PERION OFFERING PRIVACY POLICY

Last Modified: May 7, 2025

Perion Network Ltd. and its subsidiaries and affiliated companies (collectively referred to as “Perion”, “we”, “us”, or “our”) is a well-known AdTech company, providing advertising and monetization solutions to both Advertisers and Publishers.

The term “Publishers” refers to those involved in selling ad space on various digital assets, including without limitations, mobile apps, smart TV apps, channels, players, websites, social media pages and even digital out of home (“DOOH”) assets such as electronic billboards, placed in public areas. The term “Advertiser” refers to brands, networks, and other providers such as SSPs, DSPs, exchange platforms, etc. Perion connects the Publisher assets with the Advertiser solutions to enable the Publishers to monetize their assets (collectively, all of Perion’s advertising solutions shall be referred herein as the “Offering”).

The Offering include, among others, display ad unites, video ad unites (pre-roll, mid-roll and post-roll ads),  (“Standard Advertising”), AI-based dynamic audio ads, interactive components, CTV ad units, ad network enabling participation in real time auction bidding, media buying and brand promotion, insights and analytics on the applicable campaign, and many more monetization and advertising solutions (“High Impact Advertising”). 

This privacy policy (“Privacy Policy” or “Policy”) describes how, collect, use and disclose certain personal information, about End Users. The “End Users” are individuals browsing or visiting Publishers’ assets and views Advertisers’ ads, in most cases Perion does not have a direct relationship with the End Uses and processes personal data automatically through the Offering. By means of example, if an individual is browsing a website which embeds the Perion proprietary multi-screen video player technology, Perion will collect information about such individual’s interaction with the website and player. 

This Privacy Policy also describes how you may exercise your rights, where and to the extent applicable under relevant privacy legislation, including the EU General Data Protection Regulation (“GDPR”), US State and Federal laws, Canadian privacy regulations, etc. (together “Privacy Legislation”).

If you are Perion’s customer, either as a Publisher or Advertiser, this Privacy Policy does not address the information Perion processes about you, please see the Perion Privacy Policy: https://perion.com/privacy-policy/ for more information. 

For California resident please also review our  CCPA Privacy Notice.

If you are a candidate, please see our Candidate Privacy Policy: https://perion.com/candidate-privacy/ 

POLICY AMENDMENTS

We reserve the right to amend this Policy from time to time, at our sole discretion. The most recent version of the Policy will always be posted on the website. The updated date of the Policy will be reflected in the “Last Modified” heading. We will provide notice if these changes are material and, where required by applicable law, we will obtain your consent. Any amendments to the Policy will become effective within 30-days upon the display of the modified Policy. We recommend you review this Policy periodically to ensure that you understand our most updated privacy practices.

CONTACT INFORMATION AND DATA CONTROLLER INFORMATION

 

Perion group includes various companies in various locations, currently, these companies are the controllers of the End User data: 

Offering

Data Controller

Contact Details

Standard Advertising

Vidazoo Ltd. [IAB Vendor 744]

High Impact Advertising

Intercept Interactive INC (d/b/a Undertone) [IAB Vendor 677]

DOOH Advertising

Hivestack Technologies Inc., [IAB Vendor 626]

In certain aspects of our Offering, we act as the “data processor” or “service provider”, in which we will rely on our Publishers to obtain the necessary lawful basis for processing the end user personal data.

Perion participates in the IAB Transparency & Consent Framework and complies with its Specifications and policies. 

 

  • Our EU GDPR Representative is:

Rickert Rechtsanwaltsgesellschaft mbH
– Perion Network Ltd –

Colmantstraße 15

53115 Bonn

Germany

[email protected]

 

  • Our UK-GDPR Representative is:

Rickert Services Ltd UK

– Perion Network Ltd –

PO Box 1487

Peterborough

PE1 9XX

United Kingdom

[email protected]

 

  • Our Swiss Representative is:

HÄRTING Attorneys-at-Law Ltd.

Landis + Gyr-Strasse 1

6300 Zug

Switzerland

[email protected]

THE TYPES OF PERSONAL DATA WE COLLECT, PURPOSE OF USE AND LAWFUL BASIS FOR PROCESSING PERSONAL DATA:

During your interaction with our Services, we may collect and aggregate non-personal, non-identifiable information, such as: the type of browser or device you use, language preference, time and date stamp, and country location (“Non-Personal Data”). We may also collect from you, during your access or interaction with the Services, information that identifies an individual or may, with reasonable effort, be used to identify an individual (“Personal Data”).  Any Non-Personal Data connected or linked to any Personal Data shall be deemed as Personal Data if such connection or linkage exists. 

The types of Personal Data that we collect as well as the purpose for processing such data and lawful basis are specified in the table below.  

 

Personal Data Collected

How we use Personal Data (i.e., Purpose)

The Lawful Basis*

Recipient, if shared

Online identifiers, including without limitations, mobile advertising ID (MAID), IP address, hashed emails, agent, unique identifier provided by a third party, cookie ID, IDFA, advertising ID, bid request identifier, affiliate ID, installation ID, and any other ID automatically collected through the Offering (“Online Identifier”). The Online Identifier is associated with all data sets listed below, which, de facto, makes such data sets as “Personal Data”. 


Tracking: Identifying End Users across websites and devices.

Consent through publisher CMP, you can withdraw consent at any time through the CMP. Note, if you opt-out or withdraw consent you will still receive ads, however we will cease tracking you across the web and devices.

Advertiser, ID providers 

Perion Group

Optimization and measurement

Consent or Legitimate Interest, default consent, as provided through the TCF string.

Advertiser, Publisher

Consideration Calculation: for the purpose of tracking the payment applicable to Publishers or Perion.

Legitimate Interest.

Service Providers

Analytics

Consent through publisher CMP, you can withdraw consent at any time through the CMP. Note, if you opt-out or withdraw consent you will still receive ads, however we won’t be able to analyze certain use cases.

Service Providers

Placing Ads

Legitimate Interest.

Advertisers

Extracting general location (e.g., city, state, and country) of the End Users point of access to the web.

Legitimate Interest.

Service Providers

TCF or GPP String” which is a technical code stating End Users privacy preference. Other terms used can be “consent string”, “opt out signals”, etc. 

Depending on the jurisdiction, when browsing a website, using an app, or visiting any other digital asset, as applicable, End Users are provided with a disclosure of the Personal Data processed through cookies, pixels or tags, which are placed on the Publishers’ assets. These disclosures are referred to as cookie banners, cookie consent managers (“CMP”), etc. Through such banners, the End User can decide on its privacy preferences, which is then passed and shared through the TCF or GPP string to all vendors.

Applying your preferences 

The collection and processing of your consent and privacy preferences enable us to (i) verify information about the transparency, consent, or objection to certain advertiser, processing activity etc. (ii) Retrieve or pass on consent strings. (iii) Respect signals communicated by a CMP or received from a third party who forwarded the signal originating from a CMP.

Legal obligation.

Advertisers, ID providers


End User interactions, usage data and events: These data sets include, click stream data (whether an ad was clicked), event data (whether an ad was viewed, or an event occurred, such as installing an app), these data sets are collected through the Offering by placing session cookies on the Publisher assets, or similar technologies such as pixels or tags, which log the event.     


Providing Publishers with aggregated insights and analytics regarding interaction with the player/ad.

Optimizing the Offering.  

Security and fraud prevention 

The lawful bases as reflected in the TCF string or privacy preference, otherwise, the aggregated data is used in our legitimate interest in providing the Offering, and conducting research for improving the Service, all as detailed in the Legitimate Interest Claim below.

Publisher (aggregated measures)

End User Behavior Data: data about the user’s interaction with ads and their activity online (cross websites and device), for example, web pages visited, or applications used, content viewed, and limited browsing data, including referred URL, the current URL, search terms (if included in the URL).

Personalized ads. 

Optimization. 

Measurements. 

Interest Categorizing. 

Campaign retargeting.

Consent through publisher CMP you can withdraw consent at any time through the CMP. Note, if you opt-out or withdraw consent you will still receive ads, however, the ads shall be contextual ads and not personalized.

Advertisers (aggregated measures)

Service providers

Precise Location (non-live)

Running DOOH Campaigns: audience creation + concentration score, measurement

we rely on our data providers’ lawful basis, as applicable to the jurisdiction.

Hosting Service Providers

Segments: We receive segments, profiles from third party DMPs which are associated with the unique identifier we provided you. The segments include gender, age range, interests, and sensitive data such as health related information. Further, when using Google Topics API we can obtain data about your interests, such as interest in sports, animals, etc. this is provided by Google based on information they collect on you, for more information please see: https://policies.google.com/privacy?hl=en-US

To serve personalized Ads. 

We use this data to provide our customers with the Services, including to operate, provide, improve, update, and customize our Services.

Consent through publisher CMP. Note, if you opt-out or withdraw consent you will still receive ads, however, the ads shall be contextual ads and not personalized, and your behavior data will not be used as segments. 

In certain cases, the segments are provided by our customers, in which case we will act as a Service Provider.

DMPs 

https://liveramp.com/opt_out/

Ad Calls/bids: a code shared with advertisers, include advertiser ID, the webpage the end user came from, the IP address, approximate location which assists the advertiser to determine which ads to place. The ad call will also include the end user’s preferences regarding interest-based advertising.

We will process this data for the purpose of delivering advertising and content.

Personalized Ads. 

Analyze and optimize the end users’ engagement with advertisements,

Consent through publisher CMP. Note, if you opt-out or withdraw consent you will still receive ads, however, the ads shall be contextual ads and not personalized.

We will process this data for the analysis and optimization purposes subject to our legitimate interests

 

The transfer of Personal Data to third-party countries, as further detailed below, is based on the same lawful basis as stipulated in the table above. 

In addition, we may use certain Personal Data to prevent potentially prohibited or illegal activities, fraud, misappropriation, infringements, identity thefts, and any other misuse of the Services and to enforce the Terms, as well as to protect the security or integrity of our databases and the Services, and to take precautions against legal liability. Such processing is based on our legitimate interests. 

OUR LEGITIMATE INTEREST CLAIM:

In addition to the information previously mentioned, it’s important to clarify the rationale behind processing End User Data, as this is crucial for the services offered to publishers and advertisers. Typically, when we or our publishers provide interest-based, cross-contextual advertisements tailored to your preferences, we rely on your consent for processing Personal Data, as outlined in the preceding table. This includes sharing your preferences with our publishers and advertisers. However, there are instances where we use certain data, including Personal Data like Online Identifiers, for service improvement or technical ad delivery. In these cases, the processing is based on our legitimate interest, which is vital for the sustainability of our Platform and Services. End Users should anticipate this type of processing. We recognize the paramount importance of privacy and are committed to safeguarding your rights. We adhere to relevant privacy standards and regulations, ensure transparency in our data processing activities, and provide you with options to manage your preferences and opt-out. Furthermore, we conduct thorough balancing tests to guarantee that our legitimate interest does not excessively infringe upon your rights and freedoms. This approach is a key aspect of our commitment to respecting and protecting user privacy while maintaining the effectiveness of our services.

HOW WE COLLECT DATA: 

  • Automatically, when you visit our website or interact with our Platform, including using cookies (as detailed below) and similar tracking technologies (first party cookies, tags, pixel, etc.)
  • When it is provided to us from third parties. such as our publishers, applicable cookie management platforms and etc. (third party cookies, tags, pixel, etc.) 

COOKIES AND SIMILAR TECHNOLOGIES:

First Party Cookies: We place First Party Session Cookies on Publishers’ website where the player or ad units are placed. These cookies collect End User interactions, usage data and events as detailed in the table above. The first party session cookies do not create profiles, merely tells us how the end user engages with the ads and webpage. In certain cases, we will not use “cookies” but rather other technologies that provide similar services such as pixels or tags. 

Third Party Cookies: Our partners may independently collect, through the use of such tracking technologies, some or all types of Personal Data detailed above, including combining such information with other information they have independently collected relating to your browser’s activities across their network of websites, for enhanced targeting functionality and delivering personalized ads, as well as providing aggregated analytics related to the performance of the interacted campaign or advertisement. 

Unique Identifiers: Every user that interacts with our ad unite will be assigned with a unique ID (“Unified ID”). The Unified ID will enable us to customize the Service and content as well as enhance your experience. We may use services of Hadron ID, LiveRamp, Lotame, SharedID, 33Across The Trade Desk, Criteo, ID5 Technology Limited, Intent IQ LLC and LiveIntent, Inc, in order to generate the Unified ID. For more information, please review: The 33Across Privacy Policy the Lotame Solutions Inc Privacy Policy the Criteo Privacy Policy the Prebid.org, Inc Privacy Policy the LiveRamp Privacy Policy the Predictive Pop Inc. Privacy Policy the Intent IQ Privacy Policy and the LiveIntent Privacy Policy

Our third-party partners, including Tapad, Inc., may set and/or access cookies or other data collection technology which collect information (not including your name, address,or telephone number) about your visits to this and other websites, mobile websites and/or mobile applications across your various devices, in order to match those devices together by creating a profile revealing likely associations of, or connections between, them. That profile is used to determine that you are likely to be the same user visiting the websites or applications on different devices, and to provide more tailored advertising, marketing, measurement, analytics, and research about goods and services of interest to you across those various devices. If you would like more information about this practice and to know your choices with respect to it, please refer to the relevant third parties’ privacy policies. Tapad’s privacy notice is available at https://www.tapad.com/global-privacy-notice.

Additionally, the end user may opt-out of certain advertisers’ cookies and browser-enabled, interest-based advertising – see detailed information below under the User Right and Opt Out Option Section

YOUR RIGHTS: 

Depending on your relationship with us and applicable data protection laws, you may have certain rights regarding your Personal Data. These rights include, the right to know which Personal Data is processed, the purpose and with whom it is shared, the right to access, receive a copy and data portability. You further have the right to deletion, withdraw consent, opt-out and restrict data processing. You can also appeal or complain to the authorities, for specific details where to submit such appeals and complaints please see our Perion Privacy Policy. 

For California residents, please see our CCPA Notice. 

For additional information on your rights and how to exercise your rights, please see the Data Subject Request Form (“DSR”) available    here.

Please note that we may need to retain certain information for recordkeeping purposes or to complete any transactions that you began prior to requesting a change or deletion. Please further, note, under this Offering privacy policy we don’t actually know who you are. We have an Online Identifier associated with the information above, not an actual name to email, therefore please do not provide us with more Personal Data in your submission and make sure you provide us with valid identification as detailed in the DSR form. Otherwise, please use these options below: 

  • You can withdraw your consent for processing Personal Data for analytics or marketing purposes, at any time by using the cookie settings on the websites you are browsing, you may further opt-out through your device (if on mobile you need to toggle of the tracking feature or the MAID, or through browser setting on the desktop).
  • Interest-Based Advertising (“IBA”) as defined under various US State laws which are rapidly evolving enable individuals to opt out from sharing Personal Data or personal information, as defined under applicable laws, for targeted advertising purposes. This means you will still see ads, however, they will not be personalized. If you wish to opt-out from sharing personal information (under US State laws) or withdraw consent from personalized advertising processing (under UK and EU privacy laws) please see below various options you can use:
  • Perion is committed to providing consumers notice and choice regarding IBA. Perion offers an “opt-out” for those that wish to opt-out of Perion IBA activities on the web.
  • You may opt-out of web IBA conducted by Perion’s affiliates and other member companies of the NAI by visiting the NAI website: www.networkadvertising.org, or you may opt-out of IBA by Perion’s affiliates and other member companies of the DAA by visiting the DAA website: http://www.aboutads.info/choices/
  • For Canadian consumers, you may also access the opt-out tool on the Digital Advertising Alliance of Canada (DAAC) website or the Ad Choices Canada website (en Français): https://youradchoices.ca/en/tools
  • If you are a California resident and wish to opt-out from having your data used for IBA, you may exercise your right here: https://optout.privacyrights.info/
  • You may also be able to configure your IBA preferences and opt-out of the collection of information for advertising purposes from your Internet connected devices (e.g., Smart TVs or Set-Top boxes). Depending on the model of your Internet connected device, please refer to the applicable manual and/or settings menu of the applicable device. In addition, you may also refer to the NAI Connected TV choices opt-out page: https://thenai.org/opt-out/connected-tv-choices/, which explains how users can activate privacy features in many common TV and OTT environments.
  • Google https://adssettings.google.com/authenticated 
  • Google Analytics https://tools.google.com/dlpage/gaoptout 
  • For mobile opt-outs, we rely on the standard opt-out mechanism for ad traffic that we get from mobile applications. Users may choose not to be tracked for advertising purposes by accessing their mobile device’s privacy settings. When we receive an in-app ad request from an in-app advertising partner, it also receives a “DNT” (do not track) indication in the ad request. The value for the DNT parameter is captured from the user’s privacy settings. When we receive a DNT=1, we honor this as an opt-out request. Additional information and instructions on opting-out on mobile devices may be available on the NAI Mobile Device Opt-out page: https://thenai.org/opt-out/mobile-opt-out/
  • Global Privacy Control preference. 

Ad choices settings and options will vary depending on your browser and device settings, and this is not an exhaustive list. Please note that your opt-out choices will only apply to the specific browser or device from which you opt-out.

 

DATA RETENTION: 

In general, we retain the Personal Data we collect for as long as it remains necessary for the purposes set forth above, consistent with applicable regulations, or until you express your preference to opt out, where applicable. 

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data, whether we can achieve those purposes through other means, and the applicable legal requirements.

Other circumstances in which we will retain your Personal Data for longer periods of time include: (i) where we are required to do so in accordance with legal, regulatory, tax or accounting requirements, or (ii) for us to have an accurate record of your dealings with us in the event of any complaints or challenges, or (iii) if we reasonably believe there is a prospect of litigation relating to your Personal Data. Please note that except as required by applicable law, we will not be obligated to retain your data for any particular period, and we may delete it for any reason and at any time, without providing you with prior notice if our intention to do so.

Please note that except as required by applicable law, and hereinabove, we will not be obligated to retain your data for any particular period, and we may delete it for any reason and at any time, without providing you with prior notice of our intention to do so.

INTERNATIONAL DATA TRANSFERS: 

Our data servers in which we host and store the information are mainly in the US, and also in the EU. The Company’s headquarters are based in New York and Israel in which we may access the information stored on such servers or other systems such as the Company’s ERP, CRM, Salesforce, and other systems. In the event that we need to transfer your Personal Data out of your jurisdiction, we will take appropriate measures to ensure that your Personal Data receives an adequate level of protection as required under applicable law. Furthermore, when Personal Data that is collected within the European Economic Area (“EEA“) or the United Kingdom (“UK”) is transferred outside of either jurisdiction to a country that has not received an adequacy decision from the European Commission or UK Information Commissioner’s Office (“ICO”), we will take necessary steps in order to ensure that sufficient safeguards are provided during the transferring of such Personal Data, in accordance with the provision of the standard contractual clauses approved by the European Union and UK. Thus, we will obtain contractual commitments or assurances from the data importer to protect your Personal Information, using contractual protections that EEA and UK regulators have pre-approved to ensure your data is protected (known as standard contract clauses), or rely on adequacy decisions issued by the European Commission or ICO. Some of these assurances are well-recognized certification schemes.

CHILDREN’S PRIVACY: 

The Services are 

not intended for use by children (the phrase “child” shall mean an individual that is under the age defined by applicable law, which concerning the EEA is under the age of 16, and with respect to the US, under the age of 13), and we do not knowingly process children’s information. We will discard any information we receive from a user that is considered a “child” immediately upon discovering that such a user shared information with us. Please contact us at[email protected] if you have reason to believe that a child has shared any information with us. 

Let’s unlock the possibilities of digital advertising

Connect With Us