X-Mode Privacy Policy

Last Updated: December 17, 2019

California Users: If you located in California, then under the CCPA, you have a right to opt-out of the sale of your information. To do this, please head over to X-Mode’s “Opt-out/Do Not Sell” Form.

X-Mode Inc., a U.S. company with its headquarters at 11955 Freedom Drive, Reston, VA 20190, Suite 780 (“X-Mode” “we,” “us,” and “our”), provides mobile advertising and data services to mobile application publishers (“Publishers”) and advertisers (“Advertisers”).

This privacy policy (“Privacy Policy”) describes how we collect, use, store, and share information about three sets of people (referred to as “you,” “your,” and “yourself”): (a) visitors to our website located at www.xmode.io and any other website on which this Privacy Policy is posted (collectively, the “Site”), (b) end users (“End Users”) of third-party mobile applications (“Apps”) that use the Services, and (c) End Users of X-Mode’s owned and operated mobile applications (“X-Mode Apps”).  The Privacy Policy also describes certain choices you have regarding use, access to and correction of your information.

If you are a user located in the European Union and would like to view your rights under the GDPR, please go to Section 9 of this Policy. If you are a user located in California, and would like to view your rights under the CCPA, please click here.

1. Background: X-Mode’s Services & Data Collection

X-Mode is a data aggregation and management platform that primarily focuses on the curation and use of precise location data to help a variety of organizations develop insights about aggregated human traffic patterns. The information we provide, for instance, helps marketers and advertisers learn about their potential audiences and customers, and helps research organizations form insights for financial, market research, traffic and city planning, smart cities, or educational purposes.

We receive most of this location information either from an “SDK” that we provide to Apps, or (less often) from a server-to-server transfer and integration with mobile app partners. (Please see Section 2 for more information about SDKs.) We then provide the information in various forms to a variety of marketing and research companies that are interested in inferences drawn from human location and traffic patterns. We refer to these services, products, and insights – as well as the SDKs and other technology we use to collect information – as our “Services.”

2. The Information We Collect for the Services

We have created our own mobile SDK (“XDK”) to collect information, such as mobile advertising IDs (e.g., iOS IDFAs and Android Advertising IDs), location information (as described below), and other information related to how different types of mobile devices (“Devices”) and their users interact with mobile advertising services. We provide our XDK to Publishers to help them monetize their apps using location and in many cases to provide free media, games, and other mobile services and activities. We also use our XDK in our X-Mode Apps, including Visualizer, Burn, and Drunk Mode.

We don’t always obtain information through our SDK – sometimes we receive information through other interfaces, called “APIs,” that connect to mobile applications and services – but most of the time we do collect the information we use through our SDK (or sometimes, a business partner’s SDK).

An SDK (which stands for “software development kit”) is a string of computer code that Publishers can include in their apps to collect data, often related (as in our case) to the mobile advertising and data industry. Publishers can embed our SDK into their apps in order to help or allow advertisers to enhance their ability to show ads in their Apps, to target more relevant ads in their Apps, and to analyze how well ads perform in their Apps Publishers work with us to monetize their App content in other ways we describe in this Privacy Policy. (If you would like to opt-out from having ads tailored to you in this way on your mobile device, please follow the instructions in Section 6 below, entitled “Consumer Choices and Opt-Out Options”).

When you download and use an App that uses our Services and have Location Services “On” and Limit Ad Tracking “OFF”, the Publisher of the App may allow us to collect certain information about the Device, in particular:

  1. Precise Location Data:
    • Geolocation of the Device,
    • and dwell time near points of interest (or how long your device stayed at one place.
    • Precise location data is usually expressed by latitude-longitude coordinates obtained through GPS features of our XDK, WiFi data, cell tower triangulation and other techniques permitted by the Device’s operating system.
  2. Relative Location Data:
    • Bluetooth Low-Energy (BLE) sensors, or beacons,
    • signals from the Internet of Things (IoT) devices, such as smartwatches or smart home devices
    • and Near-field Communication (NFC).
    • The GPS capabilities of our XDK allow it to receive signals from each of these technologies that show when a Device is close by. For example, many retail stores have beacons that detect when a Bluetooth-enabled Device passes by or goes into the store. Shopping malls, stadiums, restaurants, museums and other similar points of interest may also use beacons. The Relative Location Data we collect can be used for powering solutions in smart cities, financial technology (“Fin-tech”), or targeted advertising.
  3. Advertising IDs, or Unique Device Identifiers for Advertising (Android ID or iOS IDFA)
  4. Time and Date Information
  5. Event information about your Device, such as crashes, system activity, and hardware settings
  6. We automatically collect usage information that does not identify an individual user (“Usage Data”):
    • device type,
    • operating system version and type,
    • certain device settings,
    • device time zone,
    • device carrier,
    • and current IP address;
    • additionally, each time you use the site we automatically collect the type of web browser you use, your operating system, your Internet Service Provider, your IP address, the pages you view, and the time and duration of your visits to the Site. We use this information to enhance the services we offer, provide targeted advertising, and to help us understand how people use the Site and Services.

If you are interested in how we collect, use and share information about our own customers and visitors to our corporate website, please go to Section 5.

3. How We Use the Information We Collect & Receive in Our Services

When you download and use an App that uses our Services and have Location Services “On” and Limit Ad Tracking “OFF”, both X-Mode and our Trusted Partners may use the information the developer of the app allows us to collect for any of the following purposes:

  1. Inferences from Aggregated Data: We often use the information we collect to make inferences about human location and traffic patterns. For instance, we might notice groups of Devices at certain types of locations or venues over time, like concerts, soccer or baseball stadiums, cafes or gyms, and we might use these observations in our products. We curate these insights into data products. We may append other fields such as venue name, category, dwell timed or ticker symbols to an aggregate group of Advertising IDs to build consumer profiles or to make financial-based decisions such as trading on the stock market.
  2. Interest-Based Segments and Ad Targeting: Sometimes, we use these observations to categorize Device users into “interest segments” that marketers we work with (and license information to) can use to send ads to users when those users appear on their own mobile platforms. By using interest segments, marketers are more likely to be able to send an offer that a consumer is more likely to want and less likely to find annoying.
  3. Aggregated Traffic Patterns and Research: We also share the information we receive with other marketing and research companies (including advertising platforms), who use the information to provide similar services. This helps these companies to better predict and draw insights about consumer, market or scientific trends related to human movement patterns. This same information may also be licensed to real estate, city planners or smart city companies and augmented with fields to create more specific segments. For example, if an aggregate group of devices drive versus walk to determine whether to put a bus stop in an area or not or to understand the flow of traffic over time to determine whether to purchase or not purchase a piece of real estate.
  4. Attribution: We use some of the information we collect (including location information and Advertising IDs) to help advertisers analyze aggregate ad performance – such as by measuring whether or how Devices that saw a particular ad tended to engage with a particular product; this is sometimes called “attribution” analysis. For instance, if numerous Devices were sent an ad or offer for “X-Mode Pizza” on Tuesday, and the Device “traffic” at X-Mode Pizza on Wednesday or Thursday was particularly high, an advertiser might conclude that the ad campaign was successful.
  5. Publisher Insights: Sometimes, we help the Publishers that we work with understand more about the users of their own apps – using the same types of interest segments we have described above.

The above is not an exhaustive description of all of the ways the information we collect may be used: we may, for instance, sometimes customize uses of the information we have for certain customers. But the above does describe the types of information that we collect, how we generally collect it, and what our company focuses on.

If you are interested in how we collect, use and share information about our own customers and visitors to our corporate website, please go to Section 5.

4. How We Share Information We Use & Collect In the Course of Our Services

We share the information we collect and receive both in order to operate our platform (such as with service providers) and in order to support the operations of our customers. We may share the following information we collect from your Device:

  1. With Our Customers: We share information, including Advertising IDs, Location Information, Usage Data, and interest segments created using that information, with our customers. Our customers may include brands, data platforms, online advertising networks, and companies that perform research about consumer behavior, targeted or customized advertising, or human traffic patterns. You can learn more about our customers here.
  2. With Our Service Providers: We contract with companies who help us with our business operations (for example, website and data hosting, fraud prevention, verification and reporting, data hygiene, marketing, and email delivery), as well as billing, collections, tech, customer and operational support.
  3. With Service Providers to Our Customers: Our customers may contract with companies who handle data (such as managing Customers proprietary data, including Ad IDs).
  4. With Our Subsidiaries and Related Companies: We currently do not have subsidiaries or corporate affiliates, but if we do we may share any information that we hold with them. We will also provide any information that we hold to any entity that purchases x-Mode or all or substantially all of our stock or assets.
  5. In Connection with Legal Proceedings or Process: When we are under a legal obligation to do so, for example, to comply with a binding order of a court, or where disclosure is necessary to exercise, establish or defend the legal rights of X-Mode, our customers or any other third party or to satisfy in good faith any applicable law, legal process. We likewise may disclose any information in response to a proper governmental request, a subpoena (whether civil or criminal) or a similar process.
  6. To Investigate Wrongdoing and Protect Ourselves or Third Parties: To enforce our rights and Terms of Service or other policies, or to investigate any potential violation of those Terms and policies, any potential violation of the law, or to protect ourselves, our customers, or any third party from any potential harm (whether tangible or intangible).
  7. In Connection with a Sale of Our Business: If a third party acquires some or all of our business or assets, we may disclose your information in connection with the sale (including during due diligence in preparation for the sale).

Also, we may share hashed email addresses (or other pseudonymous identifiers associated with those hashes), technical data that we collect about your browsing habits and your device (such as data relating to our cookies, tracking pixels and similar technologies) with other advertising companies in the digital advertising ecosystem. This enables them and our customers to better target ads to you. (If you are interested in how we collect, use and share information about our own customers and visitors to our corporate website, please go to Section 5).

5. Information for Visitors of the X-Mode Website

X-Mode, and service providers and vendors we work with, also collect information from visitors (“Visitors”) to our corporate website(s), including any website on which this Privacy Policy is posted (collective, the “Site”). This information includes information voluntarily and directly provided by Visitors, and information passively collected through automated means such as cookies and web pixels. The information we collect from visitors to the website is as follows:

  1. We collect voluntarily submitted information. This includes information such as your name, address, phone number, and email address if you provide it to us. For instance, you might provide us this information to register for an event, to get information about our services, or to set up an account on our system (in which case you might provide additional information to us, such as about your employer or in some cases, your payment information.
  2. Other Information is collected automatically from your device or browser. We also collect device or browser-based information from your desktop computer, laptop, mobile phone, tablet, or other consumer electronic devices that you use to access the Site. This may include technical information about your Device (such as the Device type, operating system, settings, and system configurations, IP address, Advertising ID and other unique Device identifiers, and mobile network information) and your activity using the X-Mode Site (such as data about the webpages you access, traffic to and from websites, the dates and times associated with transactions, web log data, and other event information, including crashes and system activity). We sometimes use this information for our internal, analytics purposes, such as to understand what products and services Visitors may be interested in, which pages of our Site are most (and least) popular, and to help us understand how people interact with our Site in other ways. If you have provided your personal contact information to us (such as your email address), we may combine this information with the above information, such as to understand how better to serve you.
  3. We and our service providers may place cookies on our Visitor’s browsers. Cookies are small data files that have unique identifiers and reside on your browser files. Among other things, cookies help us improve and personalize your use of the X-Mode Site. We may permit certain third parties to place cookies through the Site to provide us with better insights into the use of the Site and user demographics and to provide relevant advertising to you. Using cookies, these third parties, such as online advertising platforms, may collect information about your online activities over time and across different websites, including when you use the Site. For instance, if we visit a page on our website that describes our services, we might “retarget” (through a third party advertising platform) with an ad for our services when you are on another website. You may opt-out of this type of retargeting and other types of interest-based advertising by exercising the opt-out choices described in Section 6.
  4. Another example of how we use cookies is that we use Google Analytics to analyze usage patterns for the X-Mode Site. Google Analytics generates a cookie to capture information about your use of the Site that Google uses to compile reports on website activity for us and to provide other related services. Google may use all or a portion of your IP address to identify its cookie and for its commercial purposes.
  5. Web beacons or “pixels” are electronic images that may be used on the Site or in emails we send to you. We use web beacons to deliver cookies, count visits, understand usage and effectiveness of offers, and tell whether you open an email and act upon it.

6. Consumer Choices & Opt-Out Options

There are several ways that you can manage the way that passively collected data, such as Advertising IDs and cookies, are used. We describe these methods below. You can manage certain collection and sharing of information in connection with the X-Mode Site and the Services as follows:

  1. Browser Settings: You may control how your browser responds to cookies by adjusting the privacy and security settings of your web browser.
  2. Interest-Based Advertising Opt-Out: You can opt-out of information collected for web-based interest-based advertising (for instance, by tailoring ads based on activities tracked across websites, over time), by those companies that participate in the Network Advertising Initiative or the Digital Advertising Alliance, by visiting the NAI’s opt-out page or the DAA’s Consumer Choice Page. EEA and Swiss residents, please refer to www.youronlinechoices.com. The “opt-out” methods on these industry web portals generally are cookie-based, so if you delete your cookies (or change or update your browser) you will need to opt-out again. We provide the above information because — although our services are not focused on cookie-based advertising — we may work with companies to target ads for our own services (such as to retarget Visitors of our own website). In addition, some third-party platforms may employ our Information to connect user identities across devices – such as to inferentially “match” a mobile device by common IP address to a web browser.
  3. Device-based Opt-out (for Cross-App Advertising): You may limit the disclosure of certain Information by your mobile device to us and Publishers by adjusting the settings on your mobile Device. For iOS mobile devices, go to “Settings” from your Device’s home screen; scroll down to “Privacy”; select “Advertising”; and turn on “Limit Ad Tracking.” For Android mobile devices, go to “Google Settings” on your device; select “Ads”; and check the box labeled “Opt Out of Interest-Based Ads.” We honor these “limit” or “opt-out” instructions or “flags” by removing recognized devices from our cross-app advertising or ad delivery and reporting solutions, on a going forward basis.
  4. Our Promotional Emails: You may opt not to receive promotional emails from us by contacting us as indicated below, or by following the “unsubscribe” instructions in any promotional email you receive from us, or by contacting us at privacy@xmodesocial.com. Please note that, however, we may still send you non-promotional, transactional, or service-related emails about your relationship with us.

We also may share hashed email addresses (or other pseudonymous identifiers associated with those hashes), technical data that we collect about your browsing habits and your device (such as data relating to our cookies, tracking pixels and similar technologies) with other advertising companies in the digital advertising ecosystem. This enables them and our customers to better target ads to you (if you are interested in how we collect, use and share information about our own customers and visitors to our corporate website, please go to Section 5).

7. Security

We employ administrative, technical, and physical safeguards for our physical facilities and in our computer systems, databases, and communications networks, which are designed to protect information contained within our systems from loss, wrongful acquisition, use, alteration or disclosure. No method of electronic transmission or storage is 100% secure, which means we cannot guarantee absolute security of your information. However, we limit access to Location Data or Advertising IDs we collect to specific employees and third parties who have a business need to know and who are bound by a duty of confidentiality. If you have any questions about the security of your information, please contact us through the contact information listed in Section 12.

8. International Transfers

We may store and process your information in the European Union and the United States. By accessing this website or our Services, you understand that the information you provide to us may be stored in or (if applicable) transferred to the United States. You should be aware that certain privacy laws in the United States and the other countries regarding processing the information may be less stringent than in your country.

9. The E.U. (GDPR)

The GDPR requires X-Mode and those using our services to provide users with certain information about the processing of their “Personal Data”. “Personal Data” is a term used in Europe that means, generally, data that identifies or can identify a particular unique user or device – for instance, names, addresses, cookie identifiers, mobile device identifiers, precise location data, and biometric data.

If you have any questions about X-Mode’s data practices in the context of the GDPR, you may contact our Data Protection Officer Jenai Nissim at jenainissim@hellodpo.com.

To comply with the GDPR, we provide the below representations and information, which are specific to persons located in EEA countries or Switzerland (so please don’t rely on the below, if you’re not):

  1. Legal grounds for processing your Personal Data: The GDPR requires us to tell you about the legal basis we’re relying on to process any Personal Data about you. The legal basis for us processing your Personal Data for the purposes set out in Sections 2 and 3 above (and Section 5 as to our corporate customer data) will typically be because:
    • You provided your consent. In order to provide our services that involve use of precise location information related to other Personal Data, (and to store and gain access to information stored on your device such as Advertising IDs), we rely on your consent. To obtain this consent, we rely on our own compliance steps and our web and mobile partners’ compliance steps, designed to ensure that consent is collected and passed on to partners, and to ensure that we only facilitate the collection of legally obtained data. We may choose to obtain consent in other cases as well, in which case we will adhere to applicable laws relating to such consent and its withdrawal. We also seek to obtain consent for certain partners with whom we work, who are often independent data controllers. We list these partners in our List of Partners, below.
    • The processing is in our legitimate interest. In some cases, we use legitimate interest as a legal basis for processing Personal Data. We rely on legitimate interest when we use Personal Data to maintain the security of our services, such as to detect fraud or to ensure that bugs are detected and fixed. We also rely on legitimate interest when we use our own customers’ data (or Visitors’ data) to communicate with them about our Services or analyze our own Site activity.
    • Contractual Relationships. Sometimes, we process certain data as necessary under a contractual relationship we have (such as our customer records and contact information).
    • Legal Obligations. Finally, some processing of data may be necessary for us to comply with our legal or regulatory obligations.
  2. Transfers of Personal Data: When we transfer Personal Data outside of the EEA or Switzerland, we take steps to make sure that appropriate safeguards are in place to protect your Personal Data. In general, our data transfers of our Personal Data are safeguarded by European Standard Contractual Clauses and Data Processing Agreements where this is required by European Data Protection Law. Feel free to contact us at the contact information below for more information about the safeguards we have put in place to protect your Personal Data and privacy rights in these circumstances.
    • Personal Data Retention: As a general matter, we retain your Personal Data for as long as necessary to provide our Services, or for other important purposes such as complying with legal obligations, resolving disputes, and enforcing our agreements. We generally retain Advertising IDs on the following schedule: we render Advertising IDs inactive for purposes of providing our services within 13 months from receipt of consent (or from any “refreshed” consent permitting us to continue to retain information), provided that we may retain data for longer periods, as needed, where we have fully de-identified such data in a manner so that it cannot be linked to Personal Data. Please note that we may retain this (and other) Information whenever and so long as we have a significant legal or operational need to do so, such as for auditing, corporate record-keeping, compliance accounting or security and bug-prevention purposes.
  3. Your Rights as a Data Subject: The GDPR provides you with certain rights in respect of Personal Data that data controllers hold about you, including certain rights to access Personal Data, to request correction of the Personal Data, to request to restrict or delete Personal Data, and to object to our processing of your Personal Data (including profiling for online ad targeting).
    • Right to Access: If you wish to exercise your right to access Personal Data we process as a data controller, you may do so by requesting access through the e-mail address privacy@xmodesocial.com. When we receive your request, we will provide you with current, step-by-step instructions to follow in order to obtain access. As we are required to verify a requestor’s identity prior to providing Personal Data, we will assess requests to exercise certain data access rights on a case-by-case basis: in doing so, we consider (a) the difficulty of verifying whether data that we hold and data we have linked to it truly and solely belongs to the data subject making the request, along with (b) the potential adverse effects on disclosure of personal data to the wrong individual. Because such improper disclosure would likely adversely affect the privacy rights and freedoms of the data subject, we may limit the Personal Data we make available. Please note that we will only grant requests for access for Personal Data for which we are a data controller, as explained further in sub-section (e) below. Where we act as a processor for one of our customers, we will refer your request to that customer. Please identify the customer your request refers to (if possible), to simplify this process.
    • Right to Correct: If you wish to exercise your right to correct Personal Data, you may do so by contacting us at the contact information below.
    • Right to Object to Processing or to Withdraw Consent: By using the device-based “opt-out” signals described in Section 6 of this Privacy Policy, you may withdraw consent for processing on which we rely on consent. If you do so, we will cease processing your Personal Data for purposes of our services within 30 days or less. We either collect these opt-out signals ourselves or receive them from the mobile apps we work with.
    • Right to Erasure: You also have the right to obtain the erasure of Personal Data concerning you that we hold as a controller. The above opt-out process satisfies this right. When a user opts-out through our partners (or through mobile device settings), and we receive this signal, we no longer use Personal Data to provide our advertising services. We will also manually delete your Personal Data if prefer that we do so; please contact us and email your device to privacy@xmodesocial.com for further instructions if you wish to exercise this right manually. Please note, however, that we may retain copies of certain Personal Data on inactive or back-up files, for our certain important internal and purposes, such as auditing, accounting and billing, legal or bug-detection, for as long as is necessary to fulfill those purposes.
    • Right to Lodge Complaints. You have the right to lodge a complaint with a supervisory authority. However, we hope that you will first consult with us, so that we may work with you to resolve any complaint or concern you might have.
  4. X-Mode as a data controller and a data processor EU data protection law makes a distinction between organizations that process Personal Data for their own purposes (known as “data controllers”) and organizations that process Personal Data on behalf of other organizations (known as “data processors”). As noted above, we are not always a data controller of the data in our possession but are sometimes a data processor for other companies such as our customers. In such cases, we may direct your inquiry to the relevant data controller, since data controllers are the ones with primary responsibility for your Personal Data.

10. Addendum for California Resident’s Privacy Rights

The California Consumer Privacy Act of 2018 (“CCPA”) provides certain rights to residents of California. This section of the Privacy Policy applies if you are a natural person who is a resident of California (“California Consumer”) and uses our Services. This Addendum supplements the information in the Privacy Policy. However, this Addendum is intended solely for, and is applicable only as to, California Consumers: if you are not a California Consumer (or a resident of California), this does not apply to you and you should not rely on it.

We describe in the following categories (as required by the CCPA) the information we collect and the purposes for which we may use California Consumers’ Personal Information:

  1. Categories of Personal Information We Collect, Use, and Share with Third Parties
  2. Our Business Purposes for Collecting and Sharing Personal Information
  3. California Privacy Rights and Choices (Section 3)

  1. Categories of Personal Information We Collect, Use, and Share with Third Parties
  2. Depending on how you interact with us, we may collect about you the categories of information summarized in the table below. The following tables describe:

    1. Our Collection of Personal Information: the types of Personal Information that we collect and the types of sources we collect it from. “Personal Information” means information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household.
    2. Our Collection of Personal Information: the types of recipients and/or Third Parties to whom we disclose or sell Personal Information and have disclosed or sold Personal Information to within the past 12 months.
    3. Our Business Purposes: our business purposes for (a) collecting and (b) sharing Personal Information, which are generally the same.

    All of the Personal Information Categories below are subject to your Right to Access:

      Category: Identifiers (e.g., online identifiers; IP address; mobile ad identifiers, other online or advertising platform identifiers)

      We currently collect/use this category of Personal Information: YES

      • The sources we collect this category from:
      • Data analytics providers and data compilers
      • Third party mobile applications and websites
      • X-Mode owned and operated mobile applications and websites

      We have “sold” this category of Personal Information in the past 12 months: YES

      • This category was shared with the following categories of third parties for business purpose(s):
      • Advertising networks (e.g., demand-side platforms, agency trading platforms)
      • Agencies and advertisers
      • Data compilers and resellers
      • Data analytics and providers
      • Financial institutions
      • Government entities and information services
      • App publishers (“customer categories”)

      Category: Identifiers (e.g., For our own marketing and customer contact purposes: name, address, e-mail address, phone number)

      We currently collect/use this category of Personal Information: YES

      • The sources we collect this category from:
      • Data analytics providers and data compilers
      • X-Mode owned and operated mobile applications and websites

      We have “sold” this category of Personal Information in the past 12 months: NO

      • This category was shared with the following categories of third parties for business purpose(s):
      • Operating systems and platforms

      Category: Internet or Other Electronic Network Activity Information (e.g., information on a consumer’s interaction with a website or application)

      We currently collect/use this category of Personal Information: YES

      • The sources we collect this category from:
      • Third party mobile applications and websites
      • X-Mode owned and operated mobile applications and websites
      • Data compilers

      We have “sold” this category of Personal Information in the past 12 months: YES

      • This category was shared with the following categories of third parties for business purpose(s):
      • Customer categories

      Category: Geolocation Data

      We currently collect/use this category of Personal Information: YES

      • The sources we collect this category from:
      • Third party mobile applications and websites
      • X-Mode owned and operated mobile applications and websites
      • Data compilers
      • US Postal Service

      We have “sold” this category of Personal Information in the past 12 months: YES

      • This category was shared with the following categories of third parties for business purpose(s):
      • Customer categories

      Category: Inferenced Data (e.g., inferences based on a device’s location or traffic history)

      We currently collect/use this category of Personal Information: YES

      • The sources we collect this category from:
      • Third party mobile applications and websites
      • X-Mode owned and operated mobile applications and websites
      • Data compilers
      • US Postal Service

      We have “sold” this category of Personal Information in the past 12 months: YES

      • This Category was shared with the following Categories of Third Parties for Business Purpose(s):
      • Customer categories

    We also may share any of the personal information we collect as follows:

    • Sharing for Legal Purposes: In addition, we may share personal information with third parties in order to: (a) comply with an official legal process or a regulatory investigation (e.g. a subpoena or court order); (b) enforce our Terms of Service, this Privacy Policy, or other contracts with you, including investigation of potential violations thereof; (c) respond to claims that any content violates the rights of third parties; and/or (d) protect the rights, property or personal safety of us, our platform, our customers, our agents and affiliates, its users and/or the public. We likewise may provide information to other companies and organizations (including law enforcement) for fraud protection, and spam/malware prevention, and similar purposes.
    • Sharing In Event of a Corporate Transaction: We may also share personal information in the event of a major corporate transaction, including for example a merger, investment, acquisition, reorganization, consolidation, bankruptcy, liquidation, or sale of some or all of our assets, or for purposes of due diligence connected with any such transaction.
    • Sharing With Service Providers: We share any personal information we collect with our service providers, which may include (for instance) providers involved in tech or customer support, operations, web or data hosting, billing, accounting, security, marketing, data management, validation, enhancement or hygiene, or otherwise assisting us to provide, develop, maintain and improve our services.
    • Sharing of Aggregate Information: We may aggregate and/or de-identify any information collected so that such information can no longer be linked to you or your device (“Aggregate/De-Identified Information”). We may use Aggregate/De-Identified Information for any purpose, including without limitation for research and marketing purposes, and may also share such data with any third parties, including advertisers, promotional partners, and sponsors, in our discretion.

  3. Our Business Purposes for Collecting and Sharing Personal Information
  4. Generally speaking, we collect and share the Personal Information for the following purposes (examples included), as we also have described in our Privacy Policy:

    • Online targeting:
      1. Assisting advertisers, agencies and the platforms that they access (a) to deliver advertising and marketing to send, tailor, optimize and analyze advertising, in mobile apps and across other advertising channels and platforms and (b) to measure and analyze such advertising and marketing
      2. Assisting Clients by creating “identity” graphs, to help locate users across various channels, such as connecting identities based on common personal, device-based, or network-based identifiers (e.g., IP address, email address)
    • Marketing and other research:
      1. Providing information for research purposes related to human traffic patterns, disaster recovery, and including for purposes of market, health, financial or consumer research
    • Operating our services:
      1. Improving, testing, updating, and verifying our own data and data services
      2. Developing new products
      3. Operating, analyzing, improving, and securing our services
    • Other internal purposes:
      1. For internal research, internal operations, auditing, detecting security incidents, debugging, short-term and transient use, quality control, and legal compliance. We use the information collected from our own website, our owned and operated mobile apps, and third party mobile apps for the above, as well as for our own marketing purposes

  5. California Rights and Choices
  6. California residents have the right to request that we disclose what personal information we collect from you, to delete that information, and to opt-out of the sale of your personal information, subject to certain restrictions without being discriminated against for exercising any of these rights. You also have the right to designate an agent to exercise these rights on your behalf. This section describes how to exercise those rights and our process for handling those requests, to the extent as act as a “business” (as opposed to a “service provider”) for purposes of handling personal information. (To the extent permitted by applicable law, we may charge a reasonable fee to comply with your request).

    1. Right to Opt-out of the Sale of Your Personal Information:
      • California residents may opt out of the “sale” of their personal information. California law broadly defines what constitutes a “sale” – including in the definition making available a wide variety of information in exchange for “valuable consideration.”
      • We may act as a “business” or a “service provider” under the CCPA. When we act as a business under the CCPA, you may “opt out” of our “sale” of your personal information (as those terms are defined by the CCPA) by following the directions set forth in Section 6 of our Privacy Policy or:
        1. At the NAI (Network Advertising Initiative) page that addresses how consumers may opt out of cross-app advertising through their device settings
        2. By using X-Mode’s “Do Not Sell My Info” link web-form located here
        3. You may also submit a manual request to opt-out by emailing privacy@xmodesocial.com with the subject line “CCPA Opt-out”
    2. Right to Request Deletion of Your Personal Information:
      • You may also request that we delete any personal information that we collected from you, such as if you have been a customer of ours. (Note that this is different from your right to “opt out” of us selling your personal information, which is described above). However, we may retain personal information for certain important purposes, such as:
        1. To protect our business, systems, and users from fraudulent activity
        2. To address technical issues that impair existing functionality (such as de-bugging purposes)
        3. As necessary for us, or others, to exercise their free speech or other rights
        4. To comply with law enforcement requests pursuant to lawful process
        5. For scientific or historical research for our own internal purposes reasonably related to your relationship with us, or
        6. to comply with legal obligations
        7. Additionally, we need certain types of information so that we can provide our Services to you. If you ask us to delete it, you may no longer be able to access or use our Services
    3. Right to Request Access to Your Personal Information:
      • California residents also have the right to request that we disclose what categories of your personal information we collect, use, or sell. As a California resident, you may request access to the specific pieces of personal information that we have collected from you.
    4. Exercising Your Rights & Submitting a Verifiable Consumer Request:
      • California residents may exercise their California privacy rights or learn more how to exercise any of these rights by:
        1. Sending an email to privacy@xmodesocial.com
        2. By using X-Mode’s “Do Not Sell My Info” link web-form located here
        3. By contacting us through our toll free number: +1 (866)-236-8370
      • However, we may withhold some personal information where the risk to you or our business is too great to disclose the information, or where we cannot verify your identity in relation to such personal information. (In addition, note that we generally retain personal information for no longer than 90 days, in any event).
      • Thus, for security purposes (and as required under California law), we will verify your identity – in part by requesting certain information from you — when you request to exercise certain of your California privacy rights. For instance, if you request categories or specific pieces of personal information we have received about you associated with a particular mobile ad identifiers, you may need to confirm your possession of that identifier.
      • When we receive a verifiable consumer request from you, we will send you additional instructions for verification within 10 days. Upon completion of the verification process, we will send you a notice that explains the categories of personal information we were able to locate about you, whether we (1) deleted, (2) deidentified, or (3) retained the information we collected from you. Certain information may be exempt from such requests under applicable law.
      • Once we have verified your identity, we will respond to your request as appropriate within 45 days:
        1. Where you have requested the categories of personal information that we have collected about you, we will provide a list of those categories
        2. Where you have requested the categories of personal information that we have “Sold” or disclosed to third parties, we will provide a list of those categories
        3. Where you have requested the categories of sources that we have collected Personal Information from, we will provide a list of those categories
        4. Where you have requested the categories of third parties that we have “Sold” or disclosed Personal Information to, we will provide a list of those categories
        5. Where you have requested specific pieces of personal information, we will provide the information you have requested, to the extent required under the CCPA and provided we do not believe there is an overriding privacy or security concern to doing so
        6. Where you have requested that we delete personal information that we have collected from you, we will seek to confirm whether your request is for an “opt out” or a “deletion”: because “opt out” or “do not sell” rights enable us to maintain your information for “suppression” purposes – i.e., to prevent us from selling information about you in the future (which is what many consumers requesting “deletion” actually desire to occur), we try to explain this in order to ensure we are meeting consumers’ preferences. (In addition, “deletion” rights only apply to information that we have collected “from” consumers)
        7. We encourage you to review and, as desired, employ the industry tools listed in our privacy policy and on the NAI (Network Advertising Initiative) page addressing how consumers may opt out of cross-app advertising. as we believe they may be more efficient, immediate and uniform – and easier to instantly access – than a more manual “opt out” process
      • If we are unable to complete your requests fully for any of the reasons above, we will provide you additional information about the reasons that we could not comply with your request
    5. Right to Non-Discrimination:
      • We do not deny, charge different prices for, or provide a different level of quality of goods or services if you choose to exercise these rights
    6. Information About Persons Under 16 Years of Age:
      • We do not knowingly collect personal information from minors under 16 years of age in California unless we have received legal consent to do so. If we learn that personal information from such California residents has been collected, we will take reasonable steps to remove their information from our database (or to obtain legally required consent)
    7. Authorized Agents:
      • You may also designate an agent to make requests to exercise your rights under CCPA as described above. We will take steps both to verify the identity of the person seeking to exercise their rights as listed above, and to verify that your agent has been authorized to make a request on your behalf through providing us with a signed written authorization or a copy of a power of attorney

11. Changes to Our Privacy Policy

If we make material changes to this Privacy Policy that may impact you, we will prominently post notice of the change on our website for a period of at least 30 days prior to the change becoming effective. We recommend that you check the Privacy Policy frequently so that you are informed of any changes.

12. How to Contact Us

If you have any questions about this Privacy Policy or how we use information, or if you seek to exercise any of the rights outlined in Section 9, please contact us at:

privacy@xmodesocial.com

OR

X-Mode Social, Inc, Privacy Officer

11955 Freedom Drive

Suite #780

Reston, VA 20190