English Português

Opera Ads Privacy Statement

Last updated: May 5, 2023

Through Opera Ads, the Opera Group of companies offers B2B advertising services to advertisers, agencies, demand-side platforms (DSPs), supply-side platforms (SSPs), and others. These services are offered primarily through Opera Software Ireland Ltd. (We).

Through Opera Ads, we connect advertisers and their representatives with third-party publishers, developers and networks that sell ad space. This is largely an automated process and involves processing various kinds of data, including personal data.

This privacy statement describes how we process data, including personal data, when serving our advertising clients in Opera Ads. The privacy statement does not apply to processing of personal data by Opera Group or its products, such as Opera Browser. To learn about how the Opera Group processes data in our browsers and websites, please see: opera.com/privacy.

It is important to note that even where we process personal data through Opera Ads, we have no practical way of identifying you personally.

Introduction

First, let’s define some key terms. The definitions relevant for this privacy statement have been adapted from the General Data Protection Regulation (or “GDPR”), the data privacy law which applies in the European Union. We use the GDPR as a guidepost because it applies directly to our European companies and because we believe it sets the highest legal standard for user privacy. However, in some cases we have simplified the definitions here for the purpose of clarity.

Inventory: Advertising space in websites, apps, and other online properties where ads can be displayed. For the purpose of this policy, please note that Opera Ads does not own the ad inventories. The inventories are owned and operated by third parties.

Personal data: In terms of the GDPR, any information relating to an identified or identifiable natural person. This includes data such as your IP address, device IDs, advertising IDs, and location.

Data controller: The person or company that decides whether and how to process personal data.

Data processor: Someone who processes personal data on behalf of a data controller.

Buyers: Buyers are our customers who use Opera Ads to buy Inventory. Such Buyers include direct advertising clients, as well as ad networks, and DSPs.

Sellers: Sellers are our customers who use Opera Ads to sell Inventory to Buyers. Sellers mostly work through SSPs which enable publishers of websites, apps, and other online properties to sell their Inventory.

Legal basis: Opera Ads processes personal data for fulfilling its contractual obligations to the buyers and sellers, and to fulfill its legitimate interests.

Purpose: The specific reason or reasons we have for processing personal data. In general, Opera Ads processes personal data, for connecting advertisers and their representatives with third party publishers, developers and networks that sell ad space.

Process or processing: As defined under the GDPR, “processing” can mean doing almost anything with personal data. Below we have used it in this general sense when we have a general meaning in mind, and used more specific terms (like “store” or “share”) where appropriate.

Retention / retain: The time period for which we will continue to store data. In general, we do not process or store personal data longer than needed and therefore delete it after a certain period of time.

Transfer: Personal data is “transferred” when it is shared or made permanently available to anyone outside the European Economic Area (or EEA - that is, the European Union plus Norway, Iceland, and Liechtenstein).

Opera Group: All affiliated Opera Companies, including Opera Software Ireland Ltd.

Data Processing and Retention

Opera Ads receives various kinds of data from Buyers and Sellers, including the following:

  • Identifiers such as your IP address, advertising IDs (Google Ad ID, Apple ID);
  • Device information (model, release date, device IDs, hardware specifications, operating system, etc.);
  • Information about the app or website you are using;
  • Your general location (country, region, city);

The specific data points we receive are determined by the Buyers and Sellers through the RTB system. Opera Ads´ primary role is to pass data between the Buyers and Sellers, who use the data to make and assess bids, to select the winning bid, traffic campaigns, and assess their effectiveness.

Personal data may also be used by Opera Ads to verify campaign performance and detect fraud. Such data is deleted within 7 days.

We may also use personal data to evaluate the performance of our business, including for purposes of financial reporting. We retain such data for a period of 18 months and then it is automatically deleted. It is important to note that when we process personal data through Opera Ads, we have no practical way of identifying you personally.

Opera Ads may work with Google to deliver the best advertising opportunities to its clients. Traffic Clients and other data subjects can consult Google’s policies to learn more about Google’s processing policies. In particular, Google may use remarketing tags (please visit How Google uses information from sites or apps that use our services to learn more about the third parties Google works with) and other advertising cookies.

Security

We implement adequate technical and organizational measures to ensure security, confidentiality and integrity of your personal data. These measures include restricting access to the personal data solely to authorized persons with a legitimate need to know for the purposes of this processing operation.

Opera Ads undergoes periodical review for compliance with industry standards, security protocols and privacy protection.

Data Controller & Internal Processing

Opera Ads is primarily organized by Opera Software Ireland Ltd. (“Opera Ireland”), a company registered under the laws of Ireland. Therefore Opera Ireland acts as the primary data controller for Opera Ads within the Opera Group.

Other Opera Group companies work on the development and management of Opera Ads. In general, the other companies of the Opera Group that may have access to personal data act as data processors for Opera Ireland. As a matter of company policy, we apply the GDPR to our internal processing in general, even in contexts where it might not apply directly to our affiliated companies outside of Europe.

International Data Transfers

As noted above, in different contexts we may share or make available data (including personal data) with other members of the Opera Group, and sometimes with third parties, such as our marketing and monetization partners. Where applicable, we insist that a legally valid mechanism is used to protect such transfer, including for example the European Union’s model contracts for the transfer of personal data to third countries (also known as the “standard contractual clauses”) to ensure adequate protection of your personal data.

Your Rights And Statement Updates

You have the right to make a request to access or delete any of your personal data that we might possess. You can make a request via this online request form or by contacting our Data Protection Officer at the address below. You may be required to provide additional information to authenticate your request. You also have the right to lodge a complaint with the Data Protection Commission, which can be contacted through their webpage.

When we post changes to this privacy statement, we will include the date when the statement was last updated. If we significantly change this statement, we will notify you about the upcoming change via our website or using in-app notifications. We encourage you to review this statement periodically.

Contacts

If you have any questions about this statement or any privacy issues in our applications or services, feel free to contact our Data Protection Officer via privacy-team@opera.com.