Privacy Policy

Effective date: May 29, 2026

AdzOn operates an advertising marketplace for advertisers, publishers, and visitors who see ads through the AdzOn publisher script. This Privacy Policy explains what personal data we collect, why we use it, who we share it with, and what rights people may have.

This policy is intended for product launch readiness. It should be reviewed by qualified counsel before broad public release, especially if you serve users or website visitors in the European Economic Area, United Kingdom, Switzerland, or other privacy-regulated markets.

Who We Are

AdzOn provides advertiser accounts, publisher accounts, ad delivery, reporting, billing, fraud prevention, moderation, and publisher revenue workflows.

For registered advertisers and publishers, AdzOn generally acts as the controller of account, billing, support, security, and marketplace operations data. For visitor tracking on publisher websites, responsibility may be shared between AdzOn and the publisher depending on the integration, consent flow, and applicable law. Publishers must provide their own privacy notice and obtain any required visitor consent before enabling AdzOn tracking technologies.

Data We Collect

Account and Profile Data

We collect names, email addresses, passwords or authentication credentials, account roles, verification status, business or website names, website domains, descriptions, content categories, blocked ad categories, and account settings.

Advertising and Publishing Data

We collect ad content, campaign names, destination URLs, creative assets, review decisions, publisher banner settings, site approval status, installation diagnostics, revenue ledger entries, withdrawal requests, and admin moderation notes.

Billing and Payment Data

We use payment providers such as Stripe to process subscriptions, billing portal sessions, payment status, customer identifiers, product and price identifiers, and related payment metadata. We do not intentionally store full card numbers.

Visitor and Ad Event Data

When the AdzOn publisher script runs, it may collect and send generated visitor identifiers, hashed browser fingerprints, IP address and IP risk signals, user agent, browser, operating system, device type, screen and viewport dimensions, language, timezone, cookies-enabled status, automation/headless signals, Do Not Track status, page URL, page referrer, page title, placement type, event type, time on page, session duration, event counts, and signed delivery token metadata.

This data is used to deliver ads, prevent fraud, enforce frequency limits, measure campaign performance, calculate publisher revenue, and investigate suspicious traffic.

Website and Public Page Data

When advertisers or publishers submit a domain, we may fetch public page titles, meta descriptions, text excerpts, logos, and images to help create business profiles, publisher profiles, and ad drafts.

Communications and Support Data

We collect messages, support requests, admin alerts, email notifications, roadmap feedback, and coming-soon email subscriptions.

How We Use Data

We use personal data to create and secure accounts, provide dashboards, review websites and ads, generate ad drafts, deliver ads, attribute ad events, detect fraud, calculate billing and publisher revenue, send service emails, operate the platform, and comply with legal, tax, accounting, and dispute-resolution obligations.

Legal Bases

Where GDPR or UK GDPR applies, we rely on one or more of the following legal bases:

• contract, to provide accounts, dashboards, subscriptions, ad delivery, publisher revenue, and support;
• legitimate interests, to secure the platform, prevent fraud, moderate marketplace activity, maintain logs, and improve product reliability;
• consent, where required for cookies, local storage, fingerprinting, marketing communications, or non-essential tracking;
• legal obligation, for tax, accounting, payment, sanctions, and compliance duties.

Publishers are responsible for determining and documenting the legal basis for running AdzOn technologies on their own websites and for obtaining visitor consent where required.

Cookies, Local Storage, and Similar Technologies

The AdzOn publisher script may use local storage and a first-party cookie named adz_visitor_id to recognize a browser for frequency capping, fraud prevention, deduplication, and attribution. It may also generate a hashed browser fingerprint from device and browser characteristics.

These technologies are not strictly necessary for visitors to read a publisher website. In many jurisdictions, including the EU and UK, publishers should not enable non-essential storage, access, or fingerprinting until they have provided clear information and obtained valid consent where required.

See our Tracking Disclosure for more detail.

Do Not Track and Global Privacy Signals

The publisher script currently detects and records browser Do Not Track status for diagnostics. Recording the signal does not, by itself, disable all tracking. Publishers should configure their consent management and script deployment so that AdzOn tracking does not run, or runs only in a reduced mode, when required by law or visitor choice.

Sharing and Subprocessors

We share data with service providers that help us run the platform, including hosting, payment, email, fraud prevention, AI generation, monitoring, and support providers. See our Subprocessor List for current categories and providers.

We may also share data if required by law, to protect rights and safety, to investigate abuse or fraud, or as part of a merger, acquisition, financing, or sale of assets.

International Transfers

Our providers may process data in countries other than where a user or visitor lives. Where required, we use appropriate safeguards such as standard contractual clauses, data processing agreements, and vendor security reviews.

Retention

We retain account and billing data while an account is active and as needed for legal, tax, accounting, fraud-prevention, dispute-resolution, and security purposes. Ad event, heartbeat, IP risk, and visitor-level tracking data should be retained only as long as needed for attribution, fraud review, reporting, and revenue settlement. We intend to implement formal retention and anonymization jobs for visitor-level event data before broad public launch.

Security

We use reasonable technical and organizational measures to protect data, including access controls, authentication, authorization checks, signed delivery tokens, rate limits, and operational monitoring. No system is perfectly secure.

Privacy Rights

Depending on location, individuals may have rights to access, correct, delete, export, restrict, or object to processing of personal data. They may also have the right to withdraw consent where processing is based on consent.

See our Privacy Rights page for request instructions.

Children

AdzOn is not intended for children, and publishers must not place AdzOn scripts on websites directed to children or knowingly collect personal data from children through AdzOn.

Changes

We may update this policy as the product, laws, or providers change. Material changes should be communicated through the website, dashboard, or email where appropriate.

Contact

Privacy requests and compliance questions can be sent to [email protected]. If this address changes, we will update this page and the Privacy Rights page.