PRIVACY & SECURITY POLICY

 

From The Top Ltd. dba FTT (“we” “us” “our” or “FTT”) is a global ad-tech company that provides third party partners (“Advertisers”) with an end-to-end solution, which enables third party publishers (“Publishers”) to display online advertisements to end users who use or otherwise interact with certain smart TV, mobile webpages and desktop websites (“Digital Assets”) using available solutions in the market, such as real time bidding, tag integration, header bidding and other advanced hybrid solutions.

FTT recognizes the importance of your privacy and we take this issue very seriously. To this end, we have designed the FTT privacy policy (“Privacy Policy”) in a format that is easy to read so that you can clearly understand our privacy practices. This Policy describes FTT’s collection and use of the information provided or collected on or through our various services and features (collectively shall be defined hereinafter as the “Services”), which includes, our website which is currently located at fromthetop.io (“Site”) as well as our SSP/DSP for the purpose of displaying online advertisements within Digital Assets. We are committed to treating any information we collect with care and respect.

Capitalized terms which are not defined herein, shall have the meaning ascribed to them in our Terms and Conditions available at: fromthetop.io/toc which this Privacy Policy is incorporated thereto by reference (collectively, the “Terms”).

We have included below information about which data is collected, how we process and use your data, but before we would like to explain the basis on which we do so:

·        Where you sign up for any of our Services, we process your personal data in order to perform our contract with you;

·        If we have a legitimate interest in processing data, such as for direct marketing, online advertising or online identifiers when you access our Site or use our Services; or

·        We will also process your personal data where you have provided us with consent to do so.

If you have any questions about this Privacy Policy, please contact us at: at: info@fromthetop.io.

INFORMATION WE MAY COLLECT

We may collect two types of data and information from our Users. The first type of information is non-identifiable and anonymous information (“Non-Personal Information”). We are not aware of the identity of the User from which we have collected the Non-Personal Information. Non-Personal Information is any unconcealed information which is available to us while Users are using the Services. Non-Personal Information which is being gathered consists of technical information and behavioural information, and may contain, among other things, the activity of the User on the Services, type of operating system and type of browser, type of device, User’s connection to the Site, or approximate geo-location.

The second type of information is individually identifiable information, namely information that identifies an individual or may with reasonable effort identify an individual (“Personal Information”). Personal Information includes either: (i) contact information such as your name, email address, etc., which you have submitted voluntarily; or (ii) your Internet Protocol (“IP”) addresses (the addresses of computers on the Internet), (collectively, “Identifiers”). Note that, while Identifiers are considered Personal Information in many jurisdictions (such as the EEA), there are some jurisdictions in which such data is not considered as Personal Information. Therefore, we treat such information as Personal Information, in accordance with applicable laws, however we do not attempt to analyse or determine your identity based on such information or otherwise combine it with any Personal Information such as your name or email address. The IP may be collected by our third party analytic partners that offer ways to opt-out, all as detailed below.

For avoidance of doubt, any Non-Personal Information connected or linked to any Personal Information shall be deemed as Personal Information as long as such connection or linkage exists.

You are not required by law to provide us with any information. You can always avoid from providing us certain Personal Information; however, you acknowledge that it may prevent you from engaging in certain Services.

Information we collect from visitors of our Site and Users of the FTT Services

Type of Information

In the event you contact us for support or other inquiries by sending us an email or by other means of communications we make available, you will be requested to provide us your name and email address.

Identifiers

If you voluntarily subscribe to our newsletter you will be asked to provide us with your email address. You can unsubscribe at any time using the unsubscribe option within the body of the newsletter or rather or by contacting customer support at info@fromthetop.io

We also collect certain technical Non-Personal Information (as detailed above) which relates to your use of the Services or the Site. 

How Do We Use It?

We will use this information solely for the purpose of responding to your inquiries and provide you with the support or information you have requested.

We either directly or indirectly may collect our visitors’ of the Site IP or Identifiers when using the Services. We use this for our legitimate interests of operating, providing, maintaining, protecting, managing, customizing and improving our Site and Services and the way in which we offer them; (ii) enhancing your experience with the Services; (iii) our legitimate interests of auditing and tracking usage statistics and traffic flow; and (iv) our legitimate interest of serving personalized advertisements on Digital Assets. 

If you voluntarily subscribe to our newsletter you will be asked to provide us with your email address. You can unsubscribe at any time using the Unsubscribe option within the body of the Newsletter or rather or by contacting customer support at info@fromthetop.io

We use this technical data in order to operate and manage our Site.

Information We Collect from Advertisers or Publishers

Type of Information

In order to use our Services as an Advertiser or Publisher you will be required to enter into a physical agreement with FTT.

How Do We Use It?

We will use this information for the purpose of performing our contract with you in order to provide you with the Services you have requested.

We also collect certain technical Non-Personal Information (as detailed above) as a visitor to the site and as detailed above.

HOW WE COLLECT INFORMATION

Depending on the nature of your communication with us, we may collect the above detailed information from you, as follows:

·        automatically, including through the use of cookies (as detailed below), or other similar tracking technologies when a user interacts with a Digital Assets; or

·        when you voluntarily choose to provide us with information, i.e. when you contact us, sign-up for our newsletter, all as detailed in this Privacy Policy. Whenever technically possible and required under applicable law, we will ask for your consent to collect your Personal Information and offer you the choice to opt-out.

COOKIES AND SIMILAR TECHNOLOGIES

When you access or use the Service, we may use industry-wide technologies such as “cookies” (or similar technologies), which store certain information on your device (i.e., locally stored) and which will allow us to customize the Service and content as well as enhance your experience of the Services.

The cookies and similar technologies used by us are created per session and do not include any Personal Information, other than your preference, navigation on the applicable Digital Assets as well as the session key and allow us to analyse trends, track users’ movements around the Site, which are removed as your session ends. Most browsers will allow you to erase cookies from your device, block acceptance of cookies, or receive a warning before a cookie is stored. However, if you block or erase cookies your experience may be limited.

For more information about cookies and your controls in this regard, you may review the following links:

·        https://support.google.com/chrome/answer/95647?hl=en (Chrome)

·        https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences (Firefox)

·        http://www.opera.com/help/tutorials/security/cookies/ (Opera)

·        https://support.microsoft.com/en-gb/help/17442/windows-internet-explorer-delete-manage-cookies (Internet Explorer)

·        https://support.apple.com/kb/PH21411 (Safari)

·        https://privacy.microsoft.com/en-us/windows-10-microsoft-edge-and-privacy (Edge)

Most browsers will allow you to erase cookies from your computer’s hard drive, block acceptance of cookies, or receive a warning before a cookie is stored. However, if you block or erase cookies some features of the Services may not operate properly and your online experience may be limited

Third parties (i.e., Google Analytics) may also use cookies, scripts or web beacons for the purpose of tracking and analysing your use, this information does not include Personal Information. To learn more about how Google uses data from our use of Google Analytics Cookies, we recommend you review Google’s policies located at: www.google.com/policies/privacy/partners. We also encourage you to review the Google Analytics’ currently available opt-outs for the web tool available at:  https://tools.google.com/dlpage/gaoptout/.

SHARING YOUR INFORMATION WITH THIRD PARTIES

FTT will not share the Personal Information it collected with any third parties or any of its partners except in the following:

(a) Authorized Disclosures. We may disclose your Personal Information to third parties when you consent to a particular disclosure of your Personal Information. Please note that once we share your information with another company, that information becomes subject to the other company’s privacy practices. In addition, we may share Identifiers, for the purpose of operating our business and providing the Services, as well as to calculate payments and detect fraud, security or technical issues in connection with the Services.

(b) Compelled Disclosures. To the extent required, FTT will share Personal Information to comply with any applicable law, regulation, legal process or governmental demand (e.g., pursuant to law enforcement inquiries, subpoenas or court orders), or when we believe, in good faith, it is required in order to enforce our policies (including our policies and agreements) including investigations of potential violations thereof or to detect, prevent, or take action regarding illegal activities or other wrongdoing, suspected fraud or security issues. In addition, we will share your information, solely to the extent required to establish or exercise our rights to defend against legal claims or to prevent harm to the rights, property or safety of us, our users, yourself or any third party or for the purpose of collaborating with law enforcement agencies or in case we find it necessary in order to enforce intellectual property or other legal rights.

(c) Fraud Detection. To detect, prevent, or otherwise address fraud, security or technical issues;

(d)  Service Providers. We may disclose Personal Information to our service providers in order for such service providers to perform requested services on our behalf.

(e) Business Transfers. We may share Personal Information, in the event of a corporate transaction. In the event of the aforementioned, our affiliated companies or acquiring company will assume the rights and obligations as described in this Policy.

(f) Non-Personal Information. We may share aggregate or Non-Personal Information with our Business Partners and additional third parties in accordance with the terms of this Policy. We may store Non-Personal and Personal Information on our servers or our cloud servers, use or share Non-Personal Information in any of the above circumstances, as well as for the purpose of providing and improving our Service, aggregate statistics, marketing and conduct business and marketing analysis, and enhance your experience with the Digital Assets.

(g) Identifiers. We may share identifiers collected by us (as detailed above), for the purpose of operating our business and providing the Services, as well as to calculate payments in connection with the Services.

 User Rights

Individuals have the right to know what information we hold about them and, in some cases, to have
such information communicated to them. Individuals may also ask for our confirmation as to whether or
not we process their Personal Information. Subject to the limitations in applicable law, individuals may
also be entitled to obtain from us the Personal Information they have provided to us in a structured,
commonly-used, and machine-readable format, and may have the right to transmit such Personal
Information to another party.

The principal rights under applicable data protection law in relation to Personal Information are as follows:

1. the right to access any information which is provided to us;
2. the right to rectification;
3. the right to erasure;
4. the right to restrict processing;
5. the right to object to processing;
6. the right to data portability;
7. the right to complain to a supervisory authority; and
8. the right to withdraw consent (to the extent applicable).

We provide you with the ability to exercise certain choices and controls in connection with our treatment of your Personal Information, depending on your relationship with us.

If you wish to exercise any or all of the above rights contact us at: info@fromthetop.io and let us know that you wish to exercise your right of access and specify what Personal Information you would like to receive. Where we are not able to provide you with the information for which you have asked, we will endeavour to explain the reasoning for this and inform you of your rights, including the right to complain to the supervisor authority. We reserve the right to ask for reasonable evidence to verify your identity before we provide you with any such information in accordance with applicable law. In addition, the process of locating and deleting the data may take up to one (1) month (following the receipt of the validation proof we require) in accordance with applicable law.

Data privacy and related laws in your jurisdiction may provide you with different or additional rights related to the data we collect from you, which may also apply.

TARGETED ADVERTISING OPT OUT OPTION

Even after providing your consent to this Policy, you are entitled to change your mind. If you do, you may easily opt out of the data collection, sharing process and targeted advertising services related to our Service. Please note that even if you opt-out, you will still receive content and advertising from FTT. Opting-out just means that the advertisements you do receive from us will not be targeted in any sort of way.

Options to opt out:

·        Learn how to opt-out fromAndroid-https://support.google.com/ads/answer/2662922

·        Learn how to opt-out from iOS– https://support.apple.com/en-il/HT205223.

·        You may control how your browser responds to cookies by adjusting the privacy and security settings of your web browser.

·        You may opt out of certain advertisers’ cookies and browser-enabled, interest-based advertising at the Network Advertising Initiative’s (“NAI”) website-NAI consumer opt-out and the Digital Advertising Alliance’s (“DAA”) website- DAA opt-out page.

·        If you wish to opt out of interest-based advertising, you may click here. Please note you will continue to receive generic ads.

·        Our Publishers may also provide ways for you to opt out from or limit their collection of information from and about you. Please refer to the privacy policies for the Digital Assets to learn more about the privacy practices of our Business Partners. Please note, however, that we are not responsible for the privacy practices of our Publisher, or other third parties.

In the event, that you have any additional complaints about your privacy rights, please Contact Us at: info@fromthetop.io and we will be happy to assist you. Note that once you opt out, part of the Services provided by us might no longer be available and some features may not work if you revoke the data transfer.

CHILDREN’S PRIVACY

You represent and warrant that, (i) if you are located in the US, you are at least 13 years of age; or if you are located in any other GEO, you are above the age defined as “child” under applicable laws in your jurisdiction (collectively “Child” or “Children”); and (ii) you are of legal competence to enter into this Privacy Policy. If you are under 18, please be sure to read the terms of this Privacy Policy with your parents or legal guardians. The Services are not directed or intended for Children, as defined under applicable law, and we do not knowingly collect or solicit information from children.  If we obtain actual knowledge that a User is considered as a Child under applicable law, we will take steps to immediately delete such User’s Personal Information. If you become aware or have any reason to believe that a Child has shared any information with us, please contact us at: info@fromthetop.io.

DATA SECURITY AND INTEGRITY

FTT also protects your privacy by seeking to minimize the amount of data that we store on our servers in the first place. If you feel that your privacy was treated not in accordance with our policy, or if any person attempted to abuse FTT please contact us at: info@fromthetop.io directly.

Further, in the event of a data breach, in which we discover your Personal Information is at risk, we will notify you and the applicable authority (if required subject to applicable laws).

DATA RETENTION

We retain the Non-Personal Information we collected for as long as needed to provide the Service and to comply with our legal obligations, resolve disputes and enforce our agreements. FTT will retain data collected for online behavioural advertising for as long as commercially useful to carry out its business purpose, in accordance with applicable laws, or until an individual expresses an opt-out preference. Further, we retain the Personal Information, we collected for as long as legally permissible, in accordance with applicable laws. FTT may rectify, replenish or remove incomplete or inaccurate information, at any time and at its sole discretion.

TRANSFER OF DATA

As a part of an international group, we may store or process your Personal Information in the United States or in other countries. If you are a resident of the European Economic Area (“EEA“) we will take appropriate measures to ensure that your personal data receives an adequate level of data protection upon its transfer outside of the EEA. If you are a resident of a jurisdiction where transfer of your personal data requires your consent, then your consent to this Privacy Policy includes your express consent for such transfer of your data.

DO NOT TRACK DISCLOSURE

The Service does not respond to Do Not Track signals. For more information about Do Not Track signals, please see http://www.allaboutdnt.com/.

DATA PROTECTION OFFICER

If you have any requests regarding the data collected under this Policy, including without limitation, requests to remove, delete, amend, modify or transfer the data, please contact us at: info@fromthetop.io.

Please be sure to include your name, address and email address in any correspondence to us so that we can respond to your inquiry in a timely manner.

MODIFICATIONS AND UPDATES

We reserve the right to periodically amend or revise this policy, at our sole discretion. The most recent version of the policy will always be posted on the site. If we do make any changes, the updated date at the top of the policy will be reflected in the “last revised” heading. If we make any material changes, that will substantially affect your use of the service or the data collection by us, we will provide you with applicable notifications or by means of a notice on this site. We encourage you to review the policy periodically to ensure that you understand how we collect, use and share information through the services. Any changes to the policy will become effective immediately upon the display of the revised policy. Your continued use of the digital assets or services following the display of such revised policy, constitutes your acknowledgement and consent of such amendments and your agreement to be bound by the terms therein.

CONTACT US

If you have any questions or comments about this Policy, please contact us via email at: info@fromthetop.io.

____________________________________________________________________________________________________________________________________________

INFORMATION SECURITY POLICY

 

From The Top Ltd. dba FTT (“we” “us” “our” or “FTT”) is committed to provide transparency regarding the security measures which it has implemented in order to secure and protect Personal Data (as defined under applicable law, including the EU General Data Protection Regulation (Regulation 2016/679) (“GDPR”)) processed by the Company for the purpose of providing its services.

This information security policy (“Policy”) outlines the Company’s current security practices as of the “Last Updated” date indicated above. We will keep updating this Policy from time to time, as required by applicable laws and our internal policies.

As part of our GDPR we have implemented, technical organizational monitoring protections, and established an extensive information and cyber security program, all with respect to data processed by us. We take best efforts to ensure our employees, contractors, as well clients, comply with this Policy.

System Access Control

Access to all data processing systems is solely via Company’s user authentication systems. Company uses simple authentication and block access in any case of failed attempts or inactivity. There is clear identification or which employees are entitled to access the data. In addition, remote access and wireless computing capabilities are restricted and require that both user and system safeguards are in place. The systems are also protected and solely authorized employees may access the systems by using a designated password.

Data Access Control

The access to the Personal Data is restricted to solely the employees that are required to receive access and is protected by passwords according to defined password stipulations and user names. Access to the Personal Data is secured by VPN and is highly managed by access control policies. The Company uses high level security measures to ensure that the Personal Data will not be accessed, modified, copied, used, transferred or deleted without specific authorization. The scope of authorizations is limited in each case to the absolute minimum necessary for performing tasks or functions (logistic, chronological, etc.)

All transactions where Personal Data is read, inputted, changed and deleted are logged (user identifiers, transaction details) and archived.

Physical Access Control

The Company secures any physical access to facilities that contain Personal Data, such as the Company’s offices and server centers. The Company secures access to its offices and ensures that solely authorized persons have access. The Company’s servers are located in a protected facility in which the physical access is controlled by professional security staff. Further, the Company has entered in to applicable and binding processing agreements with each server service provider. The Company’s servers are protected by industry best standards of security systems and measures. The Company balances its approach towards physical security by considering elements of control that include architecture, operations, systems, performance, compatibility and interoperability.

Organizational and Operational Security

It is the responsibility of the individuals and personnel within the Company to comply with the Company’s practices and standards. The Company educates and provides ongoing training to its employees and service providers, consultants and contractors and raises awareness, risk and assessment with regards to any processing of Personal Data. Internal security testing is carried out on a regular basis. Further, the Company’s IT team ensures security of all hardware and software available within the Company, such as: install anti-malware software on computers to protect against malicious use and malicious software (additional controls may be implemented based on risk), virus detection on endpoints, email attachment scanning, system compliance scans, information handling options for the data exporter based on data type, network security, and system and application vulnerability scanning, use secured email transfer, etc.

Transfer Control

The goal of transfer control is to ensure that Personal Data cannot be read, copied, modified, or removed by unauthorized parties during the electronic transmission of data or during their transport or storage in the applicable data center.

Data Retention

Personal Data as well as raw data are deleted as soon as possible or as soon as legally required.

Job Control

Employees and data processors are all signed on applicable and binding agreements all of which include applicable data provisions and data security obligations. Further, as part of the employment process, employees undergo a screening process applicable per regional law. Employees are bound to follow the Company’s policies and procedures and violations shall result in disciplinary actions up to and including termination of employment. An employee will not gain access to the Personal Data until the Company has trust that the employee is well educated and responsible to handle the Personal Data, if needed, in a secure manner. In addition, the Company hold annual compliance training which include data security education.

THE INFORMATION SECURITY, LEGAL, PRIVACY AND COMPLIANCE DEPARTMENTS WORK TO IDENTIFY REGIONAL LAWS, REGULATIONS APPLICABLE TO COMPANY’S COMPLIANCE. THEREFORE, THIS SECURITY POLICY MAY BE UPDATED FROM TIME TO TIME, ACCORDING TO ANY APPLICABLE LEGISLATION OR INTERNAL POLICIES.