by duly authorized personnel of both parties.
18.2. Invalidation of one or more of the provisions under this DPA will not affect the remaining provisions. Invalid provisions will be replaced to the extent possible by those valid provisions which achieve essentially the same objectives.