Privacy Policy

1. Who We Are

IMC ("IMC," "we," "us," or "our") is a global advertising technology company that provides a comprehensive suite of programmatic advertising services, including supply-side platform (SSP) technology, demand-side platform (DSP) technology, ad serving, header bidding solutions, real-time analytics, fraud detection, brand safety tools, and related advertising technology services (collectively, the "Services"). IMC operates through its global offices:

• United States (Headquarters): 100 West Commons Blvd, New Castle, DE 19720, United States
• United Kingdom: 128 City Road, London, EC1V 2NX, United Kingdom
• Singapore: 16 Collyer Quay, Singapore 049318

Any reference to "you," "your," or "user(s)" in this Privacy Policy refers to individuals who visit our websites (including imc.ad and any subdomains), use our platform interfaces, interact with digital properties that utilize our advertising technology, or otherwise engage with our Services. This Privacy Policy is designed to help you understand how we collect, use, disclose, and safeguard your personal information and to inform you of the privacy rights and choices available to you.

2. Scope of This Policy

This Privacy Policy applies to personal information that IMC collects, processes, and discloses in connection with:

• Our corporate websites (including imc.ad and related domains) and any associated web-based interfaces, client dashboards, and portals (collectively, the "Websites");
• Our advertising technology platform and related services, including our SSP, DSP, ad server, analytics dashboard, fraud detection, and brand safety tools (collectively, the "Platform");
• Our sales, marketing, and business development activities, including events, webinars, newsletters, and promotional communications;
• Our social media pages and profiles on third-party platforms;
• Any other interactions you may have with IMC, including customer support inquiries, partnership discussions, and job applications.

This Policy does not govern the privacy practices of third-party websites, applications, or services that may be linked from our Websites or integrated with our Platform. We encourage you to review the privacy policies of any third-party services you interact with. This Policy also does not apply to the extent that IMC acts solely as a data processor or service provider on behalf of its clients; in such cases, the privacy policies of our clients govern the processing of your personal information.

3. About Our Advertising Services

IMC provides technology via our advertising platform that enables publishers (website owners, app developers, CTV/OTT providers, and other digital property operators) to monetize their content by making advertising inventory available, and enables media buyers (advertisers, ad agencies, demand-side platforms, and other advertising intermediaries) to purchase that inventory and display relevant advertisements to end users. In this Policy, we refer to publishers and media buyers collectively as "Clients."

Our Platform facilitates real-time programmatic advertising transactions, including header bidding, open auctions, private marketplace deals, and direct deals. When you visit a digital property that uses our technology, our Platform may process certain information about you and your device to facilitate the delivery of advertisements, measure ad performance, prevent fraud, and improve our Services. This processing is described in detail throughout this Policy.

IMC acts as a data controller when processing personal information for its own purposes as described in this Policy. When IMC processes personal information solely on behalf of and under the instructions of its Clients, IMC acts as a data processor or service provider, and the Client's privacy policy governs such processing.

4. Information We Collect

We collect and process the following categories of personal information, depending on how you interact with our Websites, Platform, and Services:

4.1 Information You Provide Directly

When you create an account, request a demo, contact us, subscribe to our newsletter, register for events, apply for a job, or otherwise interact with us, you may provide:

• Contact information: name, email address, phone number, mailing address, and communication preferences;
• Professional information: job title, department, role, company name, company size, and industry;
• Account credentials: username, password, and security questions;
• Financial and billing information: payment details, billing address, tax identification numbers, and banking information;
• Communications: the content of emails, messages, support tickets, and other correspondence with us;
• Event and marketing information: dietary preferences, accessibility requirements, and travel details for events;
• Job application information: resume, cover letter, employment history, education history, references, and any other information you choose to provide in connection with a job application.

4.2 Information Collected Automatically Through Our Websites

When you visit our Websites, we automatically collect certain information about your device and browsing activity, including:

• Device and browser information: IP address, device type and model, operating system type and version, browser type and version, screen resolution, language settings, and time zone;
• Usage data: pages visited, links clicked, time spent on pages, referring and exit URLs, search terms entered, and navigation patterns;
• Location data: approximate geographic location derived from your IP address (city, region, country);
• Cookie and tracking data: cookie identifiers, pixel tags, web beacons, and similar tracking technology data (see Section 8 for details).

4.3 Information Collected Through Our Advertising Platform

When you visit digital properties that use our advertising technology, we (and our Clients) may collect or process the following pseudonymous information about you and your device:

• Online identifiers: cookie IDs (unique identifiers randomly assigned by IMC to a browser), mobile advertising IDs (such as Apple IDFA or Android Advertising ID), CTV/OTT device identifiers, and unique online IDs created by identity providers;
• Browser and device information: IP address, device type and model, manufacturer, operating system type and version, browser type and version, user-agent string, carrier name, network connection type (Wi-Fi or cellular), and screen resolution;
• Behavioral information: information about how you interact with digital properties, including pages visited, session start/stop times, content viewed, and engagement metrics;
• Ad interaction data: type of ad served, ad placement, whether you viewed or clicked on an ad, conversion data, frequency of ad exposure, and whether you visited an advertiser's website or installed an advertised application;
• Geolocation information: approximate location derived from IP address; precise geolocation (latitude and longitude) only where the publisher's digital property has enabled location services and you have granted permission;
• Audience segment data: interest-based segments and demographic groupings created or received from Clients and data partners (e.g., "sports enthusiast," "travel interest").

Our Platform does not collect directly identifiable personal information such as your name, clear-text email address, physical address, phone number, or social security number through the ad-serving process. However, the pseudonymous information described above may be considered "personal data" or "personal information" under applicable privacy and data protection laws.

4.4 Information Received from Third Parties

We may receive information about you from third-party sources, including:

• Our Clients (publishers and media buyers) who provide demographic data, obfuscated user identifiers (such as hashed email addresses or hashed phone numbers), audience segments, and content-viewing data;
• Data partners and providers who supply interest-based segments, demographic information, and identity resolution data;
• Identity providers who facilitate ID syncing and cross-device recognition;
• Fraud detection and verification partners who provide data to help identify invalid traffic and protect the integrity of our Platform;
• Publicly available sources, including business registries, public databases, and social media profiles.

We do not intentionally collect or process sensitive personal information (e.g., social security numbers, health data, racial or ethnic origin, religious beliefs, sexual orientation) and contractually prohibit our Clients and partners from passing any such information to IMC through our Platform.

5. How We Collect Information

We collect personal information through the following methods:

• Directly from you when you provide information through our Websites, create an account, fill out forms, subscribe to communications, register for events, or contact us;
• Automatically through cookies, pixels, web beacons, SDKs, and similar tracking technologies when you visit our Websites or interact with digital properties that use our Platform (see Section 8);
• From our Clients (publishers and media buyers) who pass information to us through our Platform in connection with ad serving, bidding, and campaign management;
• From third-party data partners, identity providers, and verification services as described in Section 4.4;
• Through the ad-serving process itself, including information generated when an ad is requested, served, viewed, or clicked;
• From publicly available sources and business directories.

6. How We Use Your Information

We process personal information for the following purposes:

6.1 Providing and Operating Our Services

• Facilitating the buying and selling of advertising inventory through our Platform, including processing bid requests, conducting real-time auctions, and delivering advertisements;
• Managing your account, processing transactions, and providing customer support;
• Personalizing and optimizing ad delivery based on user interests, demographics, location, and contextual signals;
• Performing frequency capping to limit the number of times you see the same advertisement;
• Enabling cross-device and cross-app recognition to deliver consistent advertising experiences across your devices;
• Facilitating ID syncing between our Platform and third-party advertising platforms to enable more effective ad targeting and measurement.

6.2 Measurement, Analytics, and Reporting

• Measuring the effectiveness of advertising campaigns, including impressions, clicks, conversions, viewability, and attribution;
• Providing reports to our Clients about ad performance, audience reach, and campaign analytics;
• Analyzing usage patterns on our Websites and Platform to understand user behavior and improve our Services;
• Conducting market research, surveys, and statistical analysis to inform product development and business strategy.

6.3 Fraud Detection and Security

• Identifying and preventing invalid traffic (IVT), ad fraud, click fraud, bot activity, and other malicious or deceptive practices;
• Protecting the security, integrity, and availability of our Platform, Websites, and systems;
• Detecting, investigating, and responding to security incidents, unauthorized access, and potential threats;
• Enforcing our terms of service, acceptable use policies, and other contractual obligations.

6.4 Communications and Marketing

• Sending you service-related communications, including account notifications, technical updates, security alerts, and support messages;
• Sending marketing communications about our products, services, events, and industry insights (where you have opted in or where permitted by applicable law);
• Responding to your inquiries, requests, and feedback;
• Managing event registrations, promotions, and webinar participation.

6.5 Business Operations and Improvement

• Operating, maintaining, and improving our Websites, Platform, and Services;
• Developing new products, features, and services;
• Performing internal business operations, including billing, accounting, auditing, and record-keeping;
• Training and quality assurance purposes;
• Complying with applicable laws, regulations, legal processes, and governmental requests.

6.6 Legal and Compliance

• Complying with applicable laws, regulations, industry standards, and legal obligations;
• Establishing, exercising, or defending legal claims;
• Responding to lawful requests from public authorities, including law enforcement and national security agencies;
• Enforcing our agreements and protecting our rights, property, and safety, and the rights, property, and safety of our Clients, partners, and others.

7. How We Disclose Information

Because of the role IMC plays in the digital advertising ecosystem, many of the purposes described above involve sharing information with third parties. We may disclose your personal information to the following categories of recipients:

7.1 Our Affiliates

We may share your information with our corporate affiliates and subsidiaries for the purposes described in this Policy, including to provide and improve our Services, for internal administration, and to comply with legal obligations. IMC, Inc. is the party responsible for the management of personal information jointly used by it and its affiliates.

7.2 Publishers

We may disclose information collected through our Platform to publishers to enable them to analyze the effectiveness and performance of our Services, optimize their advertising inventory, and offer targeted inventory to media buyers. This may include browser and device information, behavioral information, ad interaction data, geolocation data, and audience segment data.

7.3 Media Buyers and Advertisers

When a publisher has advertising inventory available, we send "bid requests" to media buyers that include information about the available impression and the user's device and browsing context. This enables media buyers to determine whether to purchase the impression, how much to bid, and which advertisement to display. We may also share information with media buyers for billing, dispute resolution, fraud prevention, campaign measurement, and attribution purposes.

7.4 Service Providers and Vendors

We engage third-party service providers and vendors who process personal information on our behalf to support the delivery of our Services. These include cloud hosting and infrastructure providers, data storage providers, content delivery networks, analytics providers, fraud detection and verification services, customer relationship management platforms, email service providers, payment processors, and professional advisors (including legal, accounting, and consulting firms). All service providers are contractually obligated to process personal information only as instructed by IMC and to implement appropriate security measures.

7.5 Attribution and Analytics Partners

We may share information (such as cookie IDs, mobile device IDs, or other unique identifiers) with attribution and analytics partners to validate and measure the success and effectiveness of advertisements delivered via our Platform, and to provide reporting to our Clients.

7.6 Identity Partners

Your information may be processed by and shared with identity partners that process online identifiers independently from IMC. These partners may use online identifiers to group users into broad, aggregated audience segments for advertising purposes. IMC facilitates the delivery of these audience-based identifiers to media buyers to enable more relevant ad targeting.

7.7 Business Transfers

We may disclose your information to a third party in connection with any contemplated or actual reorganization, merger, sale, joint venture, assignment, transfer, or other disposition of all or any portion of our business, assets, or stock (including in connection with any bankruptcy or similar proceedings). In such cases, we will require the acquiring entity to honor the commitments made in this Privacy Policy.

7.8 Legal and Regulatory Disclosures

We may disclose your information as we believe to be necessary or appropriate: (a) under applicable law, including laws outside your country of residence; (b) to comply with subpoenas, warrants, court orders, or other legal process; (c) to respond to requests from public and government authorities, including law enforcement, regulatory agencies, and national security agencies; (d) to enforce our terms of service and other agreements; (e) to protect our operations, rights, privacy, safety, or property, and/or that of our affiliates, Clients, partners, or others; and (f) to establish, exercise, or defend legal claims.

7.9 With Your Consent

We may disclose your information to other parties with your consent or at your direction.

7.10 Cross-Device and Cross-App Targeting

Our Clients and partners may use information that we share with them to establish connections among related devices (such as smartphones, tablets, computers, and connected TVs) for targeted advertising, analytics, and reporting purposes. They may match your devices if you log into the same online service on multiple devices or if your devices share similar attributes that support an inference that they are used by the same person or household. For example, a media buyer may deliver ads on a tablet based on browsing activity observed on a smartphone. Our Clients may also use information about your activity across multiple, unaffiliated third-party mobile applications for targeted advertising purposes.

8. Cookies and Tracking Technologies

We use cookies and similar tracking technologies on our Websites and through our Platform. For detailed information about the types of cookies we use, how we use them, and how you can manage your cookie preferences, please see our Cookie Policy.

In summary, we use the following categories of tracking technologies:

• Cookies: small text files stored on your browser that enable various functionalities, including recognizing and tracking browsing behavior;
• Pixel tags and web beacons: small, transparent images embedded in web pages or emails that allow us to track page views, email opens, and other interactions;
• Software development kits (SDKs): code integrated into mobile applications that enables data collection and ad serving within apps;
• Local storage and session storage: browser-based storage mechanisms that allow websites to store data locally on your device;
• Device fingerprinting: techniques that collect information about your device configuration to create a unique identifier;
• eTags and cache-based tracking: HTTP entity tags and other cache-based mechanisms that can be used to identify returning visitors.

9. Legal Basis for Processing (EEA, UK, and Switzerland)

If you are located in the European Economic Area (EEA), United Kingdom (UK), or Switzerland, we process your personal information based on the following legal bases under the General Data Protection Regulation (GDPR) and equivalent legislation:

Where we rely on legitimate interest as the legal basis for processing, we have conducted a balancing test to ensure that our legitimate interests are not overridden by your data protection rights and fundamental freedoms. You may contact us to obtain information about these balancing tests.

10. Your Privacy Rights and Choices

Depending on your jurisdiction, you may have the following rights with respect to your personal information:

10.1 Right to Access

You may request information about the categories and specific pieces of personal information we have collected about you, the sources from which we collected it, the purposes for which we use it, and the categories of third parties with whom we share it.

10.2 Right to Correction

You may request that we correct inaccurate personal information we maintain about you.

10.3 Right to Deletion

You may request that we delete your personal information, subject to certain exceptions provided by applicable law (for example, where we need to retain the information to comply with a legal obligation or to establish, exercise, or defend legal claims).

10.4 Right to Restrict Processing

You may request that we restrict the processing of your personal information in certain circumstances, such as when you contest the accuracy of the data or object to our processing.

10.5 Right to Data Portability

You may request to receive your personal information in a structured, commonly used, and machine-readable format, and to have it transmitted to another controller where technically feasible.

10.6 Right to Object

You may object to the processing of your personal information where we rely on legitimate interest as the legal basis, including profiling for interest-based advertising purposes.

10.7 Right to Withdraw Consent

Where we have obtained your consent to process your personal information, you may withdraw your consent at any time. Withdrawal of consent will not affect the lawfulness of processing conducted prior to the withdrawal.

10.8 Right to Opt Out of Targeted Advertising, Sales, and Sharing

Depending on your jurisdiction, you may have the right to opt out of the "sale" or "sharing" of your personal information, or the processing of your personal information for purposes of "targeted advertising," as those terms are defined under applicable state privacy laws. To exercise this right, please contact us at privacy@imc.ad or use a legally recognized universal opt-out mechanism such as the Global Privacy Control (GPC).

10.9 Opt-Out of Interest-Based Advertising

You can opt out of receiving interest-based advertising from our Platform through the following mechanisms:

• Browser cookies: You may opt out through the Network Advertising Initiative (NAI) at optout.networkadvertising.org or the Digital Advertising Alliance (DAA) at optout.aboutads.info;
• Mobile devices: You may use your device's built-in settings to limit ad tracking (e.g., "Limit Ad Tracking" on iOS or "Opt out of Ads Personalization" on Android);
• Connected TVs: Review your CTV device settings and visit the NAI's CTV opt-out page at thenai.org/opt-out/connected-tv-choices/;
• Global Privacy Control: Enable the GPC signal in your browser to automatically communicate your opt-out preference.

Please note that opt-out choices are specific to the browser and device on which they are exercised. You will need to opt out separately on each browser and device you use. Opting out does not mean you will stop seeing ads; it means the ads you see may be less relevant to your interests.

10.10 Marketing Communications

You may opt out of receiving marketing communications from us at any time by clicking the "unsubscribe" link in our emails or by contacting us at privacy@imc.ad. Please note that even if you opt out of marketing communications, we may still send you service-related communications that are necessary for the administration of your account.

10.11 How to Exercise Your Rights

To exercise any of the rights described above, please contact us at privacy@imc.ad or submit a request through our contact page. We will take steps to verify your identity before processing your request, which may include asking you to provide confirmation that you control the device or account to which the request relates. We will respond to your request within the timeframes required by applicable law (typically 30 to 45 days, depending on your jurisdiction).

10.12 Authorized Agents

If you are submitting a rights request through an authorized agent, the agent must present signed written permission to act on your behalf, along with proof of their identity. In some cases, we may also require the individual who is the subject of the request to verify their identity directly. We cannot process your request if you do not provide sufficient detail to allow us to understand and respond to it.

10.13 Appeals

If we deny your request, you may have the right to appeal our decision by contacting us at privacy@imc.ad. If you have concerns about the result of an appeal, you may contact the data protection authority or attorney general in your jurisdiction.

10.14 Non-Discrimination

We will not discriminate against you for exercising any of your privacy rights. We will not deny you goods or services, charge you different prices, provide a different level or quality of service, or suggest that you will receive a different price or level of service as a result of exercising your rights.

11. Additional Information for U.S. State Privacy Laws

Certain U.S. states, including California, Colorado, Connecticut, Delaware, Indiana, Iowa, Kentucky, Maryland, Minnesota, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Rhode Island, Tennessee, Texas, Utah, and Virginia, have enacted consumer privacy laws that grant their residents certain rights and require additional disclosures ("State Privacy Laws"). If you are a resident of a state governed by a State Privacy Law, this section applies to you. This section also serves as our California Notice at Collection.

This Policy explains how we collect (including the sources of collection), use, disclose, and retain information about you in connection with our Websites and Platform. The information in Sections 4 through 7 describes the categories of personal information we collect, the types of entities to which we disclose it, and the ways we use each category of information. These disclosures reflect our practices today and over the preceding 12 months.

As described in this Policy, we process information to personalize and deliver ads, and for other advertising-related purposes, including building interest segments. Some of these activities may be considered "sales" or "sharing" of your personal information, or using your information for purposes of "targeted advertising," under certain State Privacy Laws. We do not knowingly sell or share personal information about consumers under the age of 18.

If you reside in California, you may also opt out of web-based sales and sharing by visiting digital properties with a legally recognized opt-out preference signal enabled, such as the Global Privacy Control (GPC). For more information about your rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA), please see our CCPA Compliance page.

In some cases, we may de-identify personal information so that it no longer identifies you and use this information for purposes like analyzing the effectiveness of our Services. We will use this information in de-identified form and will not attempt to re-identify it, unless required by law.

12. Additional Information for EEA, UK, and Swiss Data Subjects

If you are located in the European Economic Area (EEA), United Kingdom (UK), or Switzerland, you have additional rights under the General Data Protection Regulation (GDPR) and equivalent legislation, as described in Section 10 above. In addition:

• You have the right to lodge a complaint with a supervisory authority. For EEA residents, you may contact your local Data Protection Authority (a list is available at edpb.europa.eu). For UK residents, you may contact the Information Commissioner's Office (ICO) at ico.org.uk. For Swiss residents, you may contact the Federal Data Protection and Information Commissioner (FDPIC).
• If we have collected and processed your personal information with your consent, you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing conducted in reliance on lawful processing grounds other than consent.
• In the European Union, we and our Clients may, in limited circumstances, act as joint controllers under the GDPR for the collection of user information on digital properties. In such cases, this joint controllership is limited to setting and collecting identifiers and user information on the digital properties and transmitting this information to us. Further processing of your information is our sole responsibility as an independent controller. We have contractual arrangements in place with our Clients that set out the distribution of responsibilities between us.

For GDPR-related inquiries, please see our GDPR Compliance page or contact our Data Protection Officer at dpo@imc.ad.

13. International Data Transfers

IMC is a global company with offices in the United States, United Kingdom, and Singapore, and data centers and service providers located around the world. Your personal information may be transferred to, stored, and processed in countries other than the country in which you are resident, including in the United States and other locations where we have offices, employees, or engage service providers. These countries may have data protection laws that are different from the laws of your country of residence and may not provide the same level of protection.

Regardless of where your data is located, IMC will process your personal information in accordance with this Privacy Policy and applicable law. When we transfer personal information originating in the EEA, UK, or Switzerland to countries that have not been deemed to provide an adequate level of data protection, we implement appropriate safeguards, including:

• Standard Contractual Clauses (SCCs) approved by the European Commission;
• The UK International Data Transfer Agreement (IDTA) or UK Addendum to the EU SCCs;
• Compliance with the EU-U.S. Data Privacy Framework, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (as applicable);
• Other approved transfer mechanisms as required by applicable law.

You may request a copy of the applicable transfer mechanism (subject to the removal of confidential or commercially sensitive information) by contacting us at legal@imc.ad.

14. Data Privacy Framework

IMC complies with the EU-U.S. Data Privacy Framework ("EU-U.S. DPF"), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework ("Swiss-U.S. DPF") as set forth by the U.S. Department of Commerce (together, the "Data Privacy Framework" or "DPF"). IMC has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. DPF Principles with regard to the processing of personal information received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF. IMC has also certified that it adheres to the Swiss-U.S. DPF Principles with regard to the processing of personal information received from Switzerland in reliance on the Swiss-U.S. DPF.

If there is any conflict between the terms in this Privacy Policy and the DPF Principles, the DPF Principles shall govern. To learn more about the Data Privacy Framework program and to view our certification, please visit dataprivacyframework.gov.

IMC is responsible for the processing of personal data it receives under the DPF and subsequently transfers to a third party acting as an agent on its behalf. IMC complies with the DPF Principles for all onward transfers of personal data from the EU, UK, and Switzerland, including the onward transfer liability provisions. The Federal Trade Commission has jurisdiction over IMC's compliance with the Data Privacy Framework.

In compliance with the Data Privacy Framework, IMC commits to refer unresolved complaints concerning our handling of personal information received in reliance on the DPF to our Data Protection Officer at dpo@imc.ad. If you do not receive timely acknowledgment of your DPF-related complaint, or if we have not addressed your complaint to your satisfaction, you may contact our independent third-party dispute resolution provider (free of charge). Under certain conditions, more fully described on the DPF website, you may be entitled to invoke binding arbitration when other dispute resolution procedures have been exhausted.

15. Data Retention

We retain personal information for as long as necessary to fulfill the purposes for which it was collected, including to satisfy any business, legal, regulatory, accounting, or reporting requirements; to establish and defend legal claims; for fraud prevention purposes; or as long as required to meet our legal obligations. To determine the appropriate retention period, we consider the volume, nature, and sensitivity of the data, the potential risk of harm from unauthorized use or disclosure, the purposes for which we process the data and whether we can achieve those purposes through other means, and any applicable legal requirements.

The following are our general retention periods for different categories of information:

After the applicable retention period expires, we will securely delete or anonymize your personal information. We may retain anonymized and aggregated data indefinitely for analytical and statistical purposes.

16. Data Security

We implement and maintain a comprehensive information security program that includes reasonable and appropriate technical, administrative, and organizational security measures designed to protect personal information from unauthorized access, disclosure, use, alteration, and destruction. Our security measures include, but are not limited to:

• Encryption of personal information in transit (using TLS/SSL) and at rest;
• Access controls and authentication mechanisms, including multi-factor authentication for sensitive systems;
• Regular security assessments, vulnerability scanning, and penetration testing;
• Network security controls, including firewalls, intrusion detection and prevention systems, and network segmentation;
• Employee security awareness training and background checks;
• Incident response and breach notification procedures;
• Physical security controls for our offices and data centers;
• Regular review and updating of our security policies and procedures.

While we strive to protect your personal information, no method of transmission over the Internet or method of electronic storage is completely secure. We cannot guarantee the absolute security of your information. If you have reason to believe that your interaction with us is no longer secure, please immediately notify us using the contact information provided in Section 21.

17. Children's Privacy

Our Websites and Services are not directed to children under the age of 16 (or such other age as may be specified by applicable law). We do not knowingly collect, process, sell, or share personal information from children under 16 for targeted advertising purposes. We do not knowingly process personal information about consumers under the age of 18 for purposes of "selling" or "sharing" as those terms are defined under applicable State Privacy Laws. If we become aware that we have collected personal information from a child under the applicable age without appropriate parental consent, we will take steps to delete that information promptly. If you believe that we may have collected personal information from a child, please contact us at privacy@imc.ad.

We contractually require our Clients to comply with the Children's Online Privacy Protection Act (COPPA) and other applicable laws regarding children's privacy, and to not pass personal information of children to our Platform without appropriate legal basis.

18. Third-Party Websites and Services

Our Websites may contain links to third-party websites, applications, and services that are not owned or controlled by IMC. We are not responsible for the privacy practices of these third parties. We encourage you to review the privacy policies of any third-party websites or services you visit or interact with. The inclusion of a link on our Websites does not imply endorsement of the linked website or service by IMC.

When advertisements are delivered through our Platform, tags, pixels, cookies, or other technologies may be used by third parties, enabling those parties to process personal information for purposes such as measuring ad performance, attribution, or fraud prevention. This Policy does not apply to, and IMC is not responsible for, the activities of those third parties or the technologies they use.

19. Industry Frameworks and Self-Regulation

IMC supports industry efforts for self-regulation in digital advertising and participates in the following industry groups and initiatives:

• Interactive Advertising Bureau (IAB): IMC is a member of the IAB and adheres to the IAB Code of Conduct. We participate in the IAB Europe Transparency & Consent Framework (TCF) and comply with its specifications and policies.
• Network Advertising Initiative (NAI): IMC is a member of the NAI and adheres to the NAI Code of Conduct for online behavioral advertising.
• Digital Advertising Alliance (DAA): IMC adheres to the DAA Self-Regulatory Principles for Online Behavioral Advertising, the Application of Self-Regulatory Principles to the Mobile Environment, and the Application of the DAA Principles of Transparency and Control to Data Used Across Devices.
• European Digital Advertising Alliance (EDAA): IMC adheres to the EDAA Self-Regulatory Principles for online behavioral advertising in Europe.

20. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or for other operational, legal, or regulatory reasons. The date at the top of this Policy reflects the most recent revision. If we make material changes to this Policy, we will notify you by posting the revised Policy on our Websites and, where required by applicable law, by providing additional notice (such as email notification or a prominent notice on our Websites) prior to such changes taking effect. We encourage you to review this Policy periodically for the latest information on our privacy practices.

21. Contact Us

If you have any questions, concerns, or complaints about this Privacy Policy or our privacy practices, please contact us using the information below. Please note that email communications are not always secure, so please do not include sensitive information in your emails to us.

For the purposes of EU/UK data protection legislation, IMC, Inc. is the controller of your personal information. Our Data Protection Officer can be contacted at dpo@imc.ad or by mail using the addresses provided above.