Repository: YalePrivacyLab/tracker-profiles
Branch: master
Commit: 01829834395e
Files: 85
Total size: 527.9 KB

Directory structure:
gitextract_wzt87a0e/

├── LICENSE
├── README.md
├── guides/
│   ├── Acronyms.md
│   ├── BasicTrackerTemplate.md
│   ├── Glossary.md
│   ├── Permissions.md
│   └── mozilla_presentation.md
└── trackers/
    ├── AccountKit.md
    ├── Actv8.md
    ├── Ad4Screen.md
    ├── Amplitude.md
    ├── AppNexus.md
    ├── Appodeal.md
    ├── AppsFlyer.md
    ├── Auditude.md
    ├── Axwave.md
    ├── BeatgridMedia.md
    ├── BlueConic.md
    ├── Braze (Appboy).md
    ├── Brightcove.md
    ├── Cifrasoft.md
    ├── CopSonic.md
    ├── Crashlytics (Google).md
    ├── Cuebiq.md
    ├── Demdex (Adobe).md
    ├── Disney.md
    ├── DoubleClick (Google).md
    ├── Dov-e.md
    ├── Embee.md
    ├── Estimote.md
    ├── Eulerian.md
    ├── Fabric.md
    ├── Facebook.md
    ├── Fidzup.md
    ├── Flurry (Yahoo).md
    ├── Gimbal.md
    ├── HockeyApp (Microsoft).md
    ├── Houndify.md
    ├── InMobi.md
    ├── IndoorAtlas.md
    ├── Inmarket.md
    ├── Instreamatic.md
    ├── Intrasonics.md
    ├── Kochava.md
    ├── Krux (SalesForce DMP).mkd
    ├── Leanplum.md
    ├── Lenddo.md
    ├── Localytics.md
    ├── Millenial Media.md
    ├── MixPanel.md
    ├── MoPub.md
    ├── Moca.md
    ├── Moodmedia.md
    ├── Mufin.md
    ├── Nexage (AOL).md
    ├── Omniture.md
    ├── Ooyala.md
    ├── OpenX.md
    ├── Opentracker.md
    ├── OtherLevels.md
    ├── Pilgrim.md
    ├── Pointinside.md
    ├── Proximi.md
    ├── Pushwoosh.md
    ├── SafeGraph.md
    ├── ScorecardResearch.md
    ├── Sift.md
    ├── Smart.md
    ├── TUNE.md
    ├── TVSquared.md
    ├── Taplytics.md
    ├── Tealium.md
    ├── Teemo.md
    ├── Tinder.md
    ├── Trillbit.md
    ├── Umeng Analytics.md
    ├── Umeng Feedback.md
    ├── Weborama.md
    ├── Xfinity.md
    ├── Xiti.md
    ├── YandexAd.md
    ├── YinzcamSobek.md
    ├── Zapr.md
    ├── ironSource.md
    └── mParticle.md

================================================
FILE CONTENTS
================================================

================================================
FILE: LICENSE
================================================
                    GNU AFFERO GENERAL PUBLIC LICENSE
                       Version 3, 19 November 2007

 Copyright (C) 2007 Free Software Foundation, Inc. <http://fsf.org/>
 Everyone is permitted to copy and distribute verbatim copies
 of this license document, but changing it is not allowed.

                            Preamble

  The GNU Affero General Public License is a free, copyleft license for
software and other kinds of works, specifically designed to ensure
cooperation with the community in the case of network server software.

  The licenses for most software and other practical works are designed
to take away your freedom to share and change the works.  By contrast,
our General Public Licenses are intended to guarantee your freedom to
share and change all versions of a program--to make sure it remains free
software for all its users.

  When we speak of free software, we are referring to freedom, not
price.  Our General Public Licenses are designed to make sure that you
have the freedom to distribute copies of free software (and charge for
them if you wish), that you receive source code or can get it if you
want it, that you can change the software or use pieces of it in new
free programs, and that you know you can do these things.

  Developers that use our General Public Licenses protect your rights
with two steps: (1) assert copyright on the software, and (2) offer
you this License which gives you legal permission to copy, distribute
and/or modify the software.

  A secondary benefit of defending all users' freedom is that
improvements made in alternate versions of the program, if they
receive widespread use, become available for other developers to
incorporate.  Many developers of free software are heartened and
encouraged by the resulting cooperation.  However, in the case of
software used on network servers, this result may fail to come about.
The GNU General Public License permits making a modified version and
letting the public access it on a server without ever releasing its
source code to the public.

  The GNU Affero General Public License is designed specifically to
ensure that, in such cases, the modified source code becomes available
to the community.  It requires the operator of a network server to
provide the source code of the modified version running there to the
users of that server.  Therefore, public use of a modified version, on
a publicly accessible server, gives the public access to the source
code of the modified version.

  An older license, called the Affero General Public License and
published by Affero, was designed to accomplish similar goals.  This is
a different license, not a version of the Affero GPL, but Affero has
released a new version of the Affero GPL which permits relicensing under
this license.

  The precise terms and conditions for copying, distribution and
modification follow.

                       TERMS AND CONDITIONS

  0. Definitions.

  "This License" refers to version 3 of the GNU Affero General Public License.

  "Copyright" also means copyright-like laws that apply to other kinds of
works, such as semiconductor masks.

  "The Program" refers to any copyrightable work licensed under this
License.  Each licensee is addressed as "you".  "Licensees" and
"recipients" may be individuals or organizations.

  To "modify" a work means to copy from or adapt all or part of the work
in a fashion requiring copyright permission, other than the making of an
exact copy.  The resulting work is called a "modified version" of the
earlier work or a work "based on" the earlier work.

  A "covered work" means either the unmodified Program or a work based
on the Program.

  To "propagate" a work means to do anything with it that, without
permission, would make you directly or secondarily liable for
infringement under applicable copyright law, except executing it on a
computer or modifying a private copy.  Propagation includes copying,
distribution (with or without modification), making available to the
public, and in some countries other activities as well.

  To "convey" a work means any kind of propagation that enables other
parties to make or receive copies.  Mere interaction with a user through
a computer network, with no transfer of a copy, is not conveying.

  An interactive user interface displays "Appropriate Legal Notices"
to the extent that it includes a convenient and prominently visible
feature that (1) displays an appropriate copyright notice, and (2)
tells the user that there is no warranty for the work (except to the
extent that warranties are provided), that licensees may convey the
work under this License, and how to view a copy of this License.  If
the interface presents a list of user commands or options, such as a
menu, a prominent item in the list meets this criterion.

  1. Source Code.

  The "source code" for a work means the preferred form of the work
for making modifications to it.  "Object code" means any non-source
form of a work.

  A "Standard Interface" means an interface that either is an official
standard defined by a recognized standards body, or, in the case of
interfaces specified for a particular programming language, one that
is widely used among developers working in that language.

  The "System Libraries" of an executable work include anything, other
than the work as a whole, that (a) is included in the normal form of
packaging a Major Component, but which is not part of that Major
Component, and (b) serves only to enable use of the work with that
Major Component, or to implement a Standard Interface for which an
implementation is available to the public in source code form.  A
"Major Component", in this context, means a major essential component
(kernel, window system, and so on) of the specific operating system
(if any) on which the executable work runs, or a compiler used to
produce the work, or an object code interpreter used to run it.

  The "Corresponding Source" for a work in object code form means all
the source code needed to generate, install, and (for an executable
work) run the object code and to modify the work, including scripts to
control those activities.  However, it does not include the work's
System Libraries, or general-purpose tools or generally available free
programs which are used unmodified in performing those activities but
which are not part of the work.  For example, Corresponding Source
includes interface definition files associated with source files for
the work, and the source code for shared libraries and dynamically
linked subprograms that the work is specifically designed to require,
such as by intimate data communication or control flow between those
subprograms and other parts of the work.

  The Corresponding Source need not include anything that users
can regenerate automatically from other parts of the Corresponding
Source.

  The Corresponding Source for a work in source code form is that
same work.

  2. Basic Permissions.

  All rights granted under this License are granted for the term of
copyright on the Program, and are irrevocable provided the stated
conditions are met.  This License explicitly affirms your unlimited
permission to run the unmodified Program.  The output from running a
covered work is covered by this License only if the output, given its
content, constitutes a covered work.  This License acknowledges your
rights of fair use or other equivalent, as provided by copyright law.

  You may make, run and propagate covered works that you do not
convey, without conditions so long as your license otherwise remains
in force.  You may convey covered works to others for the sole purpose
of having them make modifications exclusively for you, or provide you
with facilities for running those works, provided that you comply with
the terms of this License in conveying all material for which you do
not control copyright.  Those thus making or running the covered works
for you must do so exclusively on your behalf, under your direction
and control, on terms that prohibit them from making any copies of
your copyrighted material outside their relationship with you.

  Conveying under any other circumstances is permitted solely under
the conditions stated below.  Sublicensing is not allowed; section 10
makes it unnecessary.

  3. Protecting Users' Legal Rights From Anti-Circumvention Law.

  No covered work shall be deemed part of an effective technological
measure under any applicable law fulfilling obligations under article
11 of the WIPO copyright treaty adopted on 20 December 1996, or
similar laws prohibiting or restricting circumvention of such
measures.

  When you convey a covered work, you waive any legal power to forbid
circumvention of technological measures to the extent such circumvention
is effected by exercising rights under this License with respect to
the covered work, and you disclaim any intention to limit operation or
modification of the work as a means of enforcing, against the work's
users, your or third parties' legal rights to forbid circumvention of
technological measures.

  4. Conveying Verbatim Copies.

  You may convey verbatim copies of the Program's source code as you
receive it, in any medium, provided that you conspicuously and
appropriately publish on each copy an appropriate copyright notice;
keep intact all notices stating that this License and any
non-permissive terms added in accord with section 7 apply to the code;
keep intact all notices of the absence of any warranty; and give all
recipients a copy of this License along with the Program.

  You may charge any price or no price for each copy that you convey,
and you may offer support or warranty protection for a fee.

  5. Conveying Modified Source Versions.

  You may convey a work based on the Program, or the modifications to
produce it from the Program, in the form of source code under the
terms of section 4, provided that you also meet all of these conditions:

    a) The work must carry prominent notices stating that you modified
    it, and giving a relevant date.

    b) The work must carry prominent notices stating that it is
    released under this License and any conditions added under section
    7.  This requirement modifies the requirement in section 4 to
    "keep intact all notices".

    c) You must license the entire work, as a whole, under this
    License to anyone who comes into possession of a copy.  This
    License will therefore apply, along with any applicable section 7
    additional terms, to the whole of the work, and all its parts,
    regardless of how they are packaged.  This License gives no
    permission to license the work in any other way, but it does not
    invalidate such permission if you have separately received it.

    d) If the work has interactive user interfaces, each must display
    Appropriate Legal Notices; however, if the Program has interactive
    interfaces that do not display Appropriate Legal Notices, your
    work need not make them do so.

  A compilation of a covered work with other separate and independent
works, which are not by their nature extensions of the covered work,
and which are not combined with it such as to form a larger program,
in or on a volume of a storage or distribution medium, is called an
"aggregate" if the compilation and its resulting copyright are not
used to limit the access or legal rights of the compilation's users
beyond what the individual works permit.  Inclusion of a covered work
in an aggregate does not cause this License to apply to the other
parts of the aggregate.

  6. Conveying Non-Source Forms.

  You may convey a covered work in object code form under the terms
of sections 4 and 5, provided that you also convey the
machine-readable Corresponding Source under the terms of this License,
in one of these ways:

    a) Convey the object code in, or embodied in, a physical product
    (including a physical distribution medium), accompanied by the
    Corresponding Source fixed on a durable physical medium
    customarily used for software interchange.

    b) Convey the object code in, or embodied in, a physical product
    (including a physical distribution medium), accompanied by a
    written offer, valid for at least three years and valid for as
    long as you offer spare parts or customer support for that product
    model, to give anyone who possesses the object code either (1) a
    copy of the Corresponding Source for all the software in the
    product that is covered by this License, on a durable physical
    medium customarily used for software interchange, for a price no
    more than your reasonable cost of physically performing this
    conveying of source, or (2) access to copy the
    Corresponding Source from a network server at no charge.

    c) Convey individual copies of the object code with a copy of the
    written offer to provide the Corresponding Source.  This
    alternative is allowed only occasionally and noncommercially, and
    only if you received the object code with such an offer, in accord
    with subsection 6b.

    d) Convey the object code by offering access from a designated
    place (gratis or for a charge), and offer equivalent access to the
    Corresponding Source in the same way through the same place at no
    further charge.  You need not require recipients to copy the
    Corresponding Source along with the object code.  If the place to
    copy the object code is a network server, the Corresponding Source
    may be on a different server (operated by you or a third party)
    that supports equivalent copying facilities, provided you maintain
    clear directions next to the object code saying where to find the
    Corresponding Source.  Regardless of what server hosts the
    Corresponding Source, you remain obligated to ensure that it is
    available for as long as needed to satisfy these requirements.

    e) Convey the object code using peer-to-peer transmission, provided
    you inform other peers where the object code and Corresponding
    Source of the work are being offered to the general public at no
    charge under subsection 6d.

  A separable portion of the object code, whose source code is excluded
from the Corresponding Source as a System Library, need not be
included in conveying the object code work.

  A "User Product" is either (1) a "consumer product", which means any
tangible personal property which is normally used for personal, family,
or household purposes, or (2) anything designed or sold for incorporation
into a dwelling.  In determining whether a product is a consumer product,
doubtful cases shall be resolved in favor of coverage.  For a particular
product received by a particular user, "normally used" refers to a
typical or common use of that class of product, regardless of the status
of the particular user or of the way in which the particular user
actually uses, or expects or is expected to use, the product.  A product
is a consumer product regardless of whether the product has substantial
commercial, industrial or non-consumer uses, unless such uses represent
the only significant mode of use of the product.

  "Installation Information" for a User Product means any methods,
procedures, authorization keys, or other information required to install
and execute modified versions of a covered work in that User Product from
a modified version of its Corresponding Source.  The information must
suffice to ensure that the continued functioning of the modified object
code is in no case prevented or interfered with solely because
modification has been made.

  If you convey an object code work under this section in, or with, or
specifically for use in, a User Product, and the conveying occurs as
part of a transaction in which the right of possession and use of the
User Product is transferred to the recipient in perpetuity or for a
fixed term (regardless of how the transaction is characterized), the
Corresponding Source conveyed under this section must be accompanied
by the Installation Information.  But this requirement does not apply
if neither you nor any third party retains the ability to install
modified object code on the User Product (for example, the work has
been installed in ROM).

  The requirement to provide Installation Information does not include a
requirement to continue to provide support service, warranty, or updates
for a work that has been modified or installed by the recipient, or for
the User Product in which it has been modified or installed.  Access to a
network may be denied when the modification itself materially and
adversely affects the operation of the network or violates the rules and
protocols for communication across the network.

  Corresponding Source conveyed, and Installation Information provided,
in accord with this section must be in a format that is publicly
documented (and with an implementation available to the public in
source code form), and must require no special password or key for
unpacking, reading or copying.

  7. Additional Terms.

  "Additional permissions" are terms that supplement the terms of this
License by making exceptions from one or more of its conditions.
Additional permissions that are applicable to the entire Program shall
be treated as though they were included in this License, to the extent
that they are valid under applicable law.  If additional permissions
apply only to part of the Program, that part may be used separately
under those permissions, but the entire Program remains governed by
this License without regard to the additional permissions.

  When you convey a copy of a covered work, you may at your option
remove any additional permissions from that copy, or from any part of
it.  (Additional permissions may be written to require their own
removal in certain cases when you modify the work.)  You may place
additional permissions on material, added by you to a covered work,
for which you have or can give appropriate copyright permission.

  Notwithstanding any other provision of this License, for material you
add to a covered work, you may (if authorized by the copyright holders of
that material) supplement the terms of this License with terms:

    a) Disclaiming warranty or limiting liability differently from the
    terms of sections 15 and 16 of this License; or

    b) Requiring preservation of specified reasonable legal notices or
    author attributions in that material or in the Appropriate Legal
    Notices displayed by works containing it; or

    c) Prohibiting misrepresentation of the origin of that material, or
    requiring that modified versions of such material be marked in
    reasonable ways as different from the original version; or

    d) Limiting the use for publicity purposes of names of licensors or
    authors of the material; or

    e) Declining to grant rights under trademark law for use of some
    trade names, trademarks, or service marks; or

    f) Requiring indemnification of licensors and authors of that
    material by anyone who conveys the material (or modified versions of
    it) with contractual assumptions of liability to the recipient, for
    any liability that these contractual assumptions directly impose on
    those licensors and authors.

  All other non-permissive additional terms are considered "further
restrictions" within the meaning of section 10.  If the Program as you
received it, or any part of it, contains a notice stating that it is
governed by this License along with a term that is a further
restriction, you may remove that term.  If a license document contains
a further restriction but permits relicensing or conveying under this
License, you may add to a covered work material governed by the terms
of that license document, provided that the further restriction does
not survive such relicensing or conveying.

  If you add terms to a covered work in accord with this section, you
must place, in the relevant source files, a statement of the
additional terms that apply to those files, or a notice indicating
where to find the applicable terms.

  Additional terms, permissive or non-permissive, may be stated in the
form of a separately written license, or stated as exceptions;
the above requirements apply either way.

  8. Termination.

  You may not propagate or modify a covered work except as expressly
provided under this License.  Any attempt otherwise to propagate or
modify it is void, and will automatically terminate your rights under
this License (including any patent licenses granted under the third
paragraph of section 11).

  However, if you cease all violation of this License, then your
license from a particular copyright holder is reinstated (a)
provisionally, unless and until the copyright holder explicitly and
finally terminates your license, and (b) permanently, if the copyright
holder fails to notify you of the violation by some reasonable means
prior to 60 days after the cessation.

  Moreover, your license from a particular copyright holder is
reinstated permanently if the copyright holder notifies you of the
violation by some reasonable means, this is the first time you have
received notice of violation of this License (for any work) from that
copyright holder, and you cure the violation prior to 30 days after
your receipt of the notice.

  Termination of your rights under this section does not terminate the
licenses of parties who have received copies or rights from you under
this License.  If your rights have been terminated and not permanently
reinstated, you do not qualify to receive new licenses for the same
material under section 10.

  9. Acceptance Not Required for Having Copies.

  You are not required to accept this License in order to receive or
run a copy of the Program.  Ancillary propagation of a covered work
occurring solely as a consequence of using peer-to-peer transmission
to receive a copy likewise does not require acceptance.  However,
nothing other than this License grants you permission to propagate or
modify any covered work.  These actions infringe copyright if you do
not accept this License.  Therefore, by modifying or propagating a
covered work, you indicate your acceptance of this License to do so.

  10. Automatic Licensing of Downstream Recipients.

  Each time you convey a covered work, the recipient automatically
receives a license from the original licensors, to run, modify and
propagate that work, subject to this License.  You are not responsible
for enforcing compliance by third parties with this License.

  An "entity transaction" is a transaction transferring control of an
organization, or substantially all assets of one, or subdividing an
organization, or merging organizations.  If propagation of a covered
work results from an entity transaction, each party to that
transaction who receives a copy of the work also receives whatever
licenses to the work the party's predecessor in interest had or could
give under the previous paragraph, plus a right to possession of the
Corresponding Source of the work from the predecessor in interest, if
the predecessor has it or can get it with reasonable efforts.

  You may not impose any further restrictions on the exercise of the
rights granted or affirmed under this License.  For example, you may
not impose a license fee, royalty, or other charge for exercise of
rights granted under this License, and you may not initiate litigation
(including a cross-claim or counterclaim in a lawsuit) alleging that
any patent claim is infringed by making, using, selling, offering for
sale, or importing the Program or any portion of it.

  11. Patents.

  A "contributor" is a copyright holder who authorizes use under this
License of the Program or a work on which the Program is based.  The
work thus licensed is called the contributor's "contributor version".

  A contributor's "essential patent claims" are all patent claims
owned or controlled by the contributor, whether already acquired or
hereafter acquired, that would be infringed by some manner, permitted
by this License, of making, using, or selling its contributor version,
but do not include claims that would be infringed only as a
consequence of further modification of the contributor version.  For
purposes of this definition, "control" includes the right to grant
patent sublicenses in a manner consistent with the requirements of
this License.

  Each contributor grants you a non-exclusive, worldwide, royalty-free
patent license under the contributor's essential patent claims, to
make, use, sell, offer for sale, import and otherwise run, modify and
propagate the contents of its contributor version.

  In the following three paragraphs, a "patent license" is any express
agreement or commitment, however denominated, not to enforce a patent
(such as an express permission to practice a patent or covenant not to
sue for patent infringement).  To "grant" such a patent license to a
party means to make such an agreement or commitment not to enforce a
patent against the party.

  If you convey a covered work, knowingly relying on a patent license,
and the Corresponding Source of the work is not available for anyone
to copy, free of charge and under the terms of this License, through a
publicly available network server or other readily accessible means,
then you must either (1) cause the Corresponding Source to be so
available, or (2) arrange to deprive yourself of the benefit of the
patent license for this particular work, or (3) arrange, in a manner
consistent with the requirements of this License, to extend the patent
license to downstream recipients.  "Knowingly relying" means you have
actual knowledge that, but for the patent license, your conveying the
covered work in a country, or your recipient's use of the covered work
in a country, would infringe one or more identifiable patents in that
country that you have reason to believe are valid.

  If, pursuant to or in connection with a single transaction or
arrangement, you convey, or propagate by procuring conveyance of, a
covered work, and grant a patent license to some of the parties
receiving the covered work authorizing them to use, propagate, modify
or convey a specific copy of the covered work, then the patent license
you grant is automatically extended to all recipients of the covered
work and works based on it.

  A patent license is "discriminatory" if it does not include within
the scope of its coverage, prohibits the exercise of, or is
conditioned on the non-exercise of one or more of the rights that are
specifically granted under this License.  You may not convey a covered
work if you are a party to an arrangement with a third party that is
in the business of distributing software, under which you make payment
to the third party based on the extent of your activity of conveying
the work, and under which the third party grants, to any of the
parties who would receive the covered work from you, a discriminatory
patent license (a) in connection with copies of the covered work
conveyed by you (or copies made from those copies), or (b) primarily
for and in connection with specific products or compilations that
contain the covered work, unless you entered into that arrangement,
or that patent license was granted, prior to 28 March 2007.

  Nothing in this License shall be construed as excluding or limiting
any implied license or other defenses to infringement that may
otherwise be available to you under applicable patent law.

  12. No Surrender of Others' Freedom.

  If conditions are imposed on you (whether by court order, agreement or
otherwise) that contradict the conditions of this License, they do not
excuse you from the conditions of this License.  If you cannot convey a
covered work so as to satisfy simultaneously your obligations under this
License and any other pertinent obligations, then as a consequence you may
not convey it at all.  For example, if you agree to terms that obligate you
to collect a royalty for further conveying from those to whom you convey
the Program, the only way you could satisfy both those terms and this
License would be to refrain entirely from conveying the Program.

  13. Remote Network Interaction; Use with the GNU General Public License.

  Notwithstanding any other provision of this License, if you modify the
Program, your modified version must prominently offer all users
interacting with it remotely through a computer network (if your version
supports such interaction) an opportunity to receive the Corresponding
Source of your version by providing access to the Corresponding Source
from a network server at no charge, through some standard or customary
means of facilitating copying of software.  This Corresponding Source
shall include the Corresponding Source for any work covered by version 3
of the GNU General Public License that is incorporated pursuant to the
following paragraph.

  Notwithstanding any other provision of this License, you have
permission to link or combine any covered work with a work licensed
under version 3 of the GNU General Public License into a single
combined work, and to convey the resulting work.  The terms of this
License will continue to apply to the part which is the covered work,
but the work with which it is combined will remain governed by version
3 of the GNU General Public License.

  14. Revised Versions of this License.

  The Free Software Foundation may publish revised and/or new versions of
the GNU Affero General Public License from time to time.  Such new versions
will be similar in spirit to the present version, but may differ in detail to
address new problems or concerns.

  Each version is given a distinguishing version number.  If the
Program specifies that a certain numbered version of the GNU Affero General
Public License "or any later version" applies to it, you have the
option of following the terms and conditions either of that numbered
version or of any later version published by the Free Software
Foundation.  If the Program does not specify a version number of the
GNU Affero General Public License, you may choose any version ever published
by the Free Software Foundation.

  If the Program specifies that a proxy can decide which future
versions of the GNU Affero General Public License can be used, that proxy's
public statement of acceptance of a version permanently authorizes you
to choose that version for the Program.

  Later license versions may give you additional or different
permissions.  However, no additional obligations are imposed on any
author or copyright holder as a result of your choosing to follow a
later version.

  15. Disclaimer of Warranty.

  THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY
APPLICABLE LAW.  EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT
HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY
OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO,
THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
PURPOSE.  THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM
IS WITH YOU.  SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF
ALL NECESSARY SERVICING, REPAIR OR CORRECTION.

  16. Limitation of Liability.

  IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS
THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY
GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE
USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF
DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD
PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS),
EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF
SUCH DAMAGES.

  17. Interpretation of Sections 15 and 16.

  If the disclaimer of warranty and limitation of liability provided
above cannot be given local legal effect according to their terms,
reviewing courts shall apply local law that most closely approximates
an absolute waiver of all civil liability in connection with the
Program, unless a warranty or assumption of liability accompanies a
copy of the Program in return for a fee.

                     END OF TERMS AND CONDITIONS

            How to Apply These Terms to Your New Programs

  If you develop a new program, and you want it to be of the greatest
possible use to the public, the best way to achieve this is to make it
free software which everyone can redistribute and change under these terms.

  To do so, attach the following notices to the program.  It is safest
to attach them to the start of each source file to most effectively
state the exclusion of warranty; and each file should have at least
the "copyright" line and a pointer to where the full notice is found.

    <one line to give the program's name and a brief idea of what it does.>
    Copyright (C) <year>  <name of author>

    This program is free software: you can redistribute it and/or modify
    it under the terms of the GNU Affero General Public License as published
    by the Free Software Foundation, either version 3 of the License, or
    (at your option) any later version.

    This program is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    GNU Affero General Public License for more details.

    You should have received a copy of the GNU Affero General Public License
    along with this program.  If not, see <http://www.gnu.org/licenses/>.

Also add information on how to contact you by electronic and paper mail.

  If your software can interact with users remotely through a computer
network, you should also make sure that it provides a way for users to
get its source.  For example, if your program is a web application, its
interface could display a "Source" link that leads users to an archive
of the code.  There are many ways you could offer source, and different
solutions will be better for different programs; see section 13 for the
specific requirements.

  You should also get your employer (if you work as a programmer) or school,
if any, to sign a "copyright disclaimer" for the program, if necessary.
For more information on this, and how to apply and follow the GNU AGPL, see
<http://www.gnu.org/licenses/>.


================================================
FILE: README.md
================================================
# Yale Privacy Lab - Tracker Profiles

This repository contains research profiles on Android app trackers hidden in popular Google Play apps.  It also contains guides to help readers understand the advertising tracker business, including a list of acroynyms, a glossary of terms, and a list of Android app permissions.  Our release coincides with the excellent work of [Exodus Privacy](https://exodus-privacy.eu.org) on their Exodus privacy auditing platform.  Exodus is the first attempt at systematically auditing Google Play apps for the presence of tracker code, and the detailed descriptions here can now be integrated with the Exodus privacy auditing software.

* The tracker profiles generated here move upstream to Exodus, then on to F-Droid for scanning of its own requests for packaging (i.e. apps that have been submitted to the F-Droid maintainers).

* Tracker profiles submitted to Exodus will also be used in the Yalp Store and by plugins like Exodify to make sure that users are aware of the trackers in apps they may (or may not) choose to install from Google Play.

* In these ways, the work done here has a tangible impact on the privacy and surveillance awareness of Android users.

Our documents will continue to be improved, and this is just the beginning of in-depth research into the wide world of tracker software inside mobile markets like Google Play and the Apple iOS app store.

## Who We Are

[Yale Privacy Lab](https://privacylab.yale.edu) explores the connection between privacy, security, and anonymity through hands-on software and hardware implementation. Yale Privacy Lab is an initiative of the [Information Society Project](https://www.law.yale.edu/isp) at Yale Law School.

The [Tracking Mobile Trackers](https://github.com/MozillaFestival/open-leaders-6/issues/50) effort is being led by Sean O'Brien, Laurin Weissinger, and Jonathan Oronzo.  See https://privacylab.yale.edu/people

## License
The documents here are dual-licensed under [Creative Commons Attribution-ShareAlike 4.0 International](https://creativecommons.org/licenses/by-sa/4.0/) and the [GNU Affero General Public License version 3 or later](https://www.gnu.org/licenses/agpl-3.0.en.html).


================================================
FILE: guides/Acronyms.md
================================================
## Acronyms

**AdX:** Double-Click Ad Exchange

**AMP:** Accelerated Mobile Pages (Google project)

**API:** Application Programming Interface  

**BLE:** Bluetooth Low-Energy

**CDIM** Cross Device Identity Management ("Cross Device Identity Management (CDIM) combines deterministic matching with probabilistic matching to link users across multiple cookies and devices. CDIM bridges a user's disparate ID’s into a single universal ID, which represents the user regardless of the device they are on.") [SF, 28](https://konsole.zendesk.com/hc/en-us/articles/226951307-How-to-Build-Segments-with-CDIM)

**CPC** Cost Per Click

**CPD** Cost Per Day

**CPD (alternative)** Cost Per Download 

**CPG:** Consumer Packaged Goods

**CPL**  Cost Per Lead (the advertiser pays for an explicit sign-up from a consumer interested in the advertiser's offer. It is also commonly called 'online lead generation'; see Wikipedia)

**CPL (alternative use)** Completed forms

**CPCV:** Cost per Complete View

**CPM** Cost Per Mille (cost to advertisers per thousand impressions) [Smart AdServer](http://smartadserver.com/glossary)

**CPV** Cost Per View (ad model)

**CPV (alternative use)** Effective Visit Cost [Ad4S, 03](http://www.ad4screen.com/publicite-mobile)

**CRM:** Customer Relationship Management

**CTR:** Click Through Rate

**DAAST:** Digital Audio Ad Serving Template

**DBM:** DoubleClick Bid Manager

**DCM:** DoubleClick Campaign Manager  

**DCO:** Dynamic Creative Optimization

**DFA:** DoubleClick for Advertisers

**DFP:** DoubleClick for Publishers

**DMP:** Data Management Platform

**DSP::** Demand-side Platform ("a system that allows buyers of digital advertising inventory to manage multiple ad exchange and data exchange accounts through one interface") [Wikipedia](https://en.wikipedia.org/wiki/Demand-side_platform)

**eCPM:** Effective Cost per Mille

**GDN:** Google Display Network

**GDRP:** General Data Protection Regulation (EU, in effect May 25,2018)

**HB:** Header Bidding

**HYM:** Holistic Yield Management

**IAB:** Internet Advertising Bureau

**KfUID** User KUID on Safari

**KUID:** Krux User ID

**KXFP** Corresponding hashed ID that comes from the user data service 

**MAID:** Mobile Advertising ID

**MRAID:** Mobile Rich Media Ad Interface (a standard for rich-media ads that run in mobile apps; [see Digiday](https://moat.com/analytics?utm_campaign=Moat+Analytics))

**OTT:** Over the Top

**PMP:** Private Marketplace

**PPC:** Pay per click

**PPID:** Publisher Provided Identifier

**PRM:** Partner relationship management

**PRM (alternative use):** Positive Results Marketing

**RFP:** Request for Proposal ("asking for facts, figures, management bios, client list, recent wins and losses, capabilities, strategic approach, case histories and examples of work" [Forbes](https://www.forbes.com/sites/avidan/2014/02/19/why-the-rfp-is-a-waste-of-time)]

**RTB:** Real-time bidding ("advertising inventory is bought and sold on a per-impression basis, via programmatic instantaneous auction, similar to financial markets") [Wikipedia](https://en.wikipedia.org/wiki/Real-time_bidding)  ("a real-time auction for the buying and selling of digital ad inventory. Publishers sell available space on their websites and advertisers buy this space to display their ads in front of the target audience." [Quora](https://www.quora.com/What-is-the-Difference-between-an-Ad-Exchange-and-RTB)

**SDK:** Software Development Kit

**SEM:** Search engine marketing

**SEO:** Search engine optimisation

**SERP:** Search engine results page

**SSP:** Supply-side Platform

**UTM:** Urchin Tracking Module

**VAST:** Video Ad Serving Template ("a script that gives video players information about which ad to play, how the ad should show up, how long it should last, and whether users are able to skip it."  This creates a standardized format which allows video ads to scale and prevents forcing a publisher to change its video stack just to use different ad servers) [Digiday](https://digiday.com/media/what-is-vast)

**VMAP:** Digital Video Multiple Ad Playlist 

**VPAID:** Video Player-Ad Interface Definition [see Digiday](https://moat.com/analytics?utm_campaign=Moat+Analytics)



================================================
FILE: guides/BasicTrackerTemplate.md
================================================
# Tracker Name
xxx

# In εxodus?
Yes|No

# Website
xxx

# Short Description
xxx

# [Exodus Detection Rules](https://exodus-privacy.eu.org)
*   Network signature: `xxx.com`
*   Code signature: `com.xxx`

# Category
xxx

# About
xxx

## Capabilities
xxx

## Advertising
xxx

## Analytics
xxx

## Network
xxx

# Notes
xxx

## Technical
*   Maven: `xxx`
*   Artifact ID: `xxx`
*   Group ID: `xxx`
*   Gradle: `xxx`
xxx

# Citations
xxx

# Additional Links
xxx


================================================
FILE: guides/Glossary.md
================================================
# Glossary of Terms

## Identifiers

**AAID (Google Advertising ID for Android Devices)** AAID is "A user-specific, unique, resettable ID for advertising, provided by Google Play services. It gives users better controls and provides developers with a simple, standard system to continue to monetize your apps. It is an anonymous identifier for advertising purposes and enables users to reset their identifier or opt out of interest-based ads within Google Play apps." [Google, 1](https://help.tune.com/marketing-console/googles-advertising-identifier)

It "provides the same type of device-specific, unique, resettable ID for advertising as the IDFA. The ID for tablet devices with multiple users may also be unique per user. All of the features, encryption and technical details for IDFA also apply to the advertising ID." [Google,2](https://support.google.com/adxbuyer/answer/3221407)

**IDFA (Identifier for Advertising):** "a random device identifier assigned by Apple to a user’s device" for personalized ads, "used for tracking and identifying a user, which then allows advertisers to access aggregated data which can be used to discover information – such as which in-app events they trigger."  Moreover, "It may be used by advertisers to run remarketing campaigns and record purchasing or downloading conversions."

The IDFA can also identify users when they interact with a mobile advertising campaign, provided the channel offers IDFA tracking and that the advertiser tracks users who interact with adverts successfully. If this occurs the IDFA can pickup whether specific users click an advert for payment and attribution purposes." Users can opt out through "limit ad tracking (LAD)" and 205 of iOS users use LAD.  Companies like Adjust can analyze iOS users to identify how many users opt-out through LAD.

IDFA "can be reset by the user at any time" and "users can opt out using LAD" [Adjust,3](https://www.adjust.com/glossary/idfa]; [Google,2](https://support.google.com/adxbuyer/answer/3221407)


## Trackers

**DoubleClick Ad Exchange:** "Ad Exchange passes the identifier values in the mobile.encrypted_advertising_id field in the bid request. This field will contain either an IDFA or AAID value.  The value of AAID is always clear (unhashed), but IDFA can either be clear or hashed. If the bid request has a clear value, you can use the platform field to determine if it’s iOS or Android. Hashed IDFA values use the mobile.encrypted_hashed_idfa field, instead." [Google, 2](https://support.google.com/adxbuyer/answer/3221407)

**Fidzup:** 

**Salesforce DMP (formerly Krux):** Huge SanFran-based cloud-computing company for Customer Relationship Management (CRM).  Salesforce (the overarching company) is one of the largest software companies in the world, and the world's #1 CRM company [SF, 8](http://investor.salesforce.com/about-us/investor/overview/default.aspx)

**Teemo (formerly Databerries):** 


## Networks

**Google Search Network:** "featuring the standard Google Search, Google Shopping, Maps and its various search partners" [Econsultancy, 2013](https://econsultancy.com/blog/63783-what-is-paid-search-ppc-and-why-do-you-need-it)    

**Google Display Network:** "any website that partners with Google, and other Google sites such as Gmail, YouTube and Blogger" [Econsultancy, 2013](https://econsultancy.com/blog/63783-what-is-paid-search-ppc-and-why-do-you-need-it)    

**Yahoo Bing Network:** "claims to be a ‘combined advertising marketplace’ made up of Yahoo, Bing and many syndicated partners such as Facebook, Amazon and Monster" [Econsultancy, 2013](https://econsultancy.com/blog/63783-what-is-paid-search-ppc-and-why-do-you-need-it) 


## Terms

**Ad Exchange:** "An ad exchange is a digital marketplace that enables advertisers and publishers to buy and sell advertising space, often through real-time auctions. They’re most often used to sell display, video and mobile ad inventory...Virtually anyone can buy from an ad exchange provided the ad exchange allows it. Advertisers and agencies typically use demand-side platforms or their own bidding technologies to do so, but ad networks and other entities also buy ads from exchanges. Basically, an ad exchange is just a big pool of ad impressions. Publishers tip their ad impressions into the pool hoping someone will buy them. Buyers then pick which impressions they wish to purchase using technologies like demand-side platforms. Those decisions are often made in real time based on information such as the previous behavior of the user an ad is being served to, time of day, device type, ad position and more." [Digiday](https://digiday.com/media/what-is-an-ad-exchange)

"A marketplace that auctions ad impressions in real-time, among multiple bidding advertisers and/or networks and sells the impression to the highest bidder. You can think of them as digital stock exchanges where impressions are shares. The auction takes place and the winning ad is served within the milliseconds it takes for your browser to load and serve you an ad impression...they offer considerable increase in transparency, control, and targeting capabilities. They allow advertisers to serve ads to the right viewer, (based on behavioral targeting), at the right time of day, on the right publisher. Budgets can be kept in check and tracking where your ads are served is simplified. They allow advertisers to know which ad space is best to repurchase on and how best to optimize" [WhatRunsWhere](http://blog.whatrunswhere.com/media-buying-101-ad-networks-ad-exchanges)

A "digital marketplace where selling, bidding and purchasing happens. Publishers designate available inventory in Ad Exchanges as if saying, “User X is visiting my website right now, who wants to advertise here?” Advertisers through DSPs assess this inventory, evaluate the user and decide whether this impression is relevant. If yes, DSP would bid automatically on this ad slot in order to place the advertisement on that website in front of that user.  Therefore, Ad Exchange is just a COMPONENT of real-time bidding. To make it short, RTB is a process; Ad Exchange is a software-based platform. RTB is a real-time auction, whereas Ad Exchange is a PLACE where that auction happens." Put another way: "At a high level, one key difference is that an Ad Exchange is a type of business or platform in digital advertising where RTB is a protocol for two digital advertising companies to transact." [Quora](https://www.quora.com/What-is-the-Difference-between-an-Ad-Exchange-and-RTB)  Examples include "DoubleClick (Google), Microsoft Media Network, OpenX, and AppNexus" [WhatRunsWhere](http://blog.whatrunswhere.com/media-buying-101-ad-networks-ad-exchanges)

**Ad Network:** "online ad networks is that online ad networks use a central ad server to deliver advertisements to consumers, which enables targeting, tracking and reporting of impressions in ways not possible with analog media alternatives...The advertising network serves advertisements from its central ad server, which responds to a site once a page is called. A snippet of code is called from the ad server, that represents the advertising banner..." [Wikipedia](https://en.wikipedia.org/wiki/Advertising_network).  

**Ad Server:** "The technology responsible for delivering the creative to the user. Ad servers report which and how many ads were run, where they were run, and who saw them." [Smart AdServer](http://smartadserver.com/glossary)

**Ad types:** Banners, native ads, videos, audio fragments, text, pop clicks, etc.

**Ads.txt:** "a tool that can help ad buyers avoid illegitimate sellers who arbitrage inventory and spoof domains; an IAB-approved text file that aims to prevent unauthorized inventory sales".  With Ads.txt, "Publishers drop a text file on their web servers that lists all of the companies that are authorized to sell the publishers’ inventory. Similarly, programmatic platforms also integrate ads.txt files to confirm which publishers’ inventory they are authorized to sell. This allows buyers to check the validity of the inventory they purchase." Using Ads.txt is a way to "verify that the exchange and publisher have a legitimate connection to each other" and prevents the unauthorized inclusion of publisher's inventory from being sold to buyers [Digiday](https://digiday.com/marketing/wtf-ads-txt).

**Advertising Inventory:** "The number of advertisements, or amount of ad space, a publisher has available to sell to an advertiser. Ad inventory is often calculated by the month." [Chron](http://smallbusiness.chron.com/advertising-inventory-mean-35920.html) "Networks include Google AdSense, Media.Net, BuySellAds and Conversant." [WhatRunsWhere](http://blog.whatrunswhere.com/media-buying-101-ad-networks-ad-exchanges)

**Buyer side:** The advertiser is the "buyer side"

**Conversion:** "A click-through conversion occurs when an ad click leads directly to a valuable user-action such as a purchase, sign-up, registration, lead, or view of a key page. Conversion rate measures the effectiveness of unique clicks. The formula is Conversion Rate = Conversions ÷ Unique Clicks." [AdSpeed](https://www.adspeed.com/Knowledges/776/Conversion/conversion-transaction.html)

**Data Activation:** "Data Activation is the concept of unlocking value in data through development of insights and turning those insights into action."  3 steps: 1) bring data in across different locations (websites, mobile, etc); 2) run analytics; 3) Data Out, potentially in partnership across the ecosystem (eg, using shared segments) [Oracle, 1](https://www.oracle.com/marketingcloud/resources/data-activation.html)

**Data on-boarding (aka data on-ramping):** "the transfer of data gathered offline to the digital realm" [Ad Age, 1](http://adage.com/article/glossary-data-defined/data-boarding/293651)

**Demand-side platform:** A system that allows buyers of digital advertising inventory to manage multiple ad exchange and data exchange accounts through one interface.  "Basically, the DSP automates the online advertising purchase process for advertisers who use DSPs to monitor their campaigns" [WhatRunswhere](http://blog.whatrunswhere.com/media-buying-101-programmatic-buying).   Put another way, a DSP is "a platform, which allows advertisers to buy ads from different publishers and SSPs (Supply/Sell Side Platforms). That’s a user interface to run and manage campaigns on several websites from one place." [Igor Pavlov](https://medium.com/admachine/what-is-white-label-dsp-demand-side-platform-de601f106771)

"A technology system that enables buyers purchasing auction-based digital ad inventory, managing multiple ad exchanges and data exchanges through a single user interface. DSP assures more efficient buying and selling by reduced costs and increased transparency. DSP introduces advanced targeting tools, providing options to target contextually, behaviorally, geographically, and even option to retarget later. The biggest advantage of DSPs is their ability to make automated decisions on how much to bid on each specific ad impression in real time, based on the targeting requirement of the advertiser. Therefore, advertisers can generate the most value and increase return on investments (ROI)... Where do I get this “DSP”? DSPs are could be managed by in-house marketing departments or alternatively, by programmatic companies that specialize in real-time advertising. Key DSP players guarantee buyers reaching billions daily impressions, worth to mention: DoubleClick Bid Manager, BrightRoll DSP, Mediamath etc... all companies provide “DSP platforms” but not all of them share exact the same features, so choose smart!"   

DSPs represent the interests of buyers (advertisers) so they get "better optimization, much lower bids and higher ROI".  They provide advertisers with access to multiple supply partners, and help them cut off from bad traffic that brings less or no conversions.  However, they add an expense for usage, as a sign up fee, monthly fee, or percent of your ad spendings. [Quora](https://www.quora.com/What-is-a-Demand-Side-Platform-DSP).

**Direct Campaigns (direct marketing):** Advertisers communicate directly to customers through media (eg, text messages, emails, websites, online adverts, etc) [Wikipedia](https://en.wikipedia.org/wiki/Direct_marketing)

**Direct deals:** Buyers get First Look at fixed-price unreserved inventory that is specific to a particular audience. [Smart AdServer](http://smartadserver.com/publisher-platform/premium-programmatic).  The pro's are that "Advertisers want the guarantee of being placed next to premium content, above the fold, in front of a guaranteed set of eyeballs, for a specific period of time, at a set rate. Further, media buyers are tasked with spending 100% of their budgets for fear they are reduced next quarter because they didn’t spend enough. Without a guarantee in place with publishers, their media spend is at risk of (a) not being spent or (b) being spent in less than ideal context at the end of a fiscal period. Programmatic buying technology like real-time bidding (RTB) provides advertisers/media buyers no guarantee on price, contextual placement, or impression volume".  Examples are "skin" website takeovers, which must be catered to an individual page, and take on a premium price [Sovrn](https://www.sovrn.com/blog/direct-sales-vs-programmatic-sales)  

**Dwell time:** "The duration of an interaction with a proximity technology" [Unacast](https://www.unacast.com/privacy-statement)

**Dynamic Creative:** personalized content; "built in real time when an ad request is sent to the server, and will pull different creative elements based on the environment, the user and other factors", based on user history (web searches, page visits, etc). [The Balance](https://www.thebalance.com/what-is-dynamic-creative-in-advertising-38508) [Smart AdServer](http://smartadserver.com/glossary)

**Dynamic Floor Pricing:** "In an RTB auction, a minimum bid price that is constantly set and reset in real time. Prices are selected in response to previous transactions and changes in demand. This pricing method allows publishers to boost revenue with an optimization system that fits with buyers’ bidding strategies." 

**Floor Price:** "In an RTB auction, the minimum bid price (CPM) set by a publisher or SSP on ad inventory. Any potential buyers who bid below this price are automatically rejected." [Smart AdServer](http://smartadserver.com/glossary)

**Forecast:** "A tool that allows clients to discover how much space they have sold and how much is left to sell. Forecasts also predict how much a publisher or ad network will earn based on the number of users and the amount of inventory sold." [Smart AdServer](http://smartadserver.com/glossary)

**Geofencing**: "a feature in a software program that uses the global positioning system (GPS) or radio frequency identification (RFID) to define geographical boundaries... Geofence virtual barriers can be active or passive. Active geofences require an end user to opt-in to location services and a mobile app to be open. Passive geofences are always on; they rely on Wi-Fi and cellular data instead of GPS or RFID and work in the background." For one use case in marketing, "A small business can text an opt-in customer a coupon code when the customer's smartphone enters a defined geographical area." [Whatis.com TechTarget](http://whatis.techtarget.com/definition/geofencing)

**Google Insights Engine Project:** "an ongoing initiative to bring Google’s cloud computing and machine learning expertise to DoubleClick’s reporting and forecasting systems" [DoubleClick blog](https://doubleclick-publishers.googleblog.com/2017/10/building-for-beyond-with-insights.html)

**Guaranteed deals:** Buyers purchase your inventory with the same options (priorities, volume, date) that they use for direct campaigns. [Smart AdServer](http://smartadserver.com/publisher-platform/premium-programmatic)

**Header bidding:** "Header bidding, also known as advance bidding or pre-bidding, is an advanced programmatic technique wherein publishers offer inventory to multiple ad exchanges simultaneously before making calls to their ad servers (mostly DoubleClick for Publishers). The idea is that by letting multiple demand sources bid on the same inventory at the same time, publishers increase their yield and make more money." [Digiday](https://digiday.com/media/wtf-header-bidding)

**Holistic Yield Management:** "HYM aims to merge all demand sources and inventory types (guaranteed, performance, networks, RTB, and programmatic direct) and assess their value simultaneously. The programmatic segment is merged based on internal forecast data. HYM integrates programmatic buying into ad delivery logic while taking into account all monetization types (direct, guaranteed, performance, and programmatic), allowing synchronization of the two buying methods." [Smart AdServer](http://smartadserver.com/glossary)

**iBeacon:** Apple bluetooth devices that send data to iPhones; can be used for in-store advertising; can only send data to devices (cannot receive) [Fast Company](https://www.fastcompany.com/3035729/apples-ibeacons-are-going-to-transform-much-more-than-advertising)

**Interstitial:** A full-screen ad that covers the entire interface of the host app.

**Managed Tag:** "A way for advertisers to get a first look at a publisher’s inventory by plugging a tag into the publisher’s ad server. After they’re connected, the advertiser can see the inventory and, if desired, place a bid. If the advertiser buys, it’s at a fixed price and CPM. This process benefits publishers because it cuts out the middleman and helps them manage their campaign spending better. (Note: this has nothing to do with 'tag management'.)" [Smart AdServer](http://smartadserver.com/glossary)

**Marketing Funnel:** "a visualization for understanding the process of turning leads into customers, as understood from a marketing (and sales) perspective. The idea is that, like a funnel, marketers cast a broad net to capture as many leads as possible, and then slowly nurture prospective customers through the purchasing decision, narrowing down these candidates in each stage of the funnel." [TrackMaven](https://trackmaven.com/blog/marketing-funnel-2)

**Open Auction:** All buyers have the opportunity to bid on your unreserved inventory.

**Paid search marketing:** "Paid search marketing means you advertise within the sponsored listings of a search engine or a partner site by paying either each time your ad is clicked (pay-per-click - PPC) or less commonly, when your ad is displayed (cost-per-impression - CPM)" [econsultancy](https://econsultancy.com/blog/63783-what-is-paid-search-ppc-and-why-do-you-need-it)

**Passbacks:** "When an ad server calls various SSPs until it finds one that accepts. Passbacks are part of the “waterfall” prioritization model." [Smart AdServer](http://smartadserver.com/glossary)

**Premium Inventory:** Characteristics: "professional content, high-reach sites (i.e., not long tail), brand-safe and reputable publishers." This could depend on the client and their objectives. [Digiday](https://digiday.com/marketing/what-does-premium-inventory-actually-mean) "Quality, “brand safe” inventory offered by reputable publishers whose users have chosen to frequent their sites because of a true interest in the high-value content provided. The ad environment aids in properly targeting the user, and the surrounding content adds value to an ad impression. This inventory is also primed to display innovative formats which boost ad performance. True premium inventory goes through a strict scanning process that includes proof of a direct relationship with publishers or insertion orders. Often, new inventory information is provided to buyers for approval. This enables fluent communication and knowledge-sharing of any suspicious activities, which helps improve the entire ecosystem." [Smart AdServer](http://smartadserver.com/glossary)  

**Pretargeting:** Online advertising that is "targeted to consumers based on their previous actions on many websites" [Wikipedia](https://en.wikipedia.org/wiki/Pretargeting)

**Private auctions:** Buyers access privileged information about inventory in order to increase their chances of winning an auction. [Smart AdServer](http://smartadserver.com/publisher-platform/premium-programmatic); "An auction within an auction for select, whitelisted buyers who are given first-look at the inventory before it’s made available to the open marketplace. Inventory is not sold at a fixed price." [Smart AdServer](http://smartadserver.com/glossary)

**Private Marketplace / Deals:** "An invitation-only RTB exchange that uses programmatic buying channels to auction premium inventory to a selected set of  pre-approved buyers.  Publishers may set minimum bids (a floor price) to maintain the desired sale price. The tagging, testing, and validation are all automated and the sale is made through the use of deal IDs, private auctions or preferred deals. However, all parties are in contact with each other to negotiate the terms of the auction in advance. However, vendors are in contact with each other and decide on the details of the sale in advance." [Smart AdServer](http://smartadserver.com/glossary)

**Programmatic Advertising:** "Programmatic advertising is not a new form of digital ads, but new approach to targeting, where machines decide if the user is worth seeing that specific ad. You’ve probably heard something about machine learning. Well, that’s what we’re talking about... Programmatic buying is finally the way to buy audience, not a place on a website. That may seem like robots control too much, but they don’t. They still can’t find your customers without you setting proper targeting... What is RTB then? Is it programmatic? At most it is. Real-time bidding is a mechanism of programmatic buying. Since you’re paying for every view or click, advertising platform launches a fast auction for every that single view. 

Should I use programmatic?

If you’re an advertiser you may use programmatic advertising to better reach your potential clients. This way you don’t spray your budget all over the place, but get at least relevant audience.

If you are a publisher, you can still sell oldschool display banners, but you can also install SSP code and get at least some more money for the traffic you couldn’t sell as usual. When talking about “as usual” we should also mention that more and more publishers start selling their traffic only through SSPs. Why? Because it is much easier just to install the code and let it do the thing, than to find clients and place every single banner by hands. Programmatic may sometimes bring less income, but you save time and become more cost-effective." [Igor Pavlov](https://medium.com/admachine/what-is-programmatic-advertising-cfa56544c48)

**Programmatic Media Buying:** "generally refers to the automation of all online advertising as a whole, Programmatic Direct and Programmatic RTB are subsets of the umbrella term." [WhatRunswhere](http://blog.whatrunswhere.com/media-buying-101-programmatic-buying).  Programmatic sales do not require teams of humans to broker deals, and it "allows publishers and advertisers alike to benefit from audience data, as programmatic uses cookies... As of late, programmatic has been rapidly gaining traction in mobile and video. As the industry as a whole shifts towards mobile, SSPs are seeing an increasing amount of programmatic transactions served on mobile devices." [Sovrn](https://www.sovrn.com/blog/direct-sales-vs-programmatic-sales)

**Proximity Signals with Beacon technology:** "Proximity-based mobile advertising is one trend in advertising isn’t completely new, but it’s been given some more gusto recently due to the development and inclusion of beacon technology. Proximity signals fire when a user is close to a sensor, and can be used to send promotions or ads to users when they are close to the sensor. This can be seen as an alternative to GPS geolocation targeting in closer spaces, such as shopping malls." [Sovrn](https://www.sovrn.com/blog/7-mobile-advertising-trends)

**Pure Player:** "a company that focuses only on a particular product or activity. Investing in a pure play company can be considered as investing in a particular commodity or product of a company." [Wikipedia](https://en.wikipedia.org/wiki/Pure_play)

**Remnant inventory:** "Any ad units that have not been purchased by an advertiser, and this must be accounted for using another strategy... Ideally, a site will sell every one of its available ad impressions directly to advertisers at premium CPMs" [MonetizePros](https://monetizepros.com/encyclopedia/remnant)

**Retargeting** Retargeting uses tracking technologies like cookies and web pixels to follow users around the web. This allows marketers to serve ads to people who did not convert a sale at a particular website. This "focuses your advertising spend on people who are already familiar with your brand and have recently demonstrated interest" [Retargeter](https://retargeter.com/what-is-retargeting-and-how-does-it-work).

**Seller side:** The publisher is the "seller side"

**Slot:** Digital spaces (area for banner ads, native ads, pop clicks, etc) that publishers sell to advertisers.

**Supply-side platform:** "Advertisers set their bids, the SSP choses the highest one and sells publishers slot. That is RTB, real time bidding and that is how it works. So we may say, that the purpose of SSP is to deliver best price for the publisher." [Igor Pavlov](https://medium.com/admachine/is-dsp-better-than-ssp-9118238f3afd) "One can say the main purpose of SSP is to sell view or click for a highest bid, since it works on RTB basis."

**UTM Parameters:** "UTM parameter is term coined by Google Analytics to describe the URL elements that capture information like the source, medium, and campaign name from that activity."  See [SF, 55](https://konsole.zendesk.com/hc/en-us/articles/115002018607-UTM-Parameters-FAQ)

**Viewability:** "how likely an ad is to be seen on a page... The Media Rating Council decided that a desktop display ad is viewed when 50% of its pixels are in view for 1 continuous second. For video it is the same 50% of pixels in view but for 2 seconds instead of 1... " [Sovrn](https://www.sovrn.com/blog/intro-viewability) "**Viewability:** " an online advertising metric that aims to track only impressions that can actually be seen by users. For example, if an ad is loaded at the bottom of a webpage but a user doesn’t scroll down far enough to see it, that impression would not be deemed viewable. Viewability is designed to let advertisers pay only for the ads that users could possibly see... Depending on whom you believe — and everyone has a dog in this fight — up to 54 percent of ads aren’t viewable." See [Digiday](https://digiday.com/media/wtf-viewability) 

**Waterfall (sales strategy for publishers):** "Publishers offer impressions in one sales channel, and if buyers don’t bite, they push them down to other, less valuable channels until someone makes a bid. The system works, but it’s highly fractured and inherently inefficient. Publishers say the system leaves money on the table." [Digiday](https://digiday.com/media/wtf-header-bidding)

**Web Beacon:** "Web Beacons are used to help web publishers understand how visitors interact with their websites. Pixel tags are transparent images, iFrames, or JavaScript that are placed on a site. The use of a pixel tag allows a website to measure the actions of the visitor opening the page that contains the tag." [Smart AdServer](http://smartadserver.com/company/privacy-policy)

**"White Label" DSP:** The tool you can sell to operate a DSP or SSP, usually after buying software and reselling it to your customers, as "a franchise with no brand included".  Profit comes from a percentage of advertisers' payments; you charge to buy or use the product. AdMachine is an example. [Igor Pavlov](https://medium.com/admachine/what-is-white-label-dsp-demand-side-platform-de601f106771)


## More Resources

Great definitions of cookies, web beacons, IP logging, Social Media Features, and Do Not Track [SF,6](https://www.salesforce.com/company/privacy/full_privacy.jsp)



================================================
FILE: guides/Permissions.md
================================================
## Android Permissions

This is a list of standard Android permissions.  AOSP and Google default permissions belong in this section. Additional permissions (such as device or vendor-specific settings) are listed separately.

* Allows the app to access external storage for all users. [android.permission.ACCESS_ALL_EXTERNAL_STORAGE](http://androidpermissions.com/permission/android.permission.ACCESS_ALL_EXTERNAL_STORAGE) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to request that the supplied signal be sent to all persistent processes. [android.permission.ACCESS_COARSE_LOCATION](http://androidpermissions.com/permission/android.permission.ACCESS_COARSE_LOCATION) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to get your precise location using the Global Positioning System (GPS) or network location sources such as cell towers and Wi-Fi. These location services must be turned on and available to your device for the app to use them. Apps may use this to determine where you are, and may consume additional battery power. [android.permission.ACCESS_FINE_LOCATION](http://androidpermissions.com/permission/android.permission.ACCESS_FINE_LOCATION) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to access extra location provider commands. This may allow the app to to interfere with the operation of the GPS or other location sources. [android.permission.ACCESS_LOCATION_EXTRA_COMMANDS](http://androidpermissions.com/permission/android.permission.ACCESS_LOCATION_EXTRA_COMMANDS) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Create mock location sources for testing or install a new location provider. This allows the app to override the location and/or status returned by other location sources such as GPS or location providers. [android.permission.ACCESS_MOCK_LOCATION](http://androidpermissions.com/permission/android.permission.ACCESS_MOCK_LOCATION) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows access to the kernel MTP driver to implement the MTP USB protocol. [android.permission.ACCESS_MTP](http://androidpermissions.com/permission/android.permission.ACCESS_MTP) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to view information about network connections such as which networks exist and are connected. [android.permission.ACCESS_NETWORK_STATE](http://androidpermissions.com/permission/android.permission.ACCESS_NETWORK_STATE) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to view information about Wi-Fi networking, such as whether Wi-Fi is enabled and name of connected Wi-Fi devices. [android.permission.ACCESS_WIFI_STATE](http://androidpermissions.com/permission/android.permission.ACCESS_WIFI_STATE) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to determine whether WiMAX is enabled and information about any WiMAX networks that are connected. [android.permission.ACCESS_WIMAX_STATE](http://androidpermissions.com/permission/android.permission.ACCESS_WIMAX_STATE) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to make calls to AccountAuthenticators. [android.permission.ACCOUNT_MANAGER](http://androidpermissions.com/permission/android.permission.ACCOUNT_MANAGER) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to get information on internal storage. [android.permission.ASEC_ACCESS](http://androidpermissions.com/permission/android.permission.ASEC_ACCESS) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to create internal storage. [android.permission.ASEC_CREATE](http://androidpermissions.com/permission/android.permission.ASEC_CREATE) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to destroy internal storage. [android.permission.ASEC_DESTROY](http://androidpermissions.com/permission/android.permission.ASEC_DESTROY) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to mount/unmount internal storage. [android.permission.ASEC_MOUNT_UNMOUNT](http://androidpermissions.com/permission/android.permission.ASEC_MOUNT_UNMOUNT) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to rename internal storage. [android.permission.ASEC_RENAME](http://androidpermissions.com/permission/android.permission.ASEC_RENAME) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to use the account authenticator capabilities of the AccountManager, including creating accounts and getting and setting their passwords. [android.permission.AUTHENTICATE_ACCOUNTS](http://androidpermissions.com/permission/android.permission.AUTHENTICATE_ACCOUNTS) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows an application to read the current low-level battery use data. May allow the application to find out detailed information about which apps you use. [android.permission.BATTERY_STATS](http://androidpermissions.com/permission/android.permission.BATTERY_STATS) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to tell the system which widgets can be used by which app. An app with this permission can give access to personal data to other apps. Not for use by normal apps. [android.permission.BIND_APPWIDGET](http://androidpermissions.com/permission/android.permission.BIND_APPWIDGET) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to control when and how the user sees the in-call screen. [android.permission.BIND_CALL_SERVICE](http://androidpermissions.com/permission/android.permission.BIND_CALL_SERVICE) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* android.permission.BIND_DIRECTORY_SEARCH
* android.permission.BIND_KEYGUARD_APPWIDGET
* Allows the app to view the configuration of the Bluetooth on the phone, and to make and accept connections with paired devices. [android.permission.BLUETOOTH](http://androidpermissions.com/permission/android.permission.BLUETOOTH) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to configure the local Bluetooth phone, and to discover and pair with remote devices. [android.permission.BLUETOOTH_ADMIN](http://androidpermissions.com/permission/android.permission.BLUETOOTH_ADMIN) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Description [android.permission.BLUETOOTH_PRIVILEGED](http://androidpermissions.com/permission/android.permission.BLUETOOTH_PRIVILEGED) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* android.permission.BLUETOOTH_STACK
* Allows the app to broadcast a notification that an app package has been removed. Malicious apps may use this to kill any other running app. [android.permission.BROADCAST_PACKAGE_REMOVED](http://androidpermissions.com/permission/android.permission.BROADCAST_PACKAGE_REMOVED) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to broadcast a notification that an SMS message has been received. Malicious apps may use this to forge incoming SMS messages. [android.permission.BROADCAST_SMS](http://androidpermissions.com/permission/android.permission.BROADCAST_SMS) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to send sticky broadcasts, which remain after the broadcast ends. Excessive use may make the phone slow or unstable by causing it to use too much memory. [android.permission.BROADCAST_STICKY](http://androidpermissions.com/permission/android.permission.BROADCAST_STICKY) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to broadcast a notification that a WAP PUSH message has been received. Malicious apps may use this to forge MMS message receipt or to silently replace the content of any webpage with malicious variants. [android.permission.BROADCAST_WAP_PUSH](http://androidpermissions.com/permission/android.permission.BROADCAST_WAP_PUSH) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to call phone numbers without your intervention. This may result in unexpected charges or calls. Note that this doesn't allow the app to call emergency numbers. Malicious apps may cost you money by making calls without your confirmation. [android.permission.CALL_PHONE](http://androidpermissions.com/permission/android.permission.CALL_PHONE) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to take pictures and videos with the camera. This permission allows the app to use the camera at any time without your confirmation. [android.permission.CAMERA](http://androidpermissions.com/permission/android.permission.CAMERA) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows a pre-installed system application to disable the camera use indicator LED. [android.permission.CAMERA_DISABLE_TRANSMIT_LED](http://androidpermissions.com/permission/android.permission.CAMERA_DISABLE_TRANSMIT_LED) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to change the background data usage setting. [android.permission.CHANGE_BACKGROUND_DATA_SETTING](http://androidpermissions.com/permission/android.permission.CHANGE_BACKGROUND_DATA_SETTING) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to change the current configuration, such as the locale or overall font size. [android.permission.CHANGE_CONFIGURATION](http://androidpermissions.com/permission/android.permission.CHANGE_CONFIGURATION) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to change the state of network connectivity. [android.permission.CHANGE_NETWORK_STATE](http://androidpermissions.com/permission/android.permission.CHANGE_NETWORK_STATE) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to receive packets sent to all devices on a Wi-Fi network using multicast addresses, not just your phone. It uses more power than the non-multicast mode. [android.permission.CHANGE_WIFI_MULTICAST_STATE](http://androidpermissions.com/permission/android.permission.CHANGE_WIFI_MULTICAST_STATE) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to connect to and disconnect from Wi-Fi access points and to make changes to device configuration for Wi-Fi networks. [android.permission.CHANGE_WIFI_STATE](http://androidpermissions.com/permission/android.permission.CHANGE_WIFI_STATE) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to connect the phone to and disconnect the phone from WiMAX networks. [android.permission.CHANGE_WIMAX_STATE](http://androidpermissions.com/permission/android.permission.CHANGE_WIMAX_STATE) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to free phone storage by deleting files in the cache directories of other applications. This may cause other applications to start up more slowly as they need to re-retrieve their data. [android.permission.CLEAR_APP_CACHE](http://androidpermissions.com/permission/android.permission.CLEAR_APP_CACHE) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* android.permission.CONNECTIVITY_INTERNAL
* Allows the app to read and write to any resource owned by the diag group; for example, files in /dev. This could potentially affect system stability and security. This should be ONLY be used for hardware-specific diagnostics by the manufacturer or operator. [android.permission.DIAGNOSTIC](http://androidpermissions.com/permission/android.permission.DIAGNOSTIC]) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to disable the keylock and any associated password security. For example, the phone disables the keylock when receiving an incoming phone call, then re-enables the keylock when the call is finished. [android.permission.DISABLE_KEYGUARD](http://androidpermissions.com/permission/android.permission.DISABLE_KEYGUARD) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to download files through the download manager without any notification being shown to the user. [android.permission.DOWNLOAD_WITHOUT_NOTIFICATION](http://androidpermissions.com/permission/android.permission.DOWNLOAD_WITHOUT_NOTIFICATION) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to retrieve internal state of the system. Malicious apps may retrieve a wide variety of private and secure information that they should never normally need. [android.permission.DUMP](http://androidpermissions.com/permission/android.permission.DUMP) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to expand or collapse the status bar. [android.permission.EXPAND_STATUS_BAR](http://androidpermissions.com/permission/android.permission.EXPAND_STATUS_BAR) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to control the flashlight. [android.permission.FLASHLIGHT](http://androidpermissions.com/permission/android.permission.FLASHLIGHT) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to forcibly stop other apps. [android.permission.FORCE_STOP_PACKAGES](http://androidpermissions.com/permission/android.permission.FORCE_STOP_PACKAGES) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to get the list of accounts known by the phone. This may include any accounts created by applications you have installed. [android.permission.GET_ACCOUNTS](http://androidpermissions.com/permission/android.permission.GET_ACCOUNTS) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to retrieve collected application operation statistics. Not for use by normal apps. [android.permission.GET_APP_OPS_STATS](http://androidpermissions.com/permission/android.permission.GET_APP_OPS_STATS) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to retrieve detailed information about currently and recently running tasks. Malicious apps may discover private information about other apps. [android.permission.GET_DETAILED_TASKS](http://androidpermissions.com/permission/android.permission.GET_DETAILED_TASKS) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to retrieve its code, data, and cache sizes [android.permission.GET_PACKAGE_SIZE](http://androidpermissions.com/permission/android.permission.GET_PACKAGE_SIZE) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to retrieve information about currently and recently running tasks. This may allow the app to discover information about which applications are used on the device. [android.permission.GET_TASKS](http://androidpermissions.com/permission/android.permission.GET_TASKS) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* android.permission.GLOBAL_SEARCH
* android.permission.GLOBAL_SEARCH_CONTROL
* Allows the app to control various peripherals for the purpose of hardware testing. [android.permission.HARDWARE_TEST](http://androidpermissions.com/permission/android.permission.HARDWARE_TEST) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to perform actions across different users on the device. Malicious apps may use this to violate the protection between users. [android.permission.INTERACT_ACROSS_USERS](http://androidpermissions.com/permission/android.permission.INTERACT_ACROSS_USERS) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows all possible interactions across users. [android.permission.INTERACT_ACROSS_USERS_FULL](http://androidpermissions.com/permission/android.permission.INTERACT_ACROSS_USERS_FULL) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to create network sockets and use custom network protocols. The browser and other applications provide means to send data to the internet, so this permission is not required to send data to the internet. [android.permission.INTERNET](http://androidpermissions.com/permission/android.permission.INTERNET) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
*Allows the app to end background processes of other apps. This may cause other apps to stop running. [android.permission.KILL_BACKGROUND_PROCESSES](http://androidpermissions.com/permission/android.permission.KILL_BACKGROUND_PROCESSES) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* android.permission.LOCATION_HARDWARE
* android.permission.LOOP_RADIO
* Allows the app to perform operations like adding and removing accounts, and deleting their password. [android.permission.MANAGE_ACCOUNTS](http://androidpermissions.com/permission/android.permission.MANAGE_ACCOUNTS) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to add, remove, and modify the activity stacks in which other apps run. Malicious apps may disrupt the behavior of other apps. [android.permission.MANAGE_ACTIVITY_STACKS](http://androidpermissions.com/permission/android.permission.MANAGE_ACTIVITY_STACKS) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to manage document storage. [android.permission.MANAGE_DOCUMENTS](http://androidpermissions.com/permission/android.permission.MANAGE_DOCUMENTS) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to manage preferences and permissions for USB devices. [android.permission.MANAGE_USB](http://androidpermissions.com/permission/android.permission.MANAGE_USB) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows apps to manage users on the device, including query, creation and deletion. [android.permission.MANAGE_USERS](http://androidpermissions.com/permission/android.permission.MANAGE_USERS) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* android.permission.MODIFY_APPWIDGET_BIND_PERMISSIONS
* Allows the app to modify global audio settings such as volume and which speaker is used for output. [android.permission.MODIFY_AUDIO_SETTINGS](http://androidpermissions.com/permission/android.permission.MODIFY_AUDIO_SETTINGS) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to control the phone features of the device. An app with this permission can switch networks, turn the phone radio on and off and the like without ever notifying you. [android.permission.MODIFY_PHONE_STATE](http://androidpermissions.com/permission/android.permission.MODIFY_PHONE_STATE) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to format removable storage. [android.permission.MOUNT_FORMAT_FILESYSTEMS](http://androidpermissions.com/permission/android.permission.MOUNT_FORMAT_FILESYSTEMS) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to mount and unmount filesystems for removable storage. [android.permission.MOUNT_UNMOUNT_FILESYSTEMS](http://androidpermissions.com/permission/android.permission.MOUNT_UNMOUNT_FILESYSTEMS) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* android.permission.NET_ADMIN
* android.permission.NET_TUNNELING
* Allows the app to communicate with Near Field Communication (NFC) tags, cards, and readers. [android.permission.NFC](http://androidpermissions.com/permission/android.permission.NFC) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to make parts of itself persistent in memory. This can limit memory available to other apps slowing down the phone. [android.permission.PERSISTENT_ACTIVITY](http://androidpermissions.com/permission/android.permission.PERSISTENT_ACTIVITY) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to process outgoing calls and change the number to be dialed. This permission allows the app to monitor, redirect, or prevent outgoing calls. [android.permission.PROCESS_OUTGOING_CALLS](http://androidpermissions.com/permission/android.permission.PROCESS_OUTGOING_CALLS) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to read all calendar events stored on your phone, including those of friends or co-workers. This may allow the app to share or save your calendar data, regardless of confidentiality or sensitivity. [android.permission.READ_CALENDAR](http://androidpermissions.com/permission/android.permission.READ_CALENDAR) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to read your phone's call log, including data about incoming and outgoing calls. This permission allows apps to save your call log data, and malicious apps may share call log data without your knowledge. [android.permission.READ_CALL_LOG](http://androidpermissions.com/permission/android.permission.READ_CALL_LOG) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to read cell broadcast messages received by your device. Cell broadcast alerts are delivered in some locations to warn you of emergency situations. Malicious apps may interfere with the performance or operation of your device when an emergency cell broadcast is received. [android.permission.READ_CELL_BROADCASTS](http://androidpermissions.com/permission/android.permission.READ_CELL_BROADCASTS) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to read data about your contacts stored on your phone, including the frequency with which you've called, emailed, or communicated in other ways with specific individuals. This permission allows apps to save your contact data, and malicious apps may share contact data without your knowledge. [android.permission.READ_CONTACTS](http://androidpermissions.com/permission/android.permission.READ_CONTACTS) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* android.permission.READ_DREAM_STATE
* Allows the app to read the contents of your SD card. [android.permission.READ_EXTERNAL_STORAGE](http://androidpermissions.com/permission/android.permission.READ_EXTERNAL_STORAGE) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to read from the system's various log files. This allows it to discover general information about what you are doing with the phone, potentially including personal or private information. [android.permission.READ_LOGS](http://androidpermissions.com/permission/android.permission.READ_LOGS) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to access the phone features of the device. This permission allows the app to determine the phone number and device IDs, whether a call is active, and the remote number connected by a call. [android.permission.READ_PHONE_STATE](http://androidpermissions.com/permission/android.permission.READ_PHONE_STATE) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* android.permission.READ_PRIVILEGED_PHONE_STATE
* Allows the app to read personal profile information stored on your device, such as your name and contact information. This means the app can identify you and may send your profile information to others. [android.permission.READ_PROFILE](http://androidpermissions.com/permission/android.permission.READ_PROFILE) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to read SMS messages stored on your phone or SIM card. This allows the app to read all SMS messages, regardless of content or confidentiality. [android.permission.READ_SMS](http://androidpermissions.com/permission/android.permission.READ_SMS) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to access and sync social updates from you and your friends. Be careful when sharing information -- this allows the app to read communications between you and your friends on social networks, regardless of confidentiality. Note: this permission may not be enforced on all social networks. [android.permission.READ_SOCIAL_STREAM](http://androidpermissions.com/permission/android.permission.READ_SOCIAL_STREAM) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to read the sync settings for an account. For example, this can determine whether the People app is synced with an account. [android.permission.READ_SYNC_SETTINGS](http://androidpermissions.com/permission/android.permission.READ_SYNC_SETTINGS) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows an app to read the sync stats for an account, including the history of sync events and how much data is synced. [android.permission.READ_SYNC_STATS](http://androidpermissions.com/permission/android.permission.READ_SYNC_STATS) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to read all words, names and phrases that the user may have stored in the user dictionary. [android.permission.READ_USER_DICTIONARY](http://androidpermissions.com/permission/android.permission.READ_USER_DICTIONARY) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to have itself started as soon as the system has finished booting. This can make it take longer to start the phone and allow the app to slow down the overall phone by always running. [android.permission.RECEIVE_BOOT_COMPLETED](http://androidpermissions.com/permission/android.permission.RECEIVE_BOOT_COMPLETED) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* android.permission.RECEIVE_DATA_ACTIVITY_CHANGE
* Allows the app to receive and process emergency broadcast messages. This permission is only available to system apps. [android.permission.RECEIVE_EMERGENCY_BROADCAST](http://androidpermissions.com/permission/android.permission.RECEIVE_EMERGENCY_BROADCAST) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to receive and process MMS messages. This means the app could monitor or delete messages sent to your device without showing them to you. [android.permission.RECEIVE_MMS](http://androidpermissions.com/permission/android.permission.RECEIVE_MMS) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to receive and process SMS messages. This means the app could monitor or delete messages sent to your device without showing them to you. [android.permission.RECEIVE_SMS](http://androidpermissions.com/permission/android.permission.RECEIVE_SMS) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to receive and process WAP messages. This permission includes the ability to monitor or delete messages sent to you without showing them to you. [android.permission.RECEIVE_WAP_PUSH](http://androidpermissions.com/permission/android.permission.RECEIVE_WAP_PUSH) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to record audio with the microphone. This permission allows the app to record audio at any time without your confirmation. [android.permission.RECORD_AUDIO](http://androidpermissions.com/permission/android.permission.RECORD_AUDIO) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* android.permission.REMOTE_AUDIO_PLAYBACK
* Allows the app to remove tasks and kill their apps. Malicious apps may disrupt the behavior of other apps. [android.permission.REMOVE_TASKS](http://androidpermissions.com/permission/android.permission.REMOVE_TASKS) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to move tasks to the foreground and background. The app may do this without your input. [android.permission.REORDER_TASKS](http://androidpermissions.com/permission/android.permission.REORDER_TASKS) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to end background processes of other apps. This may cause other apps to stop running. [android.permission.RESTART_PACKAGES](http://androidpermissions.com/permission/android.permission.RESTART_PACKAGES) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to retrieve the content of the active window. Malicious apps may retrieve the entire window content and examine all its text except passwords. [android.permission.RETRIEVE_WINDOW_CONTENT](http://androidpermissions.com/permission/android.permission.RETRIEVE_WINDOW_CONTENT) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to send requests to other messaging apps to handle respond-via-message events for incoming calls. [android.permission.SEND_RESPOND_VIA_MESSAGE](http://androidpermissions.com/permission/android.permission.SEND_RESPOND_VIA_MESSAGE) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to send SMS messages. This may result in unexpected charges. Malicious apps may cost you money by sending messages without your confirmation. [android.permission.SEND_SMS](http://androidpermissions.com/permission/android.permission.SEND_SMS) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to control whether activities are always finished as soon as they go to the background. Never needed for normal apps. [android.permission.SET_ALWAYS_FINISH](http://androidpermissions.com/permission/android.permission.SET_ALWAYS_FINISH) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to change the global animation speed (faster or slower animations) at any time. [android.permission.SET_ANIMATION_SCALE](http://androidpermissions.com/permission/android.permission.SET_ANIMATION_SCALE) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to turn on debugging for another app. Malicious apps may use this to kill other apps. [android.permission.SET_DEBUG_APP](http://androidpermissions.com/permission/android.permission.SET_DEBUG_APP) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to modify your preferred apps. Malicious apps may silently change the apps that are run, spoofing your existing apps to collect private data from you. [android.permission.SET_PREFERRED_APPLICATIONS](http://androidpermissions.com/permission/android.permission.SET_PREFERRED_APPLICATIONS) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to control the maximum number of processes that will run. Never needed for normal apps. [android.permission.SET_PROCESS_LIMIT](http://androidpermissions.com/permission/android.permission.SET_PROCESS_LIMIT) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to control the screen compatibility mode of other applications. Malicious applications may break the behavior of other applications. [android.permission.SET_SCREEN_COMPATIBILITY](http://androidpermissions.com/permission/android.permission.SET_SCREEN_COMPATIBILITY) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to change the phone's time zone. [android.permission.SET_TIME_ZONE](http://androidpermissions.com/permission/android.permission.SET_TIME_ZONE) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to set the system wallpaper.  [android.permission.SET_WALLPAPER](http://androidpermissions.com/permission/android.permission.SET_WALLPAPER) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* android.permission.SET_WALLPAPER_COMPONENT
* Allows the app to set the system wallpaper size hints. [android.permission.SET_WALLPAPER_HINTS](http://androidpermissions.com/permission/android.permission.SET_WALLPAPER_HINTS) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to request that the supplied signal be sent to all persistent processes. [android.permission.SIGNAL_PERSISTENT_PROCESSES](http://androidpermissions.com/permission/android.permission.SIGNAL_PERSISTENT_PROCESSES) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to start any activity, regardless of permission protection or exported state. [android.permission.START_ANY_ACTIVITY](http://androidpermissions.com/permission/android.permission.START_ANY_ACTIVITY) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to get details about the currently synced feeds. [android.permission.SUBSCRIBED_FEEDS_READ](http://androidpermissions.com/permission/android.permission.SUBSCRIBED_FEEDS_READ) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to modify your currently synced feeds. Malicious apps may change your synced feeds. [android.permission.SUBSCRIBED_FEEDS_WRITE](http://androidpermissions.com/permission/android.permission.SUBSCRIBED_FEEDS_WRITE) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to draw on top of other applications or parts of the user interface. They may interfere with your use of the interface in any application, or change what you think you are seeing in other applications. [android.permission.SYSTEM_ALERT_WINDOW](http://androidpermissions.com/permission/android.permission.SYSTEM_ALERT_WINDOW) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to use the phone's infrared transmitter. [android.permission.TRANSMIT_IR](http://androidpermissions.com/permission/android.permission.TRANSMIT_IR) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to request authentication tokens. [android.permission.USE_CREDENTIALS](http://androidpermissions.com/permission/android.permission.USE_CREDENTIALS) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to use the SIP service to make/receive Internet calls. [android.permission.USE_SIP](http://androidpermissions.com/permission/android.permission.USE_SIP) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to control the vibrator. [android.permission.VIBRATE](http://androidpermissions.com/permission/android.permission.VIBRATE) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to prevent the phone from going to sleep. [android.permission.WAKE_LOCK](http://androidpermissions.com/permission/android.permission.WAKE_LOCK) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to change network settings and to intercept and inspect all network traffic, for example to change the proxy and port of any APN. Malicious apps may monitor, redirect, or modify network packets without your knowledge. [android.permission.WRITE_APN_SETTINGS](http://androidpermissions.com/permission/android.permission.WRITE_APN_SETTINGS) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to add, remove, change events that you can modify on your phone, including those of friends or co-workers. This may allow the app to send messages that appear to come from calendar owners, or modify events without the owners' knowledge. [android.permission.WRITE_CALENDAR](http://androidpermissions.com/permission/android.permission.WRITE_CALENDAR) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to modify your phone's call log, including data about incoming and outgoing calls. Malicious apps may use this to erase or modify your call log. [android.permission.WRITE_CALL_LOG](http://androidpermissions.com/permission/android.permission.WRITE_CALL_LOG) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to modify the data about your contacts stored on your phone, including the frequency with which you've called, emailed, or communicated in other ways with specific contacts. This permission allows apps to delete contact data. [android.permission.WRITE_CONTACTS](http://androidpermissions.com/permission/android.permission.WRITE_CONTACTS) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* android.permission.WRITE_DREAM_STATE
* Allows the app to write to the SD card. [android.permission.WRITE_EXTERNAL_STORAGE](http://androidpermissions.com/permission/android.permission.WRITE_EXTERNAL_STORAGE) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to modify the contents of the internal media storage. [android.permission.WRITE_MEDIA_STORAGE](http://androidpermissions.com/permission/android.permission.WRITE_MEDIA_STORAGE) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to change or add to personal profile information stored on your device, such as your name and contact information. This means the app can identify you and may send your profile information to others. [android.permission.WRITE_PROFILE](http://androidpermissions.com/permission/android.permission.WRITE_PROFILE) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to modify the system's secure settings data. Not for use by normal apps. [android.permission.WRITE_SECURE_SETTINGS](http://androidpermissions.com/permission/android.permission.WRITE_SECURE_SETTINGS) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to change or add to personal profile information stored on your device, such as your name and contact information. This means the app can identify you and may send your profile information to others. [android.permission.WRITE_SETTINGS](http://androidpermissions.com/permission/android.permission.WRITE_SETTINGS) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to write to SMS messages stored on your phone or SIM card. Malicious apps may delete your messages. [android.permission.WRITE_SMS](http://androidpermissions.com/permission/android.permission.WRITE_SMS) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to display social updates from your friends. Be careful when sharing information -- this allows the app to produce messages that may appear to come from a friend. Note: this permission may not be enforced on all social networks. [android.permission.WRITE_SOCIAL_STREAM](http://androidpermissions.com/permission/android.permission.WRITE_SOCIAL_STREAM) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows an app to modify the sync settings for an account. For example, this can be used to enable sync of the People app with an account. [android.permission.WRITE_SYNC_SETTINGS](http://androidpermissions.com/permission/android.permission.WRITE_SYNC_SETTINGS) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to write new words into the user dictionary. [android.permission.WRITE_USER_DICTIONARY](http://androidpermissions.com/permission/android.permission.WRITE_USER_DICTIONARY) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to set an alarm in an installed alarm clock app. Some alarm clock apps may not implement this feature. [com.android.alarm.permission.SET_ALARM](http://androidpermissions.com/permission/com.android.alarm.permission.SET_ALARM) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to read the history of all URLs that the Browser has visited, and all of the Browser's bookmarks. Note: this permission may not be enforced by third-party browsers or other applications with web browsing capabilities. [com.android.browser.permission.READ_HISTORY_BOOKMARKS](http://androidpermissions.com/permission/com.android.browser.permission.READ_HISTORY_BOOKMARKS) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to modify the Browser's history or bookmarks stored on your phone. This may allow the app to erase or modify Browser data. Note: this permission may note be enforced by third-party browsers or other applications with web browsing capabilities. [com.android.browser.permission.WRITE_HISTORY_BOOKMARKS](http://androidpermissions.com/permission/com.android.browser.permission.WRITE_HISTORY_BOOKMARKS) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to read your email attachments. [com.android.email.permission.READ_ATTACHMENT](http://androidpermissions.com/permission/com.android.email.permission.READ_ATTACHMENT) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows an application to add Homescreen shortcuts without user intervention. [com.android.launcher.permission.INSTALL_SHORTCUT](http://androidpermissions.com/permission/com.android.launcher.permission.INSTALL_SHORTCUT) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* com.android.launcher.permission.PRELOAD_WORKSPACE
* Allows the app to read the settings and shortcuts in Home. [com.android.launcher.permission.READ_SETTINGS](http://androidpermissions.com/permission/com.android.launcher.permission.READ_SETTINGS) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the application to remove Homescreen shortcuts without user intervention. [com.android.launcher.permission.UNINSTALL_SHORTCUT](http://androidpermissions.com/permission/com.android.launcher.permission.UNINSTALL_SHORTCUT) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to change the settings and shortcuts in Home.  [com.android.launcher.permission.WRITE_SETTINGS](http://androidpermissions.com/permission/com.android.launcher.permission.WRITE_SETTINGS) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* com.android.vending.CHECK_LICENSE
* Allows the app to add messages to your voicemail inbox. [com.android.voicemail.permission.ADD_VOICEMAIL](http://androidpermissions.com/permission/com.android.voicemail.permission.ADD_VOICEMAIL) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows the app to store and retrieve all voicemails that this device can access. [com.android.voicemail.permission.READ_WRITE_ALL_VOICEMAIL](http://androidpermissions.com/permission/com.android.voicemail.permission.READ_WRITE_ALL_VOICEMAIL) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows apps to accept cloud to device messages sent by the app's service. Using this service will incur data usage. Malicious apps could cause excess data usage. [com.google.android.c2dm.permission.RECEIVE](http://androidpermissions.com/permission/com.google.android.c2dm.permission.RECEIVE) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Can broadcast data messages received from the Internet to apps registered to listen for them. [com.google.android.c2dm.permission.SEND](http://androidpermissions.com/permission/com.google.android.c2dm.permission.SEND) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows an app to receive periodic updates of your activity level from Google, for example, if you are walking, driving, cycling, or stationary. [com.google.android.gms.permission.ACTIVITY_RECOGNITION](http://androidpermissions.com/permission/com.google.android.gms.permission.ACTIVITY_RECOGNITION) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows apps to see the usernames (email addresses) of the Google account(s) you have configured. [com.google.android.googleapps.permission.GOOGLE_AUTH](http://androidpermissions.com/permission/com.google.android.googleapps.permission.GOOGLE_AUTH) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows apps to sign in to ALL Google services using the account(s) stored on this Android device. [com.google.android.googleapps.permission.GOOGLE_AUTH.adsense](http://androidpermissions.com/permission/com.google.android.googleapps.permission.GOOGLE_AUTH.adsense) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows apps to sign in to unspecified Google services using the account(s) stored on this Android device. [com.google.android.googleapps.permission.GOOGLE_AUTH.adwords](http://androidpermissions.com/permission/com.google.android.googleapps.permission.GOOGLE_AUTH.adwords) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows apps to sign in to Google App Engine using the account(s) stored on this Android device. [com.google.android.googleapps.permission.GOOGLE_AUTH.ah](http://androidpermissions.com/permission/com.google.android.googleapps.permission.GOOGLE_AUTH.ah) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows apps to sign in to Google AdSense using the account(s) stored on this Android device. [com.google.android.googleapps.permission.GOOGLE_AUTH.ALL_SERVICES](http://androidpermissions.com/permission/com.google.android.googleapps.permission.GOOGLE_AUTH.ALL_SERVICES) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows apps to sign in to Android services using the account(s) stored on this Android device. [com.google.android.googleapps.permission.GOOGLE_AUTH.android](http://androidpermissions.com/permission/com.google.android.googleapps.permission.GOOGLE_AUTH.android) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows apps to sign in to Android services using the account(s) stored on this Android device. [com.google.android.googleapps.permission.GOOGLE_AUTH.androidsecure](http://androidpermissions.com/permission/com.google.android.googleapps.permission.GOOGLE_AUTH.androidsecure) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows apps to sign in to Blogger using the account(s) stored on this Android device. [com.google.android.googleapps.permission.GOOGLE_AUTH.blogger](http://androidpermissions.com/permission/com.google.android.googleapps.permission.GOOGLE_AUTH.blogger) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows apps to sign in to Google Calendar using the account(s) stored on this Android device. [com.google.android.googleapps.permission.GOOGLE_AUTH.cl](http://androidpermissions.com/permission/com.google.android.googleapps.permission.GOOGLE_AUTH.cl) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows apps to access the contacts and profile information of account(s) stored on this Android device. [com.google.android.googleapps.permission.GOOGLE_AUTH.cp](http://androidpermissions.com/permission/com.google.android.googleapps.permission.GOOGLE_AUTH.cp) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows apps to sign in to Dodgeball using the account(s) stored on this Android device.  [com.google.android.googleapps.permission.GOOGLE_AUTH.dodgeball](http://androidpermissions.com/permission/com.google.android.googleapps.permission.GOOGLE_AUTH.dodgeball) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows applications to sign in to the Google Catalogs service using the account(s) stored on this phone. [com.google.android.googleapps.permission.GOOGLE_AUTH.doraemon](http://androidpermissions.com/permission/com.google.android.googleapps.permission.GOOGLE_AUTH.doraemon) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows apps to sign in to Google Finance using the account(s) stored on this Android device. [com.google.android.googleapps.permission.GOOGLE_AUTH.finance](http://androidpermissions.com/permission/com.google.android.googleapps.permission.GOOGLE_AUTH.finance) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows apps to sign in to Google Base using the account(s) stored on this Android device. [com.google.android.googleapps.permission.GOOGLE_AUTH.gbase](http://androidpermissions.com/permission/com.google.android.googleapps.permission.GOOGLE_AUTH.gbase) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows applications to sign in to the Google Map maker service using the account(s) stored on this phone. [com.google.android.googleapps.permission.GOOGLE_AUTH.geowiki](http://androidpermissions.com/permission/com.google.android.googleapps.permission.GOOGLE_AUTH.geowiki) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows applications to sign in to the Google Tasks service using the account(s) stored on this phone. [com.google.android.googleapps.permission.GOOGLE_AUTH.goanna_mobile](http://androidpermissions.com/permission/com.google.android.googleapps.permission.GOOGLE_AUTH.goanna_mobile) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows apps to sign in to Google Voice using the account(s) stored on this Android device. [com.google.android.googleapps.permission.GOOGLE_AUTH.grandcentral](http://androidpermissions.com/permission/com.google.android.googleapps.permission.GOOGLE_AUTH.grandcentral) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows apps to sign in to Google Groups using the account(s) stored on this Android device. [com.google.android.googleapps.permission.GOOGLE_AUTH.groups2](http://androidpermissions.com/permission/com.google.android.googleapps.permission.GOOGLE_AUTH.groups2) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows apps to sign in to Google Health using the account(s) stored on this Android device. [com.google.android.googleapps.permission.GOOGLE_AUTH.health](http://androidpermissions.com/permission/com.google.android.googleapps.permission.GOOGLE_AUTH.health) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows apps to sign in to iGoogle using the account(s) stored on this Android device. [com.google.android.googleapps.permission.GOOGLE_AUTH.ig](http://androidpermissions.com/permission/com.google.android.googleapps.permission.GOOGLE_AUTH.ig) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows apps to sign in to JotSpot using the account(s) stored on this Android device. [com.google.android.googleapps.permission.GOOGLE_AUTH.jotspot](http://androidpermissions.com/permission/com.google.android.googleapps.permission.GOOGLE_AUTH.jotspot) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows apps to sign in to Knol using the account(s) stored on this Android device. [com.google.android.googleapps.permission.GOOGLE_AUTH.knol](http://androidpermissions.com/permission/com.google.android.googleapps.permission.GOOGLE_AUTH.knol) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows apps to sign in to Picasa Web Albums using the account(s) stored on this Android device. [com.google.android.googleapps.permission.GOOGLE_AUTH.lh2](http://androidpermissions.com/permission/com.google.android.googleapps.permission.GOOGLE_AUTH.lh2) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows apps to sign in to Google Maps using the account(s) stored on this Android device. [com.google.android.googleapps.permission.GOOGLE_AUTH.local](http://androidpermissions.com/permission/com.google.android.googleapps.permission.GOOGLE_AUTH.local) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows apps to sign in to Google mail services using the account(s) stored on this Android device.  [com.google.android.googleapps.permission.GOOGLE_AUTH.mail](http://androidpermissions.com/permission/com.google.android.googleapps.permission.GOOGLE_AUTH.mail) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows apps to sign in to Google mobile apps using the account(s) stored on this Android device. [com.google.android.googleapps.permission.GOOGLE_AUTH.mobile](http://androidpermissions.com/permission/) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows apps to sign in to Google News using the account(s) stored on this Android device. [com.google.android.googleapps.permission.GOOGLE_AUTH.news](http://androidpermissions.com/permission/) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows apps to sign in to Google Notebook using the account(s) stored on this Android device. [com.google.android.googleapps.permission.GOOGLE_AUTH.notebook](http://androidpermissions.com/permission/) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows apps to sign in to Orkut using the account(s) stored on this Android device. [com.google.android.googleapps.permission.GOOGLE_AUTH.orkut](http://androidpermissions.com/permission/) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows apps to sign in to unspecified Google services using the account(s) stored on this Android device. [com.google.android.googleapps.permission.GOOGLE_AUTH.OTHER_SERVICES](http://androidpermissions.com/permission/) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows applications to sign in to the Panoramio service using the account(s) stored on this phone.  [com.google.android.googleapps.permission.GOOGLE_AUTH.panoramio](http://androidpermissions.com/permission/) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows apps to sign in to Google Book Search using the account(s) stored on this Android device. [com.google.android.googleapps.permission.GOOGLE_AUTH.print](http://androidpermissions.com/permission/) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows applications to sign in to the Google Reader service using the account(s) stored on this phone. [com.google.android.googleapps.permission.GOOGLE_AUTH.reader](http://androidpermissions.com/permission/) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows apps to sign in to Google Checkout (and potentially make purchases) using the account(s) stored on this Android device. [com.google.android.googleapps.permission.GOOGLE_AUTH.sierra](http://androidpermissions.com/permission/) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows apps to sign in to Google Checkout QA using the account(s) stored on this Android device. [com.google.android.googleapps.permission.GOOGLE_AUTH.sierraqa](http://androidpermissions.com/permission/) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows apps to sign in to Google Checkout Sandbox using the account(s) stored on this Android device. [com.google.android.googleapps.permission.GOOGLE_AUTH.sierrasandbox](http://androidpermissions.com/permission/) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows apps to sign in to Google Webmaster Tools using the account(s) stored on this Android device.  [com.google.android.googleapps.permission.GOOGLE_AUTH.sitemaps](http://androidpermissions.com/permission/) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows apps to sign in to Google Voice Search using the account(s) stored on this Android device. [com.google.android.googleapps.permission.GOOGLE_AUTH.speech](http://androidpermissions.com/permission/) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows apps to sign in to the Personalized Speech Recognition service using the account(s) stored on this Android device. [com.google.android.googleapps.permission.GOOGLE_AUTH.speechpersonalization](http://androidpermissions.com/permission/) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows apps to sign in to Google Talk using the account(s) stored on this Android device. [com.google.android.googleapps.permission.GOOGLE_AUTH.talk](http://androidpermissions.com/permission/) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows apps to sign in to Google Wi-Fi using the account(s) stored on this Android device. [com.google.android.googleapps.permission.GOOGLE_AUTH.wifi](http://androidpermissions.com/permission/) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows apps to sign in to Google Spreadsheets using the account(s) stored on this Android device. [com.google.android.googleapps.permission.GOOGLE_AUTH.wise](http://androidpermissions.com/permission/) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows apps to sign in to Google Docs using the account(s) stored on this Android device. [com.google.android.googleapps.permission.GOOGLE_AUTH.writely](http://androidpermissions.com/permission/) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows apps to sign in to YouTube using the account(s) stored on this Android device.  [com.google.android.googleapps.permission.GOOGLE_AUTH.youtube](http://androidpermissions.com/permission/) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows apps to see the YouTube username(s) associated with the Google account(s) stored on this Android device.  [com.google.android.googleapps.permission.GOOGLE_AUTH.YouTubeUser](http://androidpermissions.com/permission/) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Used for server cloud to device messages and for sync notifications. Google Talk uses this service to exchange messages and to synchronize presence status. Malicious apps could use this service to transmit excess data. [com.google.android.gtalkservice.permission.GTALK_SERVICE](http://androidpermissions.com/permission/) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Can send a heartbeat packet to the Google Talk server to ensure the health of the connection. [com.google.android.gtalkservice.permission.SEND_HEARTBEAT](http://androidpermissions.com/permission/) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Can broadcast data messages received from the Internet to apps registered to listen for them.  [com.google.android.permission.BROADCAST_DATA_MESSAGE](http://androidpermissions.com/permission/) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows this app to read Google service configuration data. [com.google.android.providers.gsf.permission.READ_GSERVICES](http://androidpermissions.com/permission/) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows apps to read data from the Google Talk content provider. [com.google.android.providers.talk.permission.READ_ONLY](http://androidpermissions.com/permission/) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows apps to write data to the Google Talk content provider. [com.google.android.providers.talk.permission.WRITE_ONLY](http://androidpermissions.com/permission/) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Can broadcast XMPP messages received from the Google servers to apps registered to listen for them. [com.google.android.xmpp.permission.BROADCAST](http://androidpermissions.com/permission/) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows Google apps to send and receive XMPP messages to and from Google servers. [com.google.android.xmpp.permission.SEND_RECEIVE](http://androidpermissions.com/permission/) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Allows Google apps to send and receive XMPP messages to and from Google servers. [com.google.android.xmpp.permission.USE_XMPP_ENDPOINT](http://androidpermissions.com/permission/) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)
* Can broadcast XMPP messages received from the Google servers to apps. [com.google.android.xmpp.permission.XMPP_ENDPOINT_BROADCAST](http://androidpermissions.com/permission/) [Reference](https://developer.android.com/reference/android/Manifest.permission.html)


## Additional Permissions

Device, application, or vendor-specific settings.

* (com.anddoes.launcher.permission.UPDATE_COUNT)
* (com.google.android.c2dm.permission.RECEIVE)
* (com.htc.launcher.permission.READ_SETTINGS)
* (com.htc.launcher.permission.UPDATE_SHORTCUT)
* (com.huawei.android.launcher.permission.CHANGE_BADGE)
* (com.huawei.android.launcher.permission.READ_SETTINGS)
* (com.huawei.android.launcher.permission.WRITE_SETTINGS)
* (com.majeur.launcher.permission.UPDATE_BADGE)
* (com.oppo.launcher.permission.READ_SETTINGS)
* (com.oppo.launcher.permission.WRITE_SETTINGS)
* (com.sec.android.provider.badge.permission.READ)
* (com.sec.android.provider.badge.permission.WRITE)
* (com.sonyericsson.home.permission.BROADCAST_BADGE)
* (com.sonymobile.home.permission.PROVIDER_INSERT_BADGE)
* (me.everything.badger.permission.BADGE_COUNT_READ)
* (me.everything.badger.permission.BADGE_COUNT_WRITE)
* (.permission.C2D_MESSAGE)


================================================
FILE: guides/mozilla_presentation.md
================================================
# Tracking Mobile Trackers
#### A [Yale Privacy Lab]( https://privacylab.yale.edu) Tech Primer [Guide]

###### Share: [privacylab.yale.edu/tmt](https://privacylab.yale.edu/tmt)

###### [@YalePrivacyLab](https://twitter.com/YalePrivacyLab) | [privacylab@mastodon.social](https://mastodon.social/@privacylab)

###### Presented by Sean O'Brien

----

## Are you worried that your phone is listening to you?

## That it is tracking your movements?

----

### You are being tracked by your phone in some way.  This primer [guide] will help explain and offer some solutions.

----

###  Our phones are full of naughty apps.

----

### At Yale Privacy Lab, we help identify  mobile trackers, code that runs inside  apps without your knowledge or consent.

----

# What Are Trackers?

* We use the term **trackers** broadly, to encompass traditional advertisement surveillance, analytics, behavioral and location tracking, as well as _developer tools_ such as crash reporters.

* We're talking about trackers bundled for app developers as **Software Development Kits** (SDKs) though there are also other ways to track users.

----

# We also focus on proximity and location tracking.

### Trackers that use bluetooth and near-ultrasonic/ultrasonic signals are some of the worst examples.

----

# What About Apple?

We'll be talking about **[Android apps in Google Play](https://www.wired.com/story/android-users-to-avoid-malware-ditch-googles-app-store/)**.

Many of the same companies distributing Google Play apps **also distribute apps via Apple**, and tracker companies openly advertise SDKs compatible with multiple platforms.

Thus, advertising trackers may be concurrently packaged for Android **and iOS**, as well as more obscure mobile platforms.

----

# Digging Deep

* To really understand a specific app and privacy or security concerns, it takes **network analysis**.

* **App permissions** are a big indicator something might be wrong (RECORD_AUDIO etc.)

**Be careful accepting permissions when you install an app!**

----

### **We'll show you an easy way to detect tracker SDKs without needing to know anything about code, via the [εxodus platform](https://reports.exodus-privacy.eu.org).**

----

## reports.exodus-privacy.eu.org

##### εxodus scans Android apps in Google Play.

##### Anyone can scan an app via a slick [fancy] Web UI

----

# Detecting Tracker SDKs

* εxodus scanner does **static analysis** of Android APKs to find  signatures in embedded classes.

* Without εxodus, you can make educated guesses by looking at the **Android manifest** XML and classes* **DEX** files.

* Remember, there are legal restrictions on static analysis of iOS apps, but many of these apps also have trackers (more on that later).

----

[okay to leave this part out]

#### [Cory Doctorow](https://boingboing.net/2017/11/25/la-la-la-cant-hear-you.html) on the subject:

“iOS is DRM-locked and **it's a felony** – punishable by a 5-year prison sentence and a $500,000 fine for a first offense in the USA under DMCA 1201, and similar provisions of Article 6 of the EUCD in France where Exodus is located – to distribute tools that bypass this DRM, even for the essential work of discovering whether billions of people are at risk due to covert spying from the platform.

It's true that the US Copyright Office gave us a soon-to-expire exemption to this rule that started in 2016, but that exemption only allows Exodus to use that tool; **it doesn't allow Exodus to make that tool, or to distribute it so independent researchers can investigate iOS**.”

----

# εxodus Static Analysis

----

## Quick εxodus Stats

* 152 tracker signatures, 28,600 reports (Oct 1, 2018)
* 26,133 apps scanned, 400GB+ APK packages

----

## Tracker Profiles

##### [github.com/YalePrivacyLab/tracker-profiles](https://github.com/YalePrivacyLab/tracker-profiles)

##### Calling crash reporters like HockeyApp, Crashlytics "trackers" has been controversial, though they have advanced analytics features/options.

----

### Adding & Improving Tracker Profiles

* We are  updating profiles, adding new ones.
* We're correlating companies via [OpenCorporates](https://opencorporates.com/).

----

## We're looking for more contributors, and you can help us by contacting [Yale Privacy Lab](https://privacylab.yale.edu/people) directly or [finding us on github](https://github.com/YalePrivacyLab/tracker-profiles).

----

##### Mozilla has been guiding us via the Open Leaders Program and our mentor [Josefina Caro Magaña](https://twitter.com/PepaLisperguer) of [Beyond Activismo](https://beyondactivismo.org).

----

# Real-World Impact:

### Working on tracker profiles with us means you're contributing to software projects that protect privacy such as εxodus, F-Droid, Yalp Store, and our ultrasonic jammer apps.

----

### Our tracker profiles go upstream to these software projects.  Here are some examples.

----

## F-Droid Collaboration

##### [F-Droid Blog Dec 2017](https://f-droid.org/en/2017/12/14/new-collaborations-on-exposing-tracking.html)

----

# F-Droid Package Scanning

* AI/machine learning in the future?

* [LibScout](https://github.com/reddr/LibScout)

https://gitlab.com/fdroid/rfp/issues?label_name[]=trackers

----

## Free Software Projects

* Utilize εxodus API:
  - [εxodus CLI](https://github.com/Exodus-Privacy/exodus-standalone)
  - [εxodus Android app](https://github.com/Exodus-Privacy/exodus-android-app)
  - [εxodify browser addons](https://github.com/FacettsOpen/exodify)

* [PilferShush Android app](https://github.com/YalePrivacyLab/PilferShush_prod)
* [PiRanhaLysis](https://github.com/U039b/PiRogue) network interception/analysis (PiRogue, PiPrecious, Phorcys)

----

### Now that we understand static analysis and tracker SDKs, let's talk about physical methods that companies use to track us.

----

# Proximity Targeting

* Retailers are using **bluetooth** alongside **sonic** (near-ultrasonic/ultrasonic, 18kHz to 22kHz range) technology to track precise physical movements via **beacons**.

* The _de facto_ bluetooth beacon standard is **Apple iBeacon**, one of the first to market.

----

##### Signatures of sonic tracker SDKs [SilverPush](https://reports.exodus-privacy.eu.org/trackers/80/), [Alphonso](https://reports.exodus-privacy.eu.org/trackers/82/), [Lisnr](https://reports.exodus-privacy.eu.org/trackers/79/), [Shopkick](https://reports.exodus-privacy.eu.org/trackers/81/), [Fidzup](https://reports.exodus-privacy.eu.org/trackers/2/), and [Signal360](https://reports.exodus-privacy.eu.org/trackers/86/) can be detected by εxodus.  Their profiles are in our [github repository](https://github.com/YalePrivacyLab/tracker-profiles).

##### We're detecting new trackers that utilize these creepy methods often.  The latest is [CopSonic](https://www.copsonic.com/).

----

# Example Beacon Devices

##### Source: [https://en.wikipedia.org/wiki/IBeacon](https://en.wikipedia.org/wiki/IBeacon#/media/File:An_assortment_of_iBeacon_from_different_vendors.jpg)

----

## Important Caveats

* Beacons use a _combination_ of technologies and **may not require an SDK** on a target person's phone.

* Special beacon devices are not required. Sonic tracking can occur via **stadium/arena** (Lisnr, Signal360), **retail** (Shopkick, Fidzup), **TV** (Alphonso, SilverPush) speakers.

----

#### Example Sonic Tracking Signals

----

#### Sonic Tracking Signal: Closer Look

###### [Audio Sample, Macy's](https://soundcloud.com/city-frequencies/beacon-pitched-time-shifted)

###### [Much More Info from Cityfreqs](http://www.cityfreqs.com.au/pilfer.php)

----

# Sonic Tracking Is Not Sci-Fi

* [Frequency Shift Keying](https://www.sec.cs.tu-bs.de/pubs/2016-batmobile.pdf) is the primary method.

* Some sonic trackers are very basic ([Fidzup](https://patents.google.com/patent/FR3010821A1/fr)), others are complex ([Shopkick](https://soundcloud.com/city-frequencies/beacon-pitched-time-shifted)).

* [FTC warnings](https://www.ftc.gov/news-events/press-releases/2016/03/ftc-issues-warning-letters-app-developers-using-silverpush-code) were issued for app devs who were using SilverPush in 2016.

* Many Alphonso apps were pulled in December 2017 after a [_NYTimes_ story](https://www.nytimes.com/2017/12/28/business/media/alphonso-app-tracking.html).

----

#####  Researchers and journalists have shared their app lists/checksums with us. We've got lists of sonic tracking apps still in the wild.

##### If you are interested in learning more, we can share these and other details (copies of ultrasonic recordings etc.)

----

## Check out the following example of sonic tracking, via a demo video offered by a tracking company.

----

# Sonic Proximity Targeting

* Demo w/ smartphone: https://frama.link/fidvid01
* Video w/ signals:  https://frama.link/fidvid-tmt

----

## GDPR Warnings for Fidzup, Teemo

----

## With the help of our [PilferShush app](https://github.com/YalePrivacyLab/PilferShush_prod), developed by [Cityfreqs](http://www.cityfreqs.com.au/pilfer.php), we can successfully block these ultrasonic signals.

----

## **PilferShush**
#### Detects & Blocks Sonic Tracking Signals

https://github.com/YalePrivacyLab/PilferShush_prod

* Android app by Cityfreqs.

* Two versions. PilferShush Jammer is the friendlier one for blocking signals.

----

## Grab the **PilferShush**  Jammer

* Available in [F-Droid](https://fossdroid.com/a/pilfershush-jammer.html) & [Google Play](https://play.google.com/store/apps/details?id=cityfreqs.com.pilfershushjammer&hl=en_US)

----

### Beacons are a pervasive adversary to privacy in our physical world.

#### We can hunt for beacons that may be sending sonic and bluetooth signals.

----
# Beacon Hunting

On Android - [Beacon Locator](https://f-droid.org/en/packages/com.samebits.beacon.locator/), [iBeacon Detector](https://play.google.com/store/apps/details?id=youten.redo.ble.ibeacondetector&hl=en)

On iOS - [Locate Beacon](https://itunes.apple.com/us/app/locate-beacon/id738709014), [DIY method](http://www.beekn.net/2015/02/tutorial-making-smarter-ibeacon-detector-ios/)

* Sonic tracking is useful in some cases, but bluetooth is more dynamic and widespread.

----

## iBeacon Detected!

----

### Remember, you should turn off bluetooth on your devices by default, and  be careful about **both** microphone and bluetooth settings, as well as app permissions.

----

# "PiRogue" Raspberry Pi

## [Network Analysis via MITMproxy](https://www.youtube.com/watch?v=oIcrsuJcTPo)

----

#### Visualizing Network Data in Real-Time

## [PiRanhaLysis](https://piranhalysis.github.io/)
#### Mobile/IoT analysis suite

----

# Thank You!

* Mozilla Open Leaders and Josefina Caro Magaña
* Scott Shapiro, Laurin Weissinger, Jon Oronzo
* Rebecca Crootof, Jack Balkin, Mike Kwet, Yale ISP
* PiRanhaLysis and Exodus Privacy team
* City Frequencies
* Hans-Christoph Steiner and F-Droid team
* Eben Moglen and Danny Haidar, Freedombox Fndn
* Nathan Freitas, Guardian Project

================================================
FILE: trackers/AccountKit.md
================================================
# AccountKit

## About

AccountKit is a product of Facebook lets users quickly register/login to apps by using just their phone number or email address.  No password is needed. [Link to weblink](https://www.accountkit.com/faq/)

## Ownership

AccountKit is owned by Facebook (NASDAQ: FB). 

Note: there is an unaffiliated Australian Accounting firm of the same name.  

## [Exodus Detection Rules](https://exodus-privacy.eu.org)

* Code detection rule: com.facebook.accountkit
* Network detection rule: NC

## What it does

* User Verification
* Phone number collection
* Permits direct app logins without SMS code

## Data Policy

[Policy as of 8/9/2018:](https://www.facebook.com/privacy/explanation/)

* Identical to Facebook's Policy.  This provides controls for users to opt out but no actual commitment to reduce the collection and use of personal data.  

* Data will be used to "reasearch and innovate for social good", "promote satety, integrity and security", personalize advertising, communicate with users, and measure analytics for business services. 

* Third-party apps and websites integrated with Facebook and its products receive information on what users post and share. This "information collected by these third-party services is subject to their own terms and policies, not this one." 

* Facebook's policy states that it doesn't "sell any of your information to anyone and we never will." It imposes "strict restrictions" on how partners use and disclose the data it provides. 

* Information may be accessed, preserved, and shared with regulators, law enforcement, and others in response to legal requests (including those in outside jurisdictions if there is a "good faith belief" they're required to respond), prevention of fraud, unauthorized use of products or services, breaches of Terms or Policies, to prevent harm to Facebook or its property, and harmful or illegal activity.  

# Questions or concerns about this document?
Please contact Privacy Lab: https://privacylab.yale.edu/directory


================================================
FILE: trackers/Actv8.md
================================================
# Tracker Name
Actv8

# In εxodus?
No

## Website
http://actv8me.com/

## About
Drive user engagement and inspire transactions. A turnkey platform that connects media with mobile commerce.


## Category
Advertising, Location, Identity, Tracking, Beacons

## [Exodus Detection Rules](https://exodus-privacy.eu.org)
*   Network signature: `actv8technologies.com`
*   Code signature: `me.actv8`

## Repositories
*   Maven: `https://mvnrepository.com/artifact/me.actv8.core/actv8-sdk`
*   Artifact ID: `actv8-sdk`
*   Group ID: `me.actv8.core`

## Gradle
`xxx`

## Additional links
https://api-production-v4.actv8technologies.com/ , http://sonar.actv8technologies.com/fdb/

## Notes
relies on Cifrasoft, maven repo may be outdated


================================================
FILE: trackers/Ad4Screen.md
================================================
# Ad4Screen

## Primary Location
France (Paris). [Crunchbase, 01](https://www.crunchbase.com/organization/ad4screen)

## Website
[http://www.ad4screen.com](http://www.ad4screen.com)

## About
Ad4Screen is "a marketing and advertising pioneer on Mobile Net (Smartphones, Tablets...)".  They help companies "to set up performant Mobile advertising campaigns and to increase App User engagement, retention and conversion." [Ad4Screen, 02](http://www.ad4screen.com/en/presentation)

## Ownership
Ad4Screen

## [Exodus Detection Rules](https://exodus-privacy.eu.org)

* `ad4screen`
* `a4\.tl`
* `app4free`
* `accengage\.com`

## Documentation
Via Accengage [https://docs.accengage.com/display/AND/Integration](https://docs.accengage.com/display/AND/Integration)

## Products and Services

Ad4Screen advises clients on "the best possible strategy to limit your risks and we manage, for you, the establishment and management of your campaigns from A to Z!" (translated from French) [Ad4Screen, 03](http://www.ad4screen.com/publicite-mobile).

### Products and Services for Mobile Advertising
Branding Campaign / Promote Mobile Sites / Promote Mobile Apps / Mobile RTB / Mobile Tracking / App Store Optimization / Event Driven Strategy (Drive In-Store) [Ad4Screen, 01](http://www.ad4screen.com/en), [Ad4Screen, 02](http://www.ad4screen.com/en/presentation)  

_Branding Campaigns:_ "The best sites & APPS available; Many available targeting criteria’s (socio-demographics…); Geo-target campaigns; Thematic packages (CSP+, Media, Finance, Sports...); Innovative formats (interstial ads, rich media, videos…)  

_Promoting Mobile Sites:_ "Thanks to Mobile advertising key results, Ad4Screen enables you to harness the power of your brand, generate more traffic, leads (CPL) and sales on your Mobile Sites and Tablets. Often the gap between click and real visits might be significantly important. With the objective to maximize performance, Ad4Screen guarantees an effective Cost Per Visit (CPV)."    

Display / Rich Media / Videos: "Our Ad Hoc Experts select the best formats, supports, publishers and Ad-Exchanges in the marketplace in order to efficiently enhance the key advantages and offers of your Mobile Sites and Tablets."    

Facebook & Twitter campaigns: "Our teams are Experts in setting up specific mobile campaigns on Facebook and Twitter. Share high visibility and drive a Performance Business Model forward! Many available targeting criteria specific for Mobile and for each specific plateform. Ensure an Ongoing Performance"  

_Promote Mobile Apps:_ "Thanks to Mobile advertising, Ad4Screen helps you to enhance your brand reputation, gain in-depth visibility and increase your volume of APP downloads. Ad4Screen’s specific business goal lies on the guarantee to capture a growing share of Cost Per Download (CPD)." Display / Videos: "Our Experts select the market’s best set of formats, supports and well known players in the market in order to empower your Mobile APP or Tablet, whether iOS or Android.   
   
  * Traditional formats: banners, interstitials
  * Banners, interstitials HTML5   
  * Interstitials videos   
  * Pre-roll videos   
  * Geolocalisation   
  * Native Formats (referring to Facebook, Viadeo, Twitter).    

Facebook & Twitter App install campaigns: "Our teams are Experts on monitoring Facebook and Twitter campaigns on Mobile. (Mobile Ad Formats exclusively designed to install; Share high exposure and drive a Performance Model forward; Many targeting & optimization criteria; Possibility to track APP installs). Search: "All Queries made on Google from Smartphones and Tablets are explode! It is today’s business imperative to benefit from Search Query Data to obtain high quality users. Our Operations Team is in charge of your Mobile Adwords campaigns from beginning to end.   

  * Buy with CPC   
  * Double Click Download  
  * Track In-APP conversion with keywords  

_Mobile RTB Insights:_ "Our Media Buying & Planning team uses the best next generation Mobile technologies (DSP) in order to program Mobile RTB campaigns. We work with the main 100% Mobile Ad-Exchanges in the market (MoPub, Flurry, Smaato, La Place Média…).  

  * Gain wide access to apps ad inventory (80% ad impressions & non available on Web AdEx)  
  * Use conversion tracking to see in-app activity  
  * Leverage intelligent algorithms in real time based on in-app conversion  
  * Communicating to the best with digital savvy shoppers  
  * Identify your look-alike best prospects  
  * Invite your Mobile Site Visitors to download your APP")  

_Mobile Tracking:_ "Our main concern is to accurately follow conversion on mobile acquisition campaigns to overall revenue. Our ad hoc experts group has the know-how for the best acquisitions and tracking plateforms in the right private marketplaces.    

  * Track where your users come from (lever, design, adWord...)  
  * Analyse and compare specific conversion rates per sources, operating systems, countries, segments…  
  * Track how your users interact with your app  
  * Improve overall ROI by our Experts  

_App Store Optimization:_ "Benefit from our Trends Report to optimize your organic SEO on App Store."  

  * Optimize your ranking on Google Play and iTunes  
  * Improve your APP Ranking in your own category  
  * Create strong viral effects (Earned media)  
  * Generate an increase on your organic installs from 10% to 40% per day!"  

_Event Driven Strategy:_ "For today’s consumer, Mobile has become the ultimate Digital Shopping Tool. Ad4Screen Operations Team helps you generate more Drive In-Store traffic and positively impact on sales conversion.
We use the most pertinent Marketing Drive In-Store Tools:  

  * Mobile Retargeting
  * Push Notification
  * GeoTargeted Mobile Advertising
  * iBeacon, Geofencing, QR Code...

Ad4Screen implements contest specific rules:

  * Instant Win Games
  * Sweepstake
  * In-APP & Mobile Web animations  [Ad4Screen, 05](http://www.ad4screen.com/en/mobile-advertising)

### Products and Services for Mobile CRM
Push Notifications / Customer Loyalty Programs (Relationship Programs) / Mobile Retargeting / Email Responsive (Responsive Email Templates) / Mobile Couponing (Mobile Email Tag) / Passbook [Ad4Screen, 01](http://www.ad4screen.com/en), [Ad4Screen, 02](http://www.ad4screen.com/en/presentation)

_Support:_ Sales Team / Advisory Board / Mobile CRM Experts / Media Buying & Planning / IT Team / Data Mining Team / Support Team   

_Sales Team:_ "We analyze with you all your requirements and needs to create adapted and breakthrough projects maximizing your ROI."  

_Advisory Board:_ "The Advisory Services Team covers App Store SEO, ROI Optimization, International Acquisition Campaigns Management…"  

_Mobile CRM Experts:_ "Our team of experts will support you with setting up Customer Loyalty Programs."  

_Media Buying & Planning_: "We will identify the best traffic sources, getting the best price (CPC, CPL, CPV, CPD...)."  

_IT Team:_ "We choose next generation Mobile Marketing technologies, at the cutting-edge of innovation."  

_Data Mining Team:_ "We manage the extraction, integration and analysis of large volumes of DATA to optimize your targeting."  

_Support Team:_ "We are here to help you planning, implementing SDK, training, preserving, updating..." [Ad4Screen, 02](http://www.ad4screen.com/en/presentation)  

* (translated from French:) "Our Experts select the best formats, supports, boards and Ad-Exchanges of the market to effectively highlight the benefits and offers of your mobile site and / or tablet." [Ad4Screen, 03](http://www.ad4screen.com/publicite-mobile)

Ad4Screen also helps clients set up trigger marketing campaigns [Ad4Screen, 01](http://www.ad4screen.com/en).

## Privacy Policy
Ad4Screen does not appear to list a privacy policy for End Users; see [Ad4Screen, 07](http://www.ad4screen.com/en/privacy-police).

## Relationships
Add4Screen lists 200 customers and 5,000 mobile campaigns [Ad4Screen, 02](http://www.ad4screen.com/en/presentation)

_"They Trust Us":_ Betclic / Bouyges Telecom / Europcar / SFR / numericable / ebookers / La Tribune / Le Figaro / Universal Music / Axa / Airfrance KLM / Danone / Saxo Banque / Capcom / Cadremploi.fr / nexity / pole emploi / Rocket Internet / Condé Nast / Nestle / vente-privee.com / Pages Jaunes / Groupe Casino / Voyages-sncf.com / The Walt Disney Company / Price Minister (Rakuten Group) / Club Med / Century 21 / TF1 / Monoprix / keljob.com / kobojo / Explorimmo / easyflirt / Le Monde / LA Tribune / La Redoute / Malakoff-Médéric / Le PointNathan / Radio France / Orange S.A. (ex France Télécom S.A.) / Pôle emploi (government agency for unemployed) [Ad4Screen, 02](http://www.ad4screen.com/en/presentation), [Ad4Screen, 05](http://www.ad4screen.com/en/mobile-advertising)  OTC Agregator [Ad4Screen, 01](http://www.ad4screen.com/en), [Ad4Screen, 04](http://www.ad4screen.com/en/nos-references)  

_Mobile First Alliance:_ In 2014, Ad4Screen "split its activities into two separate and independent companies", Accengage and Ad4Screen. Accengage offers a Mobile CRM technology while Ad4Screen specializes in "mobile media buying and mobile relationship marketing consulting". The Mobile First Alliance was formed thereafter, composed of three companies: Accengage, Ad4Screen, and Relatia. (Quotes are translated from French.) [Marketing web mobile, 01](http://marketing-webmobile.fr/2014/09/ad4screen-separe-ses-activites-dediteur-de-logiciels-de-mobile-crm-et-dagence-de-publicite-mobile).

## Details
_Financial details:_ Ad4Screen was founded in 2010 and has raised $10 million [Ad4Screen, 02](http://www.ad4screen.com/en/presentation); [Crunchbase, 01](https://www.crunchbase.com/organization/ad4screen). They were crowdfunded by OTC Agregator, a big French Insurance Company (MMA) and Web contractors (Business Interactive Founders as WCube, Betclic, Boncoin or Poweo) [Ad4Screen, 02](http://www.ad4screen.com/en/presentation).

_Devices:_ Mobile and tablet media; iOS and Android [Ad4Screen, 03](http://www.ad4screen.com/publicite-mobile); works with iBeacons [Ad4Screen, 07](http://www.ad4screen.com/ibeacon).

### Methods
Retargeting / Push Notifications / GeoTargeted Mobile Advertising / iBeacon, Geofencing, QR Code / Mobile tracking (including across apps) / Conversion tracking (including intelligent algorithms for in-app conversion)    

_Mobile Push Notification & In-app Message:_  "Do you have a smartphone app? Benefit from push notification, the new and efficient communication channel to interact with your app visitors. Communicate in real time, by sending the right message, to the right person, at the right time toward the right place inside the app. Our CRM Mobile Experts help you build customer loyalty programs in order to create more proximity and engagement with your app users."  

_Customer Loyalty Programs:_ "Ad4Screen enables you to set up a True Value added customer loyalty programs with your savvy shoppers to dialog with them at each touchpoint of their life cycle.  

  * Set up trigger marketing scenarios (send fully automated follow-ups according to mobile user behavior)"  
  * Display a welcome message at first open  
  * Send out alerq messages tbox messages in an application’s life-cycle (last update, error messages, news feed…)  
  * Send out good deals to capture a growing share of revenue  
  * Reactive abandoned shopping carts    

_Mobile Retargeting:_ "2 retargeting methods roll into action to retarget your digital device users:  

  * From opt-in to push notification, mobile users are identified by Ad4Screen as having abandoned their shopping cart and reminded via customized push notifications  
  * No opt-in to push are retargeted in a display mode through targeted customized banners and interstitials    

_Responsive Email:_ "Ad4Screen delivers a Customer Seamless Experience to read your newsletter on Smartphone by displaying the email according to the device used by the user.  

Net benefits with responsive email:  

  * Email designed according to the screen size of the device  
  * Make it easier to read and interact with your current and prospective customers    
  * Optimize Click-Through-Rates (Click-to-Open Rates, Click Conversation Rates)  
  * Yield a significant ROI  

_Mobile Email Tag:_ "Discover belong your subscribers who read your newsletters from a smartphone and display them in real time a bespoke banner offering to download your app.  

Net benefits with Mobile Email Tag:  

  * Redefine smartphone users to individual profile  
  * Complete mobile user’s status  
  * Enrich profiles according to the device used  
  * Drive more traffic and generate high quality installs!  

_Passbook:_ "Thanks to Ad4Screen, discover Passbook and boost your in-store traffic. The application is able to stock reward cards, ad spend coupons and other tickets. With Passbook you can:

  * Dematerialize your loyalty reward cards, ad spend coupons, tickets… without the need to develop an app dedicate for it  
  * Generate in-store traffic by sending a relevant message or a push based on user’s location  
  * Plan specific events and remind them the last discount day  
  * Recommend to install your iPhone app  [Ad4Screen, 06](http://www.ad4screen.com/en/push-notifications)

## References
* Ad4Screen, 01. [http://www.ad4screen.com/en](http://www.ad4screen.com/en)  
* Ad4Screen, 02. [http://www.ad4screen.com/en/presentation](http://www.ad4screen.com/en/presentation)  
* Ad4Screen, 03. [http://www.ad4screen.com/publicite-mobile](http://www.ad4screen.com/publicite-mobile)  
* Ad4Screen, 04. [http://www.ad4screen.com/en/nos-references](http://www.ad4screen.com/en/nos-references)  
* Ad4Screen, 05. [http://www.ad4screen.com/en/mobile-advertising](http://www.ad4screen.com/en/mobile-advertising)  
* Ad4Screen, 06. [http://www.ad4screen.com/en/push-notifications](http://www.ad4screen.com/en/push-notifications)  
* Ad4Screen, 07. [http://www.ad4screen.com/ibeacon](http://www.ad4screen.com/ibeacon)
* Crunchbase, 01. [https://www.crunchbase.com/organization/ad4screen](https://www.crunchbase.com/organization/ad4screen)  
* Marketing Web Mobile, 01. [http://marketing-webmobile.fr/2014/09/ad4screen-separe-ses-activites-dediteur-de-logiciels-de-mobile-crm-et-dagence-de-publicite-mobile](http://marketing-webmobile.fr/2014/09/ad4screen-separe-ses-activites-dediteur-de-logiciels-de-mobile-crm-et-dagence-de-publicite-mobile)

## External links
* _Crunchbase (Ad4Screen)_: [https://www.crunchbase.com/organization/ad4screen](https://www.crunchbase.com/organization/ad4screen)  
* _AppBrain_: [https://www.appbrain.com/dev/AD4Screen/](https://archive.is/SgBjU)

# Questions or concerns about this document?
Please contact Privacy Lab: https://privacylab.yale.edu/directory


================================================
FILE: trackers/Amplitude.md
================================================
# Amplitude

## About

Amplitude, Inc. is a product analytics and data analysis company. It serves over 26,000 companies globally.  It is headquartered in San Francisco, CA, and has approximately 200-501 employees.  [See also: OpenCorporates](https://opencorporates.com/companies/us_de/5072121) 
 
Amplitude's clients include Microsoft, PayPal, Capital One, Adidas, Patreon, Instacart, Calm, Change.org, HubSpot, DropBox, Autodesk, DoorDash, Yik Yak, Nokia, and many others.  


## Ownership

Amplitude is a private company founded in 2012 by Spencer Skates, Curtis Liu, and Jeffrey Wang. Investors include Benchmark, Battery Ventures, Institutional Venture Partners, and Sequoia Capital. 


## [Exodus Detection Rules](https://exodus-privacy.eu.org)

* Code detection rule: com.amplitude.
* Network detection rule: api.amplitude.com | amplitude.com

## What it does

* Behavioral Analytics
* Market Research Platform
* User Activity, Retention Tracking / Data Processing

## Privacy Policy

[Policy as of 24/5/2018, reviewed 6/5/2019:](https://amplitude.com/privacy)

* Amplitude's privacy policy does not apply to end users, only website users and its clients.

* End Users do not have opt-out rights.  Amplitude states that it functions as a data processor, and the "collection of Customer End User Data through Customer Applications is governed by our Customers’ privacy policies." 

* Users who would like to access or delete their data would contact Amplitude's clients directly.  No list is provided.  

* Devices are tracked using a vendor-specific identifier ("IDFV").  For more information, see how it [tracks unique users.](https://amplitude.zendesk.com/hc/en-us/articles/115003135607-Tracking-Unique-Users) 

## Related Links

For a breakdown of Amplitude's analytics platform, please [see this link.](https://practicoanalytics.com/definitive-guide-amplitude-analytics/)  

# Questions or concerns about this document?
Please contact Privacy Lab: https://privacylab.yale.edu/directory


================================================
FILE: trackers/AppNexus.md
================================================
# AppNexus

## Primary Location
United States (New York City) [Bloomberg, 01](https://www.bloomberg.com/research/stocks/private/snapshot.asp?privcapId=48973441)

## Website
[https://www.appnexus.com](https://www.appnexus.com)

## About
AppNexus offers services for auction-based and directly negotiated media campaigns across the Internet. According to CEO Brian O'Kelley, "the AppNexus platform" is "a single point where all key stakeholders in our ecosystem -- marketers, ad networks, demand side platforms (DSPs), agency networks, exchanges, inventory aggregators, third party data providers, and more -- connect with one another through a powerful technology platform" [PR Newswire, 01](https://www.prnewswire.com/news-releases/appnexus-officially-launches-ad-platform-fueling-the-real-time-bidding-revolution-in-display-advertising-87460287.html).

## Ownership
AppNexus

## [Exodus Detection Rules](https://exodus-privacy.eu.org)
* `adnxs\.com`

## Documentation
[https://wiki.appnexus.com/display/sdk/Integrate+the+SDK](https://wiki.appnexus.com/display/sdk/Integrate+the+SDK)

## Products and Services
For publishers:

* Segments audiences
* Uses data analytics to predict delivery risk (ie, delivery of ads)
* Connects ads across devices
* Run bidding ad processes [AppsNexus, 01](https://www.appnexus.com/en/publishers)

For advertisers:

* Harnesses machine learning for "targeted ads to tens of millions of users, spread out across billions of interconnected devices, all over the world"
* Real-time data solutions
* Services are used to "deliver intelligent and customized campaigns to hundreds of millions of consumers each day"
* Provide over 100 data points at the (consumer) impression level [AppNexus, 02](https://www.appnexus.com/en/buyers)
* 10 billion impressions transactions each day [AppNexus, 03](https://www.appnexus.com/en)

## Privacy Policy
_Data use and sharing:_ "The AppNexus Platform allows clients to collect and use Platform data. The Platform ingests information provided by third-party sources to allow clients to use such data to target ads. To do this, clients and data providers may use ID synching to enable the use of this information through the Platform."  

"... The Platform enables AppNexus's clients to collect, buy, and sell data and to use Platform Data to buy and sell online advertising. Sometime AppNexus staff give "hands-on" help to clients using the Platform for these purposes, for example by configuring advertising campaigns for clients to best meet their objectives."

"... The AppNexus Platform allows clients to provide and share Platform Data with each other.  Clients also have access to their Platform Data that they collect, acquire, or use on the Platform, and may remove it from the Platform for their own use. AppNexus may provide Platform Data to service providers in order to provide, operate, manage, maintain, and enhance AppNexus' services. AppNexus may provide, or enable others to collect, information for purposes of protecting the safety and security of the online ecosystem, including to detect and prevent malicious activity or fake traffic.  AppNexus may also disclose such information in the event we reasonably suspect malicious activity or fake traffic or when we reasonably believe it is required by law, subpoena or other legal process, including to meet national security or law enforcement requirements. AppNexus may also share aggregated data derived from the Platform, including, for example, statistics about Platform activity. Finally, we may transfer Platform Data to a successor entity in connection with a corporate merger, consolidation, sale of assets, bankruptcy, or other corporate change."

_Precise location data collection:_ "The Platform may ingest Precise Location Information when, for example, an app makes such information available through the Platform."  

_PII:_ "AppNexus does not collect, use, or allow its clients to transfer to or use on the Platform, data that, by itself, directly identifies an individual, such as name, address, phone number, email address, or government identifier. We also prohibit certain categories of sensitive data from being collected, used, or transferred on the Platform."  

_Opt-Out:_ In browsers, AppNexus offers an opt-out web browser cookie to opt out of interest-based advertising. On mobile, AppNexus lists an opt-out option through general device settings in Android and iOS. In Android, the setting is "Opt out of Interest-Based Ads". To stop location collection, AppNexus tells users to either change the preferences on their device or adjust settings in individual apps.  

_Data Retention:_ AppNexus retains data according to "industry standards". "Platform Data is stored using generally accepted security standards. It is usually aggregated or deleted within 30-60 days, but may be retained in the Platform for up to 18 months from the date of collection before aggregation or deletion. Aggregated data is used for reporting and analysis, and may be stored in the Platform for up to 2 additional years. When clients remove their data from the Platform, their storage and retention of data is governed by their own privacy policies and applicable laws, rules, or regulations."

_Regulation:_ AppNexus supports industry self-regulation, and is "a member in good standing of the Network Advertising Initiative (NAI), and adheres to the NAI Code of Conduct for Web and Mobile" [AppNexus, 04](https://www.appnexus.com/en/company/platform-privacy-policy#choices). 

## Relationships
_Clients:_ Affiperf / Air France / Hearst / MEDIA.figaro / The Guardian / Wayfair [AppNexus, 03](https://www.appnexus.com/en) / Underdog Media / Liftoff / Advance Digital / USA Today / Xaxis / Accuen / Bloomberg / Defy Media / Dow Jones / Spectrum Platform Company / District M / BannerConnect / Hitch Digital / ESPN / Fox News / Saavn [AppNexus, 05](https://www.appnexus.com/en/customer-stories)

## Details
_History:_ AppNexus is "Founded and managed by the pioneers of the Web's original and most successful ad exchanges at Yahoo!'s Right Media and Google's DoubleClick" [PR Newswire, 01](https://www.prnewswire.com/news-releases/appnexus-officially-launches-ad-platform-fueling-the-real-time-bidding-revolution-in-display-advertising-87460287.html). AppNexus claims to be "The world's largest independent digital marketplace" [AppsNexus, 01](https://www.appnexus.com/en/publishers). 

_Collection Methods:_ "The Platform uses cookies, beacons, tags, mobile SDKs, and in some cases non-cookie technologies, to collect Platform Data associated with particular web browsers or devices" [AppNexus, 04](https://www.appnexus.com/en/company/platform-privacy-policy#choices).

_AppNexus Platform Data Uses:_

* Interest-based advertising (To opt out of interest-based advertising on the Platform, go to the "What are your choices?" section below.)
* Limiting the number of times a user sees a particular ad
* Showing ads in a particular sequence
* Customizing ads to a particular location
* Showing ads related to the content of the web page on which they are shown
* Determining how users respond to ads
* Reporting aggregated statistics regarding, for example, the effectiveness of online advertising campaigns
* The Platform may use Platform Data for cross-device mapping in order to serve or measure advertising on related devices on behalf of our clients
* Typically, companies using technology like the AppNexus Platform own the data that they provide to and get from the Platform. While the AppNexus Platform is designed to use only certain types of data, and Platform clients are prohibited from bringing data onto the Platform that directly identifies an individual, when clients remove their data from the Platform, their use of that data is governed by their own privacy policies and applicable laws, rules, or regulations [AppNexus, 04](https://www.appnexus.com/en/company/platform-privacy-policy#choices).

## References
* _AppNexus, 01_. [https://www.appnexus.com/en/publishers](https://www.appnexus.com/en/publishers)  
* _AppNexus, 02_. [https://www.appnexus.com/en/buyers](https://www.appnexus.com/en/buyers)  
* _AppNexus, 03_. [https://www.appnexus.com/en](https://www.appnexus.com/en)  
* _AppNexus, 04_. [https://www.appnexus.com/en/company/platform-privacy-policy#choices](https://www.appnexus.com/en/company/platform-privacy-policy#choices)  
* _AppNexus, 05_. [https://www.appnexus.com/en/customer-stories](https://www.appnexus.com/en/customer-stories)  
* _Bloomberg, 01_. [https://www.bloomberg.com/research/stocks/private/snapshot.asp?privcapId=48973441](https://www.bloomberg.com/research/stocks/private/snapshot.asp?privcapId=48973441)  
* _PR Newswire, 01_. [https://www.prnewswire.com/news-releases/appnexus-officially-launches-ad-platform-fueling-the-real-time-bidding-revolution-in-display-advertising-87460287.html](https://www.prnewswire.com/news-releases/appnexus-officially-launches-ad-platform-fueling-the-real-time-bidding-revolution-in-display-advertising-87460287.html)

## External Links
* _Wikipedia (AppNexus)_: [https://en.wikipedia.org/wiki/AppNexus](https://en.wikipedia.org/wiki/AppNexus)
* _AppBrain_: [https://www.appbrain.com/dev/AppNexus/](https://archive.is/rI5Hu)

# Questions or concerns about this document?
Please contact Privacy Lab: https://privacylab.yale.edu/directory


================================================
FILE: trackers/Appodeal.md
================================================
# Tracker Name
Appodeal

## Website
https://www.appodeal.com/

## About
A Full Stack Ad Monetization Platform. Take full control of your monetization strategy with Appodeal’s complete suite of tools.


## Category
Analyitics, Location, Advertising, Identity

## [Exodus Detection Rules](https://exodus-privacy.eu.org)
*   Network signature: `xxx.com`
*   Code signature: `com.appodeal.ads`

## Repositories
*   Maven: `xxx`
*   Artifact ID: `xxx`
*   Group ID: `xxx`

## Gradle
`xxx`

## Additional links
https://s3.amazonaws.com/appodeal-unity/

## Notes
Appodeal supports iOS, Android, and Amazon devices. Unity3D and Corona Labs.


================================================
FILE: trackers/AppsFlyer.md
================================================
# AppsFlyer

## Primary Location
Israel (Herzliya)

## Website
[https://www.appsflyer.com](https://www.appsflyer.com)

## About
A mobile & attribution analytics platform that aims to help marketers make better decisions [AppsFlyer, 01](https://www.appsflyer.com)

## Ownership
AppsFlyer

## [Exodus Detection Rules](https://exodus-privacy.eu.org)
* `appsflyer\.com`

## Documentation
[https://support.appsflyer.com/hc/en-us/articles/207032126-AppsFlyer-SDK-Integration-Android](https://support.appsflyer.com/hc/en-us/articles/207032126-AppsFlyer-SDK-Integration-Android)

## Products and Services
AppsFlyer provides the following services: 

* Fraud prevention, malware protection [AppsFlyer, 04](https://www.appsflyer.com/product/protect360)
* Identity attribution services. AppsFlyer fingerprints devices by their IDs and tracks across datasets (to solve the problem of fragmentation across devices). This works with all Windows 10 devices (including mobile), Android, and iOS [AppsFlyer, 03](https://www.appsflyer.com/product/mobile-attribution-for-user-acquisition).
* Mobile services for targeted advertising [AppsFlyer, 05](https://www.appsflyer.com/product/mobile-ecosystem)
* Marketing across devices and channels [AppsFlyer, 06](https://www.appsflyer.com/product/marketing-analytics)
* Generates reports based on user behavior [AppsFlyer, 06](https://www.appsflyer.com/product/marketing-analytics)
* Tracks which users install apps; tracks successful re-targeting marketing campaigns [AppsFlyer, 07](https://www.appsflyer.com/product/overview)

AppsFlyer uses artificial intelligence and machine learning for big data analytics [AppsFlyer, 04](https://www.appsflyer.com/product/protect360); [VentureBeat, 01](https://venturebeat.com/2017/05/25/appsflyer-helps-mobile-advertisers-beat-back-ad-fraud-via-machine-learning).

## Privacy Policy
_Third Parties:_ AppsFlyer states it does not sell data to third parties [AppsFlyer, 02](https://www.appsflyer.com/we-are-appsflyer)

## Relationships
Over 2,000 network and analytics partners have integrated with AppsFlyer.

_Investors include:_ Goldman Sachs / Deutsche Telekom / Qumra Capital / Magma Venture Partners / Pitango [AppsFlyer, 02](https://www.appsflyer.com/we-are-appsflyer)  

_Partners:_ Google [Google, 01](https://adwords.googleblog.com/2015/05/new-media-partnerships-and-ad-solutions.html); [TechCrunch, 02](https://techcrunch.com/2015/05/28/google-expands-its-app-promotion-business-with-universal-app-campaigns-and-new-media-partnerships) / Snap / Tencent / HBO / Playtika / Waze / Alibaba / Kayak / Activision [VentureBeat, 01](https://venturebeat.com/2017/05/25/appsflyer-helps-mobile-advertisers-beat-back-ad-fraud-via-machine-learning) / Facebook / Twitter / Accuweather / AdlQuity/Flipkart / Bing Search / Pandora / Opera Software / Ad4Screen / Cooladata / Fiksu / EveryAds / Nanigans / Fyber / HeyZap / Tapjoy / Adroll / Flurry / GameAnalytics / Jampp / Inmobi / Appnexus / Vserv / AppLovin / Vungle / URX / Mobvista / Inneractive / Aarki / Bidalgo / Avazu / Taptica / NativeX / AirPush / Amobee / PlayHaven / Mobilecore / Accesstrade / ADS / ADSNative / Ad County Media / AccordantMedia / Ad2games / Ad2iction / Abakus / APUS / ADyes / Accruo / AID / Aarki / Ad4Game / APPROUND MOBILE / AML / APPSILON / ART DMP / ActionAds / APPAniac / ADvantage / AdBuddiz / ADRW / ADXMI Exchange / ADSAXIS / APPAVE / AVH digital / Actionpay / Ad2Click / ART Ad Platform / ASB / Ad2c / ADPRESSO / Ad@m (kakao) / ADZ JUNCTION MEDIA / ADVERTISE.RU / Ad County / AWIN / Adbird / AdCorsa / Adamas / Adbert / AdReady / Adbrain / Adacts / AdChakra / AdCare / Adattract / AdTiming / AdWyze / AdTen / Adboosters / Adara / AdDeals / Adblender / AdView / AdTiger / AdFit / AdTriba / AdPacker / and many more. For a longer list, see [AppsFlyer, 03](https://www.appsflyer.com/partners)

## Details
### Financial details & history 
AppsFlyer received early seed funding from Microsoft Accelerator and Magma Venture Partners [CrunchBase, 01](https://www.crunchbase.com/funding_round/appsflyer-seed--4b06b119). As of November 2017, AppsFlyer's website lists $84M raised from Top VC's, $6B+ annual mobile ad spend measured, 3k+ mobile tech partners, and 13 global offices (and growing) [AppsFlyer, 02](https://www.appsflyer.com/we-are-appsflyer).

### Scope
According to VentureBeat, AppsFlyer leverages metadata from 98% of the world's mobile devices [VentureBeat, 01](https://venturebeat.com/2017/05/25/appsflyer-helps-mobile-advertisers-beat-back-ad-fraud-via-machine-learning).

### Devices
The AppsFlyer SDK is available for Android, iPhone, and Windows Phone

## References
* _AppsFlyer, 01_. [https://www.appsflyer.com](https://www.appsflyer.com)  
* _AppsFlyer, 02_. [https://www.appsflyer.com/we-are-appsflyer](https://www.appsflyer.com/we-are-appsflyer)  
* _AppsFlyer, 03_. [https://www.appsflyer.com/partners](https://www.appsflyer.com/partners)  
* _AppsFlyer, 04_. [https://www.appsflyer.com/product/protect360](https://www.appsflyer.com/product/protect360)  
* _AppsFlyer, 05_. [https://www.appsflyer.com/product/mobile-ecosystem](https://www.appsflyer.com/product/mobile-ecosystem)  
* _AppsFlyer, 06_. [https://www.appsflyer.com/product/marketing-analytics](https://www.appsflyer.com/product/marketing-analytics)  
* _AppsFlyer, 07_. [https://www.appsflyer.com/product/overview](https://www.appsflyer.com/product/overview)
* _CrunchBase, 01_. [https://www.crunchbase.com/funding_round/appsflyer-seed--4b06b119](https://www.crunchbase.com/funding_round/appsflyer-seed--4b06b119)  
* _Google, 01_. [https://adwords.googleblog.com/2015/05/new-media-partnerships-and-ad-solutions.html](https://adwords.googleblog.com/2015/05/new-media-partnerships-and-ad-solutions.html)  
* _TechCrunch, 02_. [https://techcrunch.com/2015/05/28/google-expands-its-app-promotion-business-with-universal-app-campaigns-and-new-media-partnerships](https://techcrunch.com/2015/05/28/google-expands-its-app-promotion-business-with-universal-app-campaigns-and-new-media-partnerships)
* _VentureBeat, 01_. [https://venturebeat.com/2017/05/25/appsflyer-helps-mobile-advertisers-beat-back-ad-fraud-via-machine-learning](https://venturebeat.com/2017/05/25/appsflyer-helps-mobile-advertisers-beat-back-ad-fraud-via-machine-learning)

## External Links
* _Wikipedia (AppsFlyer)_: [https://en.wikipedia.org/wiki/AppsFlyer](https://en.wikipedia.org/wiki/AppsFlyer)
* _AppBrain_: [https://www.appbrain.com/app/appsflyer-sdk-integration-test/com.appsflyer.referrerSender](https://archive.is/ufCAR)

# Questions or concerns about this document?
Please contact Privacy Lab: https://privacylab.yale.edu/directory


================================================
FILE: trackers/Auditude.md
================================================
# Tracker Name
Auditude

# In εxodus?
No

## Website
https://www.adobe.com/privacy/policies/auditude.html

## About
The Adobe® Auditude® platform is used by companies that want to provide relevant content and advertisements in videos you watch on the web.


## Category
Advertising, Location, Identity, Tracking

## [Exodus Detection Rules](https://exodus-privacy.eu.org)
*   Network signature: `auditude.com`
*   Code signature: `com.auditude.ads`

## Repositories
*   Maven: `xxx`
*   Artifact ID: `xxx`
*   Group ID: `xxx`

## Gradle
`xxx`

## Additional links
http://ad.auditude.com/adserver/e?type=playererror , theplatform.com 

## Notes
Legacy, superceded by Adobe Primetime

================================================
FILE: trackers/Axwave.md
================================================
# Tracker Name
Axwave

# In εxodus?
No

## Website
http://www.axwave.com/

## About
Axwave's portable ACR technology  monitors content occurrences across Live TV, DVR, On Demand, OTT, Radio and TV Ads. The world-class ACR algorithms use single small digital fingerprints to identify media in a nimbly way, both in and out of home, against a proprietary content database (the largest in the industry):


## Category
Location, Tracking, Audio, Advertising

## [Exodus Detection Rules](https://exodus-privacy.eu.org)
*   Network signature: `axwave.com`
*   Code signature: `com.axwave`

## Repositories
*   Maven: `xxx`
*   Artifact ID: `xxx`
*   Group ID: `xxx`

## Gradle
`xxx`

## Additional links
https://api-sdk.axwave.in/ - PORT = 21
https://sdk-panelist.axwave.com

## Notes


================================================
FILE: trackers/BeatgridMedia.md
================================================
# Tracker Name
Beatgrid Media

# In εxodus?
No

## Website
http://www.beatgridmedia.com/

## About
Broadcast monitoring and person-based cross-media audience data at scale, through a new Automatic Content Recognition technology. Our apps measure actual TV, video, radio, OOH reach and campaign effectiveness to increase ROI.


## Category
Location, Tracking, Audio

## [Exodus Detection Rules](https://exodus-privacy.eu.org)
*   Network signature: `beatgrid.net`
*   Code signature: `com.beatgridmedia`

## Repositories
*   Maven: `xxx`
*   Artifact ID: `xxx`
*   Group ID: `xxx`

## Gradle
`xxx`

## Additional links
location services provider: bluedot.com.au
https://www.mediarewards.co/
https://panelsync2.beatgrid.net
(https://panelsync2-%s.beatgrid.net", new Object[]{Locale.getDefault().getCountry().toLowerCase())

## Notes


================================================
FILE: trackers/BlueConic.md
================================================
# BlueConic

## About

BlueConic, Inc. is a privately-held e-marketing company that sells targeted advertising through marketing management systems, or CDPs (Customer Data Platforms).  The company has 50-100 employees and is headquartered in Boston, MA with a European office in Nijmegen, The Netherlands. [For more information, see OpenCorporates.](https://opencorporates.com/companies/us_ma/001126438)

BlueConic's customers include the Boston Globe, Hearst Newspapers, Moen, T-Mobile, ING, America's Test Kitchen, and the American Kennel Club.  [Source: website](https://www.blueconic.com/about/)

## Ownership

BlueConic was founded by Bart Heilbron and Martjin van Berkum in 2010. [Source: website](https://www.blueconic.com/about/)

## [Exodus Detection Rules](https://exodus-privacy.eu.org)

* Code detection rule: com.blueconic
* Network detection rule: NC

## What it does

* Behavioral Analytics
* Customer Data Platform (CDP) Marketing Management Systems
* Targeted Advertising/Personalization

## Privacy Policy

[Policy as of 1/11/2018, last updated 1/11/2017:](https://www.blueconic.com/privacy-policy/)

* BlueConic's privacy policy applies to both its website and its services platform. It is not clear to what extent end users have rights under the policy separate from clients.

* Personal data is not defined in the policy.  It may be used by  third party affiliates in the ordinary course of business, however, "the use of information collected through BlueConic Services Platform shall be limited to the purpose of providing the service for which the Client has engaged BlueConic."

* Infomation gathered may include "Internet Protocol (IP) addresses, browser type and language, Internet service provider (ISP), referring and exit pages, operating system, date/time stamp, and other data", including "social networking pages."  

* BlueConic may "share or publish aggregate information that doesn’t specifically identify you, such as statistical information about visitors to our Websites or statistical information about how customers use our applications."

* The policy states that BlueConic will "follow generally accepted standards to protect the personal information submitted to us, both during transmission and once it is received, including requiring our suppliers to meet such standards to protect your personal data from unauthorized access, use, and disclosure. If you have questions about the security of your personal data, you can contact us at info@blueconic.com. "

* BlueConic has certified its compliance with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework.  

# Questions or concerns about this document?
Please contact Privacy Lab: https://privacylab.yale.edu/directory


================================================
FILE: trackers/Braze (Appboy).md
================================================
# Appboy (Braze)

## Primary Location
United States (New York City) [Crunchbase, 01](https://www.crunchbase.com/organization/braze)

## Website
[https://www.braze.com](https://www.braze.com)

## About
Braze is a mobile marketing company that offers CRM solutions and mobile marketing automation software for mobile applications.

## Ownership
Braze

## [Exodus Detection Rules](https://exodus-privacy.eu.org)
* `appboy\.com`

## Documentation
[https://www.braze.com/documentation/Android](https://www.braze.com/documentation/Android)

## Products and Services
_Cross-Channel Personalization:_ Target customers based on personal interests, location, past purchases, and more [Braze, 02](https://www.braze.com/product/cross-channel-personalization)

_Identification and Analytics:_ Profile users, segment audiences, and utilize analytics for targeted advertisements [Braze, 02](https://www.braze.com/product/cross-channel-personalization); [Braze, 02](https://www.braze.com/product/cross-channel-personalization); [Braze, 01](https://www.braze.com); [Braze, 02](https://www.braze.com/product/cross-channel-personalization); [Braze, 03](https://www.slideshare.net/Appboy/appboy-urban-outfitters-placeiq-case-study)

### Advertising Networks
* Data sharing (vague) [Braze, 07](https://www.braze.com/product/integrations)

## Privacy Policy
_Data Collection:_ Braze collects data through the use of Developer apps. This includes:

* Device information (OS version, IP address, carrier information, country code) and a unique Braze-generated ID
* Application usage
* Personally identifiable information: Braze "may collect personally identifiable information shared with Developer Applications. We may also collect personally identifiable information from third parties used for authentication, such as when a user logs in to a Developer Application using a Facebook account, and from third party partners such as Facebook, Twitter, and Klout. Personally identifiable information collected may include information like name, email address, location, gender, interests, device, app usage, user ID, and contact information".

_Location Information:_ Braze "may collect device location information if location services are enabled for any Developer Applications on the device. We use location information to provide Developers with information about the use of their Developer Applications".

_Information Use:_ Braze can "use information we collect to provide partner Developers with information about usage of Developer Applications that integrate the Braze Service."

_Data Sharing:_ Data is shared with app Developers "in the form of aggregated, anonymous data about the way Developer Applications are used so that Developers can improve their respective Developer Applications." Braze may disclose information to third parties as required by law; to trusted service providers working on their behalf; to protect their rights, the safety of others, or in response to a government request; and in conjunction with a merger, acquisition, or sale of Braze.

_Automatic Data Collection:_ Braze will "automatically collect information about how Developer Applications are used, such as the frequency and duration of usage. This includes details about mobile devices, such as a unique Braze-generated ID for the mobile device. We share anonymous information about use of their respective Developer Applications with Developers, including which Developer Applications users have downloaded and the way those Developer Applications are used, which facilitates improvements to Developer Applications."

_Opt-Out:_ End users may opt out of location collection by turning off location services for Developer apps in their mobile device. They can opt out of personally identifiable information by not providing that information to the Developer apps, and in the case of third parties, not providing that information to the third parties. Braze states, "You can prevent collection of all information by uninstalling Developer Applications that integrate the Braze Service."

_Data retention:_ Braze "will retain information collected throughout the life of each user’s use of Developer Applications except where prohibited by law." Users can email privacy@braze.com to request data deletion. Braze "will keep anonymous information and may need to retain some identifying information to ensure that your request continues to be honored. Your information will be deleted from our active database but may remain in our archives. If we are required to maintain certain information about you, we will comply with your deletion request after fulfilling any legal requirements."

_International Law:_ Braze complies with the U.S.-EU Safe Harbor Framework and the U.S.-Swiss Safe Harbor Framework.

_Consent:_ Braze states, "By using a Developer Application, you are consenting to our collection and processing of information as set forth in this Privacy Policy now and as amended by us. 'Processing' means using cookies on a computer/hand held device or using or touching information in any way, including, but not limited to, collecting, storing, deleting, using, combining and disclosing information, all of which activities will take place in the United States. If you reside outside the U.S. your information will be transferred to the U.S., and processed and stored there under U.S. privacy standards. By using the Application and providinginformation to us, you consent to such transfer to, and processing in, the U.S." [Braze, 11](https://www.braze.com/privacy).

## Relationships
ABC News / Citi / GAP / Axel Springer / Dominos / Delivery Hero / Hearst / KFC / Microsoft / Nascar / iHeartMedia / RTR / Postmates / OKCupid / Urban Outfitters [Braze, 01](https://www.braze.com) / American Cancer Society / Dots / ibotta / 1-800-Flowers.com / Momondo [Braze, 02](https://www.braze.com/customers)

## Details
_Financial details:_ Braze was founded in 2011 and has raised over $95 million from funders. Braze changed its name from Appboy in 2017 [Crunchbase, 01](https://www.crunchbase.com/organization/braze).

### Methods
* Targeted advertisments [Braze, 01](https://www.braze.com) 
* Location-based targeting [Braze, 07](https://www.braze.com/product/integrations)
* Real-world location targeting (including real-time targeting) [Braze, 02](https://www.braze.com/product/cross-channel-personalization) [Braze, 03](https://www.slideshare.net/Appboy/appboy-urban-outfitters-placeiq-case-study); [Braze, 07](https://www.braze.com/product/integrations); [Braze, 08](https://www.braze.com/academy/User_Targeting); [Braze, 09](https://www.braze.com/blog/appboy-location-targeting-tool); [Braze, 10](http://www.prweb.com/releases/2013/10/prweb11275487.htm)
* Targeted advertising based on consumer actions [Braze, 02](https://www.braze.com/product/cross-channel-personalization)
* Timed advertisements [Braze, 02](https://www.braze.com/product/cross-channel-personalization)
* Targeting across devices and channels [Braze, 02](https://www.braze.com/product/cross-channel-personalization)
* Real-time services [Braze, 04](https://www.braze.com/customers/postmates); [Braze, 05](https://www.braze.com/product/lifecycle-engagement-orchestration)
* Artificial intelligence for analytics [Braze, 06](https://www.braze.com/product/optimization-ai)
* Reports for clients [Braze, 06](https://www.braze.com/product/optimization-ai)

## References
* _Braze, 01._ [https://www.braze.com](https://www.braze.com)
* _Braze, 02._ [https://www.braze.com/product/cross-channel-personalization](https://www.braze.com/product/cross-channel-personalization)
* _Braze, 03._ [https://www.slideshare.net/Appboy/appboy-urban-outfitters-placeiq-case-study](https://www.slideshare.net/Appboy/appboy-urban-outfitters-placeiq-case-study) 
[Braze, 04._ [https://www.braze.com/customers/postmates](https://www.braze.com/customers/postmates)
* _Braze, 05._ [https://www.braze.com/product/lifecycle-engagement-orchestration](https://www.braze.com/product/lifecycle-engagement-orchestration)
* _Braze, 06._ [https://www.braze.com/product/optimization-ai](https://www.braze.com/product/optimization-ai)
* _Braze, 07._ [https://www.braze.com/product/integrations](https://www.braze.com/product/integrations)
* _Braze, 08._ [https://www.braze.com/academy/User_Targeting](https://www.braze.com/academy/User_Targeting)
* _Braze, 09._ [https://www.braze.com/blog/appboy-location-targeting-tool](https://www.braze.com/blog/appboy-location-targeting-tool)
* _Braze, 10._ [http://www.prweb.com/releases/2013/10/prweb11275487.htm](http://www.prweb.com/releases/2013/10/prweb11275487.htm)
* _Braze, 11._ [https://www.braze.com/privacy](https://www.braze.com/privacy)
* _Crunchbase, 01._ [https://www.crunchbase.com/organization/braze](https://www.crunchbase.com/organization/braze)

## External Links
* _Crunchbase (Braze):_ [https://www.crunchbase.com/organization/braze](https://www.crunchbase.com/organization/braze)

# Questions or concerns about this document?
Please contact Privacy Lab: https://privacylab.yale.edu/directory


================================================
FILE: trackers/Brightcove.md
================================================
# Tracker Name
Brightcove

## Website
https://www.brightcove.com

## About
Identify your best content and uncover actionable audience behaviors with comprehensive analytics and reporting. Dive into your viewer’s engagement data at an individual level with Brightcove’s advanced profile analytics.

## Category
Analytics, Identity, Location

## [Exodus Detection Rules](https://exodus-privacy.eu.org)
*   Network signature: ``metrics.brightcove.com/v2/tracker`
*   Code signature: `com.brightcove`

## Repositories
*   Maven: `http://repo.brightcove.com/releases`
*   Artifact ID: `xxx`
*   Group ID: `xxx`

## Gradle
`xxx`

## Additional links
https://www.brightcove.com/en/online-video-platform/analytics https://www.brightcove.com/en/partners?pages=2 https://support.brightcove.com/ https://github.com/BrightcoveOS/android-player-samples

## Notes
Video delivery, DRM, Video Streaming, Monetization, partner integration


================================================
FILE: trackers/Cifrasoft.md
================================================
# Tracker Name
Cifrasoft

# In εxodus?
No

## Website
http://cifrasoft.com

## About
Cifrasoft is a technological company developing ground-breaking solutions for acoustic connectivity, acoustic watermarking, audio fingerprinting and audio/video classification. Cifrasoft’s innovative solutions simplify user experience and bring interactivity to mobile e-commerce, mobile advertisement, second screen and social TV applications. Our technology has been successfully deployed in millions of smartphones, tablets, and other mobile devices. Cifrasoft’s growing IP portfolio and vast expertise in digital signal processing delivers competitive advantage to our customers and R&D partners.

## Category
Advertising, Location, Identity, ACR 

## [Exodus Detection Rules](https://exodus-privacy.eu.org)
*   Network signature: `*.tele.fm`
*   Code signature: `com.cirasoft`

## Repositories
*   Maven: `xxx`
*   Artifact ID: `xxx`
*   Group ID: `xx`

## Gradle
`xxx`

## Additional links
http://cifrasoft.com/secondscreen.html , https://addons.mozilla.org/en-US/firefox/addon/sound-login/ , https://www.soundlogin.com/ ,
gitlab: http://svn.cifrasoft.com/ 

## Notes
partnership with https://actv8me.com/


================================================
FILE: trackers/CopSonic.md
================================================
# CopSonic

# In εxodus?
No

## About

CopSonic is a private family-owned French digital audio and technology company.  It has less than 50 employees and is based in Tarn-et-Garonne, France. [Source: OpenCorporates](https://opencorporates.com/companies/fr/350129557)

## Ownership

CopSonic was founded by CEO Emmanuel Ruiz in 1989. [Source: website](https://www.copsonic.com/about-us.html) EIT Digital Accelerator invested in the company in 2017.  [Source: EIT website](https://www.eitdigital.eu/newsroom/news/article/ultrasonic-technology-scaleup-copsonic-joins-eit-digital-accelerator)

## [Exodus Detection Rules](https://exodus-privacy.eu.org)



## What it does

* Ultrasonic multifactor authentication (up to 40 Khz)
* Offline data transmission/proximity detection
* Indoor Proximity tracking ("geofencing")
* Ultrasonic mobile payment systems (SoniCash), ATM validation, lock management, e-payments (SwipeSonic), and password management

## Privacy Policy

As of 15/10/2018, we were not able to locate a privacy or end-user policy on CopSonic's website.


# Questions or concerns about this document?
Please contact Privacy Lab: https://privacylab.yale.edu/directory


================================================
FILE: trackers/Crashlytics (Google).md
================================================
# Crashlytics (Google)

## Primary Location
United States (Boston) [Crunchbase, 01](https://www.crunchbase.com/organization/crashlytics)

## Website
[http://try.crashlytics.com](http://try.crashlytics.com)

## About
Crashlytics offers a crash reporting solution for app developers.

## Ownership
Google [Recode, 01](https://www.recode.net/2017/1/18/14313164/google-twitter-acquisition-fabric-crashlytics)

## [Exodus Detection Rules](https://exodus-privacy.eu.org)
* `crashlytics\.com`

## Documentation
[https://fabric.io/kits/android/crashlytics](https://fabric.io/kits/android/crashlytics)

## Products and Services
Crashlytics offers a variety of services for app developers. Crashlytics:

* Receives and analyzes app crash reports which may contain user and device-specific data.

* Performs analytics on app logs "even the exact line of code your app crashed on" [Crashlytics, 03](https://fabric.io/kits/ios/crashlytics).

Google's "Answers" analytics product can be installed by app developers via the Crashlytics tracker SDK [Fabric, 02](https://docs.fabric.io/android/answers/overview.html) or manually [Fabric, 04](https://docs.fabric.io/android/answers/installation.html). Answers is "the analytics engine" of Fabric [Answers, 01](https://answers.io), Google's mobile platform. With Google Fabric, clients can:

* Perform analytics on app users and utilizes social media advertising [Fabric, 01](https://get.fabric.io).
* Perform cross-device user identity and authentication via "Fabric" [Wired, 01](https://www.wired.com/2014/10/twitter-fabric-sdk).

* _Understand_ users:
  * _Engagement_ to "Get insight into your users, what they’re doing, and inject live social content to delight them."
  * _Retention_ to "Uncover behaviors that correlate with healthy and unhealthy users."
* _Grow:_
  * _Monitor_ "new user sign-ups" to "optimize your onboarding flow."
  * _Revenue_ services to "Easily monetize your app with ads" [Fabric, 05](https://get.fabric.io).

"While Crashlytics gives you powerful crash reporting," Google states, "with one additional click you can enable real-time analytics that help you understand what’s happening in your app" [Fabric, 03](https://docs.fabric.io/android/crashlytics/overview.html). Answers:

* Gives clients "real-time statistics on how your app is being used, including active user numbers, session length, stability rating, and retention. 
* Gives clients "instant metrics as soon as you turn it on, without requiring any additional code" to "dig deeper into user behavior and engagement by logging Answers Events" [Fabric, 04](https://docs.fabric.io/android/answers/installation.html).
* _Event Tracking_ "gives you the ability to track the specific actions and events in your app that matter most. You can now see how users are behaving in your app and surfacing that critical information in real-time". This tracking is capped at "a maximum of 3,000 distinct events per app." [Fabric, 06](https://docs.fabric.io/android/answers/answers-events.html).
* _Audience Insights_ integrate with "Twitter’s robust audience insights data set to tell you the key demographics and interests of your user base." The "Top Interests show you the most common interests for your entire user base. The Top Differences highlight the interests that make your user base different from a typical user for the Audience Insights data set. The map, which you can pan and zoom to see different regions of the world, shows the top locations in the world where your users are interacting with your app" [Fabric, 07](https://docs.fabric.io/android/answers/audience-insights.html).
* Gives clients the option to enable _Converstion Tracking_ via Fabric to track conversions [Fabric, 08](https://docs.fabric.io/android/answers/mobile-app-conversion-tracking.html).

## Privacy Policy
Crashlytics Privacy Policy can be viewed at [Crashlytics, 04](https://try.crashlytics.com/terms/privacy-policy.pdf).

## Relationships
_Customers:_ Square / Walmart / Paypal / Yelp / Paperless Post / Blackboard / Path / Groupon / Domino's / Expedia / Orbitz / Kayak / 5 Infinity / Waze / OpenTable [Crashlytics, 01](https://try.crashlytics.com)

_Integrations:_ Redmine / Pivotal Tracker / Jira / PagerDuty / Asana / OpsGenie / GitHub / Campfire / Sprintly / Hall / YouTrack / Bitbucket / Trello / FogBugz / Zoho / Slack / GitLab / Asana / YouTrack / Sprint.ly / Bitbucket / HipChat [Crashlytics, 02](http://try.crashlytics.com/integrations)

## Details
_Financial details:_ Crashlytics was founded in 2011 and had raised $6 million from funders. Twitter acquired Crashlytics in in 2013 for a reported $38 million [Crunchbase, 01](https://www.crunchbase.com/organization/crashlytics); [Boston Business Journal, 01](https://www.bizjournals.com/boston/blog/techflash/2013/10/twitter-crashlytics-bluefin-labs.html). In 2017, Google acquired Twitter's developer suite Fabric, which included Crashlytics, for integration into Google Firebase. The details of the deal were not publicly disclosed [Recode, 01](https://www.recode.net/2017/1/18/14313164/google-twitter-acquisition-fabric-crashlytics). Crashlytics is a business division of Google, Inc. [Crashlytics, 04](https://try.crashlytics.com/terms/privacy-policy.pdf).

### Features in Crashlytics

Features include:

* Deep analysis
* Deep Workflow Integration
* Advanced reporting
* Notification and tracking
* Real-time processing and updates
* Enterprise security
* Real-time crash reporting
* Defensive reporting
* Stack unwinding
* Mach exceptions
* Compatibility with Android 2.1 and iOS 4.0
* Issue Aggregation
* Smart charts
* View and search custom data
* Analysis of your stack traces
* Advanced logging
* Grouping for 50,000 crashes [GetApp, 01](https://www.getapp.com/it-management-software/a/crashlytics/features)

## References
* _Answers, 01._ [https://answers.io](https://answers.io)  
* _Boston Business Journal, 01._ [https://www.bizjournals.com/boston/blog/techflash/2013/10/twitter-crashlytics-bluefin-labs.html](https://www.bizjournals.com/boston/blog/techflash/2013/10/twitter-crashlytics-bluefin-labs.html)  
* _Crashlytics, 01._ [https://try.crashlytics.com](https://try.crashlytics.com)  
* _Crashlytics, 02._ [http://try.crashlytics.com/integrations](http://try.crashlytics.com/integrations)  
* _Crashlytics, 03._ [https://fabric.io/kits/ios/crashlytics](https://fabric.io/kits/ios/crashlytics)  
* _Crunchbase, 01._ [https://www.crunchbase.com/organization/crashlytics](https://www.crunchbase.com/organization/crashlytics)  
* _Fabric, 01._ [https://get.fabric.io](https://get.fabric.io)  
* _Fabric, 02._ [https://docs.fabric.io/android/answers/overview.html](https://docs.fabric.io/android/answers/overview.html)  
* _Fabric, 03._ [https://docs.fabric.io/android/crashlytics/overview.html](https://docs.fabric.io/android/crashlytics/overview.html)  
* _Fabric, 04._ [https://docs.fabric.io/android/answers/installation.html](https://docs.fabric.io/android/answers/installation.html)  
* _Fabric, 05._ [https://get.fabric.io](https://get.fabric.io)  
* _Fabric, 06._ [https://docs.fabric.io/android/answers/answers-events.html](https://docs.fabric.io/android/answers/answers-events.html)  
* _Fabric, 07._ [https://docs.fabric.io/android/answers/audience-insights.html](https://docs.fabric.io/android/answers/audience-insights.html)  
* _Fabric, 08._ [https://docs.fabric.io/android/answers/mobile-app-conversion-tracking.html](https://docs.fabric.io/android/answers/mobile-app-conversion-tracking.html)  
* _GetApp, 01._ [https://www.getapp.com/it-management-software/a/crashlytics/features](https://www.getapp.com/it-management-software/a/crashlytics/features)  
* _Recode, 01._ [https://www.recode.net/2017/1/18/14313164/google-twitter-acquisition-fabric-crashlytics](https://www.recode.net/2017/1/18/14313164/google-twitter-acquisition-fabric-crashlytics)  
* _Wired, 01._ [https://www.wired.com/2014/10/twitter-fabric-sdk](https://www.wired.com/2014/10/twitter-fabric-sdk)  

## External Links
* _Crunchbase (Crashlytics):_ [https://www.crunchbase.com/organization/crashlytics](https://www.crunchbase.com/organization/crashlytics)  
* _Wikipedia (Crashlytics):_ [https://en.wikipedia.org/wiki/Crashlytics](https://en.wikipedia.org/wiki/Crashlytics)  
* _TechCrunch, 01:_ [https://techcrunch.com/2013/01/28/twitter-acquires-crash-reporting-tool-crashalytics-development-of-the-product-will-continue-unabated](https://techcrunch.com/2013/01/28/twitter-acquires-crash-reporting-tool-crashalytics-development-of-the-product-will-continue-unabated)  
* _Fabric, 09:_ [https://blog.twitter.com/developer/en_us/a/2015/fabric-leading-the-sdk-market-in-performance-and-mobile-analytics.html](https://blog.twitter.com/developer/en_us/a/2015/fabric-leading-the-sdk-market-in-performance-and-mobile-analytics.html)  
* _The Register, 01:_ [https://www.theregister.co.uk/2017/01/19/google_buys_twitters_mobile_app_development_team_fabric](https://www.theregister.co.uk/2017/01/19/google_buys_twitters_mobile_app_development_team_fabric)
* _ADB 80 podcast (Crashlytics):_ [https://androidbackstage.blogspot.com/2017/10/episode-80-crash-talk.html](https://androidbackstage.blogspot.com/2017/10/episode-80-crash-talk.html)

# Questions or concerns about this document?
Please contact Privacy Lab: https://privacylab.yale.edu/directory


================================================
FILE: trackers/Cuebiq.md
================================================
# Cuebiq

## About

[Cuebiq](https://www.cuebiq.com/about/) is a location data intelligence and analytics company with 51-200 employees. It has offices in New York, San Francisco, Chicago, Milan, Italy, and Shanghai, China.  [See also: OpenCorporates](https://opencorporates.com/companies/us_de/5068833)

## Ownership

Cuebiq was founded by Antonio Tomarchio in 2011. The privately-held company's investors include: Goldman Sachs Principal Strategic Investments (PSI), Nasdaq Ventures, DRW Venture Capital, Tribeca Venture Partners, Tribeca Angels, and TLcom Capital. [Source: BusinessWire](https://www.businesswire.com/news/home/20180518005397/en/Cuebiq-Raises-27-Million-Growth-Capital)

Its trusted partners include: Clear Channel, Oracle, Google, Facebook, Ubimo, and more. [Source: website](https://go.cuebiq.com/trusted-partners.html)

## [Exodus Detection Rules](https://exodus-privacy.eu.org)

* Code detection rule: com.cuebiq.cuebiqsdk.model.Collector|com.cuebiq.cuebiqsdk.receiver.CoverageReceiver
* Network detection rule: cuebiq\.com

## What it does

* Location Tracking (iBeacons, WiFi, NFC or Near Field Communication) & Analytics
* Footfall Attribution
* Mobile Data Triangulation
* Blockchain-based open-data marketing platform

## Privacy Policy

[Policy as of 18/5/2018, reviewed 18/11/2018:](https://www.cuebiq.com/privacypolicy/)

* Cuebiq uses a blockchain platform it developed to encrypt and anonymize the personally identifiable information it collects. This is advantageous because (1) it more seamlessly complies with GDPR and (2) enables its partners to efficiently access its ledgers.

* Cuebiq's policy openly states it ignores DNR (Do Not Track) requests in web browsers. 

* Cuebiq's policy states that it shares information with third parties such as "advertising agency trading desks, proximity solution providers, [and] advertising technology providers" in addition to "other companies and organizations... for instance (without limitation) for scientific, medical, civic, meteorological, automotive, and market-related research."

* For users outside the EU looking to opt-out, they may limit disclosure by "adjusting the settings on [their] mobile device" and web browsers.  Users are refered to the Network Advertising Initiative’s [website](http://optout.networkadvertising.org/?c=1#!%2F) and the Digital Advertising Alliance (DAA) [website](http://optout.aboutads.info/?c=2&lang=EN) regarding cookies and interest-based advertising.  Users are also refered to unnamed individual Publishers and Advertisers, who "may also provide ways [] to opt out from or limit their collection of information."


# Questions or concerns about this document?
Please contact Privacy Lab: https://privacylab.yale.edu/directory


================================================
FILE: trackers/Demdex (Adobe).md
================================================
# Demdex (Adobe)

## Primary Location
United States

## Website
[https://www.adobe.com/data-analytics-cloud/audience-manager.html](https://www.adobe.com/data-analytics-cloud/audience-manager.html)

## About
Demdex offers audience management solutions for parts of Adobe's advertising ecosystem.

## Ownership
Adobe Systems Incorporated

## [Exodus Detection Rules](https://exodus-privacy.eu.org)
* `demdex\.net`

## Documentation
[https://marketing.adobe.com/developer/get-started/mobile/c-measuring-mobile-applications](https://marketing.adobe.com/developer/get-started/mobile/c-measuring-mobile-applications)

## Products and Services
Adobe's Audience Manager service was build on top of the Demdex data bank product they acquired in 2011 [Analytics Demystified, 01](http://analyticsdemystified.com/adobe-analytics/adobes-new-marketing-cloud-visitor-id-how-does-it-work). Some services include:

* _Segmenting:_ "Build, test, and activate...audiences...based on a set of traits". "Divide millions of records into trait-specific categories" like "moms of grade school kids". Find new prospects with "look-alike modeling"; "pinpoint your most frequent users, as well as how recently they've interacted with your marketing." 
* _Cross-device identification:_ Use the "profiling feature" in Audience Manager "to tie one profile to multiple devices" and "discover if users are sharing a device, for instance, within a household". Target customers "after they may logged off your site or app."
* _Reports:_ Generate reports like Optimal Frequency reports, Advertiser Performance Reports to gain insight about user interactions like impressions, clicks, and conversions 
* _Predictive analytics:_ Performs predictive analytics
* Organize your own first party data and augment it with second or third party data with the Audience Marketplace feature
* Price your data for sale and partners [Adobe, 19](https://www.adobe.com/data-analytics-cloud/audience-manager.html)
* _Geotargeting and location-based targeting:_ Adobe Mobile Marketing offers "support for many location services, including GPS, geofencing, beacons, and more". Geolocation services allow marketers to "measure and respond to user engagement in mobile apps connected to beacons in sports stadiums, retail stores, and other points of interest. Marketers can also easily deliver “local” notifications and promotions based on proximity to a beacon. In addition, companies can tie app interactions to all other app engagement data in Adobe Analytics" [Adobe, 23](https://blogs.adobe.com/digitalmarketing/mobile/10-things-you-need-to-know-about-adobes-mobile-marketing). Adobe states that "app targeting based on GPS location and proximity to a particular area in a store or event venue", built into Analytics and Target products [MarketWatch, 01](https://www.marketwatch.com/story/adobe-launches-mobile-services-for-adobe-marketing-cloud-2013-11-07); [Forbes, 01](https://www.forbes.com/sites/roberthof/2013/11/07/adobe-takes-its-marketing-cloud-services-mobile); [PCWorld, 01](https://www.pcworld.com/article/2061880/adobe-adds-geolocation-targeting-to-marketing-cloud.html).
* Real-time geo- and location-based targeting: Adobe's in-app messaging feature " allows marketers to promote real-time content (e.g., new video, breaking news) or cross-promote apps, products, or services to people who are actively using their app. Messages, such as full-screen communications, alerts, and local notifications, can be triggered by analytics data, including user behavior, lifecycle metrics, or location (GPS or iBeacons), that is collected with the Mobile Services SDK. In-app messaging can be deployed without the need for app development or a new app update in the app store" [Adobe, 23](https://blogs.adobe.com/digitalmarketing/mobile/10-things-you-need-to-know-about-adobes-mobile-marketing)
* A/B testing [Forbes, 01](https://www.forbes.com/sites/roberthof/2013/11/07/adobe-takes-its-marketing-cloud-services-mobile)  

A variety of other services extend across the Adobe Marketing & Analytics ecosystem. The Demdex SDK may collect information for those services, including Adobe Campaign and Adobe Experience Manager [MarketWatch, 01](https://www.marketwatch.com/story/adobe-launches-mobile-services-for-adobe-marketing-cloud-2013-11-07). See "Details" below.

## Privacy Policy
Adobe business customers "use Adobe Marketing Cloud services to collect and analyze information, such as clicks made by visitors on their websites" [Adobe, 21](https://www.adobe.com/privacy/opt-out.html).

_Data Privacy:_ "App publishers can easily manage opt-in or opt-out functionality to enable compliance with data collection and privacy laws for specific countries including the Children's Online Privacy Protection Act (COPPA). In addition, Adobe Mobile services customers own their data - not Adobe" [Forbes, 01](https://www.forbes.com/sites/roberthof/2013/11/07/adobe-takes-its-marketing-cloud-services-mobile).  

In 2013, Adobe's Ray Pun stated that users must opt-in for geotargeting services, and that companies must write their terms in conditions "in a language that a normal person can understand, not an attorney" [PCWorld, 01](https://www.pcworld.com/article/2061880/adobe-adds-geolocation-targeting-to-marketing-cloud.html).  

_Mobile privacy policy:_ Adobe Marketing Cloud states that a "company may also use Adobe Marketing Cloud technologies within its mobile apps. These technologies allow the company to send information to its Adobe Marketing Cloud account -- for example, how you use the company’s mobile apps as well as other information your mobile device may make available to apps, such as location information."

_Mobile opt-out:_ For opting out of mobile data collection and use in connection with Adobe Marketing Cloud, Adobe states that "Most mobile devices allow you to the limit use of mobile advertising identifiers for interest-based advertising. For more information, please review the instructions provided by your mobile device manufacturer. The Digital Advertising Alliance’s AppChoices app may also provide you with more options to opt out of receiving interest-based advertising within mobile apps. Please see Your Privacy Choices to learn more about your choices for opting out of companies’ use of Adobe Marketing Cloud solutions."

Adobe has an opt-out web page [Adobe, 21](https://www.adobe.com/privacy/opt-out.html) and a page for Audience Manager privacy policy [Adobe, 22](https://marketing.adobe.com/resources/help/en_US/aam/faq_privacy.html).

Adobe suggests users "review the privacy policy" of the mobile app company "as well as privacy information provided by your mobile device manufacturer" [Adobe, 20](http://www.adobe.com/privacy/marketing-cloud.html). They also recommend "self-regulatory sites" like the Digital Advertising Alliance to opt out of advertising solutions by companies who are members of those groups [Adobe, 21](https://www.adobe.com/privacy/opt-out.html).

## Relationships
_Clients:_ Princess / Conde Nast / Lenovo [Adobe, 17](http://www.adobe.com/data-analytics-cloud/audience-manager.html)   

_Partners:_ Accenture Interactive / Cognizant / Deloitte Digital / dentsu aegis network / Epsilon / Havas / IBM / iCrossing / Infosys / IPG / OmnicomGroup / Publicis Groupe / pwc / Tata Consultancy Services / wipro / WPP [Adobe, 24](http://www.adobe.com/experience-cloud/service-support/partners.html)

## Details
### Financial details & history
In 2011, Adobe acquired Demdex for $109 million [Crunchbase, 01](https://www.crunchbase.com/organization/demdex). Demdex offered a "behavioral data bank" for advertising purposes. The data bank was used for audience segmenting, and could be plugged into ad servers or services, giving websites and advertisers control over the data. DemDex was added to Adobe's "Online Marketing Suite" (powered by Adobe-acquired Omniture) [TechCrunch, 01](https://techcrunch.com/2011/01/18/adobe-buys-behavioral-data-management-platform-demdex).  

### Adobe Audience Manager
Adobe Audience Manager is Adobe's data management platform, built on top of the Demdex product they acquired in 2011 [Analytics Demystified, 01](http://analyticsdemystified.com/adobe-analytics/adobes-new-marketing-cloud-visitor-id-how-does-it-work). Audience Manager:

* Gives a "complete view" of an audience by combining clients' data sources into one place [Adobe, 17](http://www.adobe.com/data-analytics-cloud/audience-manager.html)
* Segments audiences for "smart targeting" and "personalization" for targeted advertisements [Adobe, 02](https://www.adobe.com/data-analytics-cloud/audience-manager/audience-segmentation.html)
* Targets "specific segments on any platform" [Adobe, 19](https://www.adobe.com/data-analytics-cloud/audience-manager.html)

It aims to provide "a seamless experience and a seamless profile for all the different marketing cloud solutions to use. It's also a gateway for the broader ecosystem" such that clients with their own proprietary platforms or working with other technologies outside of Adobe, "audience manager helps with the syndication and consistency of that audience regardless of the actual technology that is serving and delivering that audience experience. Ultimately Audience Manager allows marketers to take this vast amount of information, transform it into meaningful audience segments, to deliver the most effective message at the right time" [Adobe, 18](https://www.adobe.com/data-analytics-cloud/audience-manager.html#m226a251c23c15530b6f70ef20da2003c)

Products it integrates with include Adobe Target and Adobe Media Optimizer, as well as solutions beyond the Marketing Cloud [Adobe, 19](https://www.adobe.com/data-analytics-cloud/audience-manager.html#x).

### Adobe Marketing & Analytics ecosystem: The Adobe Experience Cloud
The Adobe Experience Cloud provides "access to an integrated set of solutions to build campaigns, manage your advertising, and gain deep intelligence about your business. And it’s all unified through powerful core services that give you access to your customer profiles, centralized assets, powerful tagging, and an ecosystem of partners and developers to extend the value of all the solutions". Adobe's Experience Cloud website features the Adobe Advertising Cloud, Adobe Analytics Cloud, and Adobe Marketing Cloud [Adobe, 07](www.adobe.com/experience-cloud/overview.html).

#### Adobe Marketing Cloud
Provides a "set of integrated digital marketing solutions...to organize, access, and personalize your marketing content". Adobe Marketing Cloud solutions fall into four categories:

* _Measurement solutions_, "which help companies measure and understand how you use their websites, apps, social networking pages, as well as how you interact with their online marketing campaigns"
* _Personalization solutions_, "which help companies test new content and make their websites, apps, social networking pages, and emails more relevant to you"
* _Content management solutions_, "which help companies store, update, and deliver images and other content on their websites, within their apps, and in online marketing materials"
* _Advertising solutions_, which help companies improve their online advertising on websites, search engines, and social media platforms. These solutions also help companies send emails, text messages, and other online and offline marketing campaigns" [Adobe, 20](http://www.adobe.com/privacy/marketing-cloud.html)

Products include:

* _Adobe Experience Manager:_ "helps you manage all your assets, build websites and mobile apps, and integrate content from online communities" [Adobe, 03](http://www.adobe.com/marketing-cloud.html); [Adobe, 10](http://www.adobe.com/marketing-cloud/experience-manager.html)
* _Adobe Campaign:_ "helps you personalize and deliver your campaigns across all your channels, from web and mobile to email and display" [Adobe, 03](http://www.adobe.com/marketing-cloud.html); [Adobe, 11](http://www.adobe.com/marketing-cloud/campaign.html)
* _Adobe Target:_ "helps you turn data into results by testing and personalizing your content so you can deliver the best content to the right audience" [Adobe, 03](http://www.adobe.com/marketing-cloud.html); [Adobe, 12](http://www.adobe.com/marketing-cloud/target.html)
* _Adobe Primetime:_ "helps you create, deliver, and monetize personal video experiences" [Adobe, 03](http://www.adobe.com/marketing-cloud.html); [Adobe, 13](http://www.adobe.com/marketing-cloud/primetime.html)
* _Adobe Social:_ "helps you create relevant social content and quantify your social marketing results" [Adobe, 03](http://www.adobe.com/marketing-cloud.html)

#### Adobe Advertising Cloud
Adobe states this is "the industry’s first end-to-end platform for managing advertising across traditional TV and digital formats". It is a cross-channel platform that delivers "video, display, and search advertising across any screen in any format"; "media planning and buying are integrated into one programmatic solution" [Adobe, 04](http://www.adobe.com/advertising-cloud.html). Produce include:

* _Demand Side Platform:_ A "unified cross-channel, software-based solution" to "streamline global advertising from a single platform" [Adobe, 05](https://www.adobe.com/advertising-cloud/media-optimizer/demand-side-platform.html)
* _Adobe Media Optimizer:_ This "uses unified campaign tracking and reporting, real-time bidding, impression-level decisioning abilities, attribution reporting and simulations, and integration with the top ad exchanges to help you meet display objectives" [Adobe, 06](https://www.adobe.com/advertising-cloud/media-optimizer/display-advertising-management.html)
* _Brand Safety:_ Prevent advertising campaigns from "mixing with content and properties that don't align with your brand's image" [Adobe, 08](https://www.adobe.com/advertising-cloud/protecting-brand-equity.html)
* _Dynamic creative optimization:_ Reach "specific audiences with flexible ad creative that’s personalized in real time to drive user engagement, conversions, and integrated experiences". Use dynamic creatives to "target customers with flexible ad creative that’s personalized in real time based on site actions, customer and partner data, and third-party demographic data" [Adobe, 09](https://www.adobe.com/advertising-cloud/media-optimizer/dynamic-creative-optimization.html)

#### Adobe Analytics Cloud
Adobe Analytics Cloud aims to provide a business' "core intelligence engine". It strives to bring "context to online and offline data" and build "loyalty with customers". It offers "intelligence" and "precise audience creation" to help put "real-time insights into action".   

Services include:

* _Accessible analytics:_ "Make enterprise-level marketing analytics understandable and accessible to everyone in your organization"
* _Precise segmentation:_ "Continuously refine the view of your customers. As you do, you’ll discover and create high-value audiences and understand the best way to reach them"
* _Real-time tageting:_ "Connect your analytics with real-time activation so the transition from insight to action is as fast as it can be"
* _Next-generation attribution:_ "To understand your ROI, you need an objective view of the customer journey across every device and channel — paid, earned, and owned" [Adobe, 15](http://www.adobe.com/data-analytics-cloud.html)

Products include:

* _Adobe Analytics:_ "Discover your most valuable customer segments and use these insights to steer your entire business with customer intelligence" [Adobe, 16](http://www.adobe.com/data-analytics-cloud/analytics.html)
* _Adobe Audience Manager:_ A "data management platform (DMP) that helps you build unique audience profiles so you can identify your most valuable segments and use them across any digital channel" [Adobe, 17](http://www.adobe.com/data-analytics-cloud/audience-manager.html)

### Device support
Adobe's platform support "includes Apple App Store, Google Play, Amazon Appstore, Windows Store, and Windows Phone Store, as well as analytics support for Roku, Xbox, AppleTV, PlayStation, and other connected devices" [Adobe, 23](https://blogs.adobe.com/digitalmarketing/mobile/10-things-you-need-to-know-about-adobes-mobile-marketing)

## References
* _Adobe, 01_. [http://www.adobe.com/marketing-cloud.html](http://www.adobe.com/marketing-cloud.html)  
* _Adobe, 02_. [https://www.adobe.com/data-analytics-cloud/audience-manager/audience-segmentation.html](https://www.adobe.com/data-analytics-cloud/audience-manager/audience-segmentation.html)  
* _Adobe, 03_. [http://www.adobe.com/marketing-cloud.html](http://www.adobe.com/marketing-cloud.html)  
* _Adobe, 04_. [http://www.adobe.com/advertising-cloud.html](http://www.adobe.com/advertising-cloud.html)  
* _Adobe, 05_. [https://www.adobe.com/advertising-cloud/media-optimizer/demand-side-platform.html](https://www.adobe.com/advertising-cloud/media-optimizer/demand-side-platform.html)  
* _Adobe, 06_. [https://www.adobe.com/advertising-cloud/media-optimizer/display-advertising-management.html](https://www.adobe.com/advertising-cloud/media-optimizer/display-advertising-management.html)  
* _Adobe, 07_. [https://www.adobe.com/experience-cloud/overview.html](https://www.adobe.com/experience-cloud/overview.html)  
* _Adobe, 08_. [https://www.adobe.com/advertising-cloud/protecting-brand-equity.html](https://www.adobe.com/advertising-cloud/protecting-brand-equity.html)  
* _Adobe, 09_. [https://www.adobe.com/advertising-cloud/media-optimizer/dynamic-creative-optimization.html](https://www.adobe.com/advertising-cloud/media-optimizer/dynamic-creative-optimization.html)  
* _Adobe, 10_. [http://www.adobe.com/marketing-cloud/experience-manager.html](http://www.adobe.com/marketing-cloud/experience-manager.html)  
* _Adobe, 11_. [http://www.adobe.com/marketing-cloud/campaign.html](http://www.adobe.com/marketing-cloud/campaign.html)  
* _Adobe, 12_. [http://www.adobe.com/marketing-cloud/target.html](http://www.adobe.com/marketing-cloud/target.html)  
* _Adobe, 13_. [http://www.adobe.com/marketing-cloud/primetime.html](http://www.adobe.com/marketing-cloud/primetime.html)  
* _Adobe, 14_. [http://www.adobe.com/marketing-cloud/social.html](http://www.adobe.com/marketing-cloud/social.html)  
* _Adobe, 15_. [http://www.adobe.com/data-analytics-cloud.html](http://www.adobe.com/data-analytics-cloud.html)  
* _Adobe, 16_. [http://www.adobe.com/data-analytics-cloud/analytics.html](http://www.adobe.com/data-analytics-cloud/analytics.html)  
* _Adobe, 17_. [http://www.adobe.com/data-analytics-cloud/audience-manager.html](http://www.adobe.com/data-analytics-cloud/audience-manager.html)  
* _Adobe, 18_. [https://www.adobe.com/data-analytics-cloud/audience-manager.html#m226a251c23c15530b6f70ef20da2003c](https://www.adobe.com/data-analytics-cloud/audience-manager.html#m226a251c23c15530b6f70ef20da2003c)  
* _Adobe, 19_. [https://www.adobe.com/data-analytics-cloud/audience-manager.html#x](https://www.adobe.com/data-analytics-cloud/audience-manager.html#x)  
* _Adobe, 20_. [http://www.adobe.com/privacy/marketing-cloud.html](http://www.adobe.com/privacy/marketing-cloud.html)  
* _Adobe, 21_. [https://www.adobe.com/privacy/opt-out.html](https://www.adobe.com/privacy/opt-out.html)  
* _Adobe, 22_. [https://marketing.adobe.com/resources/help/en_US/aam/faq_privacy.html](https://marketing.adobe.com/resources/help/en_US/aam/faq_privacy.html)  
* _Adobe, 23_. [https://blogs.adobe.com/digitalmarketing/mobile/10-things-you-need-to-know-about-adobes-mobile-marketing](https://blogs.adobe.com/digitalmarketing/mobile/10-things-you-need-to-know-about-adobes-mobile-marketing)  
* _Adobe, 24_. [http://www.adobe.com/experience-cloud/service-support/partners.html](http://www.adobe.com/experience-cloud/service-support/partners.html)  
* _Analytics Demystified, 01_. [http://analyticsdemystified.com/adobe-analytics/adobes-new-marketing-cloud-visitor-id-how-does-it-work](http://analyticsdemystified.com/adobe-analytics/adobes-new-marketing-cloud-visitor-id-how-does-it-work)  
* _Crunchbase, 01_. [https://www.crunchbase.com/organization/demdex](https://www.crunchbase.com/organization/demdex) 
* _Forbes, 01_. [https://www.forbes.com/sites/roberthof/2013/11/07/adobe-takes-its-marketing-cloud-services-mobile](https://www.forbes.com/sites/roberthof/2013/11/07/adobe-takes-its-marketing-cloud-services-mobile)  
* _MarketWatch, 01_. [https://www.marketwatch.com/story/adobe-launches-mobile-services-for-adobe-marketing-cloud-2013-11-07](https://www.marketwatch.com/story/adobe-launches-mobile-services-for-adobe-marketing-cloud-2013-11-07)  
* _PCWorld, 01_. [https://www.pcworld.com/article/2061880/adobe-adds-geolocation-targeting-to-marketing-cloud.html](https://www.pcworld.com/article/2061880/adobe-adds-geolocation-targeting-to-marketing-cloud.html)  
* _TechCrunch, 01_. [https://techcrunch.com/2011/01/18/adobe-buys-behavioral-data-management-platform-demdex](https://techcrunch.com/2011/01/18/adobe-buys-behavioral-data-management-platform-demdex)

## External links
* _Wikipedia (Adobe Marketing Cloud_: [https://en.wikipedia.org/wiki/Adobe_Marketing_Cloud](https://en.wikipedia.org/wiki/Adobe_Marketing_Cloud)  
* _Adobe Audience Manager_: [https://www.adobe.com/data-analytics-cloud/audience-manager.html](https://www.adobe.com/data-analytics-cloud/audience-manager.html)  
* _Adobe Marketing Cloud_: [http://www.adobe.com/marketing-cloud.html](http://www.adobe.com/marketing-cloud.html) 

# Questions or concerns about this document?
Please contact Privacy Lab: https://privacylab.yale.edu/directory


================================================
FILE: trackers/Disney.md
================================================
# Tracker Name
Disney Datg

# In εxodus?
No

## Website
https://www.disneyabcpress.com/disneyabctv/

## About
Disney|ABC Television is comprised of The Walt Disney Company’s entertainment and news television properties and radio business.


## Category
Advertising, Location, Identity, Tracking

## [Exodus Detection Rules](https://exodus-privacy.eu.org)
*   Network signature: `xxx.com`
*   Code signature: `com.disney.datg`

## Repositories
*   Maven: `xxx`
*   Artifact ID: `xxx`
*   Group ID: `xxx`

## Gradle
`xxx`

## Additional links
https://www.disneyabcpress.com/disneyabctv/datg-press-releases/ 

## Notes
Tracking manager: adTracker, appTracker, authTracker, linkTracker, mediaTracker. Omniture, Slogger and Uplynk partners.

================================================
FILE: trackers/DoubleClick (Google).md
================================================
# DoubleClick

## Primary Location
United States (New York City) [Crunchbase, 01](https://www.crunchbase.com/organization/doubleclick)

## Website
[https://www.doubleclickbygoogle.com](https://www.doubleclickbygoogle.com)

## About
DoubleClick offers products and services to publishers and advertisers. Publishers use DoubleClick to display advertisements, and advertisers use DoubleClick to control the displaying of their ads by publishers.

## Ownership
Google

## [Exodus Detection Rules](https://exodus-privacy.eu.org)
* `mng-ads\.com`
* `doubleclick\.net`

## Documentation
[https://developers.google.com/doubleclick-publishers/docs/start](https://developers.google.com/doubleclick-publishers/docs/start)

## Products and Services

### Identification and Analytics
* Through DoubleClick Campaign Manager (DCM), Google uses mobile device IDs to attribute conversions to mobile devices [DoubleClick, 07](https://developers.google.com/doubleclick-advertisers/guides/conversions_overview#using_mobile_device_id).
* DoubleClick segments audiences for targeted advertising [The Guardian, 01](https://www.theguardian.com/technology/2012/apr/23/doubleclick-tracking-trackers-cookies-web-monitoring).
* Google performs cross-device identification (via Google Attribution) [Search Engine Land, 01](https://searchengineland.com/google-attribution-search-marketers-need-know-275751); [DoubleClick, 01](https://www.doubleclickbygoogle.com/articles/google-debuts-new-ad-attribution-service); [Forbes, 01](https://www.forbes.com/sites/roberthof/2017/05/23/did-that-ad-work-google-debuts-new-ai-driven-ad-attribution-service).
* Google connects data to personally identifiable information [ProPublica, 01](https://www.propublica.org/article/google-has-quietly-dropped-ban-on-personally-identifiable-web-tracking).
* DoubleClick offers analytics services for revenue management [DoubleClick, 05](https://www.doubleclickbygoogle.com/solutions/revenue-management/ad-exchange); [DoubleClick, 06](https://support.google.com/dcm/partner/answer/4568975?hl=en); [Online-behavior.com, 01](http://online-behavior.com/analytics/dfp-audience)

### Store visit tracking
Through AdWords, Google offers insights on store-visit conversions: "In DoubleClick Search, you can report on store visit conversions by adding a custom AdWords store visit conversions column to a report" [Google, 01](https://support.google.com/ds/answer/6348835?hl=en).

### Advertising Methods
* DoubleClick loads targeted advertisements [Google, 03](https://support.google.com/dfp_premium/answer/2884033?hl=en); [Google, 05, PDF](http://services.google.com/fh/files/misc/case-study-accuweather-delivers-enhanced-value-to-advertisers-with-doubleclick-for-publishers-and-google-analytics-360.pdf); [The Guardian, 01](https://www.theguardian.com/technology/2012/apr/23/doubleclick-tracking-trackers-cookies-web-monitoring).
* Google Attribution integrates information from several Google ad services, including DoubleClick, to evaluate the effectiveness of ads, from search to store visits [Forbes, 01](https://www.forbes.com/sites/roberthof/2017/05/23/did-that-ad-work-google-debuts-new-ai-driven-ad-attribution-service); [Google, 04](https://support.google.com/richmedia/answer/3399874?hl=en)
* Google is using offline and online data sources to conduct real-world location targeting [Google, 01](https://support.google.com/ds/answer/6348835?hl=en); [Google, 02](https://support.google.com/adwords/answer/6100636?co=ADWORDS.IsAWNCustomer%3Dfalse&hl=en-GB); [TechCrunch, 02](https://techcrunch.com/2017/05/23/google-is-now-using-deep-learning-to-measure-store-visits); [DoubleClick, 02](https://support.google.com/adxseller/answer/6016023?hl=en)
* Google conducts real-time targeting [DoubleClick, 04](https://www.doubleclickbygoogle.com/articles/bt-sport-dynamic-ad-insertion-google)
* Google uses artificial intelligence (via Google Attribution) [Forbes, 01](https://www.forbes.com/sites/roberthof/2017/05/23/did-that-ad-work-google-debuts-new-ai-driven-ad-attribution-service); [TechCrunch, 01](https://techcrunch.com/2017/05/23/google-attribution-is-a-free-and-easy-way-to-evaluate-marketing-efforts); [TechCrunch, 02](https://techcrunch.com/2017/05/23/google-is-now-using-deep-learning-to-measure-store-visits)
* Google targets across devices and channels [Forbes, 01](https://www.forbes.com/sites/roberthof/2017/05/23/did-that-ad-work-google-debuts-new-ai-driven-ad-attribution-service)
* DoubleClick provids bidding services [DoubleClick, 05](https://www.doubleclickbygoogle.com/solutions/revenue-management/ad-exchange)

### Advertising Networks
* Google conducts data sharing and integration [DoubleClick, 05](https://www.doubleclickbygoogle.com/solutions/revenue-management/ad-exchange); [The Guardian, 01](https://www.theguardian.com/technology/2012/apr/23/doubleclick-tracking-trackers-cookies-web-monitoring); [DoubleClick, 03](https://support.google.com/dfp_premium/answer/6281539?hl=en); [AppsFlyer, 01](https://support.appsflyer.com/hc/en-us/articles/115003213726-DoubleClick-Integration-Guide)

## Privacy Policy
A Google search for "DoubleClick Privacy Policy" brings the user to the general Google privacy policy web page.

_Cookies:_ Google's privacy policy states that Google uses cookies in web broswers for targeted advertising. They also store a record of the ads they serve in their logs. Log data includes "your web request, IP address, browser type, browser language, the date and time of your request, and one or more cookies that may uniquely identify your browser." They anonymize the log data by "removing part of the IP address (after 9 months) and cookie information (after 18 months)". Google services, such as AdWords, AdSense, and a range of DoubleClick-branded services, may send cookies to your bro]]wser when you visit a page or see an ad that uses one of these services.  

_Other technologies:_ Google may "select advertising based on information about your computer or device, such as your device model, browser type, or sensors in your device like the accelerometer."  

_Location:_ Google may infer your location "from a variety of sources", including your IP address, search queries, as well as you "precise location from your mobile device" and "websites or apps that you use may send information about your location" to Google.  Google "uses location information in our ads products to infer demographic information, to improve the relevance of the ads you see, to measure ad performance and to report aggregate statistics to advertiser."  

_Mobile tracking:_ When cookies are not available (eg, in mobile devices), Google "may use technologies that perform similar functions to cookies. Sometimes Google links the identifier used for advertising on mobile applications to an advertising cookie on the same device in order to coordinate ads across your mobile apps and mobile browser. This can happen, for example, when you see an ad within an app that launches a web page in your mobile browser. This also helps us improve the reports we give to our advertisers on the effectiveness of their campaigns."

_Opt-out and user control:_ Users can control cookie tracking through Google Ad Settings, consumer choice tools created under self-regulation programs in many countries, and through the management of cookies in web browser settings. Users can opt out of personalized ads in apps through Android and iOS device settings [Google, 06](https://www.google.com/policies/technologies/ads).

## Details
DoubleClick was founded in 1995 [Crunchbase, 01](https://www.crunchbase.com/organization/doubleclick).

## References
* _AppsFlyer, 01._ https://support.appsflyer.com/hc/en-us/articles/115003213726-DoubleClick-Integration-Guide  
* _Crunchbase, 01._ https://www.crunchbase.com/organization/doubleclick
* _DoubleClick, 01._ https://www.doubleclickbygoogle.com/articles/google-debuts-new-ad-attribution-service  
* _DoubleClick, 02._ https://support.google.com/adxseller/answer/6016023?hl=en  
* _DoubleClick, 03._ https://support.google.com/dfp_premium/answer/6281539?hl=en  
* _DoubleClick, 04._ https://www.doubleclickbygoogle.com/articles/bt-sport-dynamic-ad-insertion-google  
* _DoubleClick, 05._ https://www.doubleclickbygoogle.com/solutions/revenue-management/ad-exchange  
* _DoubleClick, 06._ https://support.google.com/dcm/partner/answer/4568975?hl=en  
* _DoubleClick, 07._ https://developers.google.com/doubleclick-advertisers/guides/conversions_overview#using_mobile_device_id  
* _Forbes, 01._ https://www.forbes.com/sites/roberthof/2017/05/23/did-that-ad-work-google-debuts-new-ai-driven-ad-attribution-service  
* _Google, 01._ https://support.google.com/ds/answer/6348835?hl=en  
* _Google, 02._ https://support.google.com/adwords/answer/6100636?co=ADWORDS.IsAWNCustomer%3Dfalse&hl=en-GB
* _Google, 03._ https://support.google.com/dfp_premium/answer/2884033?hl=en
* _Google, 04._ https://support.google.com/richmedia/answer/3399874?hl=en  
* _Google, 05, PDF._ http://services.google.com/fh/files/misc/case-study-accuweather-delivers-enhanced-value-to-advertisers-with-doubleclick-for-publishers-and-google-analytics-360.pdf
* _Google, 06._ https://www.google.com/policies/technologies/ads
* _Online-behavior.com, 01._ http://online-behavior.com/analytics/dfp-audience  
* _ProPublica, 01._ https://www.propublica.org/article/google-has-quietly-dropped-ban-on-personally-identifiable-web-tracking  
* _Search Engine Land, 01._ https://searchengineland.com/google-attribution-search-marketers-need-know-275751  
* _TechCrunch, 01._ https://techcrunch.com/2017/05/23/google-attribution-is-a-free-and-easy-way-to-evaluate-marketing-efforts  
* _TechCrunch, 02._ https://techcrunch.com/2017/05/23/google-is-now-using-deep-learning-to-measure-store-visits 

## External links
* _Crunchbase (DoubleClick):_ [https://www.crunchbase.com/organization/doubleclick](https://www.crunchbase.com/organization/doubleclick)
* _Wikpedia (DoubleClick):_ [https://en.wikipedia.org/wiki/DoubleClick](https://en.wikipedia.org/wiki/DoubleClick)
* _Ghostery (DoubleClick:_ [https://apps.ghostery.com/apps/doubleclick](https://apps.ghostery.com/apps/doubleclick)

# Questions or concerns about this document?
Please contact Privacy Lab: https://privacylab.yale.edu/directory


================================================
FILE: trackers/Dov-e.md
================================================
# Tracker Name
Dov-E

## Website
https://www.dov-e.com/

## About
DOV-E’s patented technology utilizes these speakers and provides secure, quick, easy to use mobile payment and interactive mobile engagement on any platform.

## Category
Beacon, Advertising

## [Exodus Detection Rules](https://exodus-privacy.eu.org)
*   Network signature: `*.dov-e.com`
*   Code signature: `com.dv`

## Repositories
*   Maven: `xxx`
*   Artifact ID: `xxx`
*   Group ID: `xxx`

## Gradle
`xxx`

## Additional links
xxx

## Notes
Mobile payment methods, advertising cross-device triggers, reference hardware for vendors, browser, iOS

================================================
FILE: trackers/Embee.md
================================================
# Tracker Name
Embee

# In εxodus?
No

## Website
https://embeemobile.com/technology/

## About
EmbeeCapture is ground-breaking proprietary measurement technology providing comprehensive insights on usage, clickstream, location and much more. In many cases, this technology enables the capture of data never before possible in any large scale, independently measured and over-the-air deployable.


## Category
Location, Tracking, Advertising, Identity

## [Exodus Detection Rules](https://exodus-privacy.eu.org)
*   Network signature: `embeepay.com`
*   Code signature: `com.embee`

## Repositories
*   Maven: `xxx`
*   Artifact ID: `xxx`
*   Group ID: `xxx`

## Gradle
`xxx`

## Additional links
https://qa.embeecloud.com/qa_internal/mpm/



## Notes


================================================
FILE: trackers/Estimote.md
================================================
# Estimote

## About

Estimote is private company that creates and sells sensor-based proximity tracking devices.  These "physical world" beacons allow retailers to  track users by compelling their cell phone microphones to emit high-frequency tones that are inaudible to humans.  

Estimote is registered in Delaware [Source:OpenCorporates](https://opencorporates.com/companies/us_de/5201683) and has offices in San Francisco, New York, and Krakow, Poland. In 2017, the company registered in the Dominican Republic. [Source:OpenCorporates](https://opencorporates.com/companies/do/491544)

## Ownership

Estimote's founders are Jakub Krzych and Lukasz Kostka. [Source: website](https://estimote.com/about/)

## [Exodus Detection Rules](https://exodus-privacy.eu.org)

* Code detection rule: com.estimote.
* Network detection rule: NC

## What it does

* Ultrasonic proximity tracking
* Indoor location beacons for use in retail stores, museums, and  stadiums.  Also deployed with in conjunction with robotic technology.
* Integrates wireless APIs that take control over nearby displays

## Privacy Policy

[Policy as of 15/9/2018, last modified 13/5/15](https://estimote.com/legal/privacy-policy.html)

* Estimote's policy mainly concerns its relationship with business affiliates and account holders.  It does, however, refer to "Customer Data" collected from its services.

* Personal data collected is treated by Estimote as "strictly confidential" and subject to internal controls and protections. This may include "latitude/longitude coordinates", the time of day, and user locations when their device is near a beacon.  

* If users do not want Estimote's beacon to identify their device, it directs them to "(a) delete the Customer app or adjust the in-app settings of the Customer app if the app makes that option available, or (b) turn “off” Bluetooth through [their] device’s Settings feature."

* In the event of a data breach, Estimote will "take reasonable steps to investigate the situation and to notify our Customers if the security, integrity or confidentiality of personal information has been compromised, in accordance with any applicable laws and regulations."

# Questions or concerns about this document?
Please contact Privacy Lab: https://privacylab.yale.edu/directory


================================================
FILE: trackers/Eulerian.md
================================================
# Eulerian

## About

Eulerian Technologies is a privately-held e-marketing and web analytics company based in France. [Source: OpenCorporates](https://opencorporates.com/companies/gb/04437532)  It has offices in Paris, Madrid, Lille, and staff in Canada. [Source: Linkedin](https://www.linkedin.com/company/eulerian-technologies/])

## Ownership

Guillaume Fougnies and Mathieu Jondet founded Eulerian Technologies in 2002.  [Source: Eulerian.com](https://www.eulerian.com/en/about-us/)

## [Exodus Detection Rules](https://exodus-privacy.eu.org)

* Code detection rule: com.eulerian.android.sdk
* Network detection rule: eulerian\.com

## What it does

* Behavioral Analytics 
* Data Collection
* Attribution Modeling

## Privacy Policy

[Policy as of 5/9/2018](https://www.eulerian.com/en/privacy/):

* Eulerian's policy acknowledges that it may receive ("including personal data") data from from its clients' partners for statistical and analytical reporting.  It states that it acts as a "data processor" on behalf of its clients' instructions.

* Collected data is the "property of our clients, [who] are data controllers, at all times."  It is "not used on behalf of Eulerian Technologies."

* Users looking to request deletion of their data are referred to contact their clients directly using the contact details on their respective websites.  The policy then provides a list of websites that use their software.  

# Questions or concerns about this document?
Please contact Privacy Lab: https://privacylab.yale.edu/directory


================================================
FILE: trackers/Fabric.md
================================================
# Tracker Name
Fabric

# In εxodus?
No

## Website
https://get.fabric.io/

## About
Get insight into your users and what actions they're taking inside your app. Uncover behaviors that correlate with healthy and unhealthy users. Easily monetize your app with ads.


## Category
Advertising, Location, Identity, Tracking

## [Exodus Detection Rules](https://exodus-privacy.eu.org)
*   Network signature: `xxx.com`
*   Code signature: `io.fabric.sdk.android`

## Repositories
*   Maven: `xxx`
*   Artifact ID: `xxx`
*   Group ID: `xxx`

## Gradle
`xxx`

## Additional links
Data privacy: https://docs.fabric.io/android/fabric/data-privacy.html
javadocs: https://docs.fabric.io/javadocs/fabric/1.4.2/index.html

## Notes
deprecated support for 3rd party SDKs: https://docs.fabric.io/apple/third-party-kits.html

================================================
FILE: trackers/Facebook.md
================================================
# Tracker Name
Facebook

# In εxodus?
Yes

## Website
https://facebook.com/

## About



## Category
Installer, Identity

## [Exodus Detection Rules](https://exodus-privacy.eu.org)
*   Network signature: `facebook.com`
*   Code signature: `com.facebook`

## Repositories
*   Maven: `xxx`
*   Artifact ID: `xxx`
*   Group ID: `xxx`

## Gradle
`xxx`

## Additional links



## Notes
This SDK does not match the current code signatures in Exodus.
Contains multiple packages: stetho, react, systrace, soloader, yoga, jni, fbcore, etc. SoLoader.loadLibrary("fb");


================================================
FILE: trackers/Fidzup.md
================================================
# Fidzup

## Primary Location
France (Paris) [Crunchbase, 01](https://www.crunchbase.com/organization/fidzup)

## Website
[https://www.fidzup.com/en](https://www.fidzup.com/en)

## About
Fidzup merges online and offline mobile marketing for retailers. Their services include fine-grained location tracking through mobile devices for advertising purposes [Fidzup, 02](https://www.fidzup.com/en/team).

## Ownership
Fidzup

## [Exodus Detection Rules](https://exodus-privacy.eu.org)
* `fidzup`

## Documentation
Fidzup SDK not listed, other code available at https://github.com/Fidzup

## Products and Services
Fidzup has two primary services:

1. Drive to store campaign 
2. Retargeting campaign    

Their service is designed to protect retailers for "showcasing" whereby consumers view products in retail stores and look for prices and promotions found elsewhere, especially online.  "Thus," Fidzup states, "those consumers who move to a point of sale but do not buy represent a real 'blind spot' for the brand."

Geofencing technologies make it possible to know precisely the location of the consumer and offer new possibilities to harness data for retailers in stores and leverage the same techniques available to retailers in the online space. This helps retailers:

* Know when the consumer goes to the store, whether they shop or not
* Target their communication with contextualized promotions, or additional services to better inform the consumer during its purchase process" [Marketing-Professionnel.fr, 01](http://www.marketing-professionnel.fr/parole-expert/distribution-retail-geofencing-geolocalisation-indooor-201411.html)  

Fidzup's technology also helps retailers generate in-store traffic through targeting "specific mobile audiences in your catchment area having an affinity with your brand."  

Fidzup's in-store tracking helps retailers retarget customers who physically visited their store, according to their in-store behavior.  According to Fidzup, their "Fidzup Retargeting currently manages to detect 40% of point-of-sale traffic, more than 80% of smartphones... Thanks to point-of-sale technologies, Fidzup Retargeting is able to measure the ROI of all the campaigns sent (store visit, download of the application, etc.) and to report to the company. This marketing tool is therefore much more effective than a classic advertising campaign, because it occurs at the psychological moment when the user considers the purchase and allows to finalize the sale it is done in store or on its m-commerce site" [Fidzup, 03](http://www.fidzup.com/fidzup-2015.zip).

Fidzup's technology helps retailers target competitor prospects to "Serve ads to customers and prospects of retail/brand competitors" [Fidzup, 01](https://www.fidzup.com/en).

_Advertised services for clients:_   

Stores:  
1. Encourage impulsive purchasing  
2. Direct customers to shelves where discontinued products are placed  
3. Boost the use of its mobile application  

Shopping malls:  
1. Create an attraction in the mall.  
2. Promote the release of the mobile application.  
3. Attract users of the application to the various shops in the shopping mall (eg, with list of promotions).  

Trade fairs:  
1. Provide its exhibitors with a special tool to attract more visitors to their stands.  
2. Inform visitors effectively of exhibition conferences and other upcoming events.  

Concerts and museums:  
Fidzup could allow each visitor to a museum to "automatically receive information of a work or piece just by being close to it".  At a concert, "it is possible to send the corresponding clip for the song played, or even send a survey to the crowd to let it choose the next title to be played" [Fidzup v2, 03](https://web.archive.org/web/20171015030737/http://v2.fidzup.com/en//cas-dusage).  

_Scope:_  
According to Viuz, Fidzup has "more than 250 Fidboxes already installed, more than 5 million unique database clients and more than 150 million covered 'foot traffic'" [Viuz, 01](https://viuz.com/2015/03/19/fidzup-trophee-espoir-lndr-2015-les-outils-du-web-pour-re-inventer-le-commerce-physique).

## Privacy Policy
_Data collection and identifiable information:_ Fidzup states it "collects data from wifi-enabled smartphones. No personal information is ever collected by us. We don't know who you are, we don't have access to your contacts, your messages, etc."

_Retention:_ Collected data "are stored anonymously on our servers for 12 months."

_Data Use:_ "Collected data allows: 

1. To enhance your experience while you visit point of sales equipped with our technologies.
2. To provide visitors’ in­store behavior reports to our customers. Those reports contain point of sales visit trends, made of aggregated data. No personal or individual information is included.
3. To personalize visitors mobile ads on smartphone applications they use.
We use anonymous visit data to provide a personalized experience on our partners smartphone applications. For example: after visiting a shop you could see a personalized banner for this particular shop instead of a generic one."

_Opt-out:_ Fidzup states, "The simplest way to prevent data collection from your Wifi is to disable your Wifi connection near places that use it. 

We also provide a way to delete all data regarding your smartphone with our opt-out form" [Fidzup, 04](https://www.fidzup.com/en/privacy).

Their opt-out form can be located at [https://www.fidzup.com/en/opt-out-en](https://www.fidzup.com/en/opt-out-en).

## Relationships
_Brands and retailers:_ Gemo / Timberland / Buffalo Grill / Grand Optical / Opel / Renault / Klépierre / Etam / Mercedes / Nissan [Fidzup, 01](https://www.fidzup.com/en) / Hammerson & Les Terrasses du Port shopping center / Vache Noire shopping center (in Arcueil) [Fidzup, 03](http://www.fidzup.com/fidzup-2015.zip)  / KFC / BMW [BusinessWire, 01](http://www.businesswire.com/news/home/20161130005981/en/Fidzup-Performance-Marketing-Startup-Retailers-Raises-3.7) / Galeries Lafayette / Darty / ITF / La Halle / Peugeot / FDJ Cultura [Tech.eu, 01](http://tech.eu/brief/fidzup-raises-investment) / Kiabi / SNCF [L'Usine Digitale, 01](https://www.usine-digitale.fr/editorial/les-100-du-digital-retail-fidzup-pour-geolocaliser-ses-clients-grace-a-leur-smartphone-et-des-ultrasons.N348982) Paris Region Lab / Petit Poucet / scientipole / oseo / Réseau Entreprendre [Fidzup, 02](https://www.fidzup.com/en/team)

_Supporters:_ Mobile Marketing Association France / Electronic Business Group / IAB France / Picom / La Nuit Des Rois [Fidzup, 01](https://www.fidzup.com/en)  

## Details
_Financial details: "Fidzup was founded in 2011 by two entrepreneurs sharing the same idea: to give a lift to traditional business through technological innovation" [Fidzup, 02](https://www.fidzup.com/en/team). They raised $3,7 million with venture capitalists CapHorn Invest and Turenne Capital as well as existing investors CapDecisif Management via the FRCI (Fonds Régional Co-investissement de la Région Ile de France) and Petit Poucet Participation, the press reported in November 2016 [BusinessWire, 01](http://www.businesswire.com/news/home/20161130005981/en/Fidzup-Performance-Marketing-Startup-Retailers-Raises-3.7); [Tech.eu, 01](http://tech.eu/brief/fidzup-raises-investment). 

For Product pricing (from old website), see [Fidzup v2, 04](https://web.archive.org/web/20171015030915/http://v2.fidzup.com/en//nos-offres).

_Awards:_ Fidzup won the 2015 "Kings of Hope Prize" [Viuz, 01](https://viuz.com/2015/03/19/fidzup-trophee-espoir-lndr-2015-les-outils-du-web-pour-re-inventer-le-commerce-physique).

_Fidzup history and ideology:_ Fidzup is "Aware of the opportunities coming from the use of smartphones in your stores, our teams develop microlocation technologies to help you to reach your goals. Continuous innovation and improvement help us to develop more and more relevant and quicker and quicker solutions to install for our customers" [Fidzup, 02](https://www.fidzup.com/en/team). Their ambition is to "Provide physical commerce with the tools that pure players now enjoy". Where on the web professionals are able to identify a highly qualified target to better send them promotions, no solution existed for retailers to recover these prospects.

Since its creation in 2011, Fidzup was working on an indoor presence detection technology. The idea was to offer retailers and shopping centers a light technology to deploy and without constraint of use for consumers. This is how Fidzup Microtargeting was created, a platform for sending interactive and location-based content on the mobile of visitors to points of sale. It is the explosion of Criteo, the French giant of online advertising retargeting, which pushed the Fidzup teams to pivot towards a similar solution, but to the brick & mortar business. Since the startup was already able to understand the behavior of consumers in points of sale.

Specifically, where Criteo is interested in the behavior of Internet users on e-commerce sites to retarget advertising on partner media pages, Fidzup is interested in the consumer shopper journey in physical stores to address contextualized advertising. on its mobile apps" [Fidzup, 03](http://www.fidzup.com/fidzup-2015.zip).  

_Devices:_ Mobile (Android, Apple) / Fidbox

_Slogans:_ 

* "Online Offline: Performance mobile marketing for retailers" [Fidzup, 01](https://www.fidzup.com/en)
* "An innovative technology for interior presence detection" 
* "A mailing platform for geolocalized interactive content" [Fidzup v2, 01](http://archive.is/kUZGK)  

### Methods
Fidzup "has developed 3 solutions to detect the presence of a consumer in stores: Fidzup Microtargeting, Fidzup Retargeting and Fidzup Analytics. These technologies, easily deployable, are based on the principle of indoor geolocation (operating by wifi, ultrasound or BLE) and broadcast interactive content on smartphone. Thus, Fidzup captures and reactivates the consumer or simple visitor, either directly at the point of sale, or when he leaves the sign" [Fidzup, 03](http://www.fidzup.com/fidzup-2015.zip).

Big Data / Predictive analytics / Programmatic / RTB  

_Consumer targeting:_ Geographical/store / Digital navigation (on devices) / Habits / Purchase intention  

"The most accurate in-store tracking technology on the market.  Measure your online campaigns ROI with adapted offline KPIs"  
_Fidbox:_   
  * Works without any mobile app  
  * 3 meters accuracy; 4 years of R&D, 2 patents registered  
  * Autonomous in-store sensor [Fidzup, 01](https://www.fidzup.com/en)

Fidbox is "compatible with 99.9% of smartphones". Fidboxes "capture an encrypted identification key, unique to mobile, that Fidzup Retargeting then found on the ad servers. These captured data will be processed to segment the audience of the target brand to address on AdExchanges. This process will thus make it possible to resort to an advertising retargeting by displaying a personalized banner, according to the offline consumption habits of the mobile user, when he / she consults a third-party application (games, news, sports, etc.)." Fidzup's "point-of-sale deployment is lightweight and does not require any particular mobile application."    

_Fidzup Retargeting:_ Fidzup's "Totally innovative process allows the Terrasses du Port not to lose its consumers, increase its customer knowledge and optimize its media buying campaigns by addressing a qualified target. Fidzup Retargeting can also measure the visits of the consumer and know the generated downloads in a logic of measurement of the ROI of the carried out campaigns."  

_Fidzup Microtargeting:_ Fidzup's microtargeting is "based on the principle of indoor geofencing and allows shopping centers & retailers to interact instantly with their customers via their smartphone at their points of sale." It "relies on the use of a sound source to send data to a smartphone that will decode and process the received signal. More concretely, Fidzup broadcasts via point of sale via any audio source (speaker system broadcasting music, sound boxes, televisions, etc.) a signal inaudible to the human ear. This signal has the particularity of having a unique identifier corresponding to a specific location. The detection is done when the smartphone receives the signal and decodes it to know where the consumer is.

Fidzup Microtargeting then automatically triggers the sending of interactive and contextualized content on the mobile of the consumer according to his position. Discount coupons, targeted promotion on a product upon entry into the corresponding department, exceptional opening information, contests triggered as soon as they enter the store ... For example, a brand wishes to launch a promotion on its polos: "1 polo bought, the 2nd to -50% »For this, she will have the choice between sending the promotion on the mobile of the consumer as soon as it enters the store or the entrance of the department concerned by the promotion.

The consumer then receives relevant content, at the right place and at the best time on his smartphone. With Fidzup technology, the sales area is 'squared': either at the entrance of the store itself or within a specific radius, it is possible for each manager to choose the right place, where the visitor will receive interactive content.  

...Unlike other solutions that require the deployment of a heavy hardware device, and therefore expensive to install and maintain, the technology developed by Fidzup can be deployed without any hardware installation on site if the audio system used is remotely controllable. Indeed, some companies have specialized in the implementation of audio systems, the distribution of music in point of sale can be controlled online. These players cover a majority of the retail and retail market. If, however, the customer is not equipped, Fidzup has developed a battery of inexpensive hardware solutions that are easy to install.

- Mobile Compatibility: The software brick developed by Fidzup (the SDK) integrates with applications running on iOS mobile OS (iPhone) and Android. Thus, thanks to Fidzup technology it is possible to reach more than 90% of the global mobile market.

- Use: In the face of the few players capable of detecting presence at the point of sale, Fidzup chose to specialize in consumer care once it is present. Thus, the startup has developed the lightest solution to send promotional content at the best time to maximize efficiency. The end customer has no action to do (except to download the application of the sign or the mall), it is the content that comes to him automatically and at a time when he will be attentive. Since the media is mobile, it is essential to offer end users a limited number of actions to perform for a simple and fluid use."   

This can result in real-time data mining: "Since the operations implemented are mainly digital, La Vache Noire has the possibility to follow in real time the impact of its operation (participation rate, winning prizes, etc.)."  This can bring businesses that did not previously data mine into the data mining fold: "Finally, the marketing department of the center has retained a certain interest from brands that have never participated so much in a digital transaction. Thus, prestigious brands such as Celio, Jules, Yves Rocher or Darjeeling participate each week in the operation 'List of promotions'"  [Fidzup, 03](http://www.fidzup.com/fidzup-2015.zip).

"Fidzup has developed a means of communication between a sonic emitter and a mobile phone. Thus, by diffusing a tone, inaubible to the human ear, inside a building we can detect the presence of mobile phones and therefore their owners. How does the detection work? Your visitors must have the mobile application already installed on their smartphone. This contains a software layer (a SDK supplied by Fidzup) capable of detecting the signals and decoding them. What kind of sonic emitter can be used? It is possible to use any audio source to diffuse the signals. In fact, Fidzup has come up with a variety of hardware solutions depending on the user’s requirements.  

... We supply you with one or several bespoke sonic signals to diffuse in your establishment. Depending on the type of building and the type of usage you require, Fidzup offers a choice of several hardware and software solutions to simplify and optimize the diffusion of its sonic technology. Depending on the method of emission chosen, a sonic signal can be used to cover a precise zone of a store, the corridors of a shopping mall or even detect a visitor admiring a work of art in an art exhibition."   

... "Installing the SDK into your mobile application: We supply you with a software layer (SDK) to add to your mobile application. this layer detects and decodes the audio signal. The SDK is supplied with full documentation to help you install it swiftly and easily into your mobile application.The SDK is compatible with both iOS (iPhone) and Android operating systems.  Minimum requirement for the iOS operating system: iOS version 5; Minimum requirement for the Android operating system: Android 2.3.5 (HTC One X not supported)" [Fidzup v2, 02](https://web.archive.org/web/20171015025307/http://v2.fidzup.com/en//notre-solution).

_Fidzup Analytics:_ "Fidzup Analytics is a technology based on wifi that analyzes the traffic in points of sale, especially for shopping centers and supermarkets. Coupled with the Fidzup Retargeting solution, this technology makes it possible to capture on average 40% of the real traffic, whether the consumers / visitors are carriers of the application of the center or not.

To facilitate the handling of its solution, Fidzup gives direct access to the Analytics interface to the shopping center teams. The management can then see the route taken by its visitors from one store to another and analyze the data retrieved by day, week or month. Thus, Fidzup Analytics is able to display the traffic generated in the point of sale, the average duration of a visit, its frequency and to couple all these data to highlight trends or peaks of affluence. For the management of the center, the interest of these crossings of data is of size: to be able to identify the typical course of a customer and thus to define the zones "cold" or "hot" of the shopping mall (that is to say to say the locations more or less visited). Thanks to Fidzup Analytics, retail professionals can have a perfect knowledge of their customers, their habits in the center, but also know if their rental spaces are properly valued according to the passage of visitors. Finally, with the Analytics solution, shopping centers now have the opportunity to measure the audience generated by their communication devices already in place (promotional video screen, POS, display, totem ...). Indeed, depending on the information provided on these media, Fidzup is able to know the impact on the shopping journey of the customer and sales"   [Fidzup, 03](http://www.fidzup.com/fidzup-2015.zip).

"Fidzup’s Programmatic & Analytics Platform is made up of DSP, DMP and Tag management solutions, developed in-house for bricks-and-mortar stores. These technologies enable store managers to direct their campaigns while accurately measuring their return on investment"  [BusinessWire, 01](http://www.businesswire.com/news/home/20161130005981/en/Fidzup-Performance-Marketing-Startup-Retailers-Raises-3.7).

Sonice emission solutions:   

- Web player: The web player allows you to emit the Fidzup sonic signal via your computer. This solution is ideal for small spaces with no audio system in place.  
- Standalone emitter unit: This mains connected unit allows you to broadcast your sound signal continuously in the manner of a portable and independent speaker enclosure. This solution is ideal for creating an interactive zone in a specific area of your establishment.   
- Mixer emitter unit: The mixer unit, also mains connected, can automatically mix your signal sound with the music played through your audio system. This solution is ideal for users wishing to cover all areas of their establishment through their own public address system.   
- Custom installation: Your audio system is managed by an external provider? No problem, Fidzup can work with them to simplify the deployment, as it could then be managed remotely, without any hardware installation in situ" [Fidzup, 03](http://www.fidzup.com/fidzup-2015.zip).  

_Web interface:_ "We give you secure access to an administrative interface that allows you to devise promotional content that will be displayed on visitors’ smartphones as soon as they are detected in your establishment. Adjust the parameters and pre-visualize your content: expiry dates, target zones, message type, image uploads, content descriptions, etc., The interface is intuitive and extensive. From a discount coupon to a simple information bulletin, take advantage of the numerous pre- configured items in the interface to send the right content at the right time to your visitors.  

... Following promotional campaigns: Our administrator’s inferface includes a comprehensive dashboard and accurate statistics that allow you to monitor the performance of your promotional campaigns.The number of detections in your location, number of messages sent and received, CTR (click- through rate)... View the impact of your advertising campaigns at a glance and optimize them swiftly" [Fidzup v2, 02](https://web.archive.org/web/20171015025307/http://v2.fidzup.com/en//notre-solution).     

_Some of the data collected:_  

* unique visitors
* duration of visits
* frequency of visits
* hot / cold zone of the store
* customer journey
* fast outputs
* volume of smartphones
* brands and OS terminals [Viuz, 01](https://viuz.com/2015/03/19/fidzup-trophee-espoir-lndr-2015-les-outils-du-web-pour-re-inventer-le-commerce-physique)

## References
* _Ad-exchange.fr, 01._ http://ad-exchange.fr/fidzup-retargeting-unit-le-ciblage-publicitaire-sur-smartphone-et-le-monde-physique-14297._ http://ad-exchange.fr/fidzup-retargeting-unit-le-ciblage-publicitaire-sur-smartphone-et-le-monde-physique-14297
* _Ad-exchange.fr, 02._ http://ad-exchange.fr/fidzup-veut-booster-ladoption-de-boitiers-du-type-beacon-dans-les-magasins-francais-27156._ http://ad-exchange.fr/fidzup-veut-booster-ladoption-de-boitiers-du-type-beacon-dans-les-magasins-francais-27156 
* _BusinessWire, 01._ http://www.businesswire.com/news/home/20161130005981/en/Fidzup-Performance-Marketing-Startup-Retailers-Raises-3.7
* _Crunchbase, 01._ https://www.crunchbase.com/organization/fidzup
[Fidzup, 01._ https://web.archive.org/web/20171124095315/https://www.fidzup.com/en
* _Fidzup, 02._ https://web.archive.org/web/20171124095424/https://www.fidzup.com/en/team  
* _Fidzup, 03, .zip file._ https://web.archive.org/web/20171124095525/http://www.fidzup.com/fidzup-2015.zip
* _Fidzup, 04._ https://web.archive.org/web/20171124095616/https://www.fidzup.com/en/privacy
* _Fidzup v2, 01._ http://archive.is/kUZGK
* _Fidzup v2, 02._ https://web.archive.org/web/20171015025307/http://v2.fidzup.com/en//notre-solution 
[Fidzup v2, 03._ https://web.archive.org/web/20171015030737/http://v2.fidzup.com/en//cas-dusage
* _Fidzup v2, 04._ https://web.archive.org/web/20171015030915/http://v2.fidzup.com/en//nos-offres
[L'Usine Digitale, 01._ https://www.usine-digitale.fr/editorial/les-100-du-digital-retail-fidzup-pour-geolocaliser-ses-clients-grace-a-leur-smartphone-et-des-ultrasons.N348982
* _Marketing-Professionnel.fr, 01._ http://www.marketing-professionnel.fr/parole-expert/distribution-retail-geofencing-geolocalisation-indooor-201411.html
* _Tech.eu, 01._ http://tech.eu/brief/fidzup-raises-investment
* _Viuz, 01._ https://viuz.com/2015/03/19/fidzup-trophee-espoir-lndr-2015-les-outils-du-web-pour-re-inventer-le-commerce-physique

## External Links
* _Crunchbase (Fidzup):_ https://www.crunchbase.com/organization/fidzup._ https://www.crunchbase.com/organization/fidzup
* _Fidzup, 05:_ https://web.archive.o]rg/web/20171123081837/https://fidzup.com/en/live._ https://web.archive.org/web/20171123081837/https://fidzup.com/en/live
* _Fidzup, 06:_ https://web.archive.org/web/20171124000206/https://fidzup.com/en/product._ https://web.archive.org/web/20171124000206/https://fidzup.com/en/product
* _Fidzup, 07 https://web.archive.org/web/20171124094502/https://itunes.apple.com/us/app/fidzup-live/id735938167?mt=8._ https://web.archive.org/web/20171124094502/https://itunes.apple.com/us/app/fidzup-live/id735938167?mt=8
* _Fidzup, 08:_ https://web.archive.org/web/20171124094519/https://play.google.com/store/apps/details?id=com.fidzup.fidzuplive._ https://web.archive.org/web/20171124094519/https://play.google.com/store/apps/details?id=com.fidzup.fidzuplive
* _Fidzup, 09:_ https://web.archive.org/web/20171124094739/https://play.google.com/store/apps/details?id=com.fidzup.spotinstore.diagnostic._ https://web.archive.org/web/20171124094739/https://play.google.com/store/apps/details?id=com.fidzup.spotinstore.diagnostic
* _Fidzup, 10:_ https://web.archive.org/web/20171124094810/https://play.google.com/store/apps/details?id=com.fidzup.petitpoucet._ https://web.archive.org/web/20171124094810/https://play.google.com/store/apps/details?id=com.fidzup.petitpoucet
* _Fidzup, 11:_ https://web.archive.org/web/20171124094853/https://www.fidzup.com/en/use-case/._ https://web.archive.org/web/20171124094853/https://www.fidzup.com/en/use-case/
* _Fidzup, 12:_ https://web.archive.org/web/20171124094955/https://vimeo.com/59666867._ https://web.archive.org/web/20171124094955/https://vimeo.com/59666867
* _Fidzup, 13:_ https://web.archive.org/web/20171124095009/https://vimeo.com/80601084._ https://web.archive.org/web/20171124095009/https://vimeo.com/80601084

# Questions or concerns about this document?
Please contact Privacy Lab: https://privacylab.yale.edu/directory


================================================
FILE: trackers/Flurry (Yahoo).md
================================================
# Flurry

## Primary Location
United States

## Website
[https://developer.yahoo.com](https://developer.yahoo.com)

## About
Flurry is part of the Yahoo Developer network suite. Flurry's product, Flurry Analytics, offers mobile analytics, monetization, and advertising services [Yahoo, 01](https://developer.yahoo.com/analytics); [Yahoo, 14](https://developer.yahoo.com/flurry/docs); [Wikipedia, 01](https://en.wikipedia.org/wiki/Flurry_(company)).

## Ownership
Oath Inc. (subsidiary of Verizon Communications; Oath includes Yahoo and AOL) [Wikipedia, 01](https://en.wikipedia.org/wiki/Oath_Inc.); [Ars Technica, 01](https://arstechnica.com/information-technology/2017/06/oath-verizon-completes-4-5-billion-buy-of-yahoo-and-merges-it-with-aol)

## [Exodus Detection Rules](https://exodus-privacy.eu.org)
* `flurry\.com`

## Products and Services
Flurry Analytics:

* Utilizes tracking to analyze user interaction, correlating with other users
* Groups and correlates user data
* Tracks in-app actions of users
* Segments users
* Funnels users into specific in-app paths
* Monitors user churn and retention
* Determines user "personas"
* Predicts user demographics
* Monitors user acquisition efforts
* Measures the impact of advertising campaigns or channels [Yahoo, 02](https://developer.yahoo.com/analytics/features.html).

Analytics services cover in-app behaviors like "making a purchase, playing a song, or sharing on Facebook" [Yahoo, 03](https://developer.yahoo.com/flurry/docs/analytics/gettingstarted/events/android).  

Flurry Pulse provides "the ability to share your app data with integrated partners" [Yahoo, 13](https://developer.yahoo.com/flurry-pulse).  

## Privacy Policy
_Data sharing:_ As of September 18, 2017, Yahoo stated that Yahoo and Oath "plan to share some user information within the Verizon family of companies which will enable us to integrate our business, allowing us to coordinate more and improve your experiences". Yahoo further explained, "We will share the same information that our companies have previously collected and used for the development and operation of our products and services. This may include your account registration information (such as your user ID, gender, name, email address, postcode & age), your content and advertising interests, content associated with your account, the types of services you use and how you engage with them, cookie and device IDs, IP addresses, geolocation information and activity information from across our websites, apps, software and other services. All of the information that we collect about you may be shared across the various Oath brands and within our Verizon family of companies" [Yahoo, 02](https://policies.yahoo.com/ie/en/yahoo/privacy/euoathnoticefaq).   

Yahoo shares data with third parties, and allows third parties to place tracking technologies like cookies, web beacons, applicaitons (or "widgets), SDKs, and similar technologies on Yahoo sites and apps.  Yahoo adds that "We do not share your personally identifiable information from your Yahoo account with our advertisers or our partners as part of our analytics programs. We may, however, share pseudonymous information - including demographic information - with our advertisers or partners" [Yahoo, 04](https://policies.yahoo.com/ie/en/yahoo/privacy/topics/thirdparties/index.htm).  

_Opt-out:_ Yahoo offers an option to opt out of "interest-based advertising, analysis of communications content for advertising purposes, and the sharing of your information with partners for data matching and appends using the tools" on their Ad Interest Manager website. This includes "Your advertising choices" both "across the web" and "On Yahoo" [Yahoo, 05](https://aim.yahoo.com/aim/ie/en/optout). Their Privacy Controls page offers settings for Marketing Preferences, Ad Interest Manager, Content preferences, Search history, and Location management [Yahoo, 06](https://policies.yahoo.com/ie/en/yahoo/privacy/tools/index.htm).    

"You must allow cookies from Yahoo in order to opt out. To make your opt-out apply to every computer that you use, you must be signed in to your Yahoo account". Yahoo's opt out page also includes "Your interest categories" [Yahoo, 05](https://aim.yahoo.com/aim/ie/en/optout).

Yahoo offers opt-out options for third parties, including the recommendation to visit their websites individually [Yahoo, 04](https://policies.yahoo.com/ie/en/yahoo/privacy/topics/thirdparties/index.htm).

## Relationships
_Yahoo partners:_ Adxpose (comScore product) / Audience Science / comScore/ScorecardResearch / DoubleVerify / Integral Ads / KN Dimestore / Nielsen / Facebook / Google+ / LinkedIn / Pinterest / Twitter / 30 Boxes / Amazon / Basil (Backstage Technologies) / Bunchball Games / ChitChat (Monusoft) / CoverGirl Beauty Consultant Live Chat / Dropbox / eBay / enDICEr / Love Match/Fun Center (B4U.com) / NDCSA / NewsGator / OtherInBox / Pandaf Games / StumbleUpon / WackyB Twitter Sync / WebEx Co-Browse / YouSendIt / ABC / Astrology.com/iVillage / Cars.com / Healthline / Match.com / Monster Inc. / Nokia Maps / Orbitz / PriceGrabber / Shopzilla / Spotify / Team Fan Shop (Pro Football Weekly) / Tenor / TripAdvisor / TrueCar / Turner / Vast (Autos) / Zillow / ABC News / Blastro.com / Blip.tv / CNBC / CNN / CollegeHumor.com / Dailymotion / Ebaumsworld.com / Ehow.com / Fox News / Gametrailers.com / Good Morning America / Guardian News / Hulu / Metacafe / Metatube.com / Myspace.com / NBC / NFL / PBS / Ustream / Vevo / Videobash.com / Vimeo / Washington Post / Worldstarhiphop.com / YouTube / Chitika / Google / Media.net / Microsoft / NetSeer / Yandex / Abaca Technology Corporation / AOL / Authentication Metrics / Aviary / Bankrate / Bloomreach (Commerce SEO) / Branch.io / Detroit Trading Company / Dropbox / Google / HelloWorld, Inc. / HortonWorks / Lashback / Luminate / Manilla / Outbrain / Paypal / Project Slice / SigFig / Symantec / Trend Micro / Truedomain / Urban Airship / Vantage (Yahoo Real Estate) [Yahoo, 04](https://policies.yahoo.com/ie/en/yahoo/privacy/topics/thirdparties/index.htm)

## Details
_Financial Details:_ Flurry was founded in 2005. By December 2013, it had raised $62.5 million [TechCrunch, 01](https://techcrunch.com/2013/12/06/flurry-funding).  On July 21, 2014 Yahoo bought Flurry for a reported $200-300 million [TechCrunch, 02](https://techcrunch.com/2014/07/21/yahoo-is-buying-mobile-analytics-firm-flurry-for-north-of-200m). Flurry partnered with Research Now, a digital data collecting firm, in 2014, for the purpose of "to track mobile app users, offline" [AdAge, 01](http://adage.com/article/digital/flurry-research-build-mobile-app-advertising-database/292287). 

_Scope:_ By December 6, 2013, Flurry told TechCrunch "400,000 apps are using its analytics product, with 20,000 additions each month, and that it's tracking activity from 1.2 billion smartphones and tablets. It also said that it's working with 125,000 developers" [TechCrunch, 01](https://techcrunch.com/2013/12/06/flurry-funding).  

_Additional services:_ Additional Flurry Analytics features for Android include:

* Revenue Analytics [Yahoo, 07](https://developer.yahoo.com/flurry/docs/analytics/gettingstarted/revenue/android)
* Crash Analytics [Yahoo, 08](https://developer.yahoo.com/flurry/docs/analytics/gettingstarted/trackcrashes/android)
* Track Geographic Location (at the city level where the app is being used; or, without that level of detail, the country level as based on IP address)
* Track user ID and demographics
* Track page views [Yahoo, 09](https://developer.yahoo.com/flurry/docs/analytics/gettingstarted/technicalquickstart/android)
* Object-based API for Native, Interstatial and Banner ads [Yahoo, 10](https://developer.yahoo.com/flurry/docs/publisher/code/android-ad-publishing)
* User paths reporting [Yahoo, 11](https://developer.yahoo.com/flurry/docs/analytics/lexicon/analyticsusage)
* Utilizes mobile SDK in apps to inject advertising, including video: "Monetize your app with native and video ads from Yahoo, Flurry, and BrightRoll advertisers" [Yahoo, 12](https://developer.yahoo.com/monetize)

## References
* _AdAge, 01_. [http://adage.com/article/digital/flurry-research-build-mobile-app-advertising-database/292287](http://adage.com/article/digital/flurry-research-build-mobile-app-advertising-database/292287)  
* _Ars Technica, 01_. [https://arstechnica.com/information-technology/2017/06/oath-verizon-completes-4-5-billion-buy-of-yahoo-and-merges-it-with-aol](https://arstechnica.com/information-technology/2017/06/oath-verizon-completes-4-5-billion-buy-of-yahoo-and-merges-it-with-aol)  
* _TechCrunch, 01_. [https://techcrunch.com/2013/12/06/flurry-funding](https://techcrunch.com/2013/12/06/flurry-funding)  
* _TechCrunch, 02_. [https://techcrunch.com/2014/07/21/yahoo-is-buying-mobile-analytics-firm-flurry-for-north-of-200m](https://techcrunch.com/2014/07/21/yahoo-is-buying-mobile-analytics-firm-flurry-for-north-of-200m)  
* _Yahoo, 01_. [https://developer.yahoo.com/analytics](https://developer.yahoo.com/analytics)  
* _Yahoo, 02_. [https://policies.yahoo.com/ie/en/yahoo/privacy/euoathnoticefaq](https://policies.yahoo.com/ie/en/yahoo/privacy/euoathnoticefaq)  
* _Yahoo, 03_. [https://developer.yahoo.com/flurry/docs/analytics/gettingstarted/events/android](https://developer.yahoo.com/flurry/docs/analytics/gettingstarted/events/android)  
* _Yahoo, 04_. [https://policies.yahoo.com/ie/en/yahoo/privacy/topics/thirdparties/index.htm](https://policies.yahoo.com/ie/en/yahoo/privacy/topics/thirdparties/index.htm)  
* _Yahoo, 05_. [https://aim.yahoo.com/aim/ie/en/optout](https://aim.yahoo.com/aim/ie/en/optout)  
* _Yahoo, 06_. [https://policies.yahoo.com/ie/en/yahoo/privacy/tools/index.htm](https://policies.yahoo.com/ie/en/yahoo/privacy/tools/index.htm)  
* _Yahoo, 07_. [https://developer.yahoo.com/flurry/docs/analytics/gettingstarted/revenue/android](https://developer.yahoo.com/flurry/docs/analytics/gettingstarted/revenue/android)  
* _Yahoo, 08_. [https://developer.yahoo.com/flurry/docs/analytics/gettingstarted/trackcrashes/android](https://developer.yahoo.com/flurry/docs/analytics/gettingstarted/trackcrashes/android)  
* _Yahoo, 09_. [https://developer.yahoo.com/flurry/docs/analytics/gettingstarted/technicalquickstart/android](https://developer.yahoo.com/flurry/docs/analytics/gettingstarted/technicalquickstart/android)  
* _Yahoo, 10_. [https://developer.yahoo.com/flurry/docs/publisher/code/android-ad-publishing](https://developer.yahoo.com/flurry/docs/publisher/code/android-ad-publishing)  
* _Yahoo, 11_. [https://developer.yahoo.com/flurry/docs/analytics/lexicon/analyticsusage](https://developer.yahoo.com/flurry/docs/analytics/lexicon/analyticsusage)  
* _Yahoo, 12_. [https://developer.yahoo.com/monetize](https://developer.yahoo.com/monetize)  
* _Yahoo, 13_. [https://developer.yahoo.com/flurry-pulse](https://developer.yahoo.com/flurry-pulse)  
* _Yahoo, 14_. [https://developer.yahoo.com/flurry/docs](https://developer.yahoo.com/flurry/docs)

## External links
* _Ghostery_: [https://apps.ghostery.com/apps/flurry](https://apps.ghostery.com/apps/flurry)  
* _Wikipedia_: [https://en.wikipedia.org/wiki/Flurry_(company)](https://en.wikipedia.org/wiki/Flurry_(company))  
* _Flurry FAQ_: [https://developer.yahoo.com/flurry/docs/faq](https://developer.yahoo.com/flurry/docs/faq)
* _AppBrain_: [https://www.appbrain.com/dev/Yahoo/](https://archive.is/7BNpX)

# Questions or concerns about this document?
Please contact Privacy Lab: https://privacylab.yale.edu/directory


================================================
FILE: trackers/Gimbal.md
================================================
# Tracker Name
Gimbal

# In εxodus?
No

## Website
https://gimbal.com/

## About
RELEVANCE REIMAGINED. Perfect your advertising and marketing relevance with identity-driven solutions using physical-world data.


## Category
Beacon, Location, Identity, Tracking, Advertising

## [Exodus Detection Rules](https://exodus-privacy.eu.org)
*   Network signature: `gimbal.com`
*   Code signature: `com.gimbal`

## Repositories
*   Maven: `https://mvnrepository.com/artifact/com.gimbal.android.v4/gimbal-sdk`
*   Artifact ID: `gimbal-sdk`
*   Group ID: `com.gimbal.android.v4`

## Gradle
`xxx`

## Additional links
Analytics_Base_Url : https://analytics-server.gimbal.com/service/

## Notes
SDK includes lib package com.qsl.faar "Place Bubble" and geofencing, is already in Etip

================================================
FILE: trackers/HockeyApp (Microsoft).md
================================================
# HockeyApp (Bit Stadium GmbH, acquired by Microsoft)

## Primary Location
Microsoft: United States (Seattle) / Bit Stadium: Germany (Stuttgart) [Crunchbase, 01](https://www.crunchbase.com/organization/bit-stadium-gmbh)

## Website
[https://www.hockeyapp.net](https://www.hockeyapp.net)

## About

HockeyApp is utilized for crash reporting, app distribution, user feedback, and the collection of user metrics. "HockeyApp is a service for app developers to support them in various aspects of their development process, including the management and recruitment of testers, the distribution of apps and the collection of crash reports." [HockeyApp 01](https://support.hockeyapp.net/kb/general-account-management-2/general-questions)

## Ownership
Bit Stadium is a subsidiary of Microsoft [Bloomberg, 01](https://www.bloomberg.com/research/stocks/private/snapshot.asp?privcapId=279701634)

## [Exodus Detection Rules](https://exodus-privacy.eu.org)
* `hockeyapp\.net`

## Documentation
[https://support.hockeyapp.net/kb/client-integration-android/hockeyapp-for-android-sdk](https://support.hockeyapp.net/kb/client-integration-android/hockeyapp-for-android-sdk)

## What it does

Analyzes user behavior and app usage. "Understand user behavior to improve your
app. Track app adoption through daily active users, monthly active users, and net
new users. Measure customer engagement through session count and verify your apps
reliability day by day with Crash Free Users." [HockeyApp, 02](https://www.hockeyapp.net/features/user-metrics/)

"When enabled, the SDK anonymously tracks the users of your app by creating a UUID that is then securely stored. The UUID is securely stored in the preferences of the client app." [HockeyApp, 03](https://support.hockeyapp.net/kb/app-management-2/what-data-is-collected-with-the-hockeysdks-2#data-collected-for-the-user-metrics-features)

## Privacy Policy

Microsoft Privacy Statement [https://privacy.microsoft.com/en-us/PrivacyStatement](https://privacy.microsoft.com/en-us/PrivacyStatement)

Developers can opt out of statistical analysis of their app's users. "Just in case you want to opt-out of the automatic collection of anonymous users and sessions statistics, there is a way to turn this functionality off at any time." [HockeyApp, 04](https://support.hockeyapp.net/kb/general-account-management-2/getting-started-with-user-metrics)

## Details

HockeyApp was launched in 2012. It was acquired by Microsoft in 2014 [Crunchbase, 01](https://www.crunchbase.com/organization/bit-stadium-gmbh). The company existed in some form in 2011, with Microsoft as a customer [HockeyApp, 05](https://www.hockeyapp.net/blog/2014/12/11/hockeyapp-joins-microsoft.html).

"HockeyApp does not collect any PII (Personable Identifiable Information) and the user tracking is done anonymously... Keep in mind that whenever the HockeySDK sends metric data to our backend, a corresponding app version gets automatically added to the app." [HockeyApp, 04](https://support.hockeyapp.net/kb/general-account-management-2/getting-started-with-user-metrics)

"You can get more insights into user behavior for the testers of your app. You can see basic user metrics, gauge customer engagements and even check your app’s reliability throughout the day. More than that, you can drill down on the users that have experienced a particular crash type or a crash that happened during a specific time period. This will help you know if the crash has affected a lot of people over a cross section of your users or if there are specific groups of people who experience the same type of crashes repeatedly." [Stackify, 01](https://stackify.com/what-is-hockeyapp/)

## References
* _HockeyApp, 01._ [https://support.hockeyapp.net/kb/general-account-management-2/general-questions](https://support.hockeyapp.net/kb/general-account-management-2/general-questions)
* _HockeyApp, 02._ [https://www.hockeyapp.net/features/user-metrics/](https://www.hockeyapp.net/features/user-metrics/)
* _HockeyApp, 03._ [https://support.hockeyapp.net/kb/app-management-2/what-data-is-collected-with-the-hockeysdks-2#data-collected-for-the-user-metrics-features](https://support.hockeyapp.net/kb/app-management-2/what-data-is-collected-with-the-hockeysdks-2#data-collected-for-the-user-metrics-features)
* _HockeyApp, 04._ [https://support.hockeyapp.net/kb/general-account-management-2/getting-started-with-user-metrics](https://support.hockeyapp.net/kb/general-account-management-2/getting-started-with-user-metrics)
* _HockeyApp, 05._ [https://www.hockeyapp.net/blog/2014/12/11/hockeyapp-joins-microsoft.html](https://www.hockeyapp.net/blog/2014/12/11/hockeyapp-joins-microsoft.html)
* _Crunchbase, 01._ [https://www.crunchbase.com/organization/bit-stadium-gmbh](https://www.crunchbase.com/organization/bit-stadium-gmbh)
* _Bloomberg, 01._ [https://www.bloomberg.com/research/stocks/private/snapshot.asp?privcapId=279701634](https://www.bloomberg.com/research/stocks/private/snapshot.asp?privcapId=279701634)
* _Stackify, 01._ [https://stackify.com/what-is-hockeyapp/](https://stackify.com/what-is-hockeyapp/)

## External Links
* _Crunchbase (HockeyApp):_ [https://www.crunchbase.com/organization/bit-stadium-gmbh](https://www.crunchbase.com/organization/bit-stadium-gmbh)
* _Wikipedia (List of mergers and acquisitions by Microsoft):_ [https://en.wikipedia.org/wiki/List_of_mergers_and_acquisitions_by_Microsoft#cite_note-195](https://en.wikipedia.org/wiki/List_of_mergers_and_acquisitions_by_Microsoft#cite_note-195)
* _Owler company profile:_ [https://www.owler.com/iaApp/1149223/hockeyapp-company-profile](https://www.owler.com/iaApp/1149223/hockeyapp-company-profile)

# Questions or concerns about this document?
Please contact Privacy Lab: https://privacylab.yale.edu/directory



================================================
FILE: trackers/Houndify.md
================================================
# Tracker Name
Houndify

# In εxodus?
No

## Website
https://www.houndify.com/

## About
Integrate voice and conversational intelligence into your products through an independent platform that is always learning. Customize, innovate, and differentiate while maintaining your own brand and users.


## Category
Tracking, Location, Identity, Beacon

## [Exodus Detection Rules](https://exodus-privacy.eu.org)
*   Network signature: `houndify.com`
*   Code signature: `com.hound`

## Repositories
*   Maven: `https://www.houndify.com/maven/hound/android/hound-sdk/`
*   Artifact ID: `hound-sdk`
*   Group ID: `hound.android`

## Gradle
`xxx`

## Additional links
https://www.soundhound.com/about
https://www.midomi.com/
https://www.houndify.com/maven/hound/android/


## Notes
Private beta features include: beam forming, echo cancellation, emotion detection, fingerprint identification, automatic language translation, voice biometrics, iris recognition, image recognition, face recognition, and more.
Collective AI TM offers comprehensive knowledge, that is always learning, is crowdsourced to domain experts, and is larger than the sum of its parts — ensuring that your solutions and smart IoT devices continue to grow smarter into the future.

================================================
FILE: trackers/InMobi.md
================================================
# InMobi

## About

[InMobi](https://www.inmobi.com/) is a private, Indian-based advertising behemoth.  It has relationships with over 30,000 companies and app developers. It has approximately 1,500 employees in offices in 12 different countries. [See also: OpenCorporates](https://opencorporates.com/companies/us_ca/C3422070)

InMobi's founder, in a recent [Forbes article,](http://www.forbesindia.com/article/leaderboard/inmobi-wants-to-glue-your-attention-to-your-lock-screen/53095/1) stated that "Consumers will move from seeking content to consuming what is shown to them."  

## Ownership

InMobi was founded in Mumbai, India, as mKhoj, in 2007 by Naveen Tewari, Abhay Singhal, Amit Gupta and Mohit Saxena.  Its investors include Softbank and its debt financier is Tennenbaum Capital Partners.  


## [Exodus Detection Rules](https://exodus-privacy.eu.org)

* Code detection rule: com.inmobi
* Network detection rule: config-ltvp.inmobi.com | sdkm.w.inmobi.com | inmobi.com | inmobi.info | inmobi.us

## What it does

* Native/Targeted Advertising
* E-Commerce
* In-app Mobile Advertising
* Market Research Platform

## Privacy Policy

[Policy as of 17/2/2017, reviewed 21/4/2019:](https://www.inmobi.com/privacy-policy/)

* InMobi's opt-out is [located here.](https://www.inmobi.com/page/opt-out/)  Users will need their iOS or Android ID.  

* InMobi's privacy policy states that it collects information about the "device type (e.g. smartphone, tablet, etc.),operating system (e.g. iOS, Android, Windows, Blackberry), network provider, mobile browser used (e.g. Safari, Internet Explorer etc.),platform, SDK version, timestamp, API key (identifier for application), application version, iOS Identifier for Advertising, iOS Identifier for Vendors, model, manufacture of device, OS version of device, session start/stop time, locale (specific location where a given language is spoken), time zone, network status such as WiFi, the geo-location of your device (using GPS or other geo-location data) and the Identifier for Advertising (IDFA) or the Google Advertising ID (AAID) etc"  which it may infer from WiFi identifiers in the area.   

* It also collects information regarding "(i) the content type of the ad (what the ad is about, e.g. games, finance, entertainment, news); (ii) the ad type (e.g. whether the ad is a text, image, or video based ad); (iii) where the ad is being served (e.g. the address of the site on which the ad appears); and (iv) certain information about post-click activity in relation to the ad including user interaction with such ad."  It may also collect email addresses in a hashed format. 

* This information is shared with "Publishers, Developers, Advertisers, Data Partners, Measurement Companies, InMobi Affiliates, and third parties such as advisors and law enforcement authorities."  

* Data is kept for a 13-month period, after which InMobi "may retain and use such data in an aggregated format, as necessary for internal analytical purposes, to comply with its legal obligations, resolve disputes and enforce agreements."

## Lawsuits and Settlements

* In 2016, InMobi settled with the FTC (US Federal Trade Commission) for $950,000 over the Children's Online Privacy Protection Act violations ("COPPA").  [See more information](https://www.ftc.gov/news-events/press-releases/2016/06/mobile-advertising-network-inmobi-settles-ftc-charges-it-tracked)

# Questions or concerns about this document?
Please contact Privacy Lab: https://privacylab.yale.edu/directory


================================================
FILE: trackers/IndoorAtlas.md
================================================
# Tracker Name
IndoorAtlas

## Website
http://www.indooratlas.com/

## About
Indoor positioning systems (IPS) locate people or objects inside a building using radio signals, geomagnetic fields, inertial sensor data, barometric pressure, camera data or other sensory information collected by a smartphone device or tablet.

## Category
Beacon, Analytics, Location, Sensors

## [Exodus Detection Rules](https://exodus-privacy.eu.org)
*   Network signature: `ipsws.indooratlas.com`
*   Code signature: `com.indooratlas.android.sdk`

## Repositories
*   Maven: `http://indooratlas-ltd.bintray.com/mvn-public`
*   Artifact ID: `indooratlas-android-sdk`
*   Group ID: `com.indooratlas.android`

## Gradle
`xxx`

## Additional links
https://github.com/IndoorAtlas/android-sdk-examples https://www.youtube.com/watch?v=onm3sqQ4LMo

## Notes
xxx


================================================
FILE: trackers/Inmarket.md
================================================
# Tracker Name
Inmarket

# In εxodus?
No

## Website
https://inmarket.com/

## About
Inspire shoppers when it matters most - as they enter the store, ready to make purchase decisions. Just as restaurants know to advertise before the lunch rush instead of after, Preceptivity personalizes receptivity for your customer based on unique shopping patterns and how they relate to the product category.

## Category
Location, Beacon, Advertising

## [Exodus Detection Rules](https://exodus-privacy.eu.org)
*   Network signature: `m2m-api.inmarket.com`
*   Code signature: `com.inmarket`

## Repositories
*   Maven: `xxx`
*   Artifact ID: `xxx`
*   Group ID: `xx`

## Gradle
`xxx`

## Additional links
http://data.altbeacon.org/android-distance.json 

## Notes
integration with Moat 

================================================
FILE: trackers/Instreamatic.md
================================================
# Tracker Name
Instreamatic

# In εxodus?
No

## Website
http://instreamatic.com/

## About
Voice-enabled audio technology is the biggest breakthrough in audio advertising in the last 70 years. Voice-enabled audio ads allow users to interact with ads, literally speaking with the brand


## Category
Advertising, Tracking

## [Exodus Detection Rules](https://exodus-privacy.eu.org)
*   Network signature: `instreamatic.com`
*   Code signature: `com.instreamatic`

## Repositories
*   Maven: `http://instreamatic.com/nexus/repository/maven-public/`
*   Artifact ID: `xxx`
*   Group ID: `xxx`

## Gradle
`xxx`

## Additional links
https://bitbucket.org/account/user/instreamatic/projects/ISP

## Notes
Language {ENGLISH_US("en-US"), ENGLISH_GB("en-GB"), RUSSIAN("ru-RU"), CHINESE("zh-CN"), FRENCH("fr-FR"), GERMAN("de-DE"), ITALIAN("it-IT"), SPANISH("es-ES"), UKRAINIAN("uk-UA"), TURKISH("tr-TR");}


================================================
FILE: trackers/Intrasonics.md
================================================
# Tracker Name
Intrasonics

## Website
http://www.intrasonics.com/

## About
We provide broadcast grade audio watermarking technology all over the world. Some of the things we make possible... National Audience Research, Measuring Advertising Reach, Synchronised Apps for TV, Radio & Cinema, Loyalty Schemes for Brands and Broadcasters, Interactive Toys & Wearables

## Category
 Analytics, Tracking, Audio Watermarking, Location.

## [Exodus Detection Rules](https://exodus-privacy.eu.org)
*   Network signature: `xxx.com`
*   Code signature: `com.intrasonics`

## Repositories
*   Maven: `xxx`
*   Artifact ID: `xxx`
*   Group ID: `xxx`

## Gradle
`xxx`

## Additional links
http://www.intrasonics.com/sdks/ https://bundles.intrasonics.com  https://portal.intrasonics.com/ http://contentserver-dev.intrasonics.com

## Notes
web browser SDK, RT watermark encoding hardware/software. "People find the idea of apps that might be listening with the microphone while running in the background a bit spooky."


================================================
FILE: trackers/Kochava.md
================================================
# Kochava

## About

Kochava is a mobile attribution and analytics platform.  It is integrated with 3,500+ networks, publishers, news, media, and consumer goods producers and marketers. Kochava is a private corporation registered in Delaware [Source: OpenCorporates](https://opencorporates.com/companies/us_de/5057617) and is headquartered in Idaho. 

## Ownership

Kochava's founder and CEO is Charles Manning.  [Source: website](https://www.kochava.com/charles-manning-profile/)

## [Exodus Detection Rules](https://exodus-privacy.eu.org)

* Code detection rule: com.kochava.android.tracker.
* Network detection rule: control.kochava.com

## What it does

* Behavioral Analytics
* Mobile Advertising
* iBeacon Location Tracking

## Privacy Policy

[Policy as of 29/9/2018:](https://www.kochava.com/support-privacy/)

* Kochava takes data privacy "very seriously" and goes so far as to list the security standards it employs ("ISO/IEC 27001"), encryption types ("SSL/TLS"), and storage types used ("SSAE16 Type II SOC 2"). 

* Kochava has a detailed data processing policy demonstrating its commitment to the European GDPR. Many provisions apply to end-user personal data. [Link](https://www.kochava.com/data-processing-policy/)
* It is unclear whether Kochava applies the GDPR standard to end-users outside the EU, and to what extent the same definitions of personal data apply.

* The collection of personal data is limited to that which is "adequate, relevant, and necessary for the purpose of which they are processed." Kochava states that is contractual provisions prohibit clients from "utilizing the Platform to collect, process, or otherwise handle sensitive personal data" and said data is deleted after a client's contract has been terminated.

* End-users can Opt Out and disable interest-based ads on their device by following the instructions on this [link](https://www.kochava.com/opt-out/).

# Questions or concerns about this document?
Please contact Privacy Lab: https://privacylab.yale.edu/directory


================================================
FILE: trackers/Krux (SalesForce DMP).mkd
================================================
# Krux (Salesforce DMP)

## Primary Location
United States (San Francisco) [Crunchbase, 01](https://www.crunchbase.com/organization/krux-digital)

## Website
[https://www.salesforce.com/products/marketing-cloud/data-management](https://www.salesforce.com/products/marketing-cloud/data-management)

## About
Salesforce DMP is a data management platform that manages data, identifies end users, and cetnralizes user-level data for advertising and content personalization [Salesforce, 24](https://konsole.zendesk.com/hc/en-us/articles/115012398067-What-if-I-just-want-to-import-data-instead-of-using-the-Control-Tag-SDK-or-other-DMP-tracking-)

## Ownership
Salesforce

## [Exodus Detection Rules](https://exodus-privacy.eu.org)
* `mparticle\.com`

## Documentation
[https://konsole.zendesk.com/hc/en-us/articles/226031268-Android-SDK-Implementation-Guide](https://konsole.zendesk.com/hc/en-us/articles/226031268-Android-SDK-Implementation-Guide)

## Products and Services

Salesforce DMP offers a vast array of technologies in its data management platform. These are detailed in the Techology section under Details, below.

Services provided by Salesforce DMP include:  

* Accerlated Mobile Pages (facilitate mobile-optimized content)
* Cross Device Identity Mangement (identify individuals across devices)
* Salesforce DMP Einstein Segmentation (segment multiple personas in an audience)
* Tracking (re-identify and track users using various methods)
* Hashed device management (tracking used in reaction to Safari 3rd party blocking)
* User matching (match users with various techniques to identify individuals)
* Ad Server analytics (understand and analyze audience segment delivery and yield across all ad impressions)
* Content engagement reports (loyalty report cards, site visits, and more)
* Frequency engagement reports (how many times a user has seen an ad)
* Funnels report (track customer behaviors across their customer journey)
* Look-alike modeling (
* Audience Profile Report (such as age, gender, and household income)

## Privacy Policy
**Opting out**   
_DMP Opt-Out_ "DMP Opt-Out
https://apiservices.krxd.net/consumer/optout is the standard DMP opt-out URL. When called directly, this URL will execute the Opt-out action for a user and it will return the following JSON response:

{"code":"success"}

A user must allow cookies from Salesforce DMP in order to opt-out. Calling the DMP opt-out code (by clicking on an opt-out button placed on the client's page) will result in a persistent 'cookie' placed in the user’s web browser by Salesforce, identifying that user as being on the Salesforce DMP 'do not target' list. Taking this opt-out step won't prevent all tracking and targeting online, but it will ensure the user’s wishes are honored by all Salesforce DMP clients.

Note: If the user uses more than one computer, the process must be repeated for each one as this information is associated with a cookie unique to each machine." [Salesforce, 7](https://konsole.zendesk.com/hc/en-us/articles/217039187-Privacy-Policy-and-Opt-Out-Guide)

_On Mobile:_ "Users can reset their IDFA or AdID to receive a new one. This is comparable to deleting cookies.

They can also block these completely by opting-out of Ad Track or Ads Personalization. In that case, Salesforce DMP cannot track or target these users." [Salesforce, 3](https://konsole.zendesk.com/hc/en-us/articles/115000428127-Mobile-IDs-FAQ)

_In Safari FAQ:_ "Is there any difference in the how 1st-party cookies and Hashed Device IDs treat opt-outs?
Yes, if the client is utilizing a first-party cookie and has multiple domains, a dedicated opt-out will need to be configured and maintained for each site. Alternatively, if hashed device management is employed a single opt-out link will be applicable for a given client.

Can users opt-out of Hashed ID tracking?
Absolutely – unlike other providers of so-called Fingerprinting techniques, the Salesforce DMP actually can manage fingerprinting users through an opt-out. 

Does Fingerprinting adhere to PII rules?
Yes, our hashed device management solution is fully compliant with PII protocols.

Do both approaches lose uses when they clear their cookies?
No, first-party cookies can be cleared, while the hashed ID will persist even if cookies are emptied. [Salesforce, 4](https://konsole.zendesk.com/hc/en-us/articles/115000428307-Safari-FAQ)

"Can users opt-out of tracking in Mobile Apps?
Users can reset their IDFA or AdID to receive a new one. This is comparable to deleting cookies.

They can also block these completely by opting-out of Ad Track or Ads Personalization. In that case, Salesforce DMP cannot track or target these users." [Salesforce, 58](https://konsole.zendesk.com/hc/en-us/articles/115000428127-Mobile-IDs-FAQ)

**Personally Identifiable Information**  
"Personally Identifiable Information (PII) includes any data that could potentially identify a specific individual and can be used for de-anonymizing data. Salesforce does not collect or store PII."

Some examples of PII include: Full name; Email address; Phone numbers; Credit card numbers; Date of birth; Login/screen name; IP address is considered PII in some countries outside of the US; Home address; etc" [Salesforce, 8](https://konsole.zendesk.com/hc/en-us/articles/115007222048-PII)

**Data Privacy and Security Considerations**

Salesforce DMP does not accept PII data and it is a breach of the MSA to send to us. Onboarding might be a better option if you have data connected to email addresses and are concerned with offline data import user matching. Usage and set up fees apply." [Salesforce, 32](https://konsole.zendesk.com/hc/en-us/articles/214918988-First-Party-Data-Import)  

**Data Retention**  
"Data Expiry

Salesforce DMP stores any data collected through online mechanisms (including user matching data) for a variable period as defined in the contractual agreement between Salesforce and the client. First-party imports remove any data not included in subsequent imports (full refresh). For best user match results, files should be uploaded frequently, or daily, even if the data output has no change." [Salesforce, 32](https://konsole.zendesk.com/hc/en-us/articles/214918988-First-Party-Data-Import)  

## Relationships
_Data Onboarding:_
comScore / LiveRamp / Neustar [Salesforce, 9](https://konsole.zendesk.com/hc/en-us/articles/115010458727-Data-Onboarding-Partners)

_Data Collection Partners:_

* Off-Site Ad Servers:_ Conversant / DoubleClick Campaign Manager (DCM) / Flashtalking / Innovid / Medialets / Sizmek
* On-Site Ad Servers:_ DoubleClick for Pulishers - DFP (Data Transfer Files)
* Email Service Providers:_ SalesforceExactTarget
* Data Management Platforms:_ Adobe Audience Manager / Oracle BlueKai DMP
* Analytics & Measurement:_ Adobe Analytics (fkaOminture SiteCatalyst) / Brightcove / comScore Validated Campaign Essentials (vCE) / Google Analytics Standard / Kochava / MOAT / Tune [Salesforce, 10](https://konsole.zendesk.com/hc/en-us/articles/227144948-Data-Collection-Partners)

**Data Activation Partners**  

_On-Site Ad Servers:_ Adition / Adswizz / AdTech / DoubleClick for Publishers - DFPAudience / DoubleClick for Publishers - DFP Key/Value Pairs / Freewheel / IPONWeb / LKQD / Nativo / OAS / OpenX / SAS/AIMatch / Smart Ad Server

_On-Site SSP's:_ DoubleClick AdExchange - AdX (via DFP) / Index Exchange (Casale) / OpenX / Pubmatic / Rubicon / Sonobi / Sticky Ads / Tremor

_Off-Site Ad Servers:_ Flashtalking / Flite / Innovid / Sizmek

_Off-Site Data Activation:_ ActiveAgent AG / Adara / AdColony / AdForm / AdRoll / AdSquare / A.ki / Amazon Advertising / AOL ONE / AppNexus / Beeswax / Comscore / Criteo / DataXu / DoubleClick Bid Manager - DBM / Dstillery / Exponential / Facebook Custom Audiences / Google AdWords / Google RLSA / IgnitionOne / Infectious Media / InMobi / Instagram (via Facebook Custom Audiences) / Jivox / Lotame / Maxpoint / MediaMath / [m]Platform | GroupM / Netmining / Next Performance / OwnerIQ / Platform161 / Quantcast / RadiumOne / RocketFuel / Run / Simpli.fi / Specific Media (Viant) / SpotXchange / Teads / The Trade Desk / TimeOne / Tradelab / Termore Video / TubeMogul / Turn / Twitter - Tailored Audience / Undertone / VideoAmp / Videology / Yahoo! DataX (replaced RMX pipeline) / Yieldlab / Zebestof

_Experience Management Systems & A/B Testing Platforms:_ AB Tasty / Acquia / Adobe Target / Maxymiser / Optimizely / Oracle Real-Time Decisions / Teradata Real - Time Interactions Manager / VWO

_Assorted Data Outputs:_ Adobe Audience Manager / Moat / Oracle BlueKai DMP / Survata / YieldEx [Salesforce, 11](https://konsole.zendesk.com/hc/en-us/articles/226620988-Data-Activation-Partners)

_Third-Party Data Marketplace:_ Acxiom / AffinityAnswers / ALC / Alliant / AnalyticsIQ / ASL / Audience Partners / AuDIGENT / B2B Targets / Bombora / Cardlytics / comScore / Connexity / Crossix / Cuebiq, Inc / Dataium / Dataline / Datamyx / DataLogix / Datonics / Digital Elements / Dun & Bradstreet / Epsilon / Ethnic Technologies / eXelate / Experian / Eyeota / Factual / Forbes / i360 / InfoGroup / IRI Worldwide / IXI Services/Equifax / Kantar Shopcom / L2 / LiveRamp Data Store / Mastercard Advisors / Maxpoint / MeritDirect / Mobiquity / GfK MRI / Gravy Analytics / #HOME by Vendigi / Navegg / NetWise Data / Neustar AdAdvisor / Nielsen / Nielsen Catalina Solutions (NCS) / NinthDecimal / PlaceIQ / PushSpring / Quantcast / SambaTV / ShareThis / Skydeo - Mobile AppAudiences / Skyhook / Specialists Marketing Services / Stirista / Tivo / TruSignal / Twine / Vertical Mass / Visual DNA / V12 / Webbula / Windfall [Salesforce, 12](https://konsole.zendesk.com/hc/en-us/articles/217592967-Third-Party-Data-Marketplace)

## Details

_Origins:_ Krux began as "a platform for brands to collect all data from digital interactions across devices and use it to better understand their customers" for better marketing.  However, they "knew that first-party data (customers’ email addresses and purchase histories) was where the puck was headed, so we doubled down on it."  They are driven by the concept "people data" because people, not browsers and mobile devices, are what buy things. [Salesforce, 1](https://www.salesforce.com/blog/2017/05/krux-is-now-salesforce-dmp.html)

_Philosophy and approach:_ "...when I am asked, what is the future of DMPs, I say that DMPs will become completely integrated into larger technology stacks offering a layer of data management (for both known and unknown data) for the “right person.” This orchestration layer consists of connected execution systems that seek to answer the “right message, right time” quandary. It also includes an artificial intelligence (AI) layer, which is the “brains” of the operation trying determine how to stitch billions of individual data points together in real time."  "...marketing is much more than ad campaigns. It is every experience a customer has with the brand, and we empower marketers to use data to impact every touchpoint along that journey, all powered by AI." [Salesforce, 1](https://www.salesforce.com/blog/2017/05/krux-is-now-salesforce-dmp.html)

"Some of the core reasons to use a DMP are to manage Identity and centralize user-level data for advertising and content personalization. Additionally, the DMP includes insights that help inform targeting and personalization use cases as well as campaign and personalization optimization." [Salesforce, 24](https://konsole.zendesk.com/hc/en-us/articles/115012398067-What-if-I-just-want-to-import-data-instead-of-using-the-Control-Tag-SDK-or-other-DMP-tracking-)

_Scope:_ "Every month, Salesforce DMP interacts with more than 3 billion browsers and devices, supports more than 200 billion data collection events, processes more than 5 billion CRM records, and orchestrates more than 200 billion personalized consumer experiences." [Salesforce, 1](https://www.salesforce.com/blog/2017/05/krux-is-now-salesforce-dmp.html)

"The Salesforce Data Management Platform (DMP) allows publishers and marketers to collect and organize all of their consumer web data in one central "big-data" warehouse. Using Salesforce DMP, organizations can consolidate and reconcile their first-party "web-behavior" data that is generated by consumers as they engage with media and/or content with data from various third-party data providers like eXelate, DataLogix, Targus etc. Organizations can also integrate data from their user registration and subscription databases (hereon referred to as “first-party data”) into Salesforce DMP and join that data with web behavior and third-party data. 

User data stored in Salesforce DMP is keyed off a global Krux User ID. The Krux User ID is a third-party cookie and as such is specific to a browser (and corresponding device too). All data that is collected by Salesforce DMP from online environments is automatically keyed off the Krux User ID.

Salesforce DMP supports the ingestion of first-party data available in client systems like registration or subscription databases and other CRM systems. This data is keyed off the client’s first-party User ID. A User Matching process that maps the client first-party User ID to the corresponding Krux User ID for every applicable user facilitates the onboarding and ingestion of this data. 

After the user matching process has been setup clients can send first-party data corresponding to the matched users. Salesforce DMP has a strict data format for the first-party data outlined below." [Salesforce, 32](https://konsole.zendesk.com/hc/en-us/articles/214918988-First-Party-Data-Import)

_Billing Clients:_ Clients are charged for impressions, and a maximum amount for a single impression is calculate: [Salesforce, 34](https://konsole.zendesk.com/hc/en-us/articles/115011719688-How-Data-Costs-are-Billed)

### Technology

**AMP for Mobile Tracking**  
AMP stands for ‘Accelerated Mobile Pages’ and is designed to facilitate mobile-optimized content. A notable aspect of the design is that it keeps 3rd party JavaScript out as much as possible to improve performance, however, there are AMP libraries available to provide additional rich content."  

See AMP FAQ for more: [Salesforce, 56](https://konsole.zendesk.com/hc/en-us/articles/115000428507-AMP-FAQ)

**Cross Device Identity Mangement (Declarative and Predictive)**  
Predictive DCIM costs an extra fee.  "The Predictive CDIM report describes all of the devices associated with people already in a given segment.  It allows you to identify and map consumers and behavior patterns consistently across all devices, screens, and platforms."

_Key features include_: "Connects known and unknown devices (declared and predictive) / Create a CDIM segment directly from the report / Aggregate audiences and their data across devices / A choice of similarity levels allows you to consider the trade off between accuracy and scale".  _Key benefits include_: "Improves reach, relevance, and inventory monetization / Increases your opportunity to sequence ads, at optimal frequency, for consistent messaging and experience across channels, throughout the journey / Delivers accurate analytics for segment profiles and campaign conversions?

_Probablistic Matching:_  
"How does the probabilistic matching algorithm work?

The core of the model is designed to uncover the devices that stay together in various places over long periods of time. To do this effectively there are three important considerations - scale, training, and validation.

* Scale - Because the success of the model is predicated on seeing lots of devices and how they move over time, it is essential to have massive reach into the device world. With one of the largest device footprints on the planet, Salesforce DMP has an advantageous position from which to deliver accurate results.
* Training - Salesforce DMP uses deterministic data coming from authenticated events (logins, purchases, etc) to provide a truth set for training the algorithm.
* Validation - From the deterministic data set, Salesforce DMP reserves some data to validate the efficacy of the model.

Between these three items we are able to continuously improve the accuracy of the predictions and deliver a better product.

To better understand the view of devices over time, consider a user's work and home movement. During the work day, all of the user's devices are likely to be tied to the same IP from work. However, colleagues are also tied to the same IP and in that single snapshot of time, it may be assumed the user and their colleagues are the same person.

Looking at that same IP address at night, there is likely no activity, as everyone has left the office. When looking at the user's home IP at night, all of the devices that belong to that user and their family are tied to the same IP. That single snapshot might imply that the usr and their family are one "person".

_Predicting with device composition:_ "Device Composition: Salesforce DMP uses predictive cookie matching to fill in the gaps where cookies may not be present, such as mobile apps, Safari browser, ad blocking software, etc. However, because Google is looking for active audience cookies, the two systems use different logic around device composition. If your segment includes a high volume of non-stable cookies (mobile/Safari/cookie-less devices), that can impact the match rate." [Salesforce, 37](https://konsole.zendesk.com/hc/en-us/articles/115010886887-DFP-FAQ)

"Each user creates multiple Krux User IDs (KUIDS) - cookies in browsers as well as IDFAs or AdIDs for mobile apps. Once our cross devices algorithm identifies that two of these KUIDs belong to the same person, we increase the count of "people" by one and select one of the KUIDs to be the "leading" KUID. We call this the one the "Uber ID". 

There are some rules in place to determine which of the KUIDs is elected the Uber ID. This evaluation can change from day to day. If the Uber ID KUID is not active for a couple of days, it loses it's status as Uber ID. In this special case, the Uber ID is removed from the segment population list and shown accordingly as "deleted". 

It is mainly Safari users to contribute to these Uber ID changes, as on Safari each page impression created a unique new KUID." [Salesforce, 54](https://konsole.zendesk.com/hc/en-us/articles/115006652948-Segment-Processing-FAQ)

**Salesforce DMP Einstein**   
"Salesforce DMP Einstein Segmentation, which allows marketers to use machine learning to discover the multiple distinct personas that exist within their audience.

Using Einstein AI, on top of unified consumer data from both first and third-party sources, enables us to algorithmically determine the “personas” that best define a brand’s audience. Now, companies can personalize marketing and reach each key persona with a message that is going to resonate, rather than blasting a one-size-fits-all retargeting message to everyone that happened to land on a particular webpage. For example, Conagra Brands has seen dramatic results by customizing the messages to different consumer personas for its Hunt’s brand.

This is a great example of how our data management layer consisting of first, second, and third-party data can feed our growing AI layer to create tangible value for marketers" [Salesforce, 1](https://www.salesforce.com/blog/2017/05/krux-is-now-salesforce-dmp.html)"

**Tracking**    
_Device strategies & KUIDs:_ "We differentiate between Mobile Web and Mobile App. Mobile work works just like Desktop Web with KUIDs stored as 3rd Party cookies. This has all the benefits and limitations (e.g. Safari) Desktop Web has.

_Reidentification:_ "Can I reidentify users in Apps?
Yes, the IDFA or AdID stays constant. Users can be reidentified and targeted in Apps with these device IDs. User can reset this ID and receive a new one though. This is comparable to deleting cookies but not widely used." [Salesforce, 3](https://konsole.zendesk.com/hc/en-us/articles/115000428127-Mobile-IDs-FAQ)

_Mobile Web & Mobile IDs:_ "Can I connect Mobile Web and Mobile App users?
Natively this is not possible. If the user logs in on Mobile Web and Mobile App using the same credentials, Salesforce DMP can store this login ID to both the Mobile Web cookie and the Mobile App device ID and such create a connection of the profiles. This is treated just like cross-device identification." [Salesforce, 3](https://konsole.zendesk.com/hc/en-us/articles/115000428127-Mobile-IDs-FAQ)

_Tracking in Safari and 3rd party cookie subversion:_ Uses Hashed Device Management and 1st Party cookies (set by clients) to target Safari users, as well as a proprietary Hashed Device Identification; fingerprinting.  **Salesforce can use Google PPID** if in conjunction with client and client shares Google cloud storage location.  

Can you user-match with 3rd-party data providers when utilizing a first-party cookie?

Clients will issue a 1st-party cookie to the Salesforce DMP, which we then take as our ID. Since it's not a 3rd party cookie – even though we are acting as an agent of our clients – it means that we are unable to sync those users with a 3rd party data provider unless the 3rd party fires a match pixel.
 [Salesforce, 4](https://konsole.zendesk.com/hc/en-us/articles/115000428307-Safari-FAQ)

_CDIM & Hashing:_ "What makes Salesforce's Hashed ID different from competitive offerings?
There are a few vendors outside of Salesforce who provide Hashed Device IDs, however, they do not couple it with a CDIM solution. This enables Salesforce to associate Safari activity within a larger, holistic set of that individual’s data and utilize Safari activity within a larger conversion path.

How can you tell if other providers offering Hashed Device Management solutions are accurate or employing CDIM?
If or when you hear really high numbers of unique users (UUs) reported against Safari, it often means that they are not resolving the browser down to a single user; each page view counts as a UU in Safari if you don't have a CDIM solution." [Salesforce, 4](https://konsole.zendesk.com/hc/en-us/articles/115000428307-Safari-FAQ)

"Do users have a KUID in Mobile Devices?
We differentiate between Mobile Web and Mobile App. Mobile work works just like Desktop Web with KUIDs stored as 3rd Party cookies. This has all the benefits and limitations (e.g. Safari) Desktop Web has.

Mobile Apps cannot access cookies. They provide their device IDs IDFA (iOS) or AdID (Android) which are used by Salesforce DMP as unique identifiers instead of a Salesforce DMP cookie.

Can I reidentify users in Apps?
Yes, the IDFA or AdID stays constant. Users can be reidentified and targeted in Apps with these device IDs. User can reset this ID and receive a new one though. This is comparable to deleting cookies but not widely used.

Can I connect Mobile Web and Mobile App users?
Natively this is not possible. If the user logs in on Mobile Web and Mobile App using the same credentials, Salesforce DMP can store this login ID to both the Mobile Web cookie and the Mobile App device ID and such create a connection of the profiles. This is treated just like cross-device identification." [Salesforce, 58](https://konsole.zendesk.com/hc/en-us/articles/115000428127-Mobile-IDs-FAQ)

**Hashed Device Management (targeting Safari 3rd party blocking)**  
Used for Safari because Safari has 3rd party blocking [Salesforce, 16](https://konsole.zendesk.com/hc/en-us/articles/115012183888-Hashed-Device-Management)

"The Salesforce DMP Hashed Device Management solution allows for targeting users on Safari browsers that block 3rd party cookies.  Please open a ticket in the Help Portal if you would like to request Hashed Device Management."  Details here: [Salesforce, 35](https://konsole.zendesk.com/hc/en-us/articles/115011230687-How-to-verify-Hashed-Device-Management)

**User matching**  
_For a great guide on user matching, see:_ [Salesforce, 32](https://konsole.zendesk.com/hc/en-us/articles/214918988-First-Party-Data-Import)

Salesforce and 3rd parties each use their own IDs, and match users by firing the _other_ party's pixel when their own pixel fires on a site.  Match rate is the percentage of users of party A known by party B.  SF DMP match rates exclude Safari and app IDs.  Increased match rates create greater scale, and "Greater audience scale creates more options for managing and optimizing campaign tactics such as segmentation, personalized messaging, frequency, omni channel journey, etc."  Because of 3rd party blocking, **Safari users can typicaly not be matched to partners at all.** 

"By default, we run user match pixels on client’s websites through the Control Tag for all partners a client is working with. We fire it on all pages with a frequency cap of 3 times over a 24-hour period for a given user. This will ensure return users are matched, but will not overwhelm client’s sites with unnecessary tag fires. We set the tag to fire "immediately" to make sure users are matched before leaving the page. 

It will take up to 30 days for the match rate to reach its peak after a new user match pixel has been activated.

Unlike first party data that is exclusively available to the client who owns it, user match tables are shared across all Salesforce DMP clients. This way, each client can benefit from the user match pixels being fired on other client’s websites.

Salesforce has one of the largest footprints in the industry, thus providing exceptionally high match rates. Match rates can vary from country to country though, depending on both Salesforce's and the partner’s footprint in that market.

It is also possible for partners to fire the Salesforce DMP user match pixel across all their inventory to improve the match rate upon request." [Salesforce, 23](https://konsole.zendesk.com/hc/en-us/articles/115006072448-User-Matching-and-Match-Rates-FAQ)

Critically, "The Client User ID will have a one-to-many relationship with the Krux User ID in the User Match table. Note that in general, there may be multiple Krux User IDs mapped to a given Client User ID because the Krux User ID is browser specific whereas the Client User ID will be the same across multiple browsers (assuming that it is indeed a persistent user ID as opposed to a first-party cookie)."

"For example, if there are 3 columns called Age Group, Gender, and Interest in the client’s registration database that need to be imported into Salesforce DMP, then the following represents a valid data file that can be ingested by Salesforce DMP:

User1234^gender:male;age:18-24;interest:fishing
User2345^gender:female
User3456^age:35-44
User4567^gender:male;interest:fishing,boating

When Salesforce DMP processes this file, we will create 3 attributes called Gender, Age, and Interest in the client’s Salesforce DMP account. We will also automatically create the corresponding attribute values: male and female under gender and 18-24, 35-44 under age, and fishing and boating under interest.

Salesforce DMP supports full-refresh." [Salesforce, 32](https://konsole.zendesk.com/hc/en-us/articles/214918988-First-Party-Data-Import)

Evaluating matched users:

"Segment Population is the device population of this segment from the Manage Segments screen. This is a count of all devices that are part of the segment based on the segment's rules.

Matchable population is the Segment Population minus those devices that cannot be matched to a partner. This includes Safari cookies, as per default Safari deleted all cookies after each page impression. A DSP Safari cookie will never show up again and thus can't be served ads to. Many DSPs also don't accept mobile identifiers (IDFA and AdID). So in those cases we also deduct them.

Segment Match Rate is the percentage of users from the matchable population that we have matched the DSPs cookie against within the last 30 days. We only send these users as older users are not accepted by the DSPs.

More info on user matching can be found here:
https://konsole.zendesk.com/hc/en-us/articles/115006072448-User-Matching-and-Match-Rates-FAQ

Cumulative population is the population we expect to see in DSP after all the previous considerations. In reality this can differ due to circumstances outside our control. E.g. Google only counts users that have been active in Google's universe on at least two different days for its population/forecasting. For full refresh connections the cumulative population is the population we send every day." [Salesforce, 48](https://konsole.zendesk.com/hc/en-us/articles/115009920168-Partner-Management-Additional-Account-Details-FAQ)

**Ad Server analytics**  
"Salesforce DMP's Yield Analytics reports allow you to understand and analyze audience segment delivery and yield across all ad impressions, irrespective of whether an ad was targeted to an audience segment or not. The "raw" ad impression delivery information is combined with the user audience segment map managed in the Salesforce DMP platform to produce these audience segment delivery and yield reports... The ad impression log file contains a record of every impression delivered, and each impression delivery record must contain the Krux User ID of the user who saw the ad. Note that it is not required for every delivery record to contain the Krux User ID; Salesforce DMP simply ignores the records that don't contain the Krux User ID, but the accuracy of the reports is directly proportional to the number of records that contain the Krux User ID" [Salesforce, 30](https://konsole.zendesk.com/hc/en-us/articles/218445237-Ad-Server-Integration-for-Yield-Analytics).

**Content Engagement Reports**  
Reports allow site metrics like:

* pageviews and unique visits for both segments and unique users; 
* Loyalty report cards (" records the number of return visits per unique over a selected time period"; will "Monitor website engagement over time"; and "Highlights your total users (unique devices) per site, as well as return users to that site and the percentage of your total uniques that those return users represent"); 

* Social Activity reports ("describes all social sharing you have enabled through direct integration* with Facebook or Twitter"; allows you to "Build social influencer segments. These segments can be used to target users who are likely to share on social media: Capture Facebook Shares, Facebook Likes, Facebook Unlikes and Twitter Tweets"; with features like "Flexible date ranges" and "See the URLs of the top Facebook Likes and Twitter tweets; click-through to the original content". (NOTE: " third-party implementations, such as AddThis or ShareThis are not included.")
* Search keywords report: "gives a list and population of referral keywords associated with inbound web traffic from top search engines including Google, Bing, and Yahoo" so you can "Build segments around search keywords; Identify valuable words to use for search campaigns to increase traffic to your site. This can help to identify good keywords for paid search campaigns; Capture site search terms and link them to your site as a data source".  This "Lists the source, keyword, and population of referrals over the last thirty days, and is filterable by site and section" and "Site results are processed weekly, and all recorded keywords are available in the Segment Builder [Salesforce, 38](https://konsole.zendesk.com/hc/en-us/articles/115010860288-Content-Engagement-Report-FAQ)

**Frequency Reports**  
"Frequency Reports describe how many times what percentage of your audience has seen your ad. This  allows you to assess how to improve conversion. Very high frequency is typically a sign of waste, and as such, a source of cost-saving. Very low frequency can suggest the audience isn’t seeing the campaign enough to spur conversion, in which case it too is wasteful."  The goal is to have the right amount of exposure for efficient conversions. [Salesforce, 39](https://konsole.zendesk.com/hc/en-us/articles/115010860128-Frequency-Report-FAQ)

**Funnels Report**  
"The Funnels report tracks the sequence of events on customers’ paths to conversion and allows you to optimize accordingly. Use Funnels to understand at what stage in the conversion process users drop off, then target those users to encourage them to finish their purchase, registration, etc.

Benefits:

* Allows you to track individual user actions in a purchase process (or other conversion)
* Monitor conversion success, perform A/B testing, and learn more about converted users with funnel reports based on events and event attributes" [Salesforce, 40](https://konsole.zendesk.com/hc/en-us/articles/115010690407-Funnels-FAQ)

**Lookalike Modeling**  
"Lookalike Modeling applies an algorithm to a base audience segment and finds new people with features and characteristics similar to those in the base audience. Similarity and reach metrics will allow you to find the most useful lookalike with the highest similarity at the reach level required.

Benefits:

* Find prospects for acquisition campaigns
* Expand reach by finding lookalikes among known users"

"Uses 1st and 3rd party data for modelling" [Salesforce, 41](https://konsole.zendesk.com/hc/en-us/articles/115010859928-Lookalike-Modeling-FAQ)

**Audience Profile Report**  
"The Audience Profile report shows demographic information about a specific campaign or segment and the segments with the greatest number of unique impressions."

Benefits:

* Learn which demographics your segments or campaigns fall into and export to share with clients or colleagues
* Top overlapping segments will show how similar or unique your segments are

Features:

* The gender, age, and household income profile of your users is determined using information from third-party data providers" [Salesforce, 44](https://konsole.zendesk.com/hc/en-us/articles/115010859168-Audience-Profile-Report-FAQ)

"Does the Loyalty report use devices or people?

Devices; People are only displayed in the Segment dashboard." Safari users are not included because Safari doesn't allow 3rd party cookies. [Salesforce, 52](https://konsole.zendesk.com/hc/en-us/articles/115007354408-Salesforce-DMP-Reporting-FAQ)

## References and External Links
* _Crunchbase, 01._ [https://www.crunchbase.com/organization/krux-digital](https://www.crunchbase.com/organization/krux-digital)
* _Salesforce, 01._ https://www.salesforce.com/blog/2017/05/krux-is-now-salesforce-dmp.html
* _Salesforce, 02._ https://konsole.zendesk.com/hc/en-us/articles/115000451248-Salesforce-DMP-SDK-FAQ
* _Salesforce, 03._ https://konsole.zendesk.com/hc/en-us/articles/115000428127-Mobile-IDs-FAQ
* _Salesforce, 04._ https://konsole.zendesk.com/hc/en-us/articles/115000428307-Safari-FAQ
* _Salesforce, 05._ https://secure.sfdcstatic.com/assets/pdf/misc/BCRPublicFAQ.pdf
* _Salesforce, 06._ https://www.salesforce.com/company/privacy/full_privacy.jsp
* _Salesforce, 07._ https://konsole.zendesk.com/hc/en-us/articles/217039187-Privacy-Policy-and-Opt-Out-Guide
* _Salesforce, 08._ https://konsole.zendesk.com/hc/en-us/articles/115007222048-PII
* _Salesforce, 09._ https://konsole.zendesk.com/hc/en-us/articles/115010458727-Data-Onboarding-Partners
* _Salesforce, 10._ https://konsole.zendesk.com/hc/en-us/articles/227144948-Data-Collection-Partners
* _Salesforce, 11._ https://konsole.zendesk.com/hc/en-us/articles/226620988-Data-Activation-Partners
* _Salesforce, 12._ https://konsole.zendesk.com/hc/en-us/articles/217592967-Third-Party-Data-Marketplace
* _Salesforce, 13._ https://konsole.zendesk.com/hc/en-us/articles/115012227268-Data-Sentry-Iris-Video-Tutorial
* _Salesforce, 14._ https://konsole.zendesk.com/hc/en-us/articles/115010652267-Data-Sentry-IRIS-FAQ
* _Salesforce, 15._ https://konsole.zendesk.com/hc/en-us/articles/115010652267-Data-Sentry-IRIS-FAQ
* _Salesforce, 16._ https://konsole.zendesk.com/hc/en-us/articles/115012183888-Hashed-Device-Management
* _Salesforce, 17._ https://konsole.zendesk.com/hc/en-us/articles/115010825168-Media-Tag-Generator-Video-Overview
* _Salesforce, 18._ https://konsole.zendesk.com/hc/en-us/articles/115008240047-How-to-Create-Bulk-Segments
* _Salesforce, 19._ https://konsole.zendesk.com/hc/en-us/articles/115007996507-Events-Overview
* _Salesforce, 20._ https://konsole.zendesk.com/hc/en-us/articles/115005914227-How-to-Create-Platform-Segments-in-Salesforce-DMP
* _Salesforce, 21._ https://konsole.zendesk.com/hc/en-us/articles/225407808-How-to-set-up-the-Salesforce-DMP-ControlTag-Helper
* _Salesforce, 22._ https://konsole.zendesk.com/hc/en-us/articles/218941948-How-to-validate-a-Video-Ad-Unit-on-Video-Suite-Inspector-using-HTTP-Fox
* _Salesforce, 23._ https://konsole.zendesk.com/hc/en-us/articles/115006072448-User-Matching-and-Match-Rates-FAQ
* _Salesforce, 24._ https://konsole.zendesk.com/hc/en-us/articles/115012398067-What-if-I-just-want-to-import-data-instead-of-using-the-Control-Tag-SDK-or-other-DMP-tracking-
* _Salesforce, 25._ https://konsole.zendesk.com/hc/en-us/articles/115012555408-What-does-the-Control-Tag-do-
* _Salesforce, 26._ https://konsole.zendesk.com/hc/en-us/articles/115012367627-Will-the-DMP-Control-Tag-Impact-Page-Load-Performance-
* _Salesforce, 27._ https://konsole.zendesk.com/hc/en-us/articles/115009397188-Cross-Device-Identity-Management-CDIM-FAQ-
* _Salesforce, 28._ https://konsole.zendesk.com/hc/en-us/articles/226951307-How-to-Build-Segments-with-CDIM
* _Salesforce, 29._ https://konsole.zendesk.com/hc/en-us/articles/226951307-How-to-Build-Segments-with-CDIM
* _Salesforce, 30._ https://konsole.zendesk.com/hc/en-us/articles/218445237-Ad-Server-Integration-for-Yield-Analytics
* _Salesforce, 31._ https://konsole.zendesk.com/hc/en-us/articles/115002783508-Data-Transfer-File-2-0-Import
* _Salesforce, 32._ https://konsole.zendesk.com/hc/en-us/articles/214918988-First-Party-Data-Import
* _Salesforce, 33._ https://konsole.zendesk.com/hc/en-us/articles/115012221127-Browser-Support
* _Salesforce, 34._ https://konsole.zendesk.com/hc/en-us/articles/115011719688-How-Data-Costs-are-Billed
* _Salesforce, 35._ https://konsole.zendesk.com/hc/en-us/articles/115011230687-How-to-verify-Hashed-Device-Management
* _Salesforce, 36._ https://konsole.zendesk.com/hc/en-us/articles/115010886887-DFP-FAQ
* _Salesforce, 37._ https://konsole.zendesk.com/hc/en-us/articles/115010886887-DFP-FAQ
* _Salesforce, 38._ https://konsole.zendesk.com/hc/en-us/articles/115010860288-Content-Engagement-Report-FAQ
* _Salesforce, 39._ https://konsole.zendesk.com/hc/en-us/articles/115010860128-Frequency-Report-FAQ
* _Salesforce, 40._ https://konsole.zendesk.com/hc/en-us/articles/115010690407-Funnels-FAQ
* _Salesforce, 41._ https://konsole.zendesk.com/hc/en-us/articles/115010859928-Lookalike-Modeling-FAQ
* _Salesforce, 42._ https://konsole.zendesk.com/hc/en-us/articles/115010859228-Site-Distribution-Report-FAQ
* _Salesforce, 43._ https://konsole.zendesk.com/hc/en-us/articles/115010859208-Segment-Overlap-Report-FAQ
* _Salesforce, 44._ https://konsole.zendesk.com/hc/en-us/articles/115010859168-Audience-Profile-Report-FAQ
* _Salesforce, 45._ https://konsole.zendesk.com/hc/en-us/articles/115010689407-Segment-Summary-FAQ
* _Salesforce, 46._ https://konsole.zendesk.com/hc/en-us/articles/115010518787--Data-Studio-FAQ
* _Salesforce, 47._ https://konsole.zendesk.com/hc/en-us/articles/115010365788-Why-are-top-segments-different-in-Audience-Profile-Reports-
* _Salesforce, 48._ https://konsole.zendesk.com/hc/en-us/articles/115009920168-Partner-Management-Additional-Account-Details-FAQ
* _Salesforce, 49._ https://konsole.zendesk.com/hc/en-us/articles/115009293927-Over-the-top-OTT-FAQ
* _Salesforce, 50._ https://konsole.zendesk.com/hc/en-us/articles/115009151507-Media-Tagging-FAQ
* _Salesforce, 51._ https://konsole.zendesk.com/hc/en-us/articles/115007393368-Data-Collection-FAQ
* _Salesforce, 52._ https://konsole.zendesk.com/hc/en-us/articles/115007354408-Salesforce-DMP-Reporting-FAQ
* _Salesforce, 53._ https://konsole.zendesk.com/hc/en-us/articles/115006780068-Real-time-Segment-FAQ
* _Salesforce, 54._ https://konsole.zendesk.com/hc/en-us/articles/115006652948-Segment-Processing-FAQ
* _Salesforce, 55._ https://konsole.zendesk.com/hc/en-us/articles/115002018607-UTM-Parameters-FAQ <-- in FP glossary only
* _Salesforce, 56._ https://konsole.zendesk.com/hc/en-us/articles/115000428507-AMP-FAQ
* _Salesforce, 57._ https://konsole.zendesk.com/hc/en-us/articles/115000428427-Data-Layer-FAQ
* _Salesforce, 58._ https://konsole.zendesk.com/hc/en-us/articles/115000428127-Mobile-IDs-FAQ
* _Salesforce, 59._ https://konsole.zendesk.com/hc/en-us/articles/236268468-Reach-Opportunities-Index-Calculation-Chart-Operations
* _Salesforce, 60._ https://konsole.zendesk.com/hc/en-us/articles/227951188-Klever-UI-People-and-Devices
* _Salesforce, 61._ https://konsole.zendesk.com/hc/en-us/articles/228024867-SuperTag-FAQ

# Questions or concerns about this document?
Please contact Privacy Lab: https://privacylab.yale.edu/directory



================================================
FILE: trackers/Leanplum.md
================================================
# Leanplum

## Primary Location
United States (San Francisco)

## Website
[https://www.leanplum.com](https://www.leanplum.com)

## About
Leanplum offers a mobile marketing platform with solutions for mobile messaging, in-app experiences, and detailed analytics.

## Ownership
Leanplum

## [Exodus Detection Rules](https://exodus-privacy.eu.org)
* `leanplum\.com`

## Documentation
[https://www.leanplum.com/docs/android](https://www.leanplum.com/docs/android)

## Products and Services
Leanplum has a number of services. They include:

* _Messaging:_ Send push notifications, in-app messages, email, and more, using wide broadcasts or personalized content. Deliver messages with "triggers or drip campaigns across the customer lifecycle". Other targeting strategies include "onboarding, engagement, conversion, reactivation, and loyalty" [Leanplum, 05](https://www.leanplum.com/platform/push-notifications-messaging).
* _Mobile Marketing Automation:_ Create "context-rich campaigns that understand and respond to user actions". Target users based on "what users do and who they are", and engage along the full customer journey. Tailor interactions based on behavior, location, timing, and channel. Automate self-activating messages in response to "personalized behaviors" [Leanplum, 06](https://www.leanplum.com/platform/mobile-marketing-automation).
* _App Experience Command Center:_ A mobile content management system [Leanplum, 07](https://www.leanplum.com/platform/app-editor).
* _App Personalization:_ Leanplum "provides context and personalization enabled by individual user profiles that get richer over time. Demographic, behavior, location, time, and external data provide the deep insights that power relevance. The key to meaningful engagement is understanding who users are and what they do inside your app." They "capture limitless user events and behaviors to fuel highly contextual messaging campaigns" [Leanplum, 08](https://www.leanplum.com/platform/personalization).
* _A/B Testing:_ Leanplum claims to have "the most extensive mobile A/B testing solution in the industry". Their product "comes equipped with the ability to run A/B and multivariate tests" to maximize return on investment [Leanplum, 09](https://www.leanplum.com/platform/mobile-ab-testing-optimization).
* _Analytics:_ Leanplum's approach is to "capture all events and behaviors associated with a user, without limits or data point costs" in order to "inspire real-time action". Clients can "customize parameters, reports, and metrics". Insights examine "engagement, retention, revenue, uninstalls, and more" [Leanplum, 10](https://www.leanplum.com/platform/mobile-app-analytics).

Leanplum gathers detailed user profile information and correlates with behavioral data [Leanplum, 11](https://leanplum-wordpress.storage.googleapis.com/Pers_new@1x-min.png). Their platoform is "built on a foundation of A/B Testing and Analytics" to deliver "deep customer understanding" [Leanplum, 12](https://www.leanplum.com/platform).

## Privacy Policy
It is not clear if Leanplum's Privacy Policy listed on its website also applies to its mobile tracker. The Privacy Policy posted on their website covers a number of topics:

_PII collection:_ Leanplum collects both PII ("personal information") and non-PII data. They collect information that is voluntarily provided (eg, through email newsletters, accounts, or profiles users sign up for), passively provided (eg, IP address, mobile device ID, server logs, cookies, web beacons, user actions like clicks, and so on).

_Third party collection:_ Leanplum "may receive information about you, including Personal Information, from third parties (e.g., opt-in lists where you have requested information about Leanplum or the Service while visiting a Third-Party Site). We may combine this information with other Personal Information we maintain about you. If we do so, this Policy governs any combined information that we maintain in personally identifiable format".

_Data sharing:_ Leanplum states, "Except as described in this Policy, we will not disclose your Personal Information that we collect on the Service to third parties without your consent. We may disclose your Personal Information to third parties if you consent to us doing so, as well as in...circumstances" involving service providers, business transfers, the protection of Leanplum's interests, and public authorities.

_Opt-out:_ Leanplum offers an ability to opt out from the disclosure of information to third parties, as well as for use cases that are "incompatible with the purpose(s) for which it was originally collected or subsequently authorized". Individuals must contact Leanplum by email to exercise their choice.

_Access and retention:_ Individuals with user accounts or profiles on the Leanplum Service can email Leanplum requesting access to their Personal Information; they can also request to amend or update the data. Users can also request Leanplum delete their data. However, Leanplum states they "may need to retain some of your Personal Information in order to satisfy our legal obligations, or where we reasonably believe that we have a legitimate reason to do so".

_International law:_ Leanplum states it is in compliance with the EU-U.S. Privacy Shield and the Swiss-U.S. Privacy Shield.

_Security:_ Leanplum states it takes reasonable security measures, but also states that "no data security measures can be guaranteed to be completely effective. Consequently, we cannot ensure or warrant the security of any information that you provide to us. You transmit information to us at your own risk" [Leanplum, 13](https://www.leanplum.com/privacy).

## Relationships
_Customers:_ Grab / NBC / QVC / TED / Tinder / Zynga [Leanplum, 01](https://www.leanplum.com) / Bleacher Report / Hotwire / Macy's / Red Bull [Leanplum, 02](https://www.leanplum.com/customers) / Tesco / App Annie / Last Minute Travel / Pixowl / Mixbook / Wanelo / Pixelberry Studios / Big Fish / TextNow / MobilityWare / Fetch Rewards / Via [Leanplum, 03](https://www.leanplum.com/customers/case-studies)

## Details
_Financial details:_ Leanplum was founded in 2012. It has raised over $93 million [Crunchbase, 01](https://www.crunchbase.com/organization/leanplum). In November 2017, it raised $47 million from investors. The company was founded by former Google engineers [Business Insider, 01](http://www.businessinsider.com/why-i-quit-google-to-become-a-startup-founder-2015-11).  

_Scope:_ Leanplum says it handles 14 billion events per day.  

_Infrastructure:_ Leanplum built their service on the Google Cloud Platform "to optimize for fault-tolerance and availability" [Leanplum, 04](https://www.leanplum.com/plans).

## References
* _Business Insider, 01_. [http://www.businessinsider.com/why-i-quit-google-to-become-a-startup-founder-2015-11](http://www.businessinsider.com/why-i-quit-google-to-become-a-startup-founder-2015-11)  
* _Crunchbase, 01_. [https://www.crunchbase.com/organization/leanplum](https://www.crunchbase.com/organization/leanplum)  
* _Leanplum, 01_. [https://www.leanplum.com](https://www.leanplum.com)  
* _Leanplum, 02_. [https://www.leanplum.com/customers](https://www.leanplum.com/customers)  
* _Leanplum, 03_. [https://www.leanplum.com/customers/case-studies](https://www.leanplum.com/customers/case-studies)  
* _Leanplum, 04_. [https://www.leanplum.com/plans](https://www.leanplum.com/plans)  
* _Leanplum, 05_. [https://www.leanplum.com/platform/push-notifications-messaging](https://www.leanplum.com/platform/push-notifications-messaging)  
* _Leanplum, 06_. [https://www.leanplum.com/platform/mobile-marketing-automation](https://www.leanplum.com/platform/mobile-marketing-automation)
* _Leanplum, 07_. [https://www.leanplum.com/platform/app-editor](https://www.leanplum.com/platform/app-editor)  
* _Leanplum, 08_. [https://www.leanplum.com/platform/personalization](https://www.leanplum.com/platform/personalization)  
* _Leanplum, 09_. [https://www.leanplum.com/platform/mobile-ab-testing-optimization](https://www.leanplum.com/platform/mobile-ab-testing-optimization)  
* _Leanplum, 10_. [https://www.leanplum.com/platform/mobile-app-analytics](https://www.leanplum.com/platform/mobile-app-analytics)  
* _Leanplum, 11_. [https://leanplum-wordpress.storage.googleapis.com/Pers_new@1x-min.png](https://leanplum-wordpress.storage.googleapis.com/Pers_new@1x-min.png)  
* _Leanplum, 12_. [https://www.leanplum.com/platform](https://www.leanplum.com/platform)

## External Links
* _Crunchbase (Leanplum)_: [https://www.crunchbase.com/organization/leanplum](https://www.crunchbase.com/organization/leanplum)

# Questions or concerns about this document?
Please contact Privacy Lab: https://privacylab.yale.edu/directory


================================================
FILE: trackers/Lenddo.md
================================================
# Tracker Name
Lenddo

## Website
https://www.lenddo.com/

## About
See how Lenddo uses non-traditional data to provide credit scoring and verification to economically empower the emerging middle class around the world. We reinvent the consumer finance with life-changing services and give companies the ability to create positive social impact.

## Category
Analytics, Location, Identity

## [Exodus Detection Rules](https://exodus-privacy.eu.org)
*   Network signature: `*.partner-service.link`
*   Code signature: `com.lenddo.mobile`

## Repositories
*   Maven: `xxx`
*   Artifact ID: `xxx`
*   Group ID: `xxx`

## Gradle
`xxx`

## Additional links
https://github.com/Lenddo/android-lenddo 

## Notes
includes SDK com.androidhiddencamera , PSYCHOMETRICS_SERVICE_SELFIES , identification INDIA INDONESIA PHILLIPINES


================================================
FILE: trackers/Localytics.md
================================================
# Localytics

## Primary Location
United States (Boston) [Localytics, 01](https://www.localytics.com/company/about)

## Website
[https://www.localytics.com](https://www.localytics.com)

## About
Localytics offers an analytics and marketing platform for targeted and personalized engagement campaigns on mobile [Localytics, 01](https://www.localytics.com/company/about); [Crunchbase, 01](https://www.crunchbase.com/organization/localytics).

## Ownership
Self-owned

## [Exodus Detection Rules](https://exodus-privacy.eu.org)
* `localytics\.com`

## Documentation
[https://docs.localytics.com/dev/android.html#android](https://docs.localytics.com/dev/android.html#android)

## Products and Services
Localytics performs a variety of services for clients:  

* Uniquely identify users and devices via the Localytics tracker: "The Localytics SDK automatically captures and uploads device IDs which the Localytics backend uses to uniquely identify users. Some apps connect to their own backend systems that use different IDs for uniquely identifying users" [Localytics, 04](https://docs.localytics.com/dev/android.html#android)  
* Store and transmit user personal information, such as end user name [Localytics, 05](http://docs.localytics.com/dev/ios.html#identifying-users-ios)  
* Identify users who uninstall an app containing the tracker [Localytics, 06](http://docs.localytics.com/dev/ios.html#uninstall-tracking-ios)
* Track detailed geolocation, even without the use of GPS: "Most apps don't track user geolocation so Localytics uses an IP-to-location lookup service to determine which country they are located in. If your app does track user geolocation, you can use the following code to set latitude and longitude in Localytics much more precisely" [http://docs.localytics.com/dev/ios.html#location-ios](http://docs.localytics.com/dev/ios.html#location-ios)

Localytics leverages the same tracking platform in iOS and Android.

## Privacy Policy

_Personally identifiable information collection (via Services):_ Localytics requests that its Customers not provide to it PII about their End Users. However, Localytics states that End Users should be aware Customers may request PII for their own use for their mobile apps. To the extent that Localytics does receive PII from Customers, it pledges to maintain the confidentiality of the PII. Localytics does obtain information from website log files, and maintains the right to combine automatically collected log data with other information they have about you. 

_Information sharing:_ Localytics "does not rent, sell or share PII, including your Personal Information, with any third parties" expect with your express consent, or in the event of "a merger, acquisition, or sale of all or a portion of its assets", at which case you will be prominently notified "of any change in ownership or uses of your Personal Information, as well as any choices you may have regarding your Personal Information" [Localytics, 07](https://www.localytics.com/privacy-policy)

## Relationships
_Customers:_ Comcast / A&E / OLA / Runkeeper / Microsoft / CVS Pharmacy / The New York Times / Avis / Salesforce Marketing Cloud / Amazon / Wendy's / Zipcar [Localytics, 02](https://www.localytics.com) / Oracle Marketing Cloud / Adobe Marketing Cloud / Facebook Marketing Partners / Twitter 

_Alliance partners:_ Bitbang / Cainkade / Cube Loco / Epicfy / Exicon / Jackrabbit / Jargon / Kapitec Software / Keystone Solutions / Mobiquity / NorthBay / Northout / Pollfish / Rocket Insights / Scholarly iQ / Scientific Computers Ltd. / Semba  Mobile / Social Fulcrum / Somo / SP2 Serviços Empresariais Ltda / Stratigent / Vendus Labs Inc.

_Technology partners:_ Aarki / adjust / Applift / Applovin / AppsFlyer / Apptimize / Apsalar / Branch Metrics / ExactTarget / Facebook / Fiksu / Greystripe / IBM PartnerWorld / Impact Radius / InMobi / Jampp / Kochava / Liftoff / Mag+ / Marketo / Method Mill / Millennial Media / NativeX / Optimizely / Phunware / Pinsight Media+ / Rocket Fule / StrikeAd / Supersonic / Tapstream / Taptica / Textur / TUNE / Twitter / Yozio [Localytics, 03](https://www.localytics.com/company/partners)

## Details
_Financial details:_ Localytics was founded in 2009 and and has raised over $69 million from funders [Localytics, 01](https://www.localytics.com/company/about); [Crunchbase, 01](https://www.crunchbase.com/organization/localytics).

## References
* _Localytics, 01._ [https://www.localytics.com/company/about](https://www.localytics.com/company/about)  
* _Localytics, 02._ [https://www.localytics.com](https://www.localytics.com)  
* _Localytics, 03._ [https://www.localytics.com/company/partners](https://www.localytics.com/company/partners)  
* _Localytics, 04._ [https://docs.localytics.com/dev/android.html#android](https://docs.localytics.com/dev/android.html#android)  
* _Localytics, 05._ [http://docs.localytics.com/dev/ios.html#identifying-users-ios](http://docs.localytics.com/dev/ios.html#identifying-users-ios)  
* _Localytics, 06._ [http://docs.localytics.com/dev/ios.html#uninstall-tracking-ios](http://docs.localytics.com/dev/ios.html#uninstall-tracking-ios)  
* _Localytics, 07._ [https://www.localytics.com/privacy-policy](https://www.localytics.com/privacy-policy](https://www.localytics.com/privacy-policy)

## External Links
* _Crunchbase (Localytics):_ [https://www.crunchbase.com/organization/localytics](https://www.crunchbase.com/organization/localytics)  
* _Ghostery (Localytics):_ [https://apps.ghostery.com/ko/apps/localytics](https://apps.ghostery.com/ko/apps/localytics)


================================================
FILE: trackers/Millenial Media.md
================================================
# Millenial Media

## About

Millenial Media was founded in 2006 and publicly acquired by AOL in 2015.  Oath Inc., a Verizon subsidiary, acquired AOL in 2017.  

## Ownership

Oath, Inc., owns Millential Media as a legacy product.  Oath is a subsidiary of Verizon Communications.  [See: OpenCorporates](https://opencorporates.com/companies/us_de/4107146)

## [Exodus Detection Rules](https://exodus-privacy.eu.org)

* Code detection rule: com.millennialmedia.
* Network detection rule: contextual.media.net|media.net|millennialmedia.com

## What it does

* Behavorial Analytics
* Personalized Advertising
* Data Collection

## Privacy Policy

[Policy as of 27/12/2018:](https://policies.oath.com/us/en/oath/privacy/index.html)

* Oath's policy states that it collects device and location information; "the kind of content or ads served, viewed or clicked on; the frequency and duration of your activities; the sites or apps you used before accessing our Services and where you went next; whether you engaged with specific content or ads; and whether you went on to visit an advertiser's website, downloaded an advertiser’s app, purchased a product or service advertised, or took other actions."

* Information may be collected from third-parties and affilates, publicly-available sources, and appended and matched data from [other companies.](https://policies.oath.com/us/en/oath/privacy/topics/appenddata/index.html)

* Oath states that it has "technical, administrative and physical safeguards in place to help protect against unauthorized access, use or disclosure of customer information we collect or store."  It also states that while it may share aggregated or pseudonymous information with other companies, this is not personally identifiable information (example given: "name or email address").

* Oath's privacy controls and opt-out can be found [here.](https://policies.oath.com/us/en/oath/privacy/controls/index.html)  


# Questions or concerns about this document?
Please contact Privacy Lab: https://privacylab.yale.edu/directory


================================================
FILE: trackers/MixPanel.md
================================================
# MixPanel

## About

MixPanel, Inc. is a privately-held marketing technology company with 250+ employees and offices in San Francisco, New York, Seattle, Salt Lake City, and London, UK.  [Source: OpenCorporates](https://opencorporates.com/companies/us_de/4689044); [Source: Linkedin](https://www.linkedin.com/company/mixpanel-inc-)

## Ownership

MixPanel was founded in 2009 by Suhail Doshi and Tim Trefren.  [Source: website](https://mixpanel.com/about/)

## [Exodus Detection Rules](https://exodus-privacy.eu.org)

* Code signature: com.mixpanel
* api\.mixpanel\.com|decide\.mixpanel\.com|switchboard\.mixpanel\.com|mixpanel\.com

## What it does

* Behavioral Analytics
* Data Collection
* Media Trend analysis [See: Forbes article on 2018 report](https://www.forbes.com/sites/curtissilver/2018/05/08/mixpanel-2018-media-benchmarks-report-reveals-the-truth-of-our-media/#19fc268d2349)
* Anonymous Profiling "Firmographics"

## Privacy Policy

[Policy as of May 2018, reviewed 25/10/18:](https://mixpanel.com/legal/privacy-policy/)

* MixPanel's privacy policy does not apply to end-users. Its policy refers to "Customers", who are MixPanel's clients.  MixPanel tracks its clients by default but they have the right to delete their personal information at any time.  Personal information includes location, name, email, pixel tag, and online tracking data.  

* End-users who are tracked by MixPanel's "Customers" have no right to delete their personal information and are refered to their individual client privacy policies.  MixPanel's clients are not identifed anywhere in the policy. The client is referred to as the "data controller."

* Interestingly, MixPanel's policy notes that it "does not respond" to its clients' Do Not Track signals, by default, since there is "no standard that governs what, if anything, websites should do if they receive these signals."

* Per the [Terms of Use](https://mixpanel.com/legal/terms-of-use/) end-users can opt-out of MixPanel website tracking through this [link.](https://mixpanel.com/optout)  NOTE: this is strictly limited to the use of Mixpanel's website and does not apply to tracking done by their clients or through MixPanel's services.  

# Questions or concerns about this document?
Please contact Privacy Lab: https://privacylab.yale.edu/directory


================================================
FILE: trackers/MoPub.md
================================================
# MoPub (Twitter)

## Primary location
United States

## Website
[https://www.mopub.com](https://www.mopub.com)

## About
MoPub offers services aimed th help publishers acquire and serve advertisements and advertisers to reach audiences that may be interested in their products and services [MoPub, 03](https://www.mopub.com/legal/privacy).

## Ownership
Twitter

## [Exodus Detection Rules](https://exodus-privacy.eu.org)
* `mopub\.com`

## Documentation
[https://www.mopub.com/resources/docs/android-sdk-integration](https://www.mopub.com/resources/docs/android-sdk-integration)

## Products and Services
Mopub describes itself as "The leading monetization platform for mobile app publishers and developers"  [MoPub, 01](https://www.mopub.com).  

* They connect publishers with advertisers in a way aimed to "drive the highest price for every ad impression" [MoPub, 01](https://www.mopub.com).
* They "flexible mediation system allows publishers to target the right inventory with the right network partner, based on each publisher’s unique business goals" [MoPub, 01](https://www.mopub.com).
* They offer "ad serving tools, interface, and analytics."

For publishers:  [Mopub, 02](https://www.mopub.com/publishers/overview)
* Offer a "dependable back-end systems powered by Twitter’s world-class data center strength."
* Offer consultative services.
* Offer a creative dashboard for ad serving tools, interface, and ad formats.
* Offer publishers access to over 180 demand-side platforms.
* Help publishers reach an audience across 49,000 apps and 1.5 billion devices [MoPub, 03](https://www.mopub.com/dsp/overview).

## Privacy Policy

### Section 1: End User Policies
_Information Collection on End Users:_ MoPub states, "we may collect information about your device and the ads you view or click. The MoPub Services are designed to avoid collecting information that identifies you personally, such as your name, address, or email address, but the information we collect does enable us to recognize your device over time". Data collected includes, but is not limited to:

* "Information about your device, such as the type and model, manufacturer, operating system (e.g. iOS or Android), carrier name, IP address, mobile browser (e.g. Chrome, Safari), applications using the MoPub Services and the version of such applications, and identifiers assigned to your device, such as its iOS Identifier for Advertising (IDFA), Android Advertising ID, or unique device identifier (a number uniquely allocated to your device by your device manufacturer).
* Log information, including the app or website visited, session start/stop time, time zone, and network connection type (e.g., WiFi, cellular), and cookie information.
* The geo-location of your device (using GPS or other geo-location data), when location services have been enabled for the mobile app or website that uses the MoPub Services.
* Information about ads served, viewed, or clicked on, such as the type of ad, where the ad was served, whether you clicked on it, and whether you visited the advertiser’s website or purchased the product or service advertised.
* Information that MoPub Customers and other third parties have collected and share with MoPub, such as information about activity in their services. This may include the content you view or searches you made, the language you prefer, or other non-personally identifying demographic or interest information, to help make the ads served to you more relevant."  

_Information Use on End Users:_ This includes for the following purposes:

* Serving Ads
* Ad Reporting and Conversations
* Frequency Capping
* Fraud Detection and Prevention
* Interest-Based Advertising
* Geo-Targeting
* Providing and Improving MoPub Services

_PII:_ "MoPub will not combine the non-personally identifiable information collected to provide the MoPub Services with your personally-identifying information without your express consent." 

_Information sharing:_ 

* With advertiser customers: for the purposes of the ad bidding process.
* Aggregated and non-PII data: "We share aggregate or non-personally identifiable information about the use of our Services with MoPub Customers. For example, we provide advertisers reports showing how many users viewed or clicked on their ads. We also provide publishers reports about the types of ads served to their apps."
* With partners: who help with anti-fraud, quality, and security efforts.
* With partners: who help MoPub improve mobile advertising exchange services.
* Within "our corporate family to provide, understand, or improve their or our services."

MoPub also shares data as described in Section 3 of the Privacy Policy (see below).  

_Opt-Out:_ "Your iOS mobile device may provide a 'Limit Ad Tracking' setting. On Android devices, your settings may allow you to 'Opt out of Interest-Based Ads.' When you have opted out using this setting on a device, MoPub will not use in-app information collected from that device to infer your interests or serve ads to that device that are targeted based on your inferred interests." MoPub also observes "Do Not Track" requests in web browsers. MoPub "requires its advertising customers to honor opt-out preferences expressed using these controls."  

_Requirements of MoPub Customers:_ "MoPub requires MoPub Customers to comply with all applicable laws and regulations and to provide end users with notice of the collection of data for advertising purposes as outlined in this Privacy Policy. We encourage all users to review the privacy policies of sites and apps they visit for information about those sites’ and apps’ data collection and use practices."  

### Section 3: General Information
_Other sharing policies:_ MoPub "may preserve or disclose information if we believe that it is reasonably necessary to comply with a law, regulation, legal process, or governmental request; to protect the safety of any person; to address fraud, security or technical issues; or to protect the rights or property of MoPub, MoPub Customers, users of our website, or end users."

_Information from Third Parties:_ MoPub "may receive information about you from third parties, including MoPub Customers, data partners, and our corporate family. This information may include, for example, browser cookie IDs, mobile device IDs, demographic or interest data, and content viewed or actions taken on a website or app."  

_Other sites:_ MoPub "is not responsible for the privacy practices or content of these other sites."  

_Confidentiality and Security:_ MoPub "has implemented reasonable security measures in order to protect both personal and non-personal information from loss, misuse and unauthorized access, disclosure, alteration or destruction."

## Relationships
_Clients:_ Apalon / ASKfm / FEO Media / First Touch Games / glu / Gram Games / Jorudan / LA Place Media / Lotum / Lovoo / MeetMe / Miniclip / MobilityWare / Outfit7 / theScore / Simeji / Spinrilla / timehop / truecaller / tunein / Ubisoft / Paper.io / The Weather Channel / Zynga [MoPub, 04](https://www.mopub.com/publishers/clients)

## Details
_Financial history:_ MoPub was founded in 2010 [CrunchBase, 01](https://www.crunchbase.com/organization/mopub). It was acquired by Twitter in 2013; the details of the deal were not disclosed. Media outlets estimated the deal at around $300 million [CCN Tech, 01](http://money.cnn.com/2013/09/10/technology/social/twitter-acquisition/index.html)

## References
* _CNN Tech, 01_. [http://money.cnn.com/2013/09/10/technology/social/twitter-acquisition/index.html](http://money.cnn.com/2013/09/10/technology/social/twitter-acquisition/index.html)  
* _CrunchBase, 01_. [https://www.crunchbase.com/organization/mopub](https://www.crunchbase.com/organization/mopub)
* _MoPub, 01_. [https://www.mopub.com](https://www.mopub.com)  
* _MoPub, 02_. [https://www.mopub.com/publishers/overview](https://www.mopub.com/publishers/overview)  
* _MoPub, 03_. [https://www.mopub.com/legal/privacy](https://www.mopub.com/legal/privacy)  
* _MoPub, 04_. [https://www.mopub.com/publishers/clients](https://www.mopub.com/publishers/clients)

## External Links
* _Ghostery (MoPub)_: [https://apps.ghostery.com/ko/apps/mopub](https://apps.ghostery.com/ko/apps/mopub)

# Questions or concerns about this document?
Please contact Privacy Lab: https://privacylab.yale.edu/directory


================================================
FILE: trackers/Moca.md
================================================
# Tracker Name
Moca

## Website
https://www.mocaplatform.com/

## About
Mobile marketing leaders use MOCA to drive mobile engagement, increase sales conversions and retention rate by connecting web, mobile and physical stores. Get everything you need to create amazing mobile experiences and get custom data analytics report.

## Category
Beacon, Analytics, Advertising, Location

## [Exodus Detection Rules](https://exodus-privacy.eu.org)
*   Network signature: `api-device.mocaplatform.com`
*   Code signature: ``com.innoquant.moca`

## Repositories
*   Maven: `https://dl.bintray.com/mocaplatform/maven`
*   Artifact ID: `moca-android-sdk`
*   Group ID: `com.mocaplatform`

## Gradle
`xxx`

## Additional links
https://developer.mocaplatform.com/v2-sdk/docs/moca-android-sdk-installation https://console.mocaplatform.com

## Notes
GCM / FCM: Cloud Messaging.


================================================
FILE: trackers/Moodmedia.md
================================================
# Tracker Name
Moodmedia

# In εxodus?
No

## Website
https://us.moodmedia.com/

## About
In-store Media Solutions to help you connect with your customers, enhance your brand image and grow your business.


## Category
Location, Tracking, Advertising, Beacon

## [Exodus Detection Rules](https://exodus-privacy.eu.org)
*   Network signature: `moodpresence.com`
*   Code signature: `com.moodmedia`

## Repositories
*   Maven: `xxx`
*   Artifact ID: `xxx`
*   Group ID: `xxx`

## Gradle
`xxx`

## Additional links
https://moodmedia.com.au/


## Notes
"Sound masking is specifically engineered to match the frequencies of human speech and sound comfortable to the human ear."
beacon tracking via Presence SDK (com.moodmedia.moodpresence)

================================================
FILE: trackers/Mufin.md
================================================
# Tracker Name
Mufin

# In εxodus?
No

## Website
https://www.mufin.com/

## About
mufin is a leading expert for audio identification and music recommendation software solutions powered by its own patented advanced audio fingerprinting technology.


## Category
Location, Tracking, Audio, Advertising

## [Exodus Detection Rules](https://exodus-privacy.eu.org)
*   Network signature: `xxx.com`
*   Code signature: `com.mufin`

## Repositories
*   Maven: `xxx`
*   Artifact ID: `xxx`
*   Group ID: `xxx`

## Gradle
`xxx`

## Additional links
http://monterosa.mufin.tv
https://www.monterosa.co/lvis


## Notes
AudioID - Developed at the Fraunhofer Institute for Integrated Circuits IIS and the Fraunhofer Institute for Digital Media Technology IDMT

================================================
FILE: trackers/Nexage (AOL).md
================================================
# Nexage (Millenial Media, part of ONE by AOL)

## Primary Location
United States (Boston) [Crunchbase, 01](https://www.crunchbase.com/organization/nexage)

## Website
[http://www.nexage.com](http://www.nexage.com)

## About
Nexage "offers a mobile advertising platform that provides private and public exchanges, data enrichment, and real-time targeting solutions" [Crunchbase, 01](https://www.crunchbase.com/organization/nexage).

## Ownership
Millenial Media, which became part of ONE by AOL; the AOL company name has changed to Oath, which is a subsidiary of Verizon Communications [AOL, 01](http://privacy.aol.com)

## [Exodus Detection Rules](https://exodus-privacy.eu.org)
* `nexage\.com`

## Documentation
[http://docs.onemobilesdk.aol.com/android-ad-sdk/integration-guide.html](http://docs.onemobilesdk.aol.com/android-ad-sdk/integration-guide.html)

## Products and Services
Services (ostensibly now under Millenial Media):

* Real-time bidding to help automate the buying and selling of mobile advertising [MillenialMedia, 01](http://www.millennialmedia.com/press/millennial-media-to-acquire-nexage-a-leading-mobile-ssp-and-advertising-exchange).
* Millenial Media has a "mobile-first" data management platform (DMP) which can "ingest publisher and advertiser data to enable re-targeting, audience extensions, and cross-device attribution" [MillenialMedia, 01](http://www.millennialmedia.com/press/millennial-media-to-acquire-nexage-a-leading-mobile-ssp-and-advertising-exchange).
* Targeted advertising through channel and demographic segments: "Leveraging Millennial Media's audience and channel targeting, the campaign reached women ages 25-55 with an emphasis on the following conditions: pregnancy, stress, and bleaching/coloring. The consumer interaction garnered from the precise targeting far exceeded expectations." [MillenialMedia, 02](http://www.millennialmedia.com/mobile-insights/client-stories/fall-for-unilever-singapore-dove-hair-rescue)

## Privacy Policy
Nexage's current privacy policy links to a URL at AOL.com, which displays privacy policy for "Oath: A Verizon company" [AOL, 01](http://privacy.aol.com).  

_Location tracking:_ According to Oath, "Depending on how you access and use our Services, we may receive... _Location Information._ This information can include your device's GPS signal and information about Bluetooth connections, nearby WiFi networks, cell towers, and other types of precise location. We get this information, for example, when you use location-enabled services" [AOL, 04](http://privacy.aol.com/privacy-policy).   

They further state, "With your consent, we may use available services on your device to determine or derive your precise location, including cellular, Wi-Fi, Bluetooth, and GPS information. In addition and with your consent, we may share your precise location information or personal information with third parties for their independent use. You may opt-out of providing precise location information to Oath, and having that information shared with third parties, at any time by adjusting the settings on your device. Please note that you may need to adjust multiple settings, and not just your location preference, to opt out of providing precise location information to Oath. If you subsequently opt in to sharing location information for an individual service, your location information will be shared with that service. Note that if you consent to share your location information within a particular app, your location information collected from within that app may continue to be shared even after you have opted-out on your device. If you opt-out of providing precise location information to Oath, we may continue to derive your approximate location from your IP address and other information we may collect. For more information, please review your app and device settings."  

_Location tracking and third parties:_ Oath states, "We may use third-party providers to help operate our Services, including to deliver ads and understand how people use our Services on various devices.  These providers may collect information about other apps on your various devices, the websites you visit, location information, inaudible audio waves, and other information in order to help analyze usage and target advertising on the site or app and elsewhere across your devices. These providers may use cookies, web beacons, and other technologies (including audio beacons) to collect this information" [AOL, 07](http://legal.aol.com/mobileTOS).

_Other information collected:_ 

* Log information (interactions with web sites, search queries, information about your operating system, IP address, etc)
* Device information (the type of device, such as iPhone; device identifiers which may be unique to your device; your Internet Service Provider)
* "Other information" (such as information from AOL Mail or Instant Messenger, but not the private communications without your consent)
* Third Party data: Oath states, "We may receive additional information about you that is publicly or commercially available and combine it along with the information we have collected or received about you in other ways. Also, we receive information about you when you choose to connect with social networking services while using our Services" [AOL, 04](http://privacy.aol.com/privacy-policy).

_Mobile device information:_ Oath states, "When you use our Services on a mobile device, Oath, our partners, and service providers may collect certain information automatically, such as the type of device you use, unique device ID, wireless mobile subscriber ISDN numbers, Verizon Wireless UIDH, IP address, operating system, browser type, and information about your use of our Services. We may use this information as described in the Oath Privacy Policy, which explains, among other things, that we may combine information about your use of our various Services in all the ways you may connect to Oath.

Certain Services may require the collection of the phone number of your device. We may associate that phone number with other information; however, we will not use that number for telemarketing to you without your consent" [AOL, 07](http://legal.aol.com/mobileTOS).

_Oath Standard Categories (segments) for targeted advertising:_ See Oath website for their list of Standard Categories [AOL, 05](https://advertising.aol.com/advisibility/standard-categories).

_Opt-out on mobile:_ Oath states users can opt out of interest-based (targeted) advertising through general device settings in iOS and Android. However, to stop data collection of an Oath app, users must uninstall the app.  

_PII vs non-PII:_ Oath defines PII as "name, address, telephone number, email address, payment card number, and government-issued identification number", and non-PII to include "without limitation cookie IDs, device identifiers, hashed values (such as email addresses and other types of information that are transformed into a sequence of random-looking characters that are no longer recognizable as an email address), and IP addresses" [AOL, 02](http://privacy.aol.com/definitions).  

Oath states it abides by "standards restricting the use of sensitive financial account number data and other types of sensitive data as defined by these programs. For example, we do not use or allow others to use sensitive data to determine eligibility for health insurance, life insurance, or employment. We also do not target ads to users based on sensitive health data, including cancer, mental health-related conditions, and sexually-related areas". They add, "If a user appears interested in non-sensitive, health-related topics, (such as, by visiting pages related to a topic) an ad relevant to those interests may be displayed. We may also display non-sensitive, health-related ads to users who we or our advertisers believe may be an appropriate audience for such topics"  [AOL, 06](http://privacy.aol.com/advertising-and-privacy).

_Information sharing:_ Oath states it "may share your information in limited circumstances, including when we have your consent to do so or when sharing is necessary to protect Oath or comply with the law. Our agents and contractors may have access to your information, but only to perform services for Oath. We do not sell or rent your personal information to third parties. We may, however, share non-personally identifiable information with select business partners" [AOL, 01](http://privacy.aol.com). Oath also states it does not "rent or sell personal information to third parties for their marketing purposes. But we may share certain information we collect or receive with our affiliates and others to respond to your requests, provide our Services, when we have your consent, or as described in" their Privacy Policy.

Parties Oath may share data with include:

* Affiliates (any company that is controlled by or under common control with Oath Inc. Oath is part of the Verizon family of companies, which includes Yahoo Inc. For a list of Oath's major content brands") [AOL, 02](http://privacy.aol.com/definitions)
* Business partners (non-personally identifiable information)
* Other parties in response to legal process or when necessary to protect our Services
* Companies that provide services to Oath

Third Parties that Provide Content, Advertising Services, or Functionality on Our Services:

* Advertising providers (for targeted advertising or analytics)
* Audience-measurement companies (to measure and compare usage on Oath Services, in comparison to other online services)
* Social networking services " (like Facebook, Twitter, LinkedIn, and Google) that enable you to login to certain of our Services and to share things you find on our Services with your social network. If you choose to connect with a social networking service, we may share information with that service, and that service may share information about you with us. We may use the information for the reasons explained in this Privacy Policy, including to make your experience on our Services more personal and social. For example, we might show you what content is popular among your connections on the social networking service or give you a glimpse of what your friends are saying about that content."

According to Oath, "These and other third parties may collect or receive information about your use of our Services, including through the use of cookies, web beacons and other technologies, and this information may be collected over time and combined with information collected on different websites and online services across your devices" [AOL, 04](http://privacy.aol.com/privacy-policy).  

Key third parties Oath works with include, but are not limited to:  

Analytics Providers:

* Google Analytics
* Nielsen Digital Measurement
* Scorecard Research

Other companies:

* Acxiom
* Session M
* Taboola
* Tapad 

Oath states that, "like Oath, these companies and other third parties not listed above may use cookies, web beacons, and similar technologies on or in connection with our Services" [AOL, 06](http://privacy.aol.com/advertising-and-privacy).

_Regulation:_ Oath is committed to self-regulatory requiremets for online advertising, including the Digital Advertising Alliance's Self-Regulatory Program for Online Behavioral Advertising and the Network Advertising Initiative's Self-Regulatory Code of Conduct.

_Retention:_ Oath states, "Data used to create segments for ad targeting is retained for no longer than 2 years. Other data (for example, data used to determine long-term or seasonal trends) may be retained for as long as Oath has a legitimate business reason for retaining it" [AOL, 06](http://privacy.aol.com/advertising-and-privacy).

_Tracking technologies:_ Oath Services use cookies, web beacons, and other technologies, as well as device fingerprinting and a "device graph" to link multiple devices to the same user [AOL, 03](http://privacy.aol.com/cookies-web-beacons).

## Relationships
_Media relationships:_ Oath offers free Services such as Oath.com, HuffPost, Moviefone, and TechCrunch with support from ads displayed on those Services.   

Oath brands include: #BuiltByGirls / Yahoo! Finance / Yahoo! / AOL / Yahoo! Sports / Yahoo! Mail / TechCrunch / Yahoo! News / HuffPost / Yahoo! Fantasy / Flurry / Yahoo! Gemini / Verizon / BrightRoll by Yahoo! / ONE by AOL / kanvas / flickr / tumblr / Yahoo! Weather / Alto / Yahoo! Messenger / engadet / Style Me Pretty / autoblog / Polyvore / Makers / Moviefone / Build / Ryot / Convertro / BBG Ventures / Cambio / rivals / alephd by AOL [Oath, 01](https://www.oath.com/our-brands)

## Details
_Financial details:_ Nexage was founded in 2006 and had raised $19.5 million by 2012. It was acquired by Millenial Media for approximately $108 million in 2014 [Crunchbase, 01](https://www.crunchbase.com/organization/nexage); [AdExchanger.com, 01](https://adexchanger.com/mobile/millennial-media-to-buy-nexage-mobile-ssp-and-exchange-for-108m).  

## References
* _AdExchanger.com, 01._ [https://adexchanger.com/mobile/millennial-media-to-buy-nexage-mobile-ssp-and-exchange-for-108m](https://adexchanger.com/mobile/millennial-media-to-buy-nexage-mobile-ssp-and-exchange-for-108m)
* _AOL, 01._ [http://privacy.aol.com](http://privacy.aol.com)
* _AOL, 02._ [http://privacy.aol.com/definitions](http://privacy.aol.com/definitions)
* _AOL, 03._ [http://privacy.aol.com/cookies-web-beacons](http://privacy.aol.com/cookies-web-beacons)
* _AOL, 04._ [http://privacy.aol.com/privacy-policy](http://privacy.aol.com/privacy-policy)
* _AOL, 05._ [https://advertising.aol.com/advisibility/standard-categories](https://advertising.aol.com/advisibility/standard-categories)
* _AOL, 06._ [http://privacy.aol.com/advertising-and-privacy](http://privacy.aol.com/advertising-and-privacy)  
* _AOL, 07._ [http://legal.aol.com/mobileTOS](http://legal.aol.com/mobileTOS)
* _Millenial Media, 01._ [http://www.millennialmedia.com/press/millennial-media-to-acquire-nexage-a-leading-mobile-ssp-and-advertising-exchange](http://www.millennialmedia.com/press/millennial-media-to-acquire-nexage-a-leading-mobile-ssp-and-advertising-exchange)
* _Millenial Media, 02._ [http://www.millennialmedia.com/mobile-insights/client-stories/fall-for-unilever-singapore-dove-hair-rescue](http://www.millennialmedia.com/mobile-insights/client-stories/fall-for-unilever-singapore-dove-hair-rescue)
* _Oath, 01._ [https://www.oath.com/our-brands](https://www.oath.com/our-brands)

## External Links
* _Ghostery (Nexage)_: [https://apps.ghostery.com/apps/nexage](https://apps.ghostery.com/apps/nexage)

# Questions or concerns about this document?
Please contact Privacy Lab: https://privacylab.yale.edu/directory


================================================
FILE: trackers/Omniture.md
================================================
# Omniture

## About

Omniture, originally a online marketing and web analytics company, was acquired by Adobe in 2009 and it was run as a separate business unit until 2012 when it was integrated into the Adobe Marketing Cloud.  Several of Omniture's LLC filings remain active. [Source: OpenCorporates](https://opencorporates.com/companies/us_de/3077923)

## Ownership

Adobe (NASDAQ: ADBE) is a publicly-traded multinational software company. 

## [Exodus Detection Rules](https://exodus-privacy.eu.org)

* Code detection rule: com.omniture.|com.adobe.adms.measurement.
* Network detection rule: omtrdc\.net|omniture\.com

## What it does

* Behavioral Analytics
* Online Marketing
* Machine-learning Analysis

## Privacy Policy

[Onminture's Privacy Policy is the same as Adobe's. Policy dated 3/5/18 and reviewed 17/11/2018:](https://www.adobe.com/privacy/policy.html)

* Adobe's Privacy Policy is broad and covers the span of its wide-ranging services.  It is unclear what is specifially covered by the Omniture business line.  

* Users must opt-out of each segment of data collection individually: Desktop Identifiable Data Collection, Device Identifiable Data Collection, Mobile Data Collection, Experience Cloud service usage data, 
Machine learning analysis of user content, Interest-based ads, and Adobe websites.  [Link to opt-out](https://www.adobe.com/privacy/opt-out.html)

* Data may be shared with fraud prevention services, law enforcement services in the context of an investigation, social media marketers and platforms, sales and advertising partners, retailers, research organizations, advertisers, ad agencies, advertising networks and platforms, information service providers, publishers, and non-profit organizations.


# Questions or concerns about this document?
Please contact Privacy Lab: https://privacylab.yale.edu/directory


================================================
FILE: trackers/Ooyala.md
================================================
# Tracker Name
Ooyala

# In εxodus?
No

## Website
https://www.ooyala.com/en

## About
Ooyala Flex Media Platform: an open and extensible platform to manage, curate, orchestrate, publish and monetize your content


## Category
Tracking, Advertising, Analytics

## [Exodus Detection Rules](https://exodus-privacy.eu.org)
*   Network signature: `ooyala.com`
*   Code signature: `com.ooyala`

## Repositories
*   Maven: `xxx`
*   Artifact ID: `xxx`
*   Group ID: `xxx`

## Gradle
`xxx`

## Additional links
https://analytics.ooyala.com/static/v3/analytics.js , https://help-ooyala.brightcove.com/downloads , https://github.com/ooyala


## Notes
iOS, tvOS. integrations with Omniture, Freewheel, Google IMA, Nielsen, YOUBORA. Server Side Ad Insertion to bypass Ad blockers

================================================
FILE: trackers/OpenX.md
================================================
# Tracker Name
OpenX

## Website
https://www.openx.com/

## About
Creating Quality Programmatic Advertising Markets That Drive Superior Monetization for Publishers & App Developers

## Category
Advertising, Analytics, Bidding, Identity, Location

## [Exodus Detection Rules](https://exodus-privacy.eu.org)
*   Network signature: `xxx.com`
*   Code signature: `com.openx.view.plugplay | com.openx.android_sdk_openx`

## Repositories
*   Maven: `xxx`
*   Artifact ID: `xxx`
*   Group ID: `xxx`

## Gradle
`xxx`

## Additional links
https://docs.openx.com/Content/developers/android-sdk/android-sdk.html https://docs.openx.com/Content/developers/containers/prebid-adapter.html https://community.openx.com/s/article/Mobile-SDK-Integration-Instructions

## Notes
MRAID compliance


================================================
FILE: trackers/Opentracker.md
================================================
# Tracker Name
Opentracker

## Website
https://www.opentracker.net/

## About
Opentracker specialises in tracking and website analytics for businesses that are serious about understanding online customers. By storing millions of user profiles and clickstreams, webmasters using Opentracker receive access to unparalleled historical visitor data in a concise, user-friendly format.

## Category
Analytics, Location

## [Exodus Detection Rules](https://exodus-privacy.eu.org)
*   Network signature: `app.opentracker.net`
*   Code signature: `net.opentracker.android`

## Repositories
*   Maven: `xxx`
*   Artifact ID: `xxx`
*   Group ID: `net.opentracker.android`

## Gradle
`xxx`

## Additional links
https://github.com/Opentracker/android/

## Notes
Wordpress, iOS, Android, javascript


================================================
FILE: trackers/OtherLevels.md
================================================
# Tracker Name
OtherLevels

## Website
https://www.otherlevels.com/

## About
OtherLevels provides the platform and the knowledge to help you increase conversion and deliver the right content, to the right user, at the right time, on the right channel. Engage and retain your customers better, with relevant, omni-channel campaigns across mobile app, mobile web and desktop.

## Category
Tracking, Location, Messaging, Advertising.

## [Exodus Detection Rules](https://exodus-privacy.eu.org)
*   Network signature: `api.otherlevels.com | rich.otherlevels.com | geodata.otherlevels.com | tags.otherlevels.com | ws.otherlevels.com | mdn.otherlevels.com`
*   Code signature: `com.otherlevels.android.sdk`

## Repositories
*   Maven: `xxx`
*   Artifact ID: `xxx`
*   Group ID: `xxx`

## Gradle
`xxx`

## Additional links
https://www.otherlevels.com/partners/ https://beacons.otherlevels.com/ https://github.com/OtherLevels

## Notes
recent promotions of In-Play Messaging Solution for gambling and betting companies.


================================================
FILE: trackers/Pilgrim.md
================================================
# Tracker Name
Pilgrim

# In εxodus?
No

## Website
https://enterprise.foursquare.com/products/pilgrim

## About
Embed the most comprehensive location awareness engine into your app to engage users with contextually-relevant and geo-aware content.


## Category
Advertising, Location, Identity, Tracking, Beacon

## [Exodus Detection Rules](https://exodus-privacy.eu.org)
*   Network signature: `sdk.foursquare.com`
*   Code signature: `com.foursquare.pilgrim` , `com.foursquare.pilgrimsdk.android`

## Repositories
*   Maven: `https://foursquare.jfrog.io/foursquare/libs-release/`
*   Artifact ID: `xxx`
*   Group ID: `xxx`

## Gradle
`xxx`

## Additional links
https://github.com/foursquare/pilgrim-unity-sdk https://developer.foursquare.com/docs/pilgrim-sdk/android

## Notes
Foursquare's location tracker for iOS, Android and Unity3D

================================================
FILE: trackers/Pointinside.md
================================================
# Tracker Name
Point Inside

## Website
https://www.pointinside.com/

## About
Since 2009, Point Inside has been creating a foundation of indoor maps. We’re enabling location-centric, digital strategies across industries unlocking the power of the data driven enterprise.

## Category
Analytics, Location, Beacon

## [Exodus Detection Rules](https://exodus-privacy.eu.org)
*   Network signature: `xxx.com`
*   Code signature: `com.pointinside`

## Repositories
*   Maven: `https://dl.bintray.com/pi/maven`
*   Artifact ID: `xxx`
*   Group ID: `xxx`

## Gradle
`xxx`

## Additional links
xxx

## Notes


================================================
FILE: trackers/Proximi.md
================================================
# Tracker Name
Proximi

## Website
https://proximi.io/

## About
Proximi.io is a developer platform offering you all the positioning technologies and all features in a simple solution. Enable outdoor and indoor positioning in your app through iBeacon, Eddystone beacons, IndoorAtlas geomagnetic positioning, Wi-Fi, GPS and cellular positioning. Proximi.io is truly technology-agnostic, and committed to supporting all of the major positioning technologies. In other words, you’ll be safe with us – no matter what technologies you want to use today or tomorrow. Add geofencing with top market quality background functionality for indoor or outdoor spaces. And top it all with wayfinding and location-based analytics.

## Category
Beacon, Analytics, Location

## [Exodus Detection Rules](https://exodus-privacy.eu.org)
*   Network signature: `api.proximi.fi`
*   Code signature: `io.proximi.proximiiolibrary`

## Repositories
*   Maven: `https://bintray.com/proximi-io/proximiio-android/proximiio-android/2.7`
*   Artifact ID: `proximiiolibrary`
*   Group ID: `io.proximi.proximiiolibrary`

## Gradle
`xxx`

## Additional links
https://proximi.io/docs/android/ https://github.com/proximiio/proximiio-android-demo

## Notes
xxx


================================================
FILE: trackers/Pushwoosh.md
================================================
# Pushwoosh

## Primary Location
United States (Washington, DC) [CrunchBase, 01](https://www.crunchbase.com/organization/pushwoosh)

## Website
[https://www.pushwoosh.com](https://www.pushwoosh.com)

## About
Pushwoosh pushes in-app messaging across platforms [Pushwoosh, 01](https://www.pushwoosh.com)

## Ownership
Pushwoosh

## [Exodus Detection Rules](https://exodus-privacy.eu.org)
* `pushwoosh\.com`

## Documentation
[http://docs.pushwoosh.com/docs/fcm-integration](http://docs.pushwoosh.com/docs/fcm-integration)

## Products and services
Features include:

* _Data collection (via tags):_ "Collect additional data from your users as Tags - gender, city and DOB, or the amount of money spent on in-app purchases. Then use this data for precise segmentation, personal communication, push automation and analytics."
* _Real world location targeting:_ "Try real-time location-based feature to send automated push notifications to users entering a specific area. Send your sale offers, discount alerts and welcoming messages automatically" [Pushwoosh, 02](https://www.pushwoosh.com/features). 
   * _Targeting in geozones:_ "pins on the map that allow sending automatically triggered push notifications right at the moment a user enters the specified area on the map. Its range can be set from 50 to 1000 meters, and it has an adjustable cooldown period" [Pushwoosh, 03](http://docs.pushwoosh.com/docs/geozones).
   * _iBeacon micro-targeting_ [Pushwoosh, 10](https://www.pushwoosh.com/blog/features-guides/ibeacons)
* _Segmentation of audiences for marketing campaigns_ [Pushwoosh, 02](https://www.pushwoosh.com/features). Segments could include "username, ID, city, favorite football team, preferred news categories, or any other piece of information about your users" [Pushwoosh, 04](http://docs.pushwoosh.com/docs/segmentation-tags-and-filters).
* _In-apps tracking:_ In-app purchases ("The total amount of money spent on in-app purchases for the device"); Last In-App Purchase Date ("The date of the last in-app purchase made on the device"); and In-App Product ("Names of in-app products that were purchased on the device") [Pushwoosh, 05](https://docs.pushwoosh.com/v1.0/docs/in-apps-tracking).
* 250+ million pushes per day.
* _Personalized messages:_ "Address your users by name, and use any of their preferences in the message to make it relevant for every single user"
* _Statistics:_ "Measure app installs and opens, push subscription, sent & open rates, all tag data statistics, and much more."
* _In-app messaging:_ "deeply customizable rich content in-app banners and full-screen interstitials."
* _A/B Tests:_ "Perform A/B tests on your audience to figure out which push configuration works better for you."
* _Multiple languages_ [Pushwoosh, 02](https://www.pushwoosh.com/features)
* _Conversion Tracking:_ Track "the number of users who perform specific actions in your application or on your website after opening the push" [Pushwoosh, 06](https://www.pushwoosh.com/conversion-tracking)
* _Push Recovery Campaigns:_ Target abandon carts by returning customers to finish the transaction [Pushwoosh, 07](https://www.pushwoosh.com/abandoned-cart).
* _Loyalty:_ Boost audience loyalty with personalized messages.
* _Targeted messaging:_ Send targeted messages to segments [Pushwoosh, 09](https://www.pushwoosh.com/business-cases).

## Privacy  Policy
Privacy policy is listed at [Pushwoosh, 08](https://www.pushwoosh.com/privacy-policy). The Privacy Policy web page does not address opt-out; it appears to be directed at prospective business clients.

## Relationships
Nissan / Mercedes / Leica / Bosch / Sabre / runtastic / Abbyy / Silicon Beach Media / Reaktor / redBit games / Saatchi & Saatchi / RTL Group / Skyjey / STC / SurfStitch / rtve / Ubisoft / Unaversidad APEC / Tripcase / Suzuki / VANSO / Veikkaus / Urban Rivals / XiMad / Sony Entertainment Television / MSC Cruises / Rayman Jungle Run / World Wide Fund for Nature (WWF) / Red Cross / Diner Dash / Plymouth University / Playscape / MLB.com / Marmalade / Mastercard / Hewlett-Packard / MTN / 3rd Sense / ixigo.com / JDG / Elektromarked / LOT Polish Airlines / FX Guru / G5 Games / Haaretz / Frima Studio / FunPlus / Concentra / Fanfair / Deloitte Digital / Exhibit Force / Firezoo / AppPresser / Autoliv / Bag It! / Carrefour / Chicago Tribune Trivia [Pushwoosh, 01](https://www.pushwoosh.com)

## Details
_Financial details:_ Pushwoosh was founded in 2011 [Crunchbase, 01](https://www.crunchbase.com/organization/pushwoosh).

## References
* _CrunchBase, 01._ [https://www.crunchbase.com/organization/pushwoosh](https://www.crunchbase.com/organization/pushwoosh)  
* _Pushwoosh, 01._ [https://www.pushwoosh.com](https://www.pushwoosh.com)  
* _Pushwoosh, 02._ [https://www.pushwoosh.com/features](https://www.pushwoosh.com/features)
* _Pushwoosh, 03._ [http://docs.pushwoosh.com/docs/geozones](http://docs.pushwoosh.com/docs/geozones)  
* _Pushwoosh, 04._ [http://docs.pushwoosh.com/docs/segmentation-tags-and-filters](http://docs.pushwoosh.com/docs/segmentation-tags-and-filters)  
* _Pushwoosh, 05._ [https://docs.pushwoosh.com/v1.0/docs/in-apps-tracking](https://docs.pushwoosh.com/v1.0/docs/in-apps-tracking)  
* _Pushwoosh, 06._ [https://www.pushwoosh.com/conversion-tracking](https://www.pushwoosh.com/conversion-tracking)  
* _Pushwoosh, 07._ [https://www.pushwoosh.com/abandoned-cart](https://www.pushwoosh.com/abandoned-cart)  
* _Pushwoosh, 08._ [https://www.pushwoosh.com/privacy-policy](https://www.pushwoosh.com/privacy-policy)  
* _Pushwoosh, 09._ [https://www.pushwoosh.com/business-cases](https://www.pushwoosh.com/business-cases)

## External Links
* Owler company profile: [https://www.owler.com/iaApp/4589235/pushwoosh-company-profile](https://www.owler.com/iaApp/4589235/pushwoosh-company-profile)
* Pushwoosh on Github: [https://github.com/Pushwoosh](https://github.com/Pushwoosh)

# Questions or concerns about this document?
Please contact Privacy Lab: https://privacylab.yale.edu/directory


================================================
FILE: trackers/SafeGraph.md
================================================
# SafeGraph

## Primary Location
United States (San Francisco) [Crunchbase, 01](https://www.crunchbase.com/organization/safegraph)

## Website
[https://www.safegraph.com](https://www.safegraph.com)

## About
SafeGraph specializes in the collection of physical location data for data mining and analytics.

## Ownership
SafeGraph

## Detection Rules
* `api\.safegraph\.com`

## Documentation
[https://github.com/OpenLocate/openlocate-android](https://github.com/OpenLocate/openlocate-android)

## Products and Services
SafeGraph is a data company which aims to build a robust and detailed location-based tracking service for advertisers, industry, government and researchers. Products and services include:

* _SafeGraph Movement Panel:_ SafeGraph's "database of ultra-accurate GPS-location data that comes from anonymized mobile devices." The Movement panel offers:
  * _Sink detection:_ Detection of inaccurate location data based on " specific coordinates occurring at impossibly high rates".
  * _Teleporting detection:_ Detection of inaccurate location data when "devices appear to move at impossibly fast speeds, ostensibly traveling large distances between data points that occur next to each other" in data streams like bid streams.
  * _Jumpiness detection:_ Detection of innacurate location data when "we see two consecutive points in time that are fairly close but still implausibly spaced" (eg, "the GPS receiver in your phone lags or if a nearby skyscraper interferes with the location signal") [SafeGraph, 01](https://blog.safegraph.com/less-than-10-of-bid-stream-location-data-is-high-quality-and-we-know-how-to-find-it-3a2c0df35475)
* _SafeGraph Places API:_ This "to easily find the places of interest that are near a given lat/long, ordered by distance or relevance" [SafeGraph, 03](https://developers.safegraph.com/docs/places.html).
* _OpenLocate:_ The OpenLocate SDK will "collect location data (like GPS) from phones" [SafeGraph, 04](https://github.com/OpenLocate). This includes an Android and iOS SDK.  The service is built to provide developers complete control over their location data.  Developers can build location-enabled features into their apps and "maintain complete control over how end-user data is collected, where it is stored, and which APIs it will be sent to". This includes sending to storage services (like Amazon S3) or APIs (such as Google Places API or SafeGraph's Places API) [SafeGraph, 05](https://blog.safegraph.com/introducing-openlocate-the-open-source-location-sdk-f5c5d2739a48).

Other services include:
* "Detailed polygon maps on 50+ million U.S. places of interest
* Understanding of each business's popularity, taxonomy, hours, etc.
* Core investments in benchmarking via truth sets"
  * This includes Explicit Truth Sets (Check-ins, Daily diaries, Web surveys) and Implicit Truth Sets (Credit card data, Receipt data, First-party transactions) 

Data from visits may include:

* _Core truth set for matching:_
  * High-res GPS data
  * Deterministic data
  * Explicit and implicit truth
  * Data collected in background from large population
* _Deep places map:_
  * Best polygons
  * Footprint geometries
  * Metadata
  * Categories
  * Hours of operation
* Machine learning technology
  * Cross-validated against multiple independent 3rd party truth sets about where people go
* _Truth and accuracy_
  * High Precision // Low false positive rate; High recall // Low false negative rate" [SafeGraph, 06](https://www.safegraph.com/truth)

## Privacy Policy
_Data collection (method and use):_ SafeGraph collects data from "trusted third-party data partners such as mobile application developers, through APIs and other delivery methods". The data collection and use is "governed by the privacy policy and legal terms of the data collector and the website using the data; it is not governed by SafeGraph." SafeGraph "aggregates data collected from our data partners, and allows third party customers to access the Data for a variety of purposes such as ad targeting, traffic analysis, and market research." SafeGraph may also use data for their own "internal and operational purposes", and share data in response to requests from law enforcement or a governmental agency, "to protect or enforce our rights or those of others, or to investigate potential wrongdoing."  Data can also be transferred to a successor entity in the event of a merger or acquisition.

_Information collected:_ Information collected includes "data regarding a device’s precise geographic location, as well as other mobile identifiers such as Apple IDFAs and Google Android IDs, and other information about users and their devices."  

_Jurisdictions:_ "SafeGraph stores and processes information on servers in many countries around the world. We therefore may process your information on a server located outside the country where you live... Our customers (or companies that help us process the Data) may be located in other countries, so the Data we provide may be processed or used in a variety of countries, other than those our users reside in."  Customers of SafeGraph may create cross-device capabilities "to enable marketers to target users across various channels and devices."

_Opt-out:_ SafeGraph informs users of opt-out procedures for interest-based advertising and location tracking.  To opt out of interest-based advertising, they state, users can adjust settings in their Android or iOS devices.  This procedure, which they note may change, is mentioned in the SafeGraph privacy policy "purely for informational purposes."  SafeGraph further notes that "You also can remove your consent to having your location data collected by changing the settings on your device. (Certain services may lose functionality as a result.)"  SafeGraph's Privacy Policy provides links to the Network Advertising Initiative and the Digital Advertising Alliance, as well as www.youronlinechoices.com.  It informs users that these websites may provide additional opt-out options.

_Retention:_ Information SafeGraph collects is "retained indefinitely unless there has been a direct opt-out with us as directed above."

_Security:_ SafeGraph has security policies and procedures to " ensure compliance with industry best practices."  They state, "no physical or technological safeguards are 100 percent secure, we do not guarantee the security of any particular elements of Data that we hold" [SafeGraph, 07](https://www.safegraph.com/privacy-policy).

## Relationships
_Clients and partners:_ Statiq / AirSage / Stanford University / GroundTruth (formerly xAd) / UCLA / Baylor University / Weborama / Tufts University / The University of Chicago / Alphonzo / Freckle IoT / Georgia Tech / Esri / Appnext / 4Info / Research Now / Tapfwd / Arrivalist / Placecast / ThinkNear by Telenav / Pitney Bowes / Columbia University / Purdue University / UC San Diego / Sidewalk Labs / Temple University / Citilabs / PlaceIQ / Moovit / Skyhook / Postie / PicsArt / Oklahoma State University / Santa Clara University / OpenLocate

## Details
_Financial details:_ SafeGraph was founded in 2016, and has raised $16 million from funders [Crunchbase, 01](https://www.crunchbase.com/organization/safegraph); [SafeGraph, 02](https://blog.safegraph.com/safegraph-raises-16-million-series-a-e8e88eeb7beb)  

_Scope:_ SafeGraph "has access to super-accurate, anonymized location data on over 5% of all mobile phones in the U.S. (as of August 2017)" and is "increasing that percentage every day" [SafeGraph, 01](https://blog.safegraph.com/less-than-10-of-bid-stream-location-data-is-high-quality-and-we-know-how-to-find-it-3a2c0df35475).

_Slogans:_

* "SafeGraph maintains the ground truth dataset for human movement across the globe"
* "We provide high-quality location data products to help organizations make better decisions and improve lives"

## References
* _Crunchbase, 01._ [https://www.crunchbase.com/organization/safegraph](https://www.crunchbase.com/organization/safegraph)  
* _SafeGraph, 01._ [https://blog.safegraph.com/less-than-10-of-bid-stream-location-data-is-high-quality-and-we-know-how-to-find-it-3a2c0df35475](https://blog.safegraph.com/less-than-10-of-bid-stream-location-data-is-high-quality-and-we-know-how-to-find-it-3a2c0df35475)  
* _SafeGraph, 02._ [https://blog.safegraph.com/safegraph-raises-16-million-series-a-e8e88eeb7beb](https://blog.safegraph.com/safegraph-raises-16-million-series-a-e8e88eeb7beb)  
* _SafeGraph, 03._ [https://developers.safegraph.com/docs/places.html](https://developers.safegraph.com/docs/places.html)  
* _SafeGraph, 04._ [https://github.com/OpenLocate](https://github.com/OpenLocate)  
* _SafeGraph, 05._ [https://blog.safegraph.com/introducing-openlocate-the-open-source-location-sdk-f5c5d2739a48](https://blog.safegraph.com/introducing-openlocate-the-open-source-location-sdk-f5c5d2739a48)  
* _SafeGraph, 06._ [https://www.safegraph.com/truth](https://www.safegraph.com/truth)  
* _SafeGraph, 07._ [https://www.safegraph.com/privacy-policy](https://www.safegraph.com/privacy-policy)

## External Links
* _Crunchbase (SafeGraph):_ [https://www.crunchbase.com/organization/safegraph](https://www.crunchbase.com/organization/safegraph)  
* _Gigya:_ [https://www.gigya.com/blog/exploring-future-identity](https://www.gigya.com/blog/exploring-future-identity)  
* _Even:_ [https://evenfinancial.com/press/mit-brings-together-fintech-financial-services-first-ever-hackathon](https://evenfinancial.com/press/mit-brings-together-fintech-financial-services-first-ever-hackathon)  
* _SafeGraph:_ [https://blog.safegraph.com/less-than-10-of-bid-stream-location-data-is-high-quality-and-we-know-how-to-find-it-3a2c0df35475](https://blog.safegraph.com/less-than-10-of-bid-stream-location-data-is-high-quality-and-we-know-how-to-find-it-3a2c0df35475)  
* _Stanford Economics:_ [https://web.archive.org/web/20171116110210if_/https://economics.stanford.edu/sites/default/files/sharable_fulldraft.pdf](https://web.archive.org/web/20171116110210if_/https://economics.stanford.edu/sites/default/files/sharable_fulldraft.pdf)  
* _Washington Post:_ [https://www.washingtonpost.com/news/wonk/wp/2017/11/15/politics-really-is-ruining-thanksgiving-according-to-data-from-10-million-cellphones](https://www.washingtonpost.com/news/wonk/wp/2017/11/15/politics-really-is-ruining-thanksgiving-according-to-data-from-10-million-cellphones)  
* _The Outline:_ [https://theoutline.com/post/2490/why-is-this-company-tracking-where-you-are-on-thanksgiving](https://theoutline.com/post/2490/why-is-this-company-tracking-where-you-are-on-thanksgiving)


================================================
FILE: trackers/ScorecardResearch.md
================================================
# ScorecardResearch

## Primary Location
Not Listed

## Website
[https://www.scorecardresearch.com](https://www.scorecardresearch.com)

## About
About: "ScorecardResearch, a service of Full Circle Studies, Inc., is part of the comScore, Inc. market research community, a leading global market research effort that studies and reports on Internet trends and behavior. ScorecardResearch conducts research by collecting Internet web browsing data and then uses that data to help show how people use the Internet, what they like about it, and what they don’t." [ScorecardResearch, 01](https://www.scorecardresearch.com)

## Ownership
Part of Full Circle Studies, which is owned by comScore [ScorecardResearch, 01](https://www.scorecardresearch.com); [The Guardian, 01](https://www.theguardian.com/technology/2012/apr/23/scorecardresearch-tracking-trackers-cookies-web-monitoring)

## [Exodus Detection Rules](https://exodus-privacy.eu.org)
* `scorecardresearch\.com`

## Documentation
Via Optimizely: [http://help.optimizely.com/Integrate_Other_Platforms/Integrating_Optimizely_Classic_with_comScore_Digital_Analytix](http://help.optimizely.com/Integrate_Other_Platforms/Integrating_Optimizely_Classic_with_comScore_Digital_Analytix)

## Products and Services
_Data collected:_ "... Through the practices described above, we may also collect data about your Web browsing and mobile app usage behavior over time and across digital properties, including information about the possible relationships among different browsers and devices, and provide this data to third parties to use for their own interest-based advertising purposes" [ScorecardResearch, 02](https://www.scorecardresearch.com/privacy.aspx).  

ScorecardResearch provides a limited description of its services online. Some of the data listed on its website may be outdated or in need of an update. For example, there is little mention of mobile solutions: "ScorecardResearch collects data through from two main sources: surveys and web tagging. For our surveys, we invite people on the Internet to provide us with anonymous demographic and Internet usage information that we can use to refine our reporting. These surveys are always voluntary, and are never used to collect personal information. For web tagging, participating websites agree to deploy a special code throughout their sites. Again, no personally identifiable information is ever transmitted by, or linked to, the web tags" [ScorecardResearch, 01](https://www.scorecardresearch.com).  

## Privacy Policy
_Sharing with 3rd parties & mobile:_  
SCR data collection and sharing: "ScorecardResearch may use a third party service provider to obtain non-personally identifiable information and add that data to our measurements. Either ScorecardResearch or the third party service provider may initiate the process which results in this association, and this process may involve ScorecardResearch triggering the dropping of a cookie belonging to the third party service provider. We may also associate the anonymous unique identifier within the ScorecardResearch cookie on your computer or device with information obtained from other sources (such as consumer preference reporting companies) using confidential matching procedures" [ScorecardResearch, 02](https://www.scorecardresearch.com/privacy.aspx).  

_Opting Out:_  
"If you wish to opt-out of the collection, use and transfer of app usage data for interest-based advertising on your device by Scorecard Research and other companies that participate in the DAA’s AppChoices app, you may download that app onto your device and exercise your choice. AppChoices is available at the links below: 

DAA AppChoices iOS 
DAA AppChoices Android 
DAA AppChoices Amazon " [ScorecardResearch, 02](https://www.scorecardresearch.com/privacy.aspx)  

_Mobile privacy:_    
"As part of ScorecardResearch’s market research effort, participants agree to deploy ScorecardResearch web tags throughout their site. These tags send a message to ScorecardResearch that causes a ScorecardResearch cookie to be dropped or a mobile identifier to be accessed... ScorecardResearch uses the combination of tagging,cookies, and mobile identifiers (where relevant) to help participants count users who have visited and seen a page or various parts of a page" [ScorecardResearch, 02](https://www.scorecardresearch.com/privacy.aspx).

_Self-regulation:_  
"comScore supports the goals of the Digital Advertising Alliance, which has introduced Self-Regulatory Principles for Online Behavioral Advertising. comScore requires companies that place our tags on their webpages to include a notice that its sites or applications use cookies or other identifiers that collect anonymous traffic data, and that these cookies or other identifiers may be placed by the website or by a third-party who provides services to the web site. comScore's tags are used for market research; they are not used for behavioral advertising" [ScorecardResearch, 03](https://www.scorecardresearch.com/Principle.aspx).

## Relationships
ScorecardResearch is a service of Full Circle Studies, Inc. and part of the comScore, Inc. market research group [ScorecardResearch, 02](https://www.scorecardresearch.com/privacy.aspx).

## Details
In 2012, ScorecardResearch was the third-biggest name in The Guardian's "Tracking the Trackers" data set [The Guardian, 01](https://www.theguardian.com/technology/2012/apr/23/scorecardresearch-tracking-trackers-cookies-web-monitoring).

## References
* _ScorecardResearch, 01._ [https://www.scorecardresearch.com](https://www.scorecardresearch.com)  
* _ScorecardResearch, 02._ [https://www.scorecardresearch.com/privacy.aspx](https://www.scorecardresearch.com/privacy.aspx)  
* _ScorecardResearch, 03._ [https://www.scorecardresearch.com/Principle.aspx](https://www.scorecardresearch.com/Principle.aspx)
* _The Guardian, 01._ [https://www.theguardian.com/technology/2012/apr/23/scorecardresearch-tracking-trackers-cookies-web-monitoring](https://www.theguardian.com/technology/2012/apr/23/scorecardresearch-tracking-trackers-cookies-web-monitoring)

## External links
* _ScorecardResearch_: [https://www.scorecardresearch.com/about.aspx](https://www.scorecardresearch.com/about.aspx)
* _Full Circle Studies_: [https://www.fullcirclestudies.com](https://www.fullcirclestudies.com)  
* _Ghostery (Full Circle Studies)_: [https://apps.ghostery.com/apps/scorecard_research_beacon](https://apps.ghostery.com/apps/scorecard_research_beacon)

# Questions or concerns about this document?
Please contact Privacy Lab: https://privacylab.yale.edu/directory


================================================
FILE: trackers/Sift.md
================================================
# Tracker Name
Sift

# In εxodus?
No

## Website
https://sift.com

## About
More than 16,000 signals are analyzed by a service called Sift, which generates a "Sift score" ranging from 1 - 100. The score is used to flag devices, credit cards and accounts that a vendor may want to block based on a person or entity's overall "trustworthiness" score, according to a company spokeswoman.
LinkedIn, Airbnb, OpenTable, and Instacart are websites that serve up JavaScript versions of the tracker via https://cdn.siftscience.com/s.js

## Category
Identity, Tracking, Beacon, Credit Score

## [Exodus Detection Rules](https://exodus-privacy.eu.org)
*   Network signature: `cdn.siftscience.com` , `sift.com`
*   Code signature: `com.siftscience` , `sift-android`

## Repositories
*   Maven: `0.10.4`
*   Artifact ID: `siftscience`
*   Group ID: `com.siftscience`

## Gradle
`https://github.com/SiftScience/sift-android/`

## Additional links
* https://www.wsj.com/articles/the-secret-trust-scores-companies-use-to-judge-us-all-11554523206
* https://archive.is/iUVrw
* https://github.com/SiftScience/sift-ios
* https://github.com/SiftScience/inline-javascript
* https://github.com/SiftScience/sift-ios


## Notes
Formerly "Sift Science". Article in the Wall Street Journal brought this tracker to prominence in April 2019.


================================================
FILE: trackers/Smart.md
================================================
# Smart (Smart AdServer)

## Primary Location
France

## Website
http://smartadserver.com

## About
Smart uses a "full stack ad technology" for digital campaigns [Smart, 03](http://smartadserver.com/request-a-demo). They deliver "multi-screen and multi-channel advertising" for clients [Smart, 01](http://smartadserver.com). 

## Ownership
Smart

## [Exodus Detection Rules](https://exodus-privacy.eu.org)
* `smartadserver\.com`
* `saspreview\.com`

## Documentation
[https://github.com/smartadserver/SAS-DFP-Adapter-Android](https://github.com/smartadserver/SAS-DFP-Adapter-Android)

## Products and Services
_Solutions for publishers:_ Ad Server / Programmatic / Mobile / Video / Ad Formats [Smart, 04](http://smartadserver.com/publisher-platform/holistic-ad-server)  

_Full stack ad technology platform:_ Smart is a full stack ad technology platform: "We come to work because we want to solve the biggest problem publishers, advertisers and agencies face in online advertising — control. It’s simple. When other companies sell and resell your ad inventory and data through various parties, you depreciate your company’s value along the way. Smart’s integrated ad server and RTB+ Solution allows you to maintain control over your valuable media assets. We provide you with one robust engine to drive your revenues at any scale. Your ad server is the core of your business. It’s your most important strategic asset. It’s that much more powerful when it is seamlessly integrated with RTB+ and can handle the monetization and delivery of any kind of ads – display, rich media, video – on any platform – web, mobile web or mobile apps" [Smart, 05](http://smartadserver.com/what-we-do/our-mission).  

_Holistic Ad Server:_ "One integrated platform to run your entire advertising business, including direct and programmatic campaigns, across all digital formats and screens. Optimize operations without losing time switching between platforms... As the central piece of the puzzle, the ad server gets the big picture. It can optimize the value of each impression by taking absolutely all parameters into account in real time allowing direct sales to compete with programmatic ones. The platform dynamically allocates ads by incorporating all activity on the network: traffic and inventory forecasting, delivery planning, guaranteed campaign commitments, offers, and targeting parameters" [Smart, 04](http://smartadserver.com/publisher-platform/holistic-ad-server).  

"The Smart AdServer full stack platform features both an ad server and an SSP. From a single entry point, you can manage all your revenue sources: direct, programmatic and ad network mediation. Our outstanding holistic yield optimization algorithm ensures that each impression is sold through the best sales channel in order to maximize your overall revenue" [Smart, 06](http://smartadserver.com/publisher-platform/full-stack).

The service offers:
 
* Cross-platform delivery
* Forecasting 
* Ad format builder
* Viewability measurement
* Open and extendable services
* Expert support [Smart, 04](http://smartadserver.com/publisher-platform/holistic-ad-server)

_Premium Programmatic:_ "Our cross-platform, cross-device, cross-channel technology is 100% independent, 100% publisher-focused and easy-to-use. Access top quality buyers via an SSP integrated into the ad server."  This can:

1. Deliver premium ad campaigns (for rich media, native ads, and video)
2. Manage any type of deal (open auction for unreserved inventory; direct deals of fixed-price unreserved inventory; private auctions for buyers; and guaranteed deals with same options as for direct campaigns)
3. Regain full control of your inventory (granular control over RTB rules, including transparency level of your inventory, setting floor prices, and block-lists; quality monitoring utilizing smart machine learning, 3rd party tools, transparency reports, and a creative control interface)
4. Optimize your advertising revenue (manage all of your revenue sources - direct, programmatic, and ad network mediation - from a single interface).  A holistic yield optimization algorithm ensures impressions sold through the best sales channel to maximize revenue; an RTB+ Dashboard offers analytics for insights and revenue decisions; Smart AdServer teams to consult; and Smart Yield+ to optimize rules and price floors [Smart, 08](http://smartadserver.com/publisher-platform/premium-programmatic).

_RTB Mobile:_ Deliver relevant mobile ad experiences, using rich media templates so "you can create a campaign even if you don’t have stellar technical skills" [Smart, 09](http://smartadserver.com/publisher-platform/mobile).

## Relationships
650+ customers [Smart, 11](http://smartadserver.com/media-buyers) 
150+ integrated partners [Smart, 10](http://smartadserver.com/what-we-do/ecosystem)  

_Demand partners:_ Radium one / Turn / AppNexus / DoubleClick bid manager by Google / MediaMath / Adform / criteo (A.I. marketing platform) / nextperf / theTradeDesk / sociomantic / quantcast / Index / BidSwitch / DataXu / AdRoll / Vizury / Sitescout / Liquid M / LDmobile / mediasmart / Trademob / A mob / StikeAd / loopMe / DynAdmic / Zebestof / Pocketmath / adelphic / TLVMedia [Smart, 10](http://smartadserver.com/what-we-do/ecosystem) / himediagroup / aufeminin / Axel Springer / SFR Régie / Orange / M-Publicite / L'Équipe / Clarín / Genesismedia / Antevenio / [Smart, 13](http://smartadserver.com/company/customers)

_Others:_  

* 2nd screen: screenpulse / TVTY Real Time / Visiware International  
* 3rd Party Vendors: adform / celtra / DoubleClick by Google / Atlast by Facebook / flashtalking / InMobi / inspired / justAd / MobileAds / S4M / Sizmek / userADgents / weborama / Joule  
* Analytics: Keynote / S4M  
* Audience Data: AudienceScience / ezakus / Globalfastads.com / navegg / Tail Target / krux  
* Brandsafety: adwatchisobar  
* Content Delivery Network: Akamai / Level(3)  
* Creatives: iab / iab MRAID webTester / iab compliant VAST  
* Environment: Android / HTML5 / W3C  
* Forecast: Yieldex  
* Membership: iab / MMA (Mobile Marketing Association)  
* Order management: adlogix.eu / Advendio.com / fivia / nugg.ad  
* Privacy: Ghostery / Your Online Choices  
* Publishing Networks: Facebook / Google Display Network / msn / Pandora / Q1 Media / The New Yorker / Travel+ Leisure / YouTube  
* Video Players: brightcove / Dailymotion / flowplayer / JWPlayer / OOYALA  
* Viewability: AppNexus  [Smart, 10](http://smartadserver.com/what-we-do/ecosystem)

Antevenio (ad network that delivers 1.2 billion ad impressions/month to MTV, Paramount, Libertad Digital, Letsbonus, Repsol, BBC, etc. - see [Smart, 07](http://smartadserver.com/uploads/EN_SAS_RTB_Case_study_antevenio_2014_3.pdf)) / access to 50,000 leading global marketer brand buyers through Smart AdServer's Demand Partner Network [Smart, 08](http://smartadserver.com/publisher-platform/premium-programmatic) altitude digital / adikteev [Smart, 11](http://smartadserver.com/media-buyers) / Fraudlogix [Smart, 12](http://smartadserver.com/wp-content/uploads/2017/10/20170606_Brand_Safety_Policy.pdf)

In 2012, Smart AdServer teamed up with Rubicon Project for integration into their client base [ExchangeWire, 01](https://www.exchangewire.com/blog/2012/07/23/addressing-the-stack-smart-adserver-teams-up-with-rubicon-project-to-maximise-yield).

_Industry Affiliations:_ European Interactive Digital Advertising Alliance [Ghostery, 01](https://apps.ghostery.com/apps/smart_adserver)

## Privacy policy
_Cookies & Web Beacons:_ "Like most digital marketing solutions, Smart AdServer uses “cookies” and other technologies to enhance users’ experiences on the web, to deliver more relevant ads, and for ad delivery and reporting. We cannot use these technologies to personally identify you, and these technologies do not damage your system or files. Smart AdServer uses these technologies to help recognize a unique computer or device so we are able to deliver relevant advertising and measure the impact of that advertising."  

_Cookie Opt-Out:_ The cookie opt-out policy allows users to "opt out form our advertising network" and "ensures you that your browser will not be identify anymore by our system", see "http://www.smartadserver.com/diffx/optout/IABOptout.aspx. A blank page will open, confirming the opt-out process has been completed and Smart AdServer will no longer place cookies on your computer."

_Online Behavioral Advertising opt-out via YourOnlineChoices platform:_ "Smart AdServer is a member of the European Interactive Digital Advertising Alliance (EDAA) and a signatory to the Self-Regulatory Principles for Online Behavioral Advertising (http://www.edaa.eu/european-principles/)."

The EDAA offers a Consumer Choice Page (http://youronlinechoices.eu) (opt-out). To learn more, please visit http://edaa.eu." [Smart, 02](http://smartadserver.com/company/privacy-policy)

Smart promises no personal identity is revealed through their practices: "Online measurements are compiled and anonymous"; "We cannot use [ cookies and other technologies ] to personally identify you"

## Details
_Financial Details:_ Smart AdServer was created by Internet portal Aufeminin.com in 2001 [clubic, 01](http://www.clubic.com/actualite-145758-100-clients-francais-smart-adserver.html).  In 2007, Axel Springer acquired Aufeminin.com.  Smart AdServer became independent from Aufeminin.com when it was acquired by Sino-French private-equity fund Cathay Capital for 37 million € [Wikipedia, 01](https://en.wikipedia.org/wiki/Smart_Adserver); [JDN, 01](http://www.journaldunet.com/ebusiness/publicite/vente-smart-adserver-cathay-capital.shtml); [Smart, 14](http://smartadserver.com/smart-adserver-officially-becomes-independent-with-the-support-of-cathay-capital); [Cathay, 01](http://www.cathay.fr/en/news/cathay-buy-smart-adserver-e37m). Smart AdServer "generated turnover of $16 million in 2014" [Ad Exchanger, 01](https://adexchanger.com/platforms/smart-adserver-goes-independent-via-private-equity-firm).  

## Details
_Financial details:_ Smart was founded in 2001 [Crunchbase, 01](https://www.crunchbase.com/organization/smart-adserver)

_Scope:_ For programmatic buyers: 
* 50 billion auctions per month on desktop 30 billion auctions per month on mobile 
* 650+ publishers / 800 million unique visitors 
* 30,000 sites and apps [Smart, 11](http://smartadserver.com/media-buyers)  
* 150 billion monthly impressions [Smart, 13](http://smartadserver.com/company/customers)

### Methods
Cookies & Web Beacons are used (including pixel tags) [Smart, 02](http://smartadserver.com/company/privacy-policy)

"Sites and Advertisers are using the system to manage the delivery of their online advertising campaigns. They can collect anonymous statistical data on their visitors to follow the delivery of their campaign and to increase their performance. We may also collect information including your IP address, your ISP, the browser you used to visit a site, and in some cases, whether you have Flash installed. This is generally used for geotargeting purposes or showing certain ads depending on your browser configuration. Online measurements are compiled and anonymous. They essentially relate to Internet advertising campaign exposure: the number of impression of a banner, the number of clicks or the number of visitors having seen the campaign. Some statistics may relate to the performance of the campaign (‘return of investment’). In addition to that, Smart AdServer may use cookies to provide advanced statistical data." [Smart, 02](http://smartadserver.com/company/privacy-policy)

_Mobile:_  
1. _Location targeting based on:_ device type; connection type; location through geotargeting; SDK version; screen size; any sales channel; geofencing ("Use GPS positioning to pinpoint your target audience based on proximity to a location").  

2. Prefetch: Deliver ads to users when offline (eg, during commute)

3. Viewability: "Measure the number of viewable impressions and define viewability settings based on parameters such as location and area of ad exposure."

4. Reporting and forecasting: "Get real-time campaign statistics as well as accurate and reliable forecasts based on date, media type, operator, brand model, location and more."

5. Showcasing: "Showcase apps by previewing ad on actual devices before it goes live" [Smart, 09](http://smartadserver.com/publisher-platform/mobile)

## References
* _Crunchbase, 01._ [https://www.crunchbase.com/organization/smart-adserver](https://www.crunchbase.com/organization/smart-adserver)
* _ExchangeWire, 01._ [https://www.exchangewire.com/blog/2012/07/23/addressing-the-stack-smart-adserver-teams-up-with-rubicon-project-to-maximise-yield](https://www.exchangewire.com/blog/2012/07/23/addressing-the-stack-smart-adserver-teams-up-with-rubicon-project-to-maximise-yield)
* _Ghostery, 01._ [https://apps.ghostery.com/apps/smart_adserver](https://apps.ghostery.com/apps/smart_adserver)
* _Smart, 01._ [http://smartadserver.com](http://smartadserver.com)
* _Smart, 02._ [http://smartadserver.com/company/privacy-policy](http://smartadserver.com/company/privacy-policy)
* _Smart, 03._ [http://smartadserver.com/request-a-demo](http://smartadserver.com/request-a-demo)  
* _Smart, 04._ [http://smartadserver.com/publisher-platform/holistic-ad-server](http://smartadserver.com/publisher-platform/holistic-ad-server)
* _Smart, 05._ [http://smartadserver.com/what-we-do/our-mission](http://smartadserver.com/what-we-do/our-mission)
* _Smart, 06._ [http://smartadserver.com/publisher-platform/full-stack](http://smartadserver.com/publisher-platform/full-stack)
* _Smart, 07._ [http://smartadserver.com/uploads/EN_SAS_RTB_Case_study_antevenio_2014_3.pdf](http://smartadserver.com/uploads/EN_SAS_RTB_Case_study_antevenio_2014_3.pdf)
* _Smart, 08._ [http://smartadserver.com/publisher-platform/premium-programmatic](http://smartadserver.com/publisher-platform/premium-programmatic)
* _Smart, 09._ http://smartadserver.com/publisher-platform/mobile](http://smartadserver.com/publisher-platform/mobile)
* _Smart, 10._ [http://smartadserver.com/what-we-do/ecosystem](http://smartadserver.com/what-we-do/ecosystem)
* _Smart, 11._ [http://smartadserver.com/media-buyers](http://smartadserver.com/media-buyers)
* _Smart, 12._ [http://smartadserver.com/wp-content/uploads/2017/10/20170606_Brand_Safety_Policy.pdf](http://smartadserver.com/wp-content/uploads/2017/10/20170606_Brand_Safety_Policy.pdf)
* _Smart, 13._ [http://smartadserver.com/company/customers](http://smartadserver.com/company/customers)
* _Smart, 14._ [http://smartadserver.com/smart-adserver-officially-becomes-independent-with-the-support-of-cathay-capital](http://smartadserver.com/smart-adserver-officially-becomes-independent-with-the-support-of-cathay-capital)
* _Wikipedia, 01._ [https://en.wikipedia.org/wiki/Smart_Adserver](https://en.wikipedia.org/wiki/Smart_Adserver)  

## External Links
* _Ghostery_: [https://apps.ghostery.com/apps/smart_adserver](https://apps.ghostery.com/apps/smart_adserver)  
* _Wikipedia_: [https://en.wikipedia.org/wiki/Smart_Adserver](https://en.wikipedia.org/wiki/Smart_Adserver)

# Questions or concerns about this document?
Please contact Privacy Lab: https://privacylab.yale.edu/directory


================================================
FILE: trackers/TUNE.md
================================================
# TUNE

## Primary Location
United States (Seattle) [Crunchbase, 01](https://www.crunchbase.com/organization/tune)

## Website
[https://www.tune.com](https://www.tune.com)

## About
TUNE offers products and services for the digital marketing and advertising industry, including the TUNE Marketing Console, a mobile marketing technology stack [TUNE, 08](https://www.tune.com/who-we-are).

## Ownership
TUNE

## [Exodus Detection Rules](https://exodus-privacy.eu.org)
* `mobileapptracking\.com`

## Documentation
[https://developers.tune.com/sdk/android-quick-start](https://developers.tune.com/sdk/android-quick-start)

## Products and Services
Many of TUNE's services are provided through the TUNE Marketing Console (TMC). The TMC "is designed to collect and use data such as Unique Advertising Identifiers, Statistical Identifiers, Geographic Location Data, Email Addresses, and other data provided by the Advertiser for attribution, app store optimization, and in-app marketing. Advertisers are able to view and measure data provided by TUNE, as well as third-party Partners that the Advertiser selects, in the TMC. For instance, an Advertiser can compare the results of advertising campaigns conducted with different Partners in the TMC. Advertisers and Partners may also send information to the TMC via Postback" [TUNE, 10](https://www.tune.com/resources/data-and-privacy/privacy-policies/tmc-privacy-policy).

TUNE products and services offered include:

* _In-App Marketing:_ Leverage customer segmentation tools and contextual insight to send personalized messages, guide users through from onboarding to conversion, and take action with real-time reporting, A/B testing, and optimization. Features include location-based triggers, deep links, automatic actions, automated triggers, and scheduled campaigns [TUNE, 02](https://www.tune.com/solutions/tune-marketing-console/in-app-marketing).
* _TUNE Marketing Console:_ 
* * Track user behavior on and offline, across devices, via TUNE's understanding of the "customer journey".
* * Uniques identify users and target their "proximity" via location tracking.
* * Help clients to "Streamline your mobile marketing and measurement" with services that are "people-centric". 
* * Unify data into one place, and give ownership of the data to the client. 
* * TUNE's APIs allows clients to sync with thousands of integrated partners [TUNE, 03](https://www.tune.com/solutions/tune-marketing-console/our-difference).
* _Attribution Analytics:_ TUNE offers mobile analytics based on detailed performance reports and people-centric segmentation to maximize return on investment; analytics for re-engagement; analytics for return on ad spend; as well as analytics for fraud prevention [TUNE, 04](https://www.tune.com/solutions/tune-marketing-console/attribution-analytics).
* _App Store Analytics:_ TUNE provides tools to optimize success in app stores [ TUNE, 05](https://www.tune.com/solutions/tune-marketing-console/app-store-analytics).
* _Fraud prevention:_ TUNE Fraud services identify install and click fraud, allows businesses to set custom fraud rules, and provides analytics to detect and classify potential fraud [TUNE, 06](https://www.tune.com/solutions/tune-marketing-console/mobile-ad-fraud-detection-prevention)  

TUNE is "a 'data processor' that collects and analyzes End User data at the specific request of our client Advertisers, the 'data controllers'" [TUNE, 10](https://www.tune.com/resources/data-and-privacy/privacy-policies/tmc-privacy-policy).

TUNE also tracks in-app user behavior and correlates it with a unique identifier [TUNE, 07](https://developers.tune.com/sdk/measuring-in-app-events).

A simple version of TUNE's targeted advertising is provided on their opt-out website. It is explained as follows:  

"Within the TMC, two features allow advertisers to use data to target advertising to an end user:

1. AUDIENCES allows Advertisers to build segments based on previously acquired attribution data (from the TMC's Attribution Analytics feature)...
2. IN APP MARKETING allows advertisers to send end users push notifications outside of the app environment, as well as in-app messages - for promotional and other activities..." [TUNE, 09](http://www.optoutmobile.com).

In this context, TMC covers "Attribution Analytics, App Store Analytics, Audiences, and In-App Marketing" [TUNE, 10](https://www.tune.com/resources/data-and-privacy/privacy-policies/tmc-privacy-policy).

## Privacy Policy
TUNE "defines privacy as the end user’s rights to receive notice, give consent, and opt-out of the collection, use, and sharing of data that is about or can identify that end user".

_Opt-out:_ TUNE has an opt-out website, www.optoutmobile.com, which details how end users can opt out of features in the TUNE Marketing Console (TMC) that target users online. Users can opt out of the "audiences" segment-based targeted advertising if they "enable Limit Ad Tracking or “LAT” or re-set their ad identifier on their device OR opt out within the app itself". They can opt out of "in app marketing" if they "use the appropriate settings on their mobile platform (Android, iPhone, or Windows)". Additional details of how to opt out of mobile on the outoutmobile.com website.  TUNE will pass on LAT requests to Advertisers, and will honor opt-outs provided to them by Advertisers. They also honor push notification opt outs set by the End User on their device.  

Opting out of the TMC "will not stop those users from receiving interest-based advertisements from Advertisers or other publishers or ad networks. End Users who want to opt out of a particular ad network, publisher, or Advertiser’s ads must contact those companies directly to opt out."

_Data ownership (TMC):_ "Unless otherwise specified, and pursuant to the TUNE Data Pledge, Advertisers own the data that they provide to and collect through the TMC. When Advertisers remove or export their data from the TMC, their use of End User data is governed by their own privacy policies and applicable laws, rules, or regulations."    

_Data collected (TMC):_ The TMC "is designed to collect and use data such as Unique Advertising Identifiers, Statistical Identifiers, Geographic Location Data, Email Addresses, and other data provided by the Advertiser for attribution, app store optimization, and in-app marketing."  

_Data sharing (TMC):_ Advertisers "are able to view and measure data provided by TUNE, as well as third-party Partners that the Advertiser selects, in the TMC. For instance, an Advertiser can compare the results of advertising campaigns conducted with different Partners in the TMC. Advertisers and Partners may also send information to the TMC via Postback"... Advertisers can share all data collected through the TMC with Partners via Postback, data exports, and/or API calls". TUNE itself may provide or disclose, or enable others to provide, End User Data for the purposes of detecting and preventing malicious activity of invalid traffic, or believe that we are legally required to do so."   

_Personally identifiable information:_ "The TMC does not primarily rely on data that is considered “personal” in other jurisdictions for Attribution and App Store Optimization. The TMC does support automatic hashing in cases where the Advertiser chooses to upload “personal” data into the TMC to ensure that the TMC does not process such data in raw form". A detailed list of what TUNE considers PII and non-PII can be found at their data & security web page [TUNE, 13](https://help.tune.com/marketing-console/the-importance-of-securing-data-in-the-tmc).  

_Advertiser data use permissions (TMC):_ Advertisers can use information collected through by the TMC for:

* Attribution (eg, ad campaign analytics, cross-device attribution)
* App Store Analytics (eg, A/B testing, analytics)
* Audiences (eg, segments, behavioral and demographic profiling)
* In-App Marketing (eg, push notifications, A/B testing of push notifications)

_Regulation:_ TUNE complies with the Digital Advertising Alliance self-regulatory requirements.

_International Law:_ TUNE adheres to the Privacy Shield Principles.  

_Security:_ TUNE " uses commercially reasonable efforts including a variety of security technologies and procedures to secure client and End User Data from unauthorized access, use or disclosure" [TUNE, 10](https://www.tune.com/resources/data-and-privacy/privacy-policies/tmc-privacy-policy).

## Relationships
_Customers:_ ebay / Sony / Expedia / LINE / Supercell / Flipkart / Staples / Zillow / Sephora / Kabam / Starz / Draft Kings [TUNE, 01](https://www.tune.com) / MovieStarPlanet / Zoosk / Cheerz / SaferVPN / Schoold / Appromoters [TUNE, 12](https://www.tune.com/resources/resource-library/#customer-stories)

## Details
_Financial details:_ TUNE was founded in 2009 and has raised over $36 million from funders [Crunchbase, 01](https://www.crunchbase.com/organization/tune).  

_Innovation:_ TUNE claims to be at the forefront of many innovations in the advertising industry. They state they are "the first self-service performance marketing platform, the original mobile app measurement product, and the first multi-touch attribution for app advertising. We were also the first to combine app and web measurement, and the first to measure performance on nearly every mobile advertising platform like Google, Twitter, Snapchat and others" [TUNE, 08](https://www.tune.com/who-we-are).

## References
* _Crunchbase, 01._ [https://www.crunchbase.com/organization/tune](https://www.crunchbase.com/organization/tune)  
* _TUNE, 01._ [https://www.tune.com](https://www.tune.com)  
* _TUNE, 02._ [https://www.tune.com/solutions/tune-marketing-console/in-app-marketing](https://www.tune.com/solutions/tune-marketing-console/in-app-marketing)  
* _TUNE, 03._ [https://www.tune.com/solutions/tune-marketing-console/our-difference](https://www.tune.com/solutions/tune-marketing-console/our-difference)  
* _TUNE, 04._ [https://www.tune.com/solutions/tune-marketing-console/attribution-analytics](https://www.tune.com/solutions/tune-marketing-console/attribution-analytics)  
* _TUNE, 05._ [https://www.tune.com/solutions/tune-marketing-console/app-store-analytics](https://www.tune.com/solutions/tune-marketing-console/app-store-analytics)  
* _TUNE, 06._ [https://www.tune.com/solutions/tune-marketing-console/mobile-ad-fraud-detection-prevention](https://www.tune.com/solutions/tune-marketing-console/mobile-ad-fraud-detection-prevention)  
* _TUNE, 07._ [https://developers.tune.com/sdk/measuring-in-app-events](https://developers.tune.com/sdk/measuring-in-app-events)  
* _TUNE, 08._ [https://www.tune.com/who-we-are](https://www.tune.com/who-we-are)  
* _TUNE, 09._ [http://www.optoutmobile.com](http://www.optoutmobile.com)  
* _TUNE, 10._ [https://www.tune.com/resources/data-and-privacy/privacy-policies/tmc-privacy-policy](https://www.tune.com/resources/data-and-privacy/privacy-policies/tmc-privacy-policy)  
* _TUNE, 11._ [https://www.tune.com/resources/data-and-privacy](https://www.tune.com/resources/data-and-privacy)  
* _TUNE, 12._ [https://www.tune.com/resources/resource-library/#customer-stories](https://www.tune.com/resources/resource-library/#customer-stories)  
* _TUNE, 13._ [https://help.tune.com/marketing-console/the-importance-of-securing-data-in-the-tmc](https://help.tune.com/marketing-console/the-importance-of-securing-data-in-the-tmc)

## External Links
* _Crunchbase (TUNE):_ [https://www.crunchbase.com/organization/tune](https://www.crunchbase.com/organization/tune)

# Questions or concerns about this document?
Please contact Privacy Lab: https://privacylab.yale.edu/directory


================================================
FILE: trackers/TVSquared.md
================================================
# Tracker Name
TVsquared

# In εxodus?
No

## Website
https://tvsquared.com/

## About
More than 700 brands, agencies and networks in 70+ countries use TVSquared to measure and optimize TV, improving campaign performance by up to 80%.


## Category
Advertising, Location, Identity, Tracking

## [Exodus Detection Rules](https://exodus-privacy.eu.org)
*   Network signature: `tvsquared.com`
*   Code signature: `com.xxx`

## Repositories
*   Maven: `xxx`
*   Artifact ID: `xxx`
*   Group ID: `xxx`

## Gradle
`xxx`

## Additional links
https://collector-1664.tvsquared.com/ , https://collector-1518.tvsquared.com/tv2track.js ,
collector-1373.tvsquared.com, collector-2168.tvsquared.com, collector-634.tvsquared.com

https://collector-545.tvsquared.com/piwik/piwik.php?idsite=TV-455445-1&rec=1&rand=758228594 
above URL generates: R0lGODlhAQABAIABAAAAAP///yH5BAEAAAEALAAAAAABAAEAAAICTAEAOw==



## Notes
*** PROFILE IN PROGRESS ***
TVSquared's JavaScript tag

================================================
FILE: trackers/Taplytics.md
================================================
# Tracker Name
Taplytics

## Website
https://taplytics.com/

## About
Taplytics is an intelligent customer experience cloud specializing in turning first-time users into lifetime customers through magical moments

## Category
Analytics, Advertising

## [Exodus Detection Rules](https://exodus-privacy.eu.org)
*   Network signature: `xxx.com`
*   Code signature: `com.taplytics.sdk`

## Repositories
*   Maven: `xxx`
*   Artifact ID: `taplytics`
*   Group ID: `com.taplytics.sdk`

## Gradle
`https://github.com/taplytics/Taplytics-Android-SDK/raw/master/AndroidStudio/`

## Additional links
https://api.taplytics.com , https://github.com/taplytics , https://js.taplytics.com/jssdk/

## Notes
Mobile, Web, TV and Over The Top devices.


================================================
FILE: trackers/Tealium.md
================================================
# Tealium

## Primary location
United States (San Diego) [Crunchbase, 01](https://www.crunchbase.com/organization/tealium)

## Website
[https://www.tealium.com](https://www.tealium.com)

## About
Tealium offers a universal data hub that unites its clients' tools and teams with "universally acceptable, real-time customer data" [Tealium, 01](https://www.tealium.com).

## Ownership
Tealium

## [Exodus Detection Rules](https://exodus-privacy.eu.org)
* `tiqcdn\.com`

## Documentation
https://community.tealiumiq.com/t5/Tealium-for-Android/Adding-Tealium-to-Your-Android-App/ta-p/16846

## Products and Services
Tealium integrates technologies and services. Products and services include:

* Build & Stitch Profiles
* Define Audiences
* Trigger Actions
* Analytics
* Big Data
* Customer Relations Management
* Display Ad
* Email
* Personalization
* Search
* Social [Tealium, 01](https://www.tealium.com)

Products include:

* _Tealium iQ Tag Management:_ Integrate with other vendors through tags [Telium, 02](https://tealium.com/products/tealium-iq-tag-management-system).
* _Tealium Event Stream:_ Data collection from any source (web, mobile, OTT), monitor data stream in real time, and leverage data in real time, especially for use on mobile devices [Tealium, 03](https://tealium.com/products/tealium-eventstream).
* _Tealium AudienceStream Customer Data Platform:_ A CDP that offers "robust audience management and data enrichment capabilities resulting in unified customer profiles and the ability to take immediate, relevant action... Tealium AudienceStream allows users to connect all of their customer data, creating a single view of customers and the ability to automate actions across every channel, touchpoint and vendor in your entire digital ecosystem". Tealium's Audience Sizing "allows users to connect all of their customer data, creating a single view of customers and the ability to automate actions across every channel, touchpoint and vendor in your entire digital ecosystem" [Tealium, 04](https://tealium.com/products/audiencestream).
* _Tealium DataAccess:_ DataAccess "offers the richest source of clean and correlated omnichannel, event and audience data collected across web and mobile touch points, and makes that data available for real-time action". It focuses on unifying data and offers the capacity to "Correlate and stitch online and offline data assets to provide a rich “ready to query” visitor dataset" [Tealium, 05](https://tealium.com/products/tealium-dataaccess).

Tealium's "Visitor Stitching" tracks user behavior on and offline, across devices. With this technology, Tealium states, "Previously anonymous visitor behavior will fulfill critical gaps in customer knowledge when cross device activity is merged with known customer profiles". Tealium has a patent on their visitor stitching approach that combines the details from two or more profiles into one. Their "proprietary technology ‘replays’ the data from each of the stitched profiles back in order, so that the profile can be built taking into account the sequence of the customer’s journey".  

Tealium "tracks visitor IDs from a variety of sources including Facebook, Amazon, Twitter, LinkedIn, Google Plus and more. When any known ID is matched, visitors, their behaviors, and devices are automatically stitched together. AudienceStream then enables you to take actions using these profile-based attributes and create unique audiences, facilitating compelling omnichannel campaigns that may begin on a mobile device and follow the user to his or her desktop" [Tealium, 06](https://tealium.com/resources/visitor-stitching).

## Privacy Policy
Tealium lists a Privacy Policy on its website; it is unclear if there are any differences in policy as it applies to their mobile tracker.  

_Data collection:_ Tealium collects both PII and non-PII from individuals visiting its website or using its services. PII may be collected when signing up for Tealium services. Non-PII may be collected when visiting the Tealium website from a web browser or mobile device. Tealium collects information from web browser through the use of cookies and web beacons. They also collect data on IP addresses to " administer the Tealium Website, analyze trends, track visitor movements, and gather broad demographic information that assists us in identifying visitor preferences". They "may collect aggregated data regarding use of the Services and the Tealium Website, including, without limitation, number of Site Visitors, frequency and patterns of use, tag usage, feedback request trends, etc. (“Aggregated Data”)". They state they use "Aggregated Data as a statistical measure and not in a manner that would identify you personally" and that they "may make use of, or make such Aggregated Data available to, third parties, in any manner in our sole discretion". Details on what constitutes "aggregated data" or not available.  

_Data sharing:_ Tealium shares data with service providers, affiliates, partners and affiliated businesses not controlled by Tealium, billing, and when compelled by authorities.

_International law:_ Tealium "participates in and has certified its compliance with the EU-U.S. Privacy Shield Framework (Privacy Shield) and Swiss Safe Harbor".

_Opt-out:_ Tealium states, "You may correct, update and delete your Customer Information, change your choices for alerts and other messages, choose whether to receive offers and promotions from us or you may request access to the Personal Information we hold about you and ask us to amend or delete such Personal Information. You can send your request to support@tealium.com." They also honor Do Not Track headers and "allows its users to opt‐out of having their personal information collected by Tealium". It is not clear how individuals could opt-out of data collection from the Telium mobile device tracker.

_Data retention:_ Tealium " retains the information we receive as described in this Privacy Statement for as long as needed to provide our Services, comply with our legal obligations, resolve disputes, establish legal defenses, conduct audits, pursue legitimate business purposes, and enforce our agreements".

_Security:_ Tealium states that it "takes precautions, including administrative, technical, and physical measures – to help safeguard Customer Information against loss, theft, and misuse as well as unauthorized access, disclosure, alteration, and destruction. While we follow generally accepted standards to protect information submitted to us, no method of storage or transmission is 100% secure. Users are solely responsible for protecting their passwords, limiting access to their computers, and signing out of the Services after their sessions" [Tealium, 07](https://tealium.com/privacy).

## Relationships
_Integrations (technological):_ Amazon Web Services / Bronto / Campaign Monitor / Twitter Campaigns / Facebook / CheetahMail / Criteo / Demandware [Tealium, 01](https://www.tealium.com).

## Details
_Financial details:_ Tealium was founded in 2008 and has raised over $112 million from funders [Crunchbase, 01](https://www.crunchbase.com/organization/tealium).

## References
* _Crunchbase, 01._ [https://www.crunchbase.com/organization/tealium](https://www.crunchbase.com/organization/tealium)  
* _Tealium, 01._ [https://www.tealium.com](https://www.tealium.com)  
* _Tealium, 02._ [https://tealium.com/products/tealium-iq-tag-management-system](https://tealium.com/products/tealium-iq-tag-management-system)  
* _Tealium, 03._ [https://tealium.com/products/tealium-eventstream](https://tealium.com/products/tealium-eventstream)  
* _Tealium, 04._ [https://tealium.com/products/audiencestream](https://tealium.com/products/audiencestream)  
* _Tealium, 05._ [https://tealium.com/products/tealium-dataaccess](https://tealium.com/products/tealium-dataaccess)  
* _Tealium, 06._ [https://tealium.com/resources/visitor-stitching](https://tealium.com/resources/visitor-stitching)  
* _Tealium, 07._ [https://tealium.com/privacy](https://tealium.com/privacy)

## External Links
* _Wikipedia (Tealium):_ [https://en.wikipedia.org/wiki/Tealium](https://en.wikipedia.org/wiki/Tealium)  
* _Ghostery (Tealium):_ [https://apps.ghostery.com/apps/tealium](https://apps.ghostery.com/apps/tealium)
* _Crunchbase (Tealium):_ [https://www.crunchbase.com/organization/tealium](https://www.crunchbase.com/organization/tealium)

# Questions or concerns about this document?
Please contact Privacy Lab: https://privacylab.yale.edu/directory


================================================
FILE: trackers/Teemo.md
================================================
# Teemo (ex Databerries)

## Primary Location
France (Paris) [Crunchbase, 01](https://www.crunchbase.com/organization/databerries)

## Website
[https://www.teemo.co](https://www.teemo.co)

## About
Teemo claims to run the "World's first and biggest persistent geolocation targeting database".  They provide "solutions" for "retail advertisers" and "app publishers". [Teemo, 01](http://teemo.co). 

## Ownership
Teemo

## [Exodus Detection Rules](https://exodus-privacy.eu.org)
* `databerries\.com`

## Documentation
https://teemo.co/sdkguidelines/

## Products and Services

_Retail Advertisers - Real Life Targeting:_ "We target your prospects based on the places they attend in real life with the geolocation of millions smartphones continuously."  

  * Exclusive Teemo Data  
  * SDK accurate collection  
  * 10 to 15 meters accuracy  
  * 100k+ points of Interest redefined  
  * 1,170 billion + geolocation data points  
  * World's Biggest Real Life Targeting DMP  

Offline measurement & insight:  

Teemo measures the exact number of people who visit your point of sale and give you insights on their habits.  

  * 7-day attribution  
  * Exhaustive data  
  * Provenance of your customers  
  * Customer loyalty index  

_App Publishers - We Monetize Your Geolocation Data:_ "Our SDK:  

  * Anonymous collection of IDFA and GAID  
  * Data collection only  
  * Only 25 KB  

### Methods

Teemo utilizes geolocation collection through the Databerries (Teemo) SDK.

## Privacy Policy

Teemo states that even without a device identifier, such as Apple's IDFA, they can still identify users: "without the IDFA, and only with the address and the place of work of a person, to find any French would take 5 seconds to a team of 20 people", is it added in the article" (French-English translation; see [L'Expansion, 01](https://lexpansion.lexpress.fr/high-tech/teemo-la-start-up-qui-traque-10-millions-de-francais-en-continu_1937638.html)).  

"The Databerries / Teemo SDK collects location information, for example precise location using GPS, wireless networks, cell towers, and Wi-Fi access points. You must ensure that all applications that use the Databerries / Teemo SDK comply with all of the Google Play's developer requirements and Apple's App Store requirements (collectively, the **'Requirements'**) including obtaining appropriate consent to the collection of location information... Each application that uses the Databerries / Teemo SDK must (a) notify users of the application's use of location data for third-party advertising purposes via a custom notification window, and (b) provide user of the application the ability to consent or withhold consent through an 'Allow' / 'Don't Allow' option, 'Accept' / 'Don't Accept' option, or similarly-worded option... Each application that uses the Databerries / Teemo SDK must inform users of relevant data collection practices and choices available to them. Users of such applications must consent to the collection of location and device information and the sharing of such information with third parties such as Databerries / Teemo. Applications that use the Databerries / Teemo SDK must be provided with an accurate, current and complete privacy policy that:

a. is available prior to download (i.e. from all applicable app storefronts) and from within the settings of the app;  
b. is in compliance with all applicable laws and self-regulatory principles;  
c. clearly and truthfully describes what data is collected from the app, how such data is used, and the circumstances under which it is disclosed;  
d. discloses that location information and other user information will be shared with third parties for advertising purposes; and  
e. explains to users how to opt out of the collection of information about their precise location and how to opt out of the use of information about their app usage for interest-based advertising purposes through the settings available on their Android or iOS device."  

The Databerries / Teemo SDK may not be used in apps designed for use by children below the age of 13 (or the age of consent where offered, if higher than 13) "or be used to collect information from any user known to be under the age of 13 or under the age of consent where they reside". [Teemo, 03](https://teemo.co/sdkguidelines)  

_Information Collected Automatically Through the Services:_
"In order to help advertisers reach their audiences and understand the effect of their advertising, we automatically collect certain information when you access mobile applications that incorporate the Services.  This information does not identify you personally, but it does reflect information about the mobile applications you use, your location, and how you interact with our Services.  This information includes:

  * Location Information: When you use mobile apps that integrate the Services, we may collect information about your precise location using various technologies, including GPS, wireless networks, cell towers, Wi-Fi access points, and other sensors, such as gyroscopes, accelerometers, compasses, and barometers. For information about how to opt out of the collection of certain location information, please see 'Your Choices' below.   

  * Device Information: We collect information about your mobile device, including the advertising identifiers assigned to your device, IP address, device type, operating system, and mobile carrier.   

  * Usage Data: We collect information about the mobile apps you use that integrate our Services, including the date and time your device accesses such apps."   

_Information Teemo Collects from Other Sources:_

Teemo "may also obtain information from other sources and combine that with information we collect through our Services.  For example, we may collect information about you from third parties, including our business partners, other advertising companies, and publicly available sources."

_Sharing of Information:_

Teemo "may share the information we collect as follows or as otherwise described in this Privacy Policy:  

  * With vendors, consultants and other service providers who need access to such information to carry out work or perform services on our behalf;  
  * In response to a request for information if we believe disclosure is in accordance with, or required by, any applicable law, rule, regulation or legal process;  
  * If we believe your actions are inconsistent with our user agreements or policies, or to protect the rights, property or safety of Databerries or others;  
  * In connection with, or during negotiations of, any merger, sale of company assets, financing or acquisition of all or a portion of our business by another company;  
  * Between and among Databerries and any current or future parent, subsidiary and/or affiliated company; and  
  * With your consent or at your direction."  

Teemo "may also share aggregated or de-identified information, which cannot reasonably be used to identify you.  For example, we may share de-identified information with the partners that use our technology about the users of their apps."  

_Your Choices:_  

"Location Tracking: You can stop the collection of precise location information by individual apps or by your device as a whole changing the preferences in the settings of your mobile device.  

Opting Out of Teemo Services: You can stop the collection of information from Teemo by opting out of our service. You can opt-out from our service either from our ads or by asking us by contacting us at privacy@teemo.co  

Opting Out of Personalized Ads: You may opt out of the use of information about your mobile app activities to serve ads that are targeted to your interests using the settings available on your mobile device.  For information about how to opt out on your Android device, click here.  For information about how to opt out on your iOS device, click [here](https://support.apple.com/en-us/HT202074).  If you wish to opt out on multiple devices, you must repeat the process on each device where you wish to opt out" [Teemo, 04](https://teemo.co/privacy)"

## Relationships
_Customers:_ Volkswagon / MyMedia / Intersport / Havas / dentsu / OMD / WPP / Publics Groupe / Carrefour / Toys"R"Us / McDonald's / Ford / Decathlon / FNAC / Leclerc [Teemo, 01](http://teemo.co)

## Details
_Financial details:_ Teemo (then Databerries) "raised $16m (?15m) in a Series A funding round led by new investor Index Ventures with support from existing investors ISAI and Mosaic Ventures and new individual investors Greg Coleman and Pascal Gauthier. The company will use the funds to launch its product in the US and double its workforce." [Go4Venture, 01](http://go4venture.com/hti/usd-16m-a-mar-2017-databerries)  

_Background and history:_ Formerly known as Databerries, Teemo "reinvents offline marketing. Its mobile marketing solution combines user offline behavior understanding and algorithms to drive in-store sales. Its performance-based marketing solution delivers relevant, personalized ads that generate in-store sales it can measure. Co-founded in 2014 by Guillaume Charhon, François Wyss and Benoit Grouchko, Teemo has 50 employees in Paris and New-York." [Teemo, 02](https://teemo.co/about)   

"Founded in 2014, Databerries offers brick and mortar retailers a mobile marketing solution, refferred to as Real Life Targeting, that targets mobile users based on locations they have visited in the past and measures the impact of marketing campaigns on store visits. The solution allows retailers to target users who have visited their stores and those of their competitors. The company’s technology collects geolocation and navigation data from mobile users and targets them with relevant and personalised ads. This allows retailers to generate store visits with a significantly lower cost per physical visit (CPV). Databerries enables retailers to count the cost per visit and therefore measure the impact of a campaign on point-of-sale traffic, offering retailers a solution that works for offline marketing while combining online advertising standards such as accurate targeting, personalisation, performance measurement and return on investment optimisation.

Headquartered in Paris, Databerries employs 40 people and plans to double its workforce by the end of 2017. Since its launch, the solution has generated more than one million in-store visits and supports more than 20 prestigious advertisers on a daily basis. It serves more than 100 brick and mortar retailers including Carrefour, Decathlon, FNAC, Leclerc, McDonald's (NYSE: MCD) and Volkswagen (ETR: VOW3).

According to the company, offline retailers spend more than $100bn (€93.9bn) on advertising every year, relying largely on outdoor and other offline channels to increase store visits with limited ability to track the performance of their advertising campaigns. According to a report by MarketsandMarkets, the cross-platform and mobile advertising market is estimated to grow from $25.2bn (€23.7bn) in 2015 to $80.5bn (€75.6bn) by 2020, at a CAGR of 26.1%." [Go4Venture, 01](http://go4venture.com/hti/usd-16m-a-mar-2017-databerries)

_Slogans:_ 
* "Real-life Targeting, Offline Measurement" 
* "Reinventing offline marketing"

_Devices:_ Android (Google Android ID) and Apple (IDFA)

## References
* _Crunchbase, 01._ [https://www.crunchbase.com/organization/databerries](https://www.crunchbase.com/organization/databerries)
* _Teemo, 01._ [http://teemo.co](http://teemo.co)  
* _Teemo, 02._ [https://teemo.co/about](https://teemo.co/about) 
* _Teemo, 03._ [https://teemo.co/sdkguidelines](https://teemo.co/sdkguidelines)   
* _Teemo, 04._ [https://teemo.co/privacy](https://teemo.co/privacy)

## External Links
* _Go4Venture, 01:_ [http://go4venture.com/hti/usd-16m-a-mar-2017-databerries](http://go4venture.com/hti/usd-16m-a-mar-2017-databerries)  
* _L'Expansion, 01:_ [https://lexpansion.lexpress.fr/high-tech/teemo-la-start-up-qui-traque-10-millions-de-francais-en-continu_1937638.html](https://lexpansion.lexpress.fr/high-tech/teemo-la-start-up-qui-traque-10-millions-de-francais-en-continu_1937638.html)

# Questions or concerns about this document?
Please contact Privacy Lab: https://privacylab.yale.edu/directory


================================================
FILE: trackers/Tinder.md
================================================
# Tinder Analytics

## Primary Location
United States

## Website
[https://www.tinder.com](https://www.tinder.com)

## About
Tinder is a location-based social search mobile app geared towards dating and hook-up culture.

## Ownership
Match Group (a division of IAC/InterActiveCorp) [BusinessInsider, 01](http://www.businessinsider.com/match-the-company-that-owns-tinder-just-filed-to-go-public-2015-10); [CrunchBase, 01](https://www.crunchbase.com/organization/match-group)

## [Exodus Detection Rules](https://exodus-privacy.eu.org)
* `etl\.tindersparks\.com`

## Documentation
Not public

## Products and Services
It is not entirely clear what the Tinder Analytics SDK does. Some news outlets have published details about Tinder analytical practices, often in conjunction with third parties. Minor press about Tinder and "swiping right" offers clues:

"Earlier this year, to combat this collection of overzealous swipers, the company set a limit on the number of right swipes users could make daily. Then it rounded up profiles of the most prolific right-swipers and watched what happened. Would they get upset and leave? Would they stop using for a while and lick their wounds? Or would they realize the error in their ways and be a little more discriminating in suggesting possible hookups?" [Fortune, 01](http://fortune.com/2015/09/29/tinder-interana-analytics/)

## Privacy Policy
The privacy policy for the Tinder Analytics SDK tracker is not public. In September 2017, French journalist Judith Duportail published details about her data request from Tinder which revealed that Tinder had 800 pages of information about her. The profile was created over four years of use, and included information about her Facebook "likes", links to (now-deleted) Instagram photos, her education, the age-rank of men she was interested in, number of Facebook friends, the when and where of every one of her Tinder match conversations, and more [The Guardian, 01](https://www.theguardian.com/technology/2017/sep/26/tinder-personal-data-dating-app-messages-hacked-sold).

### General Tinder Privacy Policy
_PII:_ Tinder collects Personal Information (Personally Identifiable Information), including Sensitive Data, and other information. Sensitive Data includes "information, comments or content (e.g. photographs, video, profile, lifestyle) that you optionally provide that may reveal your ethnic origin, nationality, religion and/or sexual orientation". Users consent to the "collection, use, and disclosure of Sensitive Data" in accordance with the law.  

_Geolocation:_ Tinder states "We may also collect your geolocation information with your consent. We may collect this information through a website, mobile application, or other online services...  the information may be sent to servers located in the United States and countries around the world".  

_Collection of data through Facebook:_ By registering with Tinder, you authorize Tinder to access certain Facebokk information, such as "your public Facebook profile (consistent with your privacy settings in Facebook), your email address, interests, likes, gender, birthday, education history, relationship interests, current city, photos, personal description, friend list, and information about and photos of your Facebook friends who might be common Facebook friends with other Tinder users".  

_Collection of conversations:_ "If you chat with other Tinder users, you provide us the content of your chats".

_Third Party data collection:_ "Tinder is part of The Match Group family of businesses, which as of the date of this policy includes websites and apps such as OurTime.com, BlackPeopleMeet.com, OkCupid, Twoo, POF, Meetic, LoveScout24, Match and ParPerfeito. We may obtain both personal and non-personal information about you from other Match businesses, business partners and other third parties."  

_Technologies used to collect data:_ 

* When visiting Tinder's Service, you automatically provide Tinder with your "IP address, device ID and type, your browser type and language, the operating system used by your device, access times, your mobile device’s geographic location while our application is actively running, and the referring website address."
* _Cookies_ are used track users. They state, "If we advertise, we (or third parties) may use certain data collected on our Service to show you Tinder advertisements on other sites or applications".
* _Pixel tags_ (aka, web beacons or clear GIFs) are used in web pages, ads, and emails. These are used to access cookies and track user activities.
* _Mobile device IDs_ are used to store your preferences and track your use of the Tinder app. 
    * "Ad companies also use device IDs or Advertising IDs to track your use of the app, track the number of ads displayed, measure ad performance and display ads that are more relevant to you. Analytics companies use device IDs to track information about app usage."

_Third Party data collecting:_ "We may allow service providers, advertising companies and ad networks, and other third parties to display advertisements on our Service and elsewhere. These companies may use tracking technologies, such as cookies or web beacons, to collect information about users who view or interact with their advertisements. We do not provide any non-masked or non-obscured personal information to third parties."  

_Data Sharing with Third Parties:_ Tinder may share information with:  

* _Service providers:_ Third parties that perform services on behalf of Tinder may include "fulfilling orders, providing customer service and marketing assistance, performing business and sales analysis, ad tracking and analytics, member screenings, supporting our Service functionality, and supporting contests, sweepstakes, surveys and other features offered through our Service. These service providers may have access to personal information needed to perform their functions but are not permitted to share or use such information for any other purposes."
* _Other Match Group businesses:_ Including "Match.com, OkCupid, OurTime.com, BlackPeopleMeet.com, Twoo, Meetic, POF, LoveScout24, ParPerfeito and others... subject to your consent where required under applicable law."
* _Other situations:_ Some other situations include actions in response to a subpeona or similar investigative demand; when Tinder believes it is appropriate in connection with illegal activity; and "In connection with a substantial corporate transaction, such as the sale of our business, a divestiture, merger, consolidation, or asset sale, or in the unlikely event of bankruptcy".  

_Aggregated and non-personal Information:_ Tinder states, "We may use and share non-personal information we collect under any of the above circumstances. We may also share it with other Match Group companies and third parties to develop and deliver targeted advertising on our Service and on websites or applications of third parties, and to analyze and report on advertising you see. We may combine non-personal information we collect with additional non-personal information collected from other sources. We also may share aggregated, non-personal information, or personal information in hashed, non-human readable form, with third parties, including advisors, advertisers and investors, for the purpose of conducting general business analysis, advertising, marketing, or other business purposes. For example, we may engage a data provider who may collect web log data from you (including IP address and information about your browser or operating system), or place or recognize a unique cookie on your browser to enable you to receive customized ads or content. The cookies may reflect de-identified demographic or other data linked to data you voluntarily have submitted to us (such as your email address), that we may share with a data provider solely in hashed, non-human readable form. We may also share your geolocation information in de-identified form with Match Group companies and third parties for the above purposes."  

_Opt-Out (geolocation:_ "To opt out of the sharing of your geolocation information, please discontinue use of the Tinder application".

_Opt-Out (third party):_ Some "third-party advertising companies may be advertising networks that are members of the Network Advertising Initiative, which offers a single location to opt out of ad targeting from member companies (www.networkadvertising.org). Opting out will not decrease the number of advertisements you see. To opt-out of cookies that may be set by third party data or advertising partners, please go to http://www.aboutads.info/choices".  

_Security:_ Tinder states that "although we take steps to secure your information, we do not promise, and you should not expect, that your personal information, chats, or other communications will always remain secure"  

_Data Retention:_ Tinder states, "We keep your information only as long as we need it for legitimate business purposes and as permitted by applicable legal requirements. If you close your account, we will retain certain data for analytical purposes and recordkeeping integrity, as well as to prevent fraud, enforce our Terms of Use, take actions we deem necessary to protect the integrity of our Service or our users, or take other actions otherwise permitted by law. In addition, if certain information has already been provided to third parties as described in this Privacy Policy, retention of that information will be subject to those third parties’ policies."  

_Jurisdictional issues:_ Tinder states, "we cannot always know where personal information may be accessed or processed. While our primary data centers are in the United States, we may transfer personal information or other information to our offices outside of the United States. In addition, we may employ other companies and individuals to perform functions on our behalf. If we disclose personal information to a third party or to our employees outside of the United States, we will seek assurances that any information we may provide to them is safeguarded adequately and in accordance with this Privacy Policy and the requirements of applicable privacy laws.

If you are visiting from the European Union or other regions with laws governing data collection and use, please note that you are agreeing to the transfer of your personal data, including sensitive data, by Tinder from your region to countries which do not have data protection laws that provide the same level of protection that exists in countries in the European Economic Area, including the United States. By providing your personal information, you consent to any transfer and processing in accordance with this Policy" [Tinder, 01](https://www.gotinder.com/privacy).

## Relationships
_Match Group businesses:_ Match.com / OkCupid / OurTime.com / BlackPeopleMeet.com / Twoo / Meetic / POF / LoveScout24 / ParPerfeito [Tinder, 01](https://www.gotinder.com/privacy)

## Details
_Usage requirements:_ Tinder users are required to have a Facebook account and turn on loction-based tracking in order to use the app. [Tinder, 01](https://www.gotinder.com/privacy) 

_Analytics:_ Tinder uses Spotify and Facebook data to match users [Tech Times, 01](http://www.techtimes.com/articles/199964/20170302/tinder-users-finding-more-matches-thanks-spotify-popular-anthems-include.htm)

## References
* _BusinessInsider, 01._ [http://www.businessinsider.com/match-the-company-that-owns-tinder-just-filed-to-go-public-2015-10](http://www.businessinsider.com/match-the-company-that-owns-tinder-just-filed-to-go-public-2015-10)  
* _CrunchBase, 01._ [https://www.crunchbase.com/organization/match-group](https://www.crunchbase.com/organization/match-group)  
* _Fortune, 01._ [http://fortune.com/2015/09/29/tinder-interana-analytics/](http://fortune.com/2015/09/29/tinder-interana-analytics/])
* _Tech Times, 01._ [http://www.techtimes.com/articles/199964/20170302/tinder-users-finding-more-matches-thanks-spotify-popular-anthems-include.htm](http://www.techtimes.com/articles/199964/20170302/tinder-users-finding-more-matches-thanks-spotify-popular-anthems-include.htm)  
* _The Guardian, 01._ [https://www.theguardian.com/technology/2017/sep/26/tinder-personal-data-dating-app-messages-hacked-sold](https://www.theguardian.com/technology/2017/sep/26/tinder-personal-data-dating-app-messages-hacked-sold)  
* _Tinder, 01._ [https://www.gotinder.com/privacy](https://www.gotinder.com/privacy)

## External Links
* _Wikipedia (Tinder app):_ [https://en.wikipedia.org/wiki/Tinder_(app)](https://en.wikipedia.org/wiki/Tinder_(app))

# Questions or concerns about this document?
Please contact Privacy Lab: https://privacylab.yale.edu/directory


================================================
FILE: trackers/Trillbit.md
================================================
# Tracker Name
Trillbit

# In εxodus?
No

## Website
https://trillbit.com/

## About
Trillbit can convert any speaker into a data transfer device. Any device with speaker becomes a transmitter and any device with a microphone becomes a receiver.With that, we connect businesses and people to exchange proximity based, real-time information just over sound, without the need for any network, wifi or Bluetooth. Proprietary technology for Data over Sound.

## Category
Location, Beacon

## [Exodus Detection Rules](https://exodus-privacy.eu.org)
*   Network signature: `api.trillbit.com`
*   Code signature: `com.trillbit`

## Repositories
*   Maven: `xxx`
*   Artifact ID: `xxx`
*   Group ID: `xx`

## Gradle
`xxx`

## Additional links
http://13.229.229.48:8091/v1/ (Amazon Data Services Singapore) , https://bitbucket.org/trillbit/bpskdemodulation_c 

## Notes
Seem to think they are unique and novel in this tracking via audio space


================================================
FILE: trackers/Umeng Analytics.md
================================================
# Umeng Analytics

## About

Umeng is a Private company founded by Fan Jiang in April 2010 and acquired by Alibaba Group in 2013. [(Source)](https://techcrunch.com/2013/11/20/umeng-alibaba/)  It is based in Beijing, China and has approxmately 50-100 employees.  

Two company filings were found in Hong Kong: [here](https://opencorporates.com/companies/hk/1579937) and [here.](https://opencorporates.com/companies/hk/2756553) 

## Ownership

Umeng is owned by the Alibaba Group.  Alibaba is listed on the NYSE under the ticker BABA.  


## [Exodus Detection Rules](https://exodus-privacy.eu.org)

* Code detection rule: com.umeng.analytics
* Network detection rule: alog.umeng.com|alogs.umeng.com|ar.umeng.com|oc.umeng.com|uop.umeng.com|umeng.com

## What it does

* Behavioral analytics
* Data Collection and usage statistics
* Advertising platforms

## Privacy Policy

[Policy as of 12/27/2018:](http://mobile.umeng.com/privacypolicy/)

* An english-version of Umeng's privacy policy could not be located. As such, it was not reviewed.  

* An opt-out page in Mandarin language was located [here.](https://outdip.umeng.com/opt_out.html?spm=a211g2.181323.0.0.3cb23604DDAijH)   
# Questions or concerns about this document?
Please contact Privacy Lab: https://privacylab.yale.edu/directory


================================================
FILE: trackers/Umeng Feedback.md
================================================
# Umeng Feedback

## About

Umeng is a Private company founded by Fan Jiang in April 2010 and acquired by Alibaba Group in 2013. [(Source)](https://techcrunch.com/2013/11/20/umeng-alibaba/)  It is based in Beijing, China and has approxmately 50-100 employees.  

Two company filings were found in Hong Kong: [here](https://opencorporates.com/companies/hk/1579937) and [here.](https://opencorporates.com/companies/hk/2756553) 

## Ownership

Umeng is owned by the Alibaba Group.  Alibaba is listed on the NYSE under the ticker BABA.  


## [Exodus Detection Rules](https://exodus-privacy.eu.org)

* Code detection rule: com.umeng.fb
* Network detection rule: alog.umeng.com|alogs.umeng.com|ar.umeng.com|oc.umeng.com|uop.umeng.com|umeng.com

## What it does

* Behavioral analytics
* Data Collection and usage statistics
* Advertising platforms

## Privacy Policy

[Policy as of 12/27/2018:](http://mobile.umeng.com/privacypolicy/)

* An english-version of Umeng's privacy policy could not be located. As such, it was not reviewed.  

* An opt-out page in Mandarin language was located [here.](https://outdip.umeng.com/opt_out.html?spm=a211g2.181323.0.0.3cb23604DDAijH)   
# Questions or concerns about this document?
Please contact Privacy Lab: https://privacylab.yale.edu/directory


================================================
FILE: trackers/Weborama.md
================================================
# Weborama

## Primary Location
France (Paris)

## About
Weborama "collect, organise, stock, transform and operate data within the advertising ecosystem, thanks to a 400 million profiles database" [Weborama, 02](https://www.weborama.com/data/presentation); [Weborama, 03](http://www.weborama.com/documents/2013/06/data-according-to-weborama.pdf).  They provide ad analytics and behavioral targeting services [Crunchbase, 01](https://www.crunchbase.com/organization/weborama).

## Ownership
Weborama

## [Exodus Detection Rules](https://exodus-privacy.eu.org)
* `weborama\.net`
* `weborama\.fr`

## Documentation
[https://be-interactive.atlassian.net/wiki/spaces/SDK/pages/5931037/Integration+with+DFP](https://be-interactive.atlassian.net/wiki/spaces/SDK/pages/5931037/Integration+with+DFP)

## Products and Services

Weborama "specializes in creating and delivering targeted online ads. Weborama identifies the content, services and products that are most likely to match the interest of specific user groups according to their browsing history" [Weborama, 07](https://www.weborama.com/e-privacy/our-commitment).

Weborama features an audience-driven advertising platform:

"The Weborama platform enables advertisers to create audience segments from Media, Site and/or CRM data. These segments can be enhanced using 3rd party data. Advertisers can use these segments to buy ad space and target their campaigns. The Weborama platform analyses the performance of these campaigns and audiences and optimises them in real time" [Weborama, 02](https://www.weborama.com/data/presentation).  

"Weborama has been developing solutions in adserving, data Management Platform (DMP), audience analysis, data segmentation and target segments for 15 years" [Weborama, 03](http://www.weborama.com/documents/2013/06/data-according-to-weborama.pdf). 

_Weborama Audience Manager:_ A Data Management Platform; it is a "data management platform for segmentation of different sources of 1st party (CRM, media and website) data, enriched by 3rd party data using access to data owned by Weborama."

_Weborama Audience Insight:_ A "tool for analysing audience behavior on internet sites"  

_Weborama Campaign Manager:_ "adserving tool for management and optimisation of advertising campaigns" 

_Weborama Advanced Rich Media:_ A "tool for managing rich media/video campaigns"  

_Weborama Audience Exchange:_ A " premium multi-device audience platform, on two channels (WaX for agency, WaX for trading desk). Classic formats, rich media and in stream" 

Weborama offers audience analysis and a targeted marketing proposal for publishers [Weborama, 03](http://www.weborama.com/documents/2013/06/data-according-to-weborama.pdf).

## Privacy Policy

Weborama's website privacy policy was last updated in 2014 and does not mention mobile.

_Opt out procedure:_ "Users can choose to opt out of Weborama’s anonymous data collection program. Once users opt out, Weborama does not collect navigation data or create marketing profiles anymore. Opting out does not prevent users from receiving online ads delivered by Weborama, but these ads are delivered randomly. They are not targeted to a user’s modelled interest or demographics, are not delivered in sequence or delivered according to any previous advertising interaction. When users opt out, Weborama stores a specific cookie on their browser. Weborama’s opt-out cookie has to be downloaded on each computer and each browser used by users. If cookies are disabled, erased, or altered, and if browsers or operating systems are modified or upgraded, the opt-out process might need to be performed again." [Weborama, 07](https://www.weborama.com/e-privacy/our-commitment)

_Opting out:_ "In accordance with current legislation, internet users can unsubscribe at any moment from Weborama’s data collection programme, either by using the opt-out on the group’s website, or via the icon Ad Choices, which can  be found on all targeted advertising, and returning it via website YourOnlineChoices at IAB Europe." [

_Personally identifiable information:_ Weborama "does not collect personally identifiable information (PII) such as name, email address or phone number. Weborama does not profile users according to their political, philosophical, sexual or religious preferences, ethnic or racial origins, trade union membership or health condition.

_Segmenting and age:_ Weborama does not intentionally profile or target sensitive audience segments such as children under the age of 13 or any other segments considered sensitive by IAB Europe’s Self-regulation Online Behavioural Advertising (OBA) Framework.*"

_Data Usage and Security:_ "Navigation data is used by Weborama to build users’ marketing profiles. These profiles are used to deliver, target and/or analyse online marketing campaigns. These actions are conducted by Weborama on behalf of its clients, or by business partners with whom Weborama synchronises anonymous user profiles. Measures have been implemented to protect information from unauthorized or unlawful access, use or disclosure, and against accidental loss, damage or destruction. Access to data is restricted to authorized individuals. Weborama is a member of the Internet Advertising Bureau (IAB) and complies with all applicable laws and regulations as well as with IAB principles as described in the Online Behavioural Advertising (OBA) Framework."

_Privacy Policy last updated:_ Weborama was last updated 16th of October 2014" [Weborama, 07](https://www.weborama.com/e-privacy/our-commitment)

## Relationships
"Over 300 clients use Weborama’s innovative solutions to drive and optimise their online investments in France, Spain, Italy, Portugal, Holland, UK and Russia" [Weborama, 03](http://www.weborama.com/documents/2013/06/data-according-to-weborama.pdf).

Odnoklassniki (the first Russian social network) / Move Publishing [Weborama, 01](https://www.weborama.com) / EDF / MAIF / Pernod Ricard / Medela / Endesa / Findus / Yeppon / Moschin [Weborama, 06](https://www.weborama.com/documents/2017/09/weborama-growth-of-the-operating-profit-in-the-first-half-of-2017.pdf)

## Details
_Financial details:_ Weborama was founded in 1998 (listed on Alternext since June 2006 as ALWEB) [Weborama, 02](https://www.weborama.com/data/presentation); it had a market capitalization of €28 million as of 2015 [Wikipedia, 01](https://fr.wikipedia.org/wiki/Weborama](https://fr.wikipedia.org/wiki/Weborama). Weborama recorded revenues of 24.3 million Euros in 2012 [Weborama, 03](http://www.weborama.com/documents/2013/06/data-according-to-weborama.pdf); revenues "reached €29 million in 2016" [Weborama, 05](https://www.weborama.com/infos-financieres/financial-figures).  Operating income was up in early 2017.  A recently signed international agreement with "a leading media/marketing player...will especially enable Weborama to grow its presence in the United States." [Weborama, 06](https://www.weborama.com/documents/2017/09/weborama-growth-of-the-operating-profit-in-the-first-half-of-2017.pdf)

_Growth:_ Weborama had 110 million profiles in 2013; this suggests a growth of 300 million profiles in just 4 years [Weborama, 03](http://www.weborama.com/documents/2013/06/data-according-to-weborama.pdf); [Weborama, 07](https://www.weborama.com/e-privacy/our-commitment)

_Devices:_ Web browsers / Trackers in mobile apps

### Methods
_Data assets:_ Weborama has "400 million profiles in the European database" and "More than 200 socio-demo, behavioural and intenders criteria". This is used for "data solutions" for advertisers; the Audience Manager gives "an exclusive and native access to 400 million profiles in Europe" with a "360° view of behavioural and socio-demographic data".  Audience Insight "allows viewing the audience structure by age, gender and occupation, along with the distribution of behavioural segments and clusters", which "helps publishers to drill down into their audience profile in real time, and thereby to maximise its monetisation" [Weborama, 04](https://www.weborama.com/data/the-offering).

Weborama tags placed on a publisher's website allows them to "collect raw and anonymous navigation data".  They conduct "Audience analysis, followed by a relevant and targeted marketing proposal" to be "conducted within three weeks from the date Weborama tags" the website [Weborama, 03](http://www.weborama.com/documents/2013/06/data-according-to-weborama.pdf)

Weborama "collects anonymous user navigation data via a network of several thousands of partner websites. These websites make it possible for Weborama to store cookies on users’ browsers to allow for their anonymous identification and tracking over the Internet. Navigation data collected by Weborama only includes non-personally identifiable information (NPII) such as URL pages, software equipment, keywords used for searching, geographic location (at state or city level), and advertising interaction history" [Weborama, 07](https://www.weborama.com/e-privacy/our-commitment).

_Location targeting:_ "Generate qualified traffic in store thanks geolocation" [Weborama, 02](https://www.weborama.com/2017/09/retail-which-dmps-use-cases)  

_Big Data:_ "Data is at the heart of its expertise, thanks to its strategists, data consultants, computer linguists, statisticians, mathematicians and developers.  Big Data is the driver of development today at Weborama, and will continue to be in the future. Great cares are taken to collect data anonymously, internet user benefits from more relevant advertising." [Weborama, 02](https://www.weborama.com/data/presentation)

_Semantic processing: Cookies, segmenting, & survey:_ "the data is sourced anonymously from 300,000 sites, using cookies, then processed instantly. this audience classification is a critical process within each database. thanks to this methodology Weborama has a database of 110 million profiles of behavioural, socio-demographic, and purchasing intent data in Europe, 70 million of which are from France. Today, Weborama has identified almost 200 clusters (centres of interest) based on the behaviour of internet users, divided into 23 segments (a segment being a “family” of clusters). Weborama’s socio-demographic database is built from a sample group of 300,000 active internet users in France who responded willingly to a questionnaire giving their age, gender and socio-professional category. by cross-referencing  behavioural clusters with Weborama’s socio-demographic sample group, the sample group data are extrapolated from the database as a whole" [Weborama, 03](http://www.weborama.com/documents/2013/06/data-according-to-weborama.pdf).

_Patented technologies based on algorithms and the automatic processing of language:_ 33 million active URLs; 300,000 sites analysed each day; 110 million active profiles per month; 3.5 million qualified internet users per day; 25 words per day per internet user." [Weborama, 03](http://www.weborama.com/documents/2013/06/data-according-to-weborama.pdf)  

_Knowledge: 3rd party & 1st party data:_ The Weborama 3rd party database enriches 1st party data.  3rd party data is "Data from a third party which do not belong to the advertiser or publisher, but are made available to them for deployment in online marketing", whereas 1st party data is "Data belonging to an advertiser or publisher."

_Audience Segmentation & Targeted Advertising:_ With big data collections, Weborama can identify "look-alikes" of internet users with a similar profile to those who "transform" ("subscriptions to products offered in the campaign").  "This allows them to be offered advertising which is personalised to fit their profile".  Audience segmentation in media campaigns was introducted by an advertiser in 2012; the advertiser was looking to increase the level of transformation while reducing loss of media investments, and called upon Weborama to build a mechanism for its commercial catalogue.  Weborama creates a database, including from data collected by advertisers, and builds a targeted advertising model, which includes a model training phase and A/B testing.  

Data mining is conducted as follows: "this database is then enriched with socio-demographic and behavioural criteria for internet users whose profile is known to Weborama, thanks to their database of 70 million qualified profiles in France. this data is cross referenced with the data coming from Weborama Campaign Manager. this anonymous information is accessible as a whole using the internet user identifier (a series of characters for each individual contained in the cookies deposited in the internet explorer). this unique identifier allows Weborama to find the complete profile of the internet user in their database, in real time."  Search and surf data is used; Weborama then views transactions over weeks, and observes outcomes from users in the database which includes 60 million qualified profiles over approximatley 300 columns, including ads viewed, reactions (visit, click), behavior on the website visited, and socio-demographic and behavioral profile.    

Training the model is conducted as follows: From the database, build graphic representation and create permanent tree segments. The criteria most relevant to each product or service can be extracted, where the criteria is based on transformation of the internet users exposed to ad campaigns and impressions.

Weborama's database "is then enriched with socio-demographic and behavioural criteria for internet users whose profile is known to Weborama, thanks to their database of 70 million qualified profiles in France. this data is cross-referenced with the data coming from Weborama Campaign Manager. this anonymous information is accessible as a whole using the internet user identifier (a series of characters for each individual contained in the cookies deposited in the internet explorer). this unique identifier allows Weborama to find the complete profile of the internet user in their database, in real time." 

Weborama runs A/B testing to determine if the model is working, based on confidence intervals.  Variation can occur for many reasons, such as a calendar event or a holiday. 

_Segmentation for publishers:_ "Above all, the aim of publishers is to organise their commercial products so that they can offer advertisers and agencies, in addition to the contextual menu, packs of targeted audiences, enriched by 3rd party data. the second challenge is to build specific audience packs using ad hoc target segments based on both socio-demographic and behavioural targeting (taking account of the internet users’ different areas of interest).  "Segmentation of a site’s audience allows visitor profiles 
from other areas of interest to be seen. It is highly probable that a current affairs site has, among its audience, people who enjoy other sites (finance, beauty, fashion, cookery, travel...). this will offer the publishers the possibility of assessing their content quality, as well as that of their audience, while expanding their client base. " 

_Two methods of data enrichment from publishers:_ The first method "includes the synchronisation and propagation of Weborama’s socio-demographic criteria and behavioural clusters on the publisher’s site audience. this is possible by identifying profiles recognised within the site’s audience, which are already part of the Weborama database. In this particular case, the adserver of the publisher calls the Weborama database for each internet user. If the Weborama database recognises the socio-demographic profile or behaviour of the visitor to the site, the visitor is transferred to the publisher’s adserver. the publisher’s adserver therefore now contains the socio-demographic and behavioural profile of the majority of its internet users."  

The second method "identifies and analyses the website user’s profiles to create ad hoc target users relevant to the advertisers’ areas of activity."  Here Weborama creates _ad hoc_ profiles, and then there is a "transfer of ad hoc target users": "the transfer of ad hoc users defined above is possible using a list of different adserver pixels. this transfer is done by a call of the pixels generated by the publisher’s adserver. the volume of profiles per target required are then available directly in the adserver" [Weborama, 03](http://www.weborama.com/documents/2013/06/data-according-to-weborama.pdf).

## References
* _Crunchbase, 01._ [https://www.crunchbase.com/organization/weborama](https://www.crunchbase.com/organization/weborama)
* _Weborama, 01._ [https://www.weborama.com](https://www.weborama.com)
* _Weborama, 02._ [https://www.weborama.com/data/presentation](https://www.weborama.com/data/presentation)  
* _Weborama, 03._ [http://www.weborama.com/documents/2013/06/data-according-to-weborama.pdf](http://www.weborama.com/documents/2013/06/data-according-to-weborama.pdf)  
* _Weborama, 04._ [https://www.weborama.com/data/the-offering](https://www.weborama.com/data/the-offering)  
* _Weborama, 05._ [https://www.weborama.com/infos-financieres/financial-figures](https://www.weborama.com/infos-financieres/financial-figures)  
* _Weborama, 06._ [https://www.weborama.com/documents/2017/09/weborama-growth-of-the-operating-profit-in-the-first-half-of-2017.pdf](https://www.weborama.com/documents/2017/09/weborama-growth-of-the-operating-profit-in-the-first-half-of-2017.pdf)  
* _Weborama, 07._ [https://www.weborama.com/e-privacy/our-commitment](https://www.weborama.com/e-privacy/our-commitment)
 
## External Links
* _Wikipedia (Weborama, French):_ [https://fr.wikipedia.org/wiki/Weborama](https://fr.wikipedia.org/wiki/Weborama)  
* _Wikipedia (Weborama, English translation):_ [https://translate.google.com/translate?hl=en&sl=fr&u=https://fr.wikipedia.org/wiki/Weborama&prev=search](https://translate.google.com/translate?hl=en&sl=fr&u=https://fr.wikipedia.org/wiki/Weborama&prev=search)

# Questions or concerns about this document?
Please contact Privacy Lab: https://privacylab.yale.edu/directory


================================================
FILE: trackers/Xfinity.md
================================================
# Tracker Name
Xfinity

# In εxodus?
No

## Website
https://www.xfinity.com/learn/digital-cable-tv/x1

## About
A simple experience gives you your favorite entertainment, from live TV to Netflix, in one place. Get it with an X1-eligible package and X1 TV Box. And control it all with your X1 Voice Remote.


## Category
Advertising, Location, Identity, Tracking, Analytics

## [Exodus Detection Rules](https://exodus-privacy.eu.org)
*   Network signature: `xxx.com`
*   Code signature: `com.xfinity`

## Repositories
*   Maven: `xxx`
*   Artifact ID: `xxx`
*   Group ID: `xxx`

## Gradle
`xxx`

## Additional links
https://xtvapi.cloudtv.comcast.net/ , http://my.xfinity.com/terms/web/ , http://my.xfinity.com/privacy/ , https://bet.ccp.xcal.tv/flashaccess/resource/metadata?env=comcast-stage , https://developer.comcast.com/site/x1_ott_apps/index.gsp 

## Notes
A Comcast company

================================================
FILE: trackers/Xiti.md
================================================
# Xiti (by AT Internet)

## Primary Location
France (Bordeaux) [Crunchbase, 01](https://www.crunchbase.com/organization/at-internet)

## Website
[https://www.xiti.com/en](https://www.xiti.com)

## About
XiTi is "a free web analytics solution that provides data and performance indicators, making it possible to have an overview of a website’s traffic. Hundreds of thousands of users all over the world use XiTi® Free." XiTi offers "the Analytics Suite, which helps some of the world’s largest brands to measure, analyse, and visualise their data and digital performance" [AT Internet, 05](https://www.atinternet.com/en/glossary/xiti-free-2).

## Ownership
AT Internet

## [Exodus Detection Rules](https://exodus-privacy.eu.org)
* `xiti\.com`

## Documentation
[https://developers.atinternet-solutions.com/android-en/getting-started-android-en/configuration-android-en](https://developers.atinternet-solutions.com/android-en/getting-started-android-en/configuration-android-en)

## Products and Services
"One of the world’s major players in digital intelligence since 1996, AT Internet helps companies measure their audience and optimise their digital performance across all channels. AT Internet’s expertise extends from collecting raw data to treating it in real time and delivering it for analysis and the sharing of insights. Applications in AT Internet’s Analytics Suite provide reliable, contextualised and actionable information. Scalable and completely modular, AT Internet’s offering adapts to businesses in all industries: e-commerce, media, finance/banking, corporate institutions. Easy-to-use and accessible to all individuals within a company, these solutions help address the challenges facing both novices and experts in digital analytics and data mining" [XiTi, 01](https://www.xiti.com/en).

_AT Intenet Analytics Suite:_ "Our Analytics Suite is a digital analytics solution that gives you a unified, real-time view of what users do on your website, mobile site and mobile app. Whether you’re a marketing manager or a data analyst, the Analytics Suite brings together all the tools you need for actionable analysis, dashboarding, reporting, data mining and big data exports. Armed with analytics data that’s accurate, consistent and completely reliable, you’ll be able to make sound, data-backed decisions for your business" [AT Internet, 01](https://www.atinternet.com/en/products).  

_XiTi:_ XiTi is an audience measuring and statistics service for websites. It provides audience and usage statistics regarding website traffic, including mobile internet. XiTi "many indicators of visitor activity: audience, navigation, origin of the visit, geolocation. Like similar services for commercial use, it tracks the return on investment (ROI) of marketing campaigns (e-mailing campaigns, sponsored links, contextual advertising) and measures the evolution of the turnover of a online shopping website". XiTi Free offers personal websites limited analytics for free, whereas XiTi Pro "is intended for showcases or small sites, especially for SMEs / SMIs. It offers a first professional evaluation of the performance of a website" [Wikipedia, 01, translated from French](https://fr.wikipedia.org/wiki/XiTi).  

"To use XiTi on a given page you must add in its source code a marker in the form of a JavaScript script that will allow the company's servers to access the information to be saved (based on the headers of which Cookies , the IP address , and the JavaScript environment). An alternative is to insert a small logo (visible for the free version and invisible for paid versions) on each page to be audited" [Wikipedia, 01, translated from French](https://fr.wikipedia.org/wiki/XiTi).

_AT Analytics Dashboard:_  

* "Build Dashboards: Understand and drive your business at a glance! Create digital analytics dashboards that can be customised down to the pixel and shared across your company."    
* Tag with Agility: Take control of your tagging with our modular, customisable SmartTag for web and mobile. Speed up implementation and improve load times."  
* App Analytics: Get rich mobile analytics, in-app, app store and benchmark data. Track mobile user engagement and retention over time" [AT Internet, 01](https://www.atinternet.com/en/products).    

_Explorer Service:_  

Explorer's "iterative analysis...means giving analysts – whether they are beginners or experts – the ability to gradually access data, by first offering an intelligent analysis recommendation system based on machine learning, and then offering the ability to slice and dice the data as much and however they wish. Our objective here is simple: offer these users a tool which will help them find the value in their data, step by step, and then help them share the data so that the most can be made of it. To that end, Explorer offers tools that let you work with and refine your data indefinitely notably via filters, drill-downs, on-the-fly segmentation, and custom cross-calculations.  

...with just one click, the analyst can access Data Query to extract data via our API, and then activate that data by creating relevant retargeting campaigns, for example.

The analyst can also transform the analysis into a KPI to be directly displayed in a dashboard, thanks to Explorer’s integration in the Analytics Suite. This KPI will allow business users to understand what’s happening, follow the KPI’s evolution, and potentially implement actions as a result" [Ad Internet, 03](https://blog.atinternet.com/en/interview-finding-the-value-in-your-data-step-by-step).  

_Mobile developments:_  

"There are also mobile features that continue to be developed. For example, we are working on the analysis of the customer journey, which is now done on several devices. This cross-device tracking is simple in theory, because in practice, it's more complicated than just following log-in users ... Above all, unlike others, we are very concerned about the respect of Internet users, and everything must be done with their consent, in accordance with the law. We have many other features in preparation. We will also work on marking and its reliability, a "smart SDK" for mobile apps, a tool to know the traffic pages and links by surfing the site, or a benchmark mobile apps using data from the app stores" [JDN, 01](http://www.journaldunet.com/solutions/analytics/1179294-mathieu-llorens-at-internet-ces-4-millions-d-euros-vont-nous-aider-a-passer-un-nouveau-cap).  

XiTi will "examine any profiling activities done on their advertising networks, especially when analytics data is being used to establish this profiling" [At Internet, 02, PDF](https://www.atinternet.com/uploads/Digital-Analytics-the-GDPR-5-Things-You-Must-Know.pdf).

_Trackers:_  

* Android initialisation (see [AT Internet, 06](https://developers.atinternet-solutions.com/android-en/getting-started-android-en/tracker-initialisation-android-en))  
* Apple iOS (see [AT Internet, 07](https://developers.atinternet-solutions.com/apple-en/getting-started-apple-en/configuration-apple-en))  
* JavaScript (see [AT Internet, 08](https://developers.atinternet-solutions.com/javascript-en/getting-started-javascript-en/tracker-initialisation-javascript-en))

## Privacy Policy

_Personal Data:_ XiTi states, "By default, AT Internet considers all data related to IP address, GPS location and cookies as personal data. We store all this data within the EU.  

We only keep:  

* IP address data for 6 months maximum  
* [Learn more about how we process and anonymise IP addresses.](https://www.atinternet.com/en/company/data-protection/data-collection-on-our-customers-sites/#geolocation)
* GPS location data for 6 months maximum  
During collection, we truncate all GPS coordinates to two decimal degrees – we never collect GPS coordinates in their entirety. Truncated  coordinates  are  then  converted  into  a  heatmap  graphic  providing  country-level-only  informa-tion. Full details are never displayed. 
* Our cookies are active during a fixed period of 13 months, and are then deleted from a user’s computer AT Internet’s cookie only contains a unique alphanumeric ID – no other data is stored in the cookie." 

_Transparency:_ XiTi states, "The GDPR requires companies and organisations (“data controllers”) to be completely transparent, “using clear and plain language”, when informing end users (“data subjects”) about which personal data is collected, where it is stored, and for how long it is kept (see previous section)."  

"... AT Internet has the resources required to retrieve, edit or erase any personal data in a timely manner. We will liaise directly with end users on this matter when necessary. We communicate clearly and transparently about end users’ rights in our privacy policy. We also offer an opt-out option for end users who do not wish their activity to be tracked via our web analytics solution."   

_Storage Location:_  

"AT Internet processes and stores all personal data within the European Union, with no personal data being transferred outside the EU. This information is clearly accessible in our privacy policy, and in our customer contracts."  

_Co-Responsibility:_ "Under the GDPR, when two different organisations (“data controllers”) work together to establish the purpose and means of processing personal data, they are considered “joint controllers” and share responsibility. Joint controllers must together determine the details of their “respective responsibilities” for GDPR compliance, especially as it relates to their duties in responding to data subject requests."

"... AT Internet’s Analytics  Suite is GDPR-compliant. We therefore commit to sharing full responsibility with our customers for any potential privacy breaches and sanctions under the GDPR. We will provide each of our customers with a contract addendum – a Data Protection Agreement, or DPA – to precisely define the scope of responsibility. If you work with a different digital analytics provider, we strongly recommend you verify the terms of your contract to ensure that responsibility is not automatically transferred to you (via limitations on liability clauses)."  

_Purposes of Analytics / Cominations and Correlations with Other Customer Data:_ "Under the GDPR, personal data must only be "collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes." In other words, your visitors’ data should only be used to achieve the specific thing(s) you’ve informed them of, such as (in the case of analytics) improving their experience on your site, or providing them with tailored content. Your visitors’ data should NOT be used in other ways for which they have not given consent."  Data profiling requires a Data Protection Impact Assessment (DPIA) " to determine how this profiling affects the protection of your users’ personal data."  

"... With AT Internet, you always remain the owner of your data. We never use or merge our customers’ analytics data for our own purposes. We do not carry out any profiling activities, and in light of the GDPR, we strongly encourage our customers and prospects to carefully any profiling activities done on their advertising networks, especially when analytics data is being used to establish this profiling."

## Relationships
"AT Internet has more than 3,800 web analytics customers worldwide from all industries, including more than half of the companies listed on the French stock exchange (CAC 40), as well as many other leading international groups." 

"The power of AT Internet’s Analytics Suite and the quality of its services (consulting, training and support) are recognised worldwide." XiTi is " in all industries", including "e-commerce, media, finance/banking, corporate institutions... With more than 200 employees, the group is present in 32 countries via its customers, subsidiaries and partners" [XiTi, 01](https://www.xiti.com/en).    

"Our solution is used on more than 20,000 sites and apps around the globe. Discover how our clients have improved their results (ROI, conversion rate, online sales…) thanks to our solutions and services. Learn from their experiences and best practices in web marketing, digital intelligence and digital analytics" [Ad Internet, 04](https://www.atinternet.com/en/resources/customer-success-stories).

_AT Internet Clients (from "Case Studies"):_ L'Equipe / Groupe La Poste / Younited Credit (Pret D'Union) / Vente-Privee / Lagardere Active / Meinestadt.de / Rambler.ru / Soundcloud / Caradisiac / France Televisions / Reed Expositions / Oxybul Eveil et Jeux / Solocal Group / Nexity / Le Parisien / Priceminister / Ryanair / French Government Information Service (SIG) / Total [Ad Internet, 04](https://www.atinternet.com/en/resources/customer-success-stories)

## Details
_Financial details:_ AT Internet was founded in 1996, and has raised €10,250,000 from funders [Crunchbase, 01](https://www.crunchbase.com/organization/at-internet). In 2016, AT Internet obtained 4 million Euros in financing to expand its business [French Chamber Singapore, 01](http://www.fccsingapore.com/publications/internet-obtains-4-million-euros-financing-continue-its-international-growth-and), after having raised approximately 6 million Euros over three years prior [JDN, 01](http://www.journaldunet.com/solutions/analytics/1179294-mathieu-llorens-at-internet-ces-4-millions-d-euros-vont-nous-aider-a-passer-un-nouveau-cap).

_Devices:_ Desktop / Mobile (Android / iOS)

_History:_ "For more than 15 years AT Internet has provided website owners with free access to their web traffic data. Thanks to an easy-to-use solution, you can benefit from key information such as traffic sources, visitor geolocation, and more, in order to manage and improve your site’s impact (whether it’s a blog, a personal website, or otherwise).

The XiTi Free project was launched back in 2000 by AT Internet, one of the world’s leading digital analytics companies, and today continues to illustrate the company’s desire to make digital analytics accessible to everyone. The decision to continue supporting a free version to the benefit of a large user community has been the success behind XiTi Free, an essential solution for measuring the traffic of personal websites. [XiTi, 01](https://www.xiti.com/en)

_Slogans:_ "The leading free solution for measuring website traffic" [XiTi, 01](https://www.xiti.com/en)

## References

* _AT Internet, 01._ [https://www.atinternet.com/en/products](https://www.atinternet.com/en/products)  
* _At Internet, 02, PDF._ [https://www.atinternet.com/uploads/Digital-Analytics-the-GDPR-5-Things-You-Must-Know.pdf](https://www.atinternet.com/uploads/Digital-Analytics-the-GDPR-5-Things-You-Must-Know.pdf)
* _Ad Internet, 03._ [https://blog.atinternet.com/en/interview-finding-the-value-in-your-data-step-by-step](https://blog.atinternet.com/en/interview-finding-the-value-in-your-data-step-by-step) 
* _Ad Internet, 04._ [https://www.atinternet.com/en/resources/customer-success-stories](https://www.atinternet.com/en/resources/customer-success-stories) 
* _AT Internet, 05._ [https://www.atinternet.com/en/glossary/xiti-free-2](https://www.atinternet.com/en/glossary/xiti-free-2) 
* _AT Internet, 06._ [https://developers.atinternet-solutions.com/android-en/getting-started-android-en/tracker-initialisation-android-en](https://developers.atinternet-solutions.com/android-en/getting-started-android-en/tracker-initialisation-android-en)
* _AT Internet, 07._ [https://developers.atinternet-solutions.com/apple-en/getting-started-apple-en/configuration-apple-en](https://developers.atinternet-solutions.com/apple-en/getting-started-apple-en/configuration-apple-en)
* _AT Internet, 08._ [https://developers.atinternet-solutions.com/javascript-en/getting-started-javascript-en/tracker-initialisation-javascript-en](https://developers.atinternet-solutions.com/javascript-en/getting-started-javascript-en/tracker-initialisation-javascript-en)  
* _French Chamber Singapore, 01._ [http://www.fccsingapore.com/publications/internet-obtains-4-million-euros-financing-continue-its-international-growth-and](http://www.fccsingapore.com/publications/internet-obtains-4-million-euros-financing-continue-its-international-growth-and)
* _JDN, 01._ [http://www.journaldunet.com/solutions/analytics/1179294-mathieu-llorens-at-internet-ces-4-millions-d-euros-vont-nous-aider-a-passer-un-nouveau-cap](http://www.journaldunet.com/solutions/analytics/1179294-mathieu-llorens-at-internet-ces-4-millions-d-euros-vont-nous-aider-a-passer-un-nouveau-cap)  
* _Wikipedia, 01, translated from French._ [https://fr.wikipedia.org/wiki/XiTi](https://fr.wikipedia.org/wiki/XiTi) 
* _Xiti, 01._ [https://www.xiti.com/en](https://www.xiti.com/en)   

## External Links
* _Wikipedia (AT Internet):_ [https://en.wikipedia.org/wiki/AT_Internet](https://en.wikipedia.org/wiki/AT_Internet)
* _XiTi (AT Internet):_ [https://www.crunchbase.com/organization/at-internet](https://www.crunchbase.com/organization/at-internet)
* _Ghostery (AT Internet):_ [https://apps.ghostery.com/apps/at_internet](https://apps.ghostery.com/apps/at_internet)

# Questions or concerns about this document?
Please contact Privacy Lab: https://privacylab.yale.edu/directory


================================================
FILE: trackers/YandexAd.md
================================================
# Yandex Ad

## About

Yandex (NASDAQ: YNDX) is a multinational corporation dealing in Internet-related products and services.  It is the largest technology company in Russia. Its parent company, Yandex N.V., is based in the Netherlands.  [Source: OpenCorporates](https://opencorporates.com/companies/nl/27265167)  

## Ownership

Yandex's current CEO and founder is Arkady Volozh. In 2018, Volozh was added the US Treasury Department's list of Russian "oligarchs" linked to Russian President Vladmir Putin. [Source: Boston Globe](https://www.bostonglobe.com/news/world/2018/01/30/releases-putin-list-russian-politicians-oligarchs/PUw8A93TCiXGMMOMNSKTUI/story.html) 

## [Exodus Detection Rules](https://exodus-privacy.eu.org)

* Code detection rule: com.yandex.mobile.ads
* Network detection rule: appmetrica.yandex.com|report.appmetrica.yandex.net|analytics.mobile.yandex.net|banners.mobile.yandex.net|banners-slb.mobile.yandex.net|startup.mobile.yandex.net|mc.yandex.ru

## What it does

* Behavioral Analytics
* Mobile Advertising
* Enables tracking by unspecified third parties

## Privacy Policy

[Policy as of 29/8/2018](https://yandex.ru/legal/confidential/):

* Yandex's policy does not define personal information but refers the reader to "applicable laws and regulations." 

* Personal information can be obtained by advertising partners.  

* Yandex "does not actively collect any sensitive personal data (such as racial origins, political opinions, health or biometric data)."  They "do not engage in any form of profiling that has the potential to significantly impact your rights and freedoms."  Employees must follow internal rules and protocols to ensure confidentiality when processing personal information.  

* Yandex may transfer personal information to business partners, advertisers, any third party with whom they contract, and to any governmental body, regulatory or enforcement agency at their request or as required by law.   

* If provided by law within the user's jurisdiction, users may: request erasure of their personal information and restriction of its processing.  Users may also request a copy of the Standard Contractual Clauses enabling the transfer of their personal information to Russia.  

* Users may possess other rights not mentioned within this policy to the extent provided by applicable law.  


# Questions or concerns about this document?
Please contact Privacy Lab: https://privacylab.yale.edu/directory


================================================
FILE: trackers/YinzcamSobek.md
================================================
# Tracker Name
Yinzcam Sobek

## Website
http://www.yinzcam.com/

## About
Our proprietary real-time analytics platform allows administrators to track page-views, dwell-time, social-media shares, push-analytics, and ad clicks, anytime, anywhere. Our analytics platform also helps with segmentation and delivery of content by segment, and the personalization of mobile apps to fans. 

## Category
Analytics, Location, Beacon, Advertising

## [Exodus Detection Rules](https://exodus-privacy.eu.org)
*   Network signature: `xxx.com`
*   Code signature: `com.yinzcam.sobek`

## Repositories
*   Maven: `xxx`
*   Artifact ID: `xxx`
*   Group ID: `xxx`

## Gradle
`xxx`

## Additional links
Privacy policy - http://www.yinzcam.com/?page_id=234 , http://files.yinzcam.com/nathan/csae.js , sobek_base_url: http://172.17.5.204:3002 , http://44.129.0.193:8003/track 

## Notes
Power tracker, System tracker, Telephony tracker, Video tracker, Wifi tracker, video tracking sent to ampr.org held address range

================================================
FILE: trackers/Zapr.md
================================================
# Tracker Name
Zapr

## Website
https://www.zapr.in/

## About
Understand & Reach your offline audience better with our data driven technology

## Category
Analytics, Location, Advertising

## [Exodus Detection Rules](https://exodus-privacy.eu.org)
*   Network signature: `*.zapr.in`
*   Code signature: `com.redbricklane.zapr`

## Repositories
*   Maven: `https://mvnrepository.com/artifact/in.zapr`
*   Artifact ID: `zapr-sdk`
*   Group ID: `com.redbricklane.zapr`

## Gradle
`xxx`

## Additional links
https://github.com/zapr-oss , https://docs.google.com/document/d/1vKGRFt2YoSmSsVvSvtZL4l72HuYrvayvaZ_ZEAGq1Ms/edit (SDK dev doc) , https://bitbucket.org/zapr/ , https://bintray.com/zapr

## Notes
aka Red Brick Lane Marketing Solutions, aka com.hotstar.datasdk , Audio Content Recognition background record audio for ambient finger printing

================================================
FILE: trackers/ironSource.md
================================================
# Tracker Name
ironSource

# In εxodus?
Yes

## Website
https://www.ironsrc.com/

## About
ironSource builds technologies that help app developers take their apps to the next level, including the industry’s largest in-app video network, a robust mobile ad mediation platform, and a data-driven user acquisition platform.


## Category
Advertising, Location, Identity, Tracking

## [Exodus Detection Rules](https://exodus-privacy.eu.org)
*   Network signature: `supersonicads.com`
*   Code signature: `com.ironsource`, `com.supersonicads.sdk`

## Repositories
*   Maven: `https://dl.bintray.com/ironsource-mobile/android-sdk/`
*   Artifact ID: `xxx`
*   Group ID: `xxx`

## Gradle
`xxx`

## Additional links
https://track.atom-data.io , https://outcome.supersonicads.com/mediation/ , https://mobilelogs.supersonic.com , https://init.supersonicads.com/sdk/v 

## Notes
includes Moat integration: com.moat.analytics.mobile.iro , also integrates with : AdMob, MoPub, Fyber, Heyzap.

================================================
FILE: trackers/mParticle.md
================================================
# mParticle

## Primary location
United States (New York) [Crunchbase, 01](https://www.crunchbase.com/organization/mparticle)

## Website
[https://www.mparticle.com](https://www.mparticle.com)

## About
mParticle offers "a customer data platform built for mobile and native apps across all devices" [mParticle, 04](https://www.mparticle.com/news/mparticle-raises-15-million-series-a-led-by-social-capital)

## Ownership
mParticle

## [Exodus Detection Rules](https://exodus-privacy.eu.org)
* `mparticle\.com`

## Documentation
[https://docs.mparticle.com/developers/sdk/android/getting-started](https://docs.mparticle.com/developers/sdk/android/getting-started)

## Products and Services
mParticle's core features include:

* _Simplicity and organization:_ Clients "collect and control all" their "customer data through a single API"
* _Cross-device identification:_ "Recognize customers at every step of the buying process"
* _Market orchestration:_ "Personalize experiences across channels, partners, and screens"

Products and services include:

* _Customer Data Platform (CDP):_
* * _Understand the entire buying process:_ Merge online and offline data through collection of digital and offline customer journey data; stream it to platforms and systems
* * _Understand and predict customers:_ "Link customer identities and profile information across internal and external systems for...customer insights"
* * _Integration:_ "Integrate with 175+ of the leading marketing, analytics and data warehousing solutions"
* * _Control your data:_ "Set rules to transform and filter data without having to make changes to client-side code, and monitor all integrations in real-time"
* * * _IDSync:_ "Create fine-grained identity mappings and logic to meet nuanced business requirements and share them across providers"
* * * _AudienceSync:_ "Transform raw data into actionable audience segments and sync them across paid media, CRM, and other platforms"
* * * _Enrichment:_ "Manage integrations with third-party profile enrichment providers and supplement existing data with additional customer insights"
* * * _Warehouses:_ "Instantly load data into Amazon Redshift, BigQuery and other data warehouses, BI tools, and machine learning extensions" [mParticle, 05](https://www.mparticle.com/product)
* _Enhance analytics:_ "Unify data around a single customer profile to fuel better insights and attribution reporting" 
* _Segmentation:_ Build and sync audience segments across platforms [mParticle, 06](https://www.mparticle.com/marketer)
* _Data integration:_ "Unite disparate data sources to better understand the customer and key business metrics" [mParticle, 07](https://www.mparticle.com/productmanager)
* _Cross-device identification:_ "Improve media measurement, customer journey analytics, lifetime value modeling, and more by resolving customer identity data across disparate sources" [mParticle, 08](https://www.mparticle.com/analytics)

* _Location tracking with SafeGraph integration:_ By integrating with SafeGraph, clients have the tools to track user physical locations, and harness machine learning to analyze the data: "mParticle customers can now create, monitor, and control server-to-server integrations with SafeGraph via the mParticle platform. With the integration enabled, brands can stream real-time mobile location data directly from their apps to SafeGraph, which will then translate long/lat coordinates into known locations and use machine learning to help brands understand their customers offline movement patterns" [mParticle, 10](https://www.mparticle.com/integrations/integration-safegraph)

## Privacy Policy

_Data Collection:_ Clients "collect information based on User interaction with their mobile application(s), mobile website(s) or other digital properties where Clients have integrated with the" mParticle Platform. mParticle calls this "Client Digital Properties". Data collected through "via Client Digital Properties for the Platform includes: the date/time for a visit to a Client Digital Property, referrer information such as what search engine and search keywords Users may have used to get to a Client Digital Property, information about the browser or device your User is on such as their Operating System, as well as the city/country location of Users, and any pseudonymous tokens and mobile advertising IDs (e.g., IDFA in iOS). In addition, our Clients can choose what other User data they want to collect and store on the platform such as an IP address, location information, a User’s age, user names, real names, email addresses and other custom data points as determined by each Client."  

mParticle places restrictions on data practices. They state, "We contractually prohibit Clients from placing sensitive information (e.g., passwords, authentication credentials, credit cards, social security or driver’s license numbers) or information that is deemed sensitive by applicable law or self-regulatory codes such as the Digital Advertising Alliance. mParticle functions strictly as the data processing agent of our Clients. Accordingly, other than those aforementioned restrictions, the data stored on the Platform is subject to the privacy policies of each Client".

_Information sharing:_ Third party sharing may proceed as follows:

* Third-party agents working as subprocessors (who must adhere to mParticle's privacy policy)
* "To protect the rights and property of mParticle, our agents, Clients and others "
* "In an emergency, including protection of the personal safety of any person"
* "For the purposes of a business deal (or negotiation of a business deal) involving sale or transfer of all or a part of our business or assets"
* In response to a lawful request by public authorities
* mParticle "may also share aggregate or anonymous information without restriction"

_Security:_ mParticle asserts that they take reasonable steps to protect information. They state, "We encrypt transmission of data on pages where you provide payment information or otherwise provide sensitive information. However, no security or encryption method can be guaranteed to protect information from hackers or human error. Information we collect may be stored or processed on computers located in any country where we do business".

_Data retention:_ mParticle "retains Client data for so long as you remain are a Client and will delete Client’s information within 12 months of either party’s termination of applicable Client agreement upon written request. We retain User level data on the Platform as directed by our Clients and for a reasonable time thereafter for audit purposes and as otherwise required by law".

_Opt-out:_ mParticle has an email-based opt-out procedure for Clients, but does not list opt-out procedures for End Users on its Privacy Policy web page. The opt-out procedure for Clients is as follows: "You may opt out of receiving promotional emails from mParticle by following the instructions in those emails. If you opt out, we may still send you non-promotional emails, such as emails about your mParticle projects or our ongoing business relationship. An individual wishing to limit the use or sharing of their data should contact email support@mparticle.com. mParticle will respond within ninety (90) days to any request to delete your information. Individuals who have provided information directly to one of mParticle’s Clients must send follow-up requests to change or delete such information to that particular mParticle Client"

_International law:_ mParticle complies with the EU-US Privacy Shield Framework and the Swiss-US Privacy Shield Framework [mParticle, 12](https://www.mparticle.com/privacypolicy).

## Relationships
_Customers:_ Airbnb / King / Spotify / Jet / EA / SeatGeek / Ticketmaster / Gilt / Bleacher Report / Chick-fil-A / Postmates / Lilly Pulitzer [mParticle, 01](https://www.mparticle.com) / Venmo / Via / Stash / Starwood Preferred Guest / Draft / StockTwits / OKCupid / NBCUniversal / Turner / theSkimm / Lakes Fifth Avenue / Lululemon Athletica / Goat / Live Nation [mParticle, 02](https://www.mparticle.com/customers) / Walmart [mParticle, 03](https://www.mparticle.com/news/mparticle-gartner-magic-quadrant-digital-marketing-hubs) / iHeartRadio / Starwood / SoulCycle [mParticle, 04](https://www.mparticle.com/news/mparticle-raises-15-million-series-a-led-by-social-capital)  

_Integrations:_ mParticle offers "Full-featured integrations with the top marketing, advertising, analytics, and data warehousing platforms". Integrations include: Amazon Redshift / Amplitude / Appboy / Kahuna / Kochava / SendGrid [mParticle, 04](https://www.mparticle.com/news/mparticle-raises-15-million-series-a-led-by-social-capital) / Facebook / Snap / Twitter / TUNE / Adobe Marketing Cloud / Oracle Marketing Cloud / Salesforce Marketing Cloud / Zendesk / MailChimp / Google Analytics / Looker / Mixpanel / comScore [mParticle, 01](https://www.mparticle.com). For a detailed database of integrations, see [mParticle, 09](https://www.mparticle.com/integrations).

_Key partnerships:_ Some key partnerships include integration with SafeGraph [mParticle, 10](https://www.mparticle.com/integrations/integration-safegraph) and Salesforce Marketing Cloud [mParticle, 11](https://www.mparticle.com/blog/salesforce-partnership).

## Details
_Financial details:_ mParticle was founded in 2013 and has raised over $76 million from funders [Crunchbase, 01](https://www.crunchbase.com/organization/mparticle).  

_Location-based tracking:_ Via, an "on-demand ride-sharing app based in NYC", integrates with mParticle for geofencing services [mParticle, 13](https://www.mparticle.com/blog/via-predictive-analytics-radar).

## References
* _mParticle, 01._ [https://www.mparticle.com](https://www.mparticle.com)  
* _mParticle, 02._ [https://www.mparticle.com/customers](https://www.mparticle.com/customers)  
* _mParticle, 03._ [https://www.mparticle.com/news/mparticle-gartner-magic-quadrant-digital-marketing-hubs](https://www.mparticle.com/news/mparticle-gartner-magic-quadrant-digital-marketing-hubs)  
* _mParticle, 04._ [https://www.mparticle.com/news/mparticle-raises-15-million-series-a-led-by-social-capital](https://www.mparticle.com/news/mparticle-raises-15-million-series-a-led-by-social-capital)  
* _mParticle, 05._ [https://www.mparticle.com/product](https://www.mparticle.com/product)  
* _mParticle, 06._ [https://www.mparticle.com/marketer](https://www.mparticle.com/marketer)  
* _mParticle, 07._ [https://www.mparticle.com/productmanager](https://www.mparticle.com/productmanager)  
* _mParticle, 08._ [https://www.mparticle.com/analytics](https://www.mparticle.com/analytics)  
* _mParticle, 09._ [https://www.mparticle.com/integrations](https://www.mparticle.com/integrations)  
* _mParticle, 10._ [https://www.mparticle.com/integrations/integration-safegraph](https://www.mparticle.com/integrations/integration-safegraph)    
* _mParticle, 11._ [https://www.mparticle.com/blog/salesforce-partnership](https://www.mparticle.com/blog/salesforce-partnership)

## External Links
* _Crunchbase (mParticle):_ [https://www.crunchbase.com/organization/mparticle](https://www.crunchbase.com/organization/mparticle)

# Questions or concerns about this document?
Please contact Privacy Lab: https://privacylab.yale.edu/directory