Privacy and Cookie Policy

What we do

At Hybrid Theory, we’re dedicated to the highest standards of consumer privacy. Our technology and processes are regularly audited by ABC and EDAA to ensure we meet industry best practices of consumer data privacy and any data we collect will only be used in accordance with all applicable laws, GDPR, and CCPA.

Our Technology & Service

Hybrid Theory provides technology services that enable you to receive online advertisements that are relevant to your interests. Through this, we process pseudonymous data regarding the relationships between people, the website pages they visit and/or the actions they take on a website, with the purpose of facilitating advertising to consumers that is more relevant and tailored to their particular interests. We achieve this through creating segmented profiles based on users’ browsing history that allows our clients to categorize users with similar characteristics or interests, improving their ability to deliver more relevant advertising. In doing so, we make all efforts to ensure that we only process personal data where we have a suitable legal basis to do so and only process personal data in a pseudonymous form to the greatest degree possible.

Hybrid Theory are committed to protecting your privacy and compliance with all relevant legislation, including the General Data Protection Regulation (GDPR), where this applies to EU citizens, and the Californian Consumer Privacy Act (CCPA), where this applies to California residents. ePrivacy Directive (UK), GDPR (EU), CCPA (CA), PDPO (HK), PDPA (MY, SG, TH, VN), MOCI (ID), DPA (PH), APPI (JP), OAIC (AU). Hybrid Theory reserve the right to revise and update this policy on occasion.

A. IMPORTANT INFORMATION AND WHO WE ARE

Hybrid Theory is the data controller which is either jointly or solely and responsible for processing your personal data. You may contact our Data Protection Officer at privacy@hybridtheory.com.

B. THE DATA WE COLLECT ABOUT YOU

We may collect, use, store and transfer different kinds of personal data about you as follows:

  • Identity Data
  • Contact Data
  • Technical Data
  • Behavioural Data
  • Usage Data
  • Marketing and Communications Data

This data may be collected through information you submit directly to our website or cookies operated by Hybrid Theory or our third-party partners or collected through our website or as you otherwise provide to us. We explain these categories of data further below (Section 3. How Is Your Personal Data Collected?).

We use different methods to collect data about you, which are explained further below (Section 5. Disclosures Of Your Personal Data).

C. HOW WE USE YOUR PERSONAL DATA

We will only use your personal data for the purpose for which we obtained it which include the following:

  • To improve our website, products or services
  • To contact you in the course of marketing or customer relationships
  • To recommend products or services which may be of interest to you
  • To create profiles of your interests and ensure you receive relevant advertisements

More detail on how we create profiles and use your personal data can be found in more detail below (Section 4. How We Use Your Personal Data).

D. HOW WE SHARE YOUR PERSONAL DATA

We may share your personal data with our trusted third-party partners, including organisations we use for data storage and real-time bidding platforms that allow our clients to present suitable, targeted advertising to you. This is explained further below (Section 5. Subheading, Third Party Partners).

E. INTERNATIONAL TRANSFERS

In addition to on our local systems, the information that you provide to us may be stored in our secure servers which are located in Dublin, Ireland within the European Economic Area (EEA). However, we may exchange or allow access to data between our EU and US offices. For this purpose, we use EU-approved Standard Contractual Clauses (SCCs) between the different legal entities.

Additionally, we may also transfer personal data from the USA and EEA to our third-party hosting and IT service providers. For this purpose, we ensure that such parties have agreed legal measures for international data transfers. More details can be found below (Section 6. International Transfers).

F. YOUR LEGAL RIGHTS

Under certain circumstances, you have rights under data protection laws in relation to your personal data that we collect, which we are committed to respecting.

If you are an EU citizen, you have the right to:

  • Request a copy of your personal information that we process
  • Request any inaccuracies in your personal information be corrected
  • You may also ask to object or restrict the processing of your personal data and have your personal information erased, where appropriate.
  • You may also make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk).

These rights may be limited where we process personal data about you in an anonymous form, in which case you should contact the website publisher that originally collected the information from you. Additionally, we may require additional information from you, such as CookieIDs, in order to comply with a request for the exercise of your legal rights. More details can be found below (Section 10. Cookies)

If you are a Californian citizen, the California Consumer Privacy Act (CCPA) provides consumers (California residents) with specific rights regarding their personal information. In particular, you have the right to:

  • Request information about the processing of your personal data and access it
  • Request a copy of personal information we hold about you in a commonly used format
  • Request deletion of your personal information
  • Request information about third parties to whom your data has been disclosed
  • Request to opt-out from the sale of personal data to other companies
  • Not to be discriminated as our consumer when you exercise any of the aforementioned rights

G. OPT OUT

You have the right to opt-out from having advertisements tailored to our interests. To exercise this, please click https://hybridtheory.com/opt-out

You can opt out from Hybrid Theory’s use of cookies here https://hybridtheory.com/opt-out

More details on opting-out from further use of cookies can be found here (Section 10. Cookies).

You can opt out from Hybrid Theory’s use of cookies here. More details on opting-out from further use of cookies can be found here (Section 10. Cookies)

H. FURTHER DETAILS

If you are looking for more information on how we process your personal data including details on data security, data retention, individual rights and lawful processing bases, please view website privacy policy below.

Privacy Policy

Introduction

Hybrid Theory respects your privacy and is committed to protecting your personal data. This privacy policy will inform you in more detail as to how we look after your personal data when you visit our website or that we otherwise collect from your (regardless of where you visit from) and tell you about your privacy rights and how the law protects you.

1. IMPORTANT INFORMATION AND WHO WE ARE

Hybrid Theory is the data controller, either jointly or solely and responsible for the legality of processing your personal data (collectively referred to as ”Hybrid Theory”, “we”, “us” or “our” in this privacy policy).

CONTACT DETAILS

Hybrid Theory has appointed a Data Protection Officer who is responsible for overseeing questions in relation to this privacy policy. If you have any questions about this privacy policy, including any requests to exercise [your legal rights], please contact the Data Protection Officer using the details set out below.

You can contact our Data Protection Officer (DPO) in the following ways:

Full name of legal entity: Hybrid Theory
Email address: privacy@hybridtheory.com
Telephone number: +44 (0) 20 7090 1000
Postal address:

Epworth House
25 City Road
London
EC1Y 1AA
United Kingdom

Telephone number: +44 (0) 20 3934 2174

You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues. We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.

ICO contact details

Email address: casework@ico.org.uk
Postal address: Information Commissioner’s Office (ICO),

Wycliffe House

Water Lane

Wilmslow

Cheshire, SK9 5AF.

Telephone number: +44 (0) 303 123 1113

CHANGES TO THE PRIVACY POLICY AND YOUR DUTY TO INFORM US OF CHANGES

We keep our Privacy Policy under regular review. This version was last updated on 02 June 2020.

It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.

THIRD-PARTY LINKS

This website includes links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy policy of every website you visit.

2. THE DATA WE COLLECT ABOUT YOU

Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data). We may collect, use, store and transfer different kinds of personal data about you which we have grouped together as follows:

  • Identity Data includes first name, last name, username or similar identifier collected via our website or other websites.
  • Contact Data includes email address and telephone number, collected via our website.
  • Technical Data includes Internet protocol (IP) address, URLs, device identifiers, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access the Internet or this website or websites associated with our third party partners. This may also include your location data (such as GPS information or information on which country or city you are located in).
  • Browsing Data includes a history of labels in relation to websites you have viewed and your interactions with various web pages, as collected through our cookies and cookies installed by our third-party providers. This data is limited to data that does not include ‘real-world’ identifiers, such as name, address, email address, etc. This may also include Inferred Data – i.e. whereby we assign characteristics such as related to your age, gender, lifestyle or interests that we ascribe to you by nature of your viewing history. We take all measures to ensure these do not include Special Category Data.
  • Marketing and Communications Data includes your preferences to receive marketing from us and our third parties and your communication preferences.

We may also collect, use and share such data, including Browsing Data, as Aggregated Data, such as for statistical purposes. This may involve aggregating users’ Browsing interests, where the Aggregated Data is completely anonymous. We may also aggregate data on usage of a website’s functionalities to calculate the percentage of users accessing a specific website feature.

We take measures to limit the collection of Special Category Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sexual life, sexual orientation, political opinions, trade union membership or information about your health,). We achieve this by prohibiting the labelling of information on your browsing history or interests with Special Category Data, by us or our third-party partners, and from prohibiting cookies installed by us or our third-party partners from being used on websites featuring content related to Special Category Data. We do not collect any information about criminal convictions and other offences.

3. HOW IS YOUR PERSONAL DATA COLLECTED?

We use different methods to collect data from and about you including the following:

Direct interactions. You may give us your Identity and Contact Data by filling in forms or by corresponding with us by post, phone, email or otherwise. This includes personal data you provide when you:

  • apply for our services;
  • subscribe to our service or publications;
  • request marketing to be sent to you;
  • give us feedback or contact us.

Automated technologies or interactions. As you interact with our website or websites hosted by our third-party partners, with cookies embedded, Technical Data will automatically be collected, which may also translate into Browsing Data, about your equipment, browsing actions and patterns. We collect this personal data by using cookies and other similar technologies. Please see our Cookies Policy (section 12) for more information.

Third parties or publicly available sources. We will receive personal data about you from various third parties as set out below:

  1. Technical Data and Browsing Data from the following parties:
    (a) Analytics providers, such as Google Analytics; and
    (b) Third party data providers, such as 33Across and ShareThis.
  2. Identity Data, Technical Data and Browsing Data from data brokers or aggregators such as 33Across and ShareThis;
  3. Identity and Contact Data from publicly available sources, such as Companies House and the Electoral Register.

4. HOW WE USE YOUR PERSONAL DATA

We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:

Consent

Where you have given us consent to the processing. Typically, this will include where you have consented to the installation of Cookies for the collection and sharing of other Technical Data and/or Browsing Data. However, this may also include where you sign up to receive marketing offers from us or our partners. You have the right to withdraw consent to marketing at any time by contacting us or opting-out. For more information, see the section on Your Legal Rights.

Legitimate Interests

Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests. Typically, this will include where we contact you in the course of our business activities, or in relation to marketing where you have bought a product or service from us.

We may also rely on our legitimate interests for the use of Inferred Data for targeted advertising purposes, where this does not include Special Category data.

Legal Obligation

We may also store your personal data where we need to comply with a legal obligation, including to pass information to government and supervisory authorities.

Performance of a Contract

We may also store your personal data where we need it to process a contract with you, for example, for the provision of goods and services you have requested.

PURPOSES FOR WHICH WE WILL USE YOUR PERSONAL DATA

Profiling

Hybrid Theory may use data we receive in the form of Browsing Data from the sources listed above in order to create a profile of specific users’ interests and Browsing information, and allow us to target them with useful advertising later on. We may also compile Inferred Data into “segmented profiles” or “model audiences” based around categories of interests, which can later be associated with different users.

This is performed using an automated technological process and is passed on to our third-party partners to ensure that this information is used to target appropriate advertisements to you. However, we take steps to exclude any categories or labels based on Special Category Personal Data being used to generate such profiles.

We have set out below, in a table format, a description of all the ways we use your personal data, and which of the legal bases we rely on to do so. We have also identified what our legitimate interests are, where appropriate.

Note that we may process your personal data for more than one lawful ground depending on the specific purpose for which we are using your data. Please contact us if you need details about the specific legal ground we are relying on to process your personal data where more than one ground has been set out in the table below.

 

Purpose/activity Type of data Lawful basis for processing, including basis of legitimate interest
 To register you as a new customer
  • Identity
  • Contact
 Performance of a contract
Sending you marketing communications
  • Identity
  • Contact
  • Performance of a contract
  • Legitimate interests (for business development and sales purposes)
To administer and protect our business and this website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data)
  • Identity
  • Contact
  • Technical
  • Legitimate interests (for the provision of administration and IT services, network security, to prevent fraud)
To monitor your behaviour on websites and collect information about your interests
  • Identity
  • Aggregated/Usage
  • Technical
  • Browsing
  • Consent (as received through our website or the websites of our third-party partners)
To create a profile of your interests
  • Identity
  • Aggregated/Usage
  • Technical
  • Browsing
  • Consent (as received through our website or the websites of our third-party partners)
  • Legitimate interests (to allow customers to be targeted/to generate sales for clients)
To deliver relevant website content and advertisements to you
  • Identity
  • Aggregated/Usage
  • Technical
  • Browsing
  • Consent (as received through our website or the websites of our third-party partners)
To use data analytics to improve our website, products/services, marketing, customer relationships and experiences
  • Aggregated/Usage
  • Technical
  • Legitimate interests (to define types of customers for our products and services and inform our marketing strategy)

THIRD-PARTY MARKETING

We will make sure to collect opt-in consent before we share your personal data with any third party for marketing purposes. This will be achieved through the use of opt-in click or button functionalities through our website or requiring you to perform another affirmative action, such as replying to an email or text, to confirm your consent.

CHANGE OF PURPOSE

We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose.

5. DISCLOSURES OF YOUR PERSONAL DATA

We may share your personal data with the parties set out below for the purposes set out in the table above. These may include:

  • Online advertisement bidding platforms, such as Appnexus/Xandr
  • Data content providers and aggregators, such as ShareThis and 33Across
  • Ad verification partners, such as Adloox
  • Segmenting software providers, such as Permutive
  • Database providers, such as Salesforce
  • Service providers, IT and system administration services.
  • Professional advisers including lawyers, bankers, auditors and insurers who provide consultancy, banking, legal, insurance and accounting services.
  • HM Revenue & Customs, regulators and other authorities based in the United Kingdom, who require reporting of processing activities in certain circumstances.

THIRD-PARTY PARTNERS

(a) With any website that you visit that has Hybrid Theory cookies, the publisher of that website will potentially be a joint data controller of the data collected through such cookies. In particular, several of our clients may use Hybrid Theory’s cookies, in order to allow us to personalise the advertisements that you receive.

(b) Data content providers and aggregators, such as 33Across and ShareThis, among others, as joint data controllers with Hybrid Theory, may install cookies on a variety of publishers’ websites, which collect your personal data. 33Across and ShareThis may then provide this data in a live data feed to Hybrid Theory. 33Across and ShareThis act as joint data controllers of this data.

(c) Another of our third-party partners, Appnexus/Xandr also may receive your personal data from Hybrid Theory, which consists of Browsing Data (including potentially Inferred Data) and personal data such as Technical Data and Identity Data associated with it. Appnexus/Xandr then uses such data in order to organise targeted advertising to you on various websites that you may visit. Appnexus/Xandr acts as a data processor of this data, on behalf of Hybrid Theory.

(d) Our Ad verification partner Adloox acts as a processor of personal data on behalf of Hybrid Theory.

(e) We remain liable for the processing of your personal data when transferred onwards to a third party who acts as an agent on our behalf (including our contractors and service providers), including where that agent acts contrary to GDPR, CCPA and EU-U.S. Privacy Shield Principles.

(f) In order to ensure the compliance of third parties with GDPR and CCPA, we require our contractors and service providers to commit to respecting a similar level of the protection of personal data to that under the GDPR, CCPA and/or EU-U.S. Privacy Shield Principles in their contracts with us. We make sure that our third parties that are contractors and service providers are subject to confidentiality agreements and are handling your Personal Data solely under our instructions. With our contractors and service providers, we enter into a contract that describes the purpose and requires the recipient to both keep that personal information confidential and not use it for any purpose except for the purposes specified above.

(g) We will never transfer your personal data to any companies other than those and for the purposes listed in this section.

6. INTERNATIONAL TRANSFERS

In addition to on our local systems, the information that you provide to us may be stored in secure servers which are located in Dublin, Ireland within the European Economic Area (EEA). Where you are an EEA individual, we may allow access to your personal data to our offices in the U.S. For this purpose, we use EU-approved Standard Contractual Clauses (SCCs) between the different legal entities. We are also certified with the EU-U.S. Privacy Shield as set forth by the U.S. Department of Commerce and the Federal Trade Commission regarding the collection, use, and retention of personal information transferred from the European Economic Area and/or the United Kingdom to the U.S.

We may also transfer personal data to our third-party partners, which may be located outside the EEA. This may include Appnexus/Xandr, which may process personal data for ensuring that you only receive relevant advertisements on servers operated in the U.S. Appnexus/Xandr have certified under the EU-U.S. Privacy Shield or have agreed EU-approved Standard Contractual Clauses with us, which allows us to legally transfer your personal data to them.

We may also use cloud providers that use servers based in the United States of America, with the safeguards of the EU-U.S. Privacy Shield certification, which allows us to legally transfer your personal data to them. In particular, this includes:

  • Salesforce
  • Amazon Web Services (AWS)

7. DATA SECURITY

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. Moreover, we ensure that any Identity Data that we process will be internally pseudonymised – i.e. cookie IDs converted to an Hybrid Theory ID, where possible.

In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.

We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

8. DATA RETENTION

HOW LONG WILL YOU USE MY PERSONAL DATA FOR?

We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of providing you any services, carrying out targeted advertising, and satisfying any legal, regulatory, tax, accounting or reporting requirements.

In particular, we focus on limiting our retention periods to ensure the accuracy of information collected about online users, and to minimise the chance of individuals being served content unsuitable for them or against their reasonable expectations. To limit any unnecessary intrusion into your privacy, we also ensure that all our user profiles have definitive retention periods, as we set out below.

With regard to the use of personal data collected from Cookies, the retention period is set by the original website that placed such a Cookie, rather than Hybrid Theory.

Data collected for communications and business purposes:

Type of data Retention period Justification
 Identity Data (e.g. name, company). We stored your identify data for the duration of services provided to you and in accordance with the retention of Contact Data, which is typically for the duration of our relationship with you plus 2 years To ensure we keep up to date with users’ interests
Personally Identifiable Data: To keep in contact with our customers/suppliers.
 Contact Data (e.g. email address, telephone number) We store contact details for the duration of the period we deem our services will remain relevant to you, which is typically for the duration of our relationship with you plus 2 years.  To keep in contact with our customers/suppliers

Data collected for online advertising purposes:

Type of data Retention period  Justification
Browsing Data (including Inferred Data) (e.g. browsing history, labels, interests and preferences).
  • Where we use an advertising platform, such as Appnexus/Xandr, we ensure user profiles are updated every 7 days. These profiles are only stored for a maximum of 180 days with Appnexus/Xandr.
  • We only store identifiable information on users’ Browsing interests and browsing history for 12 months at a time.
To allow advertisements to be tailored to users and to keep up to date with users’ interests (data may be stored longer in an aggregated format)
Technical Data (e.g. cookie and device information)
  • Cookies: Cookies are set to be deployed for the periods below
  • Data collected from Hybrid Theory cookies: Such data is stored for a maximum of 12 months
  • Data collected from cookies deployed by our third-party partners: We retain such data for a maximum of 12 months
To ensure the operation of our website and to keep up to date with users’ interests

 

We may store certain data, including Identity, Browsing and Technical Data for longer than the periods specified, but only in an aggregated and anonymous format, to which the GDPR no longer applies. Such anonymous data will be used for research and statistics reporting on an aggregated basis for as long as this data is relevant. This information will be stored for a maximum of 5 years.

For retention periods for cookies, please see our Cookies Policy (section 12).

9. YOUR LEGAL RIGHTS (GDPR)

Under certain circumstances, where you are an EEA citizen, you have rights under the GDPR in relation to your personal data, upon request. In most cases, the website publisher or third-party partners that originally collected the information from you, such as through a Cookie, will be better placed to help you comply with such rights. Your rights include:

  • Request access to your personal data (commonly known as a “subject access request”). This enables you to receive a copy of the personal data we or our third-party partners hold about you and to check that we are lawfully processing it.
  • Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.
  • Request erasure of your personal data. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal data to comply with local law.
  • Object to processing of your personal data where we are relying on a legitimate interest, in addition to objection to the creation of profiles about you. You also have the right to object where we are processing your personal data for direct marketing purposes. You should exercise this by contacting us at privacy@hybridtheory.com or responding to the marketing email you received by clicking the relevant opt-out link or replying to the email with [OPT OUT].
  • Request the transfer of your personal data to you or to a third party. We will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Note that this right only applies to data that you or our third-party partners have provided to us and does not apply to Inferred Data used to create profiles.

What we may need from you

In order to allow you to exercise these rights, we must be in a position to be able to identify any personal data, including Identity, Browsing and potentially Inferred Data that relates to you, for which we may require you to provide us with specific identifiers, such as Cookie IDs. We are not obliged to comply with any data subject rights in relation to personal data that we cannot identify.

When making a request, we may ask that you provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorised representative. Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

Time limit to respond

We try to respond to all legitimate requests within one month. Occasionally it could take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

No fee usually required

You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we could refuse to comply with your request in these circumstances.

Hybrid Theory is the data controller, either jointly or solely and responsible for the legality of processing your personal data (collectively referred to as ” Hybrid Theory”, “we”, “us” or “our” in this privacy policy).

10. YOUR LEGAL RIGHTS (CCPA)

Under certain circumstances, where you are a California resident, you have rights under the CCPA in relation to your personal data, upon request. In most cases, the website publisher or third-party partners that originally collected the information from you, such as through a Cookie, will be better placed to help you comply with such rights. Your rights include:

  • Request to opt-out from the sale of personal data to other companies
  • Not to be discriminated as our consumer when you exercise any of the aforementioned rights

The CCPA provides consumers (California residents) with specific rights regarding their personal information. This section describes your CCPA rights and explains how to exercise those rights.

  • Access to Specific Information and Data Portability Rights: You have the right to request that Hybrid Theory disclose certain information to you about our collection and use of your personal information over the past 12 months. This will include the categories of personal data collected, the sources of such data, the purposes which we use it for, and information on whether we have sold or disclosed your personal information to any recipients.
  • Deletion Request Rights: You have the right to request that Hybrid Theory deletes any of your personal information that we collected from you and retained, subject to certain exceptions. In particular, where this personal data is used for providing a good/service/contract with you, for detecting security incidents or fraud, for disclosure pursuant to a legal obligation, and other circumstances.
  • Personal Information Sales Opt-Out and Do Not Sell My Personal Information: You have the right to direct us to not “sell” your personal information to third parties, including our advertising partners, at any time (the “right to opt-out” or “Do Not Sell My Personal Information”). Consumers who opt-in to personal information sales may opt-out of future sales at any time. To exercise the right to opt-out, you (or your authorised representative) may submit a request to us by visiting the following Internet Web page link https://www.hybridtheory.com/do-not-sell
  • Non-Discrimination: We will not discriminate against you for exercising any of your CCPA rights. This means that, in an event of any of your request to us, we will not engage in or suggest any discrimination against you, in particular, we will not:
    – Deny you goods or services.
    – Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.
    – Provide you a different level or quality of goods or services.
    – Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.

However, we may offer you certain financial incentives permitted by the CCPA that can result in different prices, rates, or quality levels. Any CCPA-permitted financial incentive we offer will reasonably relate to your personal information’s value and contain written terms that describe the program’s material aspects. Participation in a financial incentive program requires your prior opt in consent, which you may revoke at any time.

To exercise the access, data portability, and deletion rights described above, please submit a verifiable consumer request to us at:
privacy@hybridtheory.com

What we may need from you

In order to allow you to exercise these rights, we must be in a position to be able to identify any personal data, including Identity, Browsing and potentially Inferred Data that relates to you, for which we may require you to provide us with specific identifiers, such as Cookie IDs. We are not obliged to comply with any data subject rights in relation to personal data that we cannot identify.
When making a request, we may ask that you provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorised representative. Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

Response Timing

We endeavour to respond to a verifiable consumer request within forty-five (45) days of its receipt. If we require more time (up to 90 days), we will inform you of the reason and extension period in writing.

Format

Any disclosures of your personal data we provide will only cover the 12-month period preceding your request. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your personal information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.

11. OPTING OUT FROM ADVERTISEMENTS

You have the right to opt-out from having advertisements tailored to our interests. To exercise this, please click https://www.hybridtheory.com/opt-out

You also have the right to opt-out to any Identity Data or Browsing Data collected through cookies that Hybrid Theory or our Third-Party Partners may carry out, as well as to your tracking through such cookies. Opting out, arrangements will also be made so that the user is no longer tracked by Hybrid Theory and that data is no longer received from such partners in relation to the user.

You can ask us or third parties to stop sending you marketing messages at any time by accessing our website and selecting your preference https://www.hybridtheory.com/opt-out

Where you opt out of receiving these marketing messages, this will not apply to personal data provided to us as a result of a product/service purchase, warranty registration, product/service experience or other transactions.

You can also opt-out from our third-party partners present in the online advertising ecosystem (such as 33Across and ShareThis) by selecting your country of residence in this page and clicking on ‘Your Ad choices’. You will be presented with a list of the companies that collect data from you for behavioural advertising that adhere to the European Interactive Digital Advertising Alliance (EDAA) that you can opt-out from.

You can also opt-out of all Hybrid Theory cookies, including targeting that we and third-party partners we pass this information to (such as Appnexus/Xandr). For more information, please see our Cookies Policy (section 12).

12. COOKIES

At Hybrid Theory, we use cookies to collect, aggregate and process mainly analytical and interactive data so we can understand which computer browsers have viewed which content on a website; which websites are most visited from which geographical location and which other browsers and users you may have interacted with.

A cookie is a small text file that is downloaded onto your computer when you visit our website and allows us to recognise you as a user. Typically, these contain two pieces of information: a site name and unique user ID. All information these cookies collect is aggregated and anonymous. Cookies are essential to the effective operation of our website. Cookies make the interaction between you and the website faster and easier. Cookies may also be set by the website you are visiting (first party cookies) or they may be set by other websites who run content on the page you are viewing (third party cookies).

Hybrid Theory uses cookies on its website and/or the websites of our third-party partners:

  • that are strictly necessary to enable you to move around our websites or to provide certain basic features;
  • to enhance the functionality of the website by storing your preferences;
  • to help improve the performance of our website on your device;
  • to enable us to record and view your interests and behavioural information;
  • to provide you with targeted advertising

We require you to accept or decline certain cookies by accepting or declining our Cookie Consent Notice when first accessing our website. By accepting and using our websites you consent to our use of cookies as updated from time to time and the cookies we use will be stored on your device (unless this functionality is rejected or disabled by your browser).

Non-Essential Cookies: A list of the non-essential cookies we use on the website are detailed below:

Hybrid Theory Cookies:

Google Analytics: analytics.js (__ga, _gat), used by Google to generate web analytics and for tracking how you use the website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage.. The information generated by the cookie will be forwarded to Google servers in the U.S. for statistical analysis purposes only.

Google Adwords: Using Google Adwords code we are able to see which pages helped to lead to contact form submissions. This allows us to make better use of our paid search budget.

Storage Time
The cookies are stored for a period of 13 months maximum unless you clear their cache and the cookies themselves.

Opting Out of Cookies
You can opt out from Hybrid Theory’s use of cookies https://www.hybridtheory.com/opt-out

You can also opt-out of advertisements made using cookies under the mechanism above see below (Section 11. Opt-Out to Advertisements).

You can also choose to opt-out of Hybrid Theory’s cookies through websites of our third-party partners that you visited and which use Hybrid Theory cookies.
You can manage the cookies stored on your device as well as stop cookies from being installed on your browser. For more information on how to manage cookies usage on your device, please let us refer you to information found on these topics on allaboutcookies.org, more specifically by clicking on the links below:

Please note that if you prefer to block some or all of the cookies Hybrid Theory uses, you might lose some of our website’s functionality.

13. OUR COMMITMENT

Hybrid Theory (United States) complies with the EU-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and/or United Kingdom to the United States.

Hybrid Theory (United States) has certified to the Department of Commerce that it adheres to the Privacy Shield Principles, namely Notice, Data Integrity and Purpose Limitation, Choice, Security, Access, Recourse, Enforcement and Liability and Accountability for Onward Transfer Principles. If there is any conflict between the terms in this Privacy Policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern.

To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/

Your legal rights (Privacy Shield)

Under the Privacy Shield, where you are an EEA and/or UK citizen, you have the following rights:

  • Access: You may access and/or submit requests to review, correct, update or delete Personal Data that we maintain about you.
  • Choice: You have the right to choose (opt out) whether your Personal Data may be (i) disclosed to third-party or (ii) used for a purpose that is materially different from the purposes for which the information was originally collected or subsequently authorised by you.

To exercise your rights, please contact: privacy@hybridtheory.com

Privacy Shield Queries

For the purposes of the Privacy Shield, Hybrid Theory commits to resolve complaints about our collection or use of your personal information. EU and UK individuals with inquiries or complaints regarding our Privacy Shield policy should first contact Hybrid Theory at privacy@hybridtheory.com if you have questions about our Privacy Shield compliance. We will respond to your complaint or inquiry within 45 days of receipt.

Hybrid Theory has further committed to refer unresolved Privacy Shield complaints to JAMS an alternative dispute resolution provider based in the United States. If you do not receive timely acknowledgement of your complaint from us, or if we have not addressed your complaint to your satisfaction, please visit JAMS for more information or to file a complaint using this link. This service will be provided at no cost to you.

You may have the option to use a binding arbitration mechanism for the resolution of your complaint under certain circumstances, provided you have a) raised your compliant directly with Hybrid Theory and provided us the opportunity to resolve the issue; b) made use of the independent dispute resolution mechanism(s) above; c) and raised the issue through your relevant data protection authority and allowed the Department of Commerce an opportunity to resolve the complaint at no cost to you. The binding arbitration will be handled by the International Centre for Dispute Resolution’s American Arbitration Association, available here.

Hybrid Theory is also subject to the jurisdiction of the Federal Trade Commission (FTC) and the Department of Commerce in the United States. In relation to a Privacy Shield complaint, you can make your complaint directly with the Federal Trade Commission and Department of Commerce regardless of whether you are a US, EEA, UK citizen.

Requirement to disclose

Hybrid Theory may disclose personal data in special cases when we have a good faith belief that such action is necessary to: (a) conform to legal requirements or (b) to respond to lawful requests by public authorities, including to meet national security or law enforcement requirements.

Modifications

Hybrid Theory may update this Policy at any time by publishing an updated version in our website. You should check this privacy policy for updates each time you visit our website to be sure that you are aware of any changes. You should check the top of the document to see the latest version in force.

We will not update this Privacy Shield Policy in contravention to the Privacy Shield Principles so long as we remain certified to the Privacy Shield.