AtData logo

We Respect Your Privacy

We provide this privacy policy (the “Privacy Policy”) to make consumers and our own clients better aware of our practices regarding how we collect, use and share their information. AtData, (“AtData,” “we” or “us”) provides a number of data services, generally involving gathering and managing data and creating data models, in order to help businesses send relevant, data-driven marketing communications and prevent fraud. This includes services to improve direct mail, email, and digital and social media ad campaigns, by targeting them to consumers’ interests, activities and demographics.

Please note: this Privacy Policy refers to how we collect and use information to provide services to our clients, and also how we use information that we collect from visitors to this website. We address each of those in separate Sections of this Privacy Policy.

Data Collected Through Our Website

We collect information on our website, both when it is voluntarily provided by website visitors and in some cases when we use technologies (like cookies) to automatically collect information. We discuss that information, and how we use and share it below.

Information Collected

AtData collects Information from users of our website(s) (including any page on which this Privacy Policy is posted), including:

How AtData uses the Information We Collect Through Our Website

We use the Information we collect through our website(s) to do the following:

How AtData Shares the Information We Collect Through Our Website

We may sometimes share or otherwise disclose the Information we collect about you, as described in this Privacy Policy or otherwise disclosed to you when you provide us with the information, including as follows:

The Information We Collect and Receive

We receive information from various trusted companies and sources that collect and supply consumer data. We may also obtain data through public sources, like census data and other public files. And we may also collect certain information when you visit our website(s) or our marketing partners’ website(s).

This data includes what we refer to as Personally Identifiable Information (“PII”) and information tied to PII regarding persons’ demographics and interests, or purchase data. When we refer to PII we mean first and last name, postal address, mobile advertising ID, telephone number or email address.

We sometimes group data about consumers’ interests, demographics, or online and offline activities (including website visits) into aggregated “Audience Segments,” which may be connected to PII or to other unique identifiers (which we also explain below).

We also use unique, individual identifiers (“UIDs”) that we, or our marketing partners, create that are derived from PII but have been de-identified, through various means. These UIDs are often used in delivering online ads, for instance, and in deploying online “cookies.” We refer to these as “non-PII.” To learn more about “cookies” please go to Section 6 titled “Cookie Technology, Pixels and Mobile SDKs.”

We may receive these UIDs along with other “non–PII” (e.g., pages viewed, browser type, time and date of visits) that is based on website visits or email opens. This data may be used to improve the operation of these websites, improve visitors’ experience to the websites, to identify or remediate possible threats to the website’s security, and for other operational and management purposes, as well as for “retargeting” relevant offers to visitors based on web browsing activity.

AtData may also collect or receive information about consumers’ visits to websites and information regarding advertising exposure (“web log data”). Web log data may include browser type, IP address, type of ad served, and date of ad delivery. This information is used to optimize ad campaigns and measure their effectiveness. Web log data may also be used to provide ads about goods and services that are most likely to be of interest to individuals.

Like many marketing platforms and other companies, we may combine, link or aggregate the various data we collect or obtain in order to provide our services. For instance, we or a partner with whom we work may link a unique identifier based on a consumer’s visit to a website with other personal information about the consumer, to deliver cross-context advertising over the Internet, another device (such as a tablet or TV), or email or direct mail promotions. We refer below to all of the information we receive, collect, or create as the “Information” (whether used in combination or alone).

How We Use the Information

AtData uses the Information to provide its services, including those described on this website. That may include the following:

Consumer Privacy and Your Ad Choices

You may learn more about companies that engage in various types of online targeted and retargeted advertising, some of whom we partner with, and also learn about how to opt out of receiving targeted emails from those companies, by visiting the DAA’s opt out page at We also recommend visiting the opt-out pages offered by the Network Advertising Initiative. These “opt out” mechanisms rely on cookies, so if you browse the web from multiple browsers or devices, you will need to opt out from each browser and/or device to ensure that we withhold our Online Marketing Services on all of them. Similarly, if you use a new device, change browsers or delete all of your cookies, you need to repeat this opt-out function again.

Residents of the EU may have additional choices with respect to the Personal Data we process about them. Please see below Section 12 on European Data Protection and Data Transfer for more details.

You may click here to opt-out of AtData’s marketing services platform. When you opt out, we will cease sharing your Information with partners and clients for marketing purposes; however, opting out in this way will not immediately affect information that has already been passed to those partners or clients.

You also may request access to the personal information that we hold about you. If you wish to make such a request, please visit our Privacy Portal page here. When you make such a request, we will request that you reasonably verify your identity. You may also write to us at to make such a request. Should you do so, please include the following personal information so that we can access any information we have about you: your name, home address, and email address(es). However, we recommend accessing the above online “Portal” rather than contacting us by email, in order to better ensure the completeness of your submission and our response.

How We Share Data with Third Parties

AtData may share the Information (including PII) with customers, marketing services and platforms, and service providers and vendors that we retain, in order to provide the services we have described above (or other services we may add). In addition to our customers, we may share the Information with the following:

Cookie Technology, Pixels and Mobile SDKs

As also described above, we and our business and marketing partners use cookies and similar technologies to provide marketing services, such as to target or re-target online ad campaigns, or to measure those campaigns. For instance, we or a partner may track a particular browser’s activities to determine if seeing an ad tends to make consumers’ more likely to visit a web page; or we and our marketing partners may target online or offline advertising to users who expressed interest in a product through online activities. Thus, we and others may set and access cookies, pixel tags and similar technologies on your device. We and others may, likewise, collect various types of information about your browser, device, or browsing activities through use of these cookies.

Cookies are small data files that contain a string of characters, such as a unique browser identifier. Cookies are stored on your computer or other device and act as tags that identify your device. Our (or other companies’) servers send your device a cookie when you visit a website. We and other online marketing platforms may use cookies to, among other things, “remember” you when you visit a website or receive an email, determine visitor patterns and trends, collect information about your activities on our clients’ sites, or interact with the advertising you see. We use cookies to provide relevant content to you and replace non-relevant communications with ads that better match your interests.

Pixel Tags
A pixel tag (also known as a web beacon or clear GIF) is an invisible 1 x 1 pixel that is placed on certain web pages or email messages. When you access these web pages or open an email, pixel tags generate a generic notice of the visit, including the type of device being used, and permit us to set or read our cookies. Pixel tags are used in combination with cookies to track the activity on a site by a particular device. When you turn off cookies, pixel tags simply detect a given website visit or opening of an email message. For email messages, turning off the display of images will disable pixel tags.

Disabling Cookies
Most web browsers are set up to accept cookies. You may be able to set your browser to warn you before accepting certain cookies or to refuse certain cookies. However, if you disable the use of cookies in your web browser, some features of our services and other services may be difficult to use or become inoperable. In addition disabling cookies will not necessarily opt you out of interest-based marketing; we instead recommend the opt out methods described in Section 4 above.

Non-Cookie Technologies
In providing our services, we, our marketing partners, or our clients, may work with third-party companies that use techniques other than conventional HTTP cookies to recognize your computer or device and/or to collect and record information about your web surfing activity, including those integrated with our services. These technologies may not respond to browser settings that block conventional cookies, particular if you are using a Safari browser. You may opt out of some of these technologies by visiting the NAI’s opt out page at; however, if your browser is set to immediately delete or refuse opt-out cookies, or if you use a Safari browser, you may not receive the benefit of this opt-out, or your opt out cookies may be immediately deleted.

This website may provide links to other websites that AtData thinks users will find interesting or useful. AtData is not responsible for the privacy practices of these other sites or companies.

Security and Data Integrity

AtData takes steps to help ensure that the Information we use is housed and transmitted securely. This may include various types of physical and electronic security, including firewall protections, encryption, hashing or truncation of data, and access controls to PII. While neither we nor any platform can guarantee 100 percent safety from hacks or illegal intrusion, we employ efforts to ensure that this does not occur.

Changes to this Privacy Policy

From time to time, we may update this policy. If you are interested in how we use Information to provide services, we recommend that you check back for any changes to this policy.

Do Not Track

Like most companies, we do not respond to “Do Not Track” signals sent by browsers: the industry has not reached a consensus as to how to fairly and uniformly implement and interpret such signals.

Our Website and Services Are Not Directed to Children Under 13

AtData is a business-to-business website and is not directed to children under the age of 13. Similarly, AtData’s services are not directed to nor intended for anyone under the age of 13. Whether for itself or for its clients, AtData will not knowingly collect or maintain personally identifiable information from or about anyone under 13.

Additional Disclosures for Residents of California

The California Consumer Privacy Act of 2018 (“CCPA”) provides additional rights to individuals who reside in California. To learn more about California privacy rights and disclosures, view our Privacy Policy Addendum for California Residents.

European Data Protection and Data Transfer

European Law and the GDPR

As of May 25, 2018, a new data privacy law known as the EU General Data Protection Regulation (or the “GDPR”) will be in effect, through the EEA countries. The GDPR (and other European privacy laws) make a distinction between organisations that process Personal Data for their own purposes (known as “data controllers”) and organisations that process Personal Data on behalf of other organisations (known as “data processors”). The GDPR requires companies that are “Data Controllers” (which includes some of our clients) provide users with certain information about the processing of their “Personal Data.” “Personal Data” is a term used in Europe that means, generally, data that identifies or can identify a particular unique user or device – for instance, names, addresses, cookie identifiers, mobile device identifiers, precise location data and biometric data.

We sometimes process Personal Data relating to data subjects (i.e., persons) on behalf of these clients, and we therefore often enter into agreements to assist them in complying with their own obligations under the GDPR. However, if you have a question or complaint about how your Personal Data is handled, we encourage you to direct your inquiry to the relevant data controller, since data controllers are the ones with primary responsibility for your Personal Data.

On the other hand, we are data controllers of Personal Data that we collect from our own website, and from our own customers. As to that data, please note the following :

European Economic Area, Switzerland, and United Kingdom Visitors

This section applies to individuals from the European Economic Area, Switzerland, or the United Kingdom. For information about exercising rights under relevant laws, please refer to the “Your Rights” section below.

We may collect and process personal data about you where the laws of your jurisdiction permit it. We may rely on the following legal bases to process personal data about you:

Please be aware that the personal data we collect may be transferred to and maintained on servers or databases located outside your jurisdiction.

When transferring personal data to the U.S., AtData complies with the EU-U.S. Data Privacy Framework (“EU-U.S. DPF“), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (“Swiss-U.S. DPF“) as set forth by the U.S. Department of Commerce. AtData has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (“EU-U.S. DPF Principles“) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF. AtData has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (“Swiss-U.S. DPF Principles“) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF.
If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (“DPF”) program, and to view our certification, please visit

For more information about AtData’s compliance with the DPF program, please visit our Data Privacy Framework Notice.

Your Rights

Residents of certain jurisdictions, including the EEA, UK, California, Connecticut, Colorado, Nevada, Utah, and Virginia have rights with respect to the personal data collected by AtData. You may be able exercise the following rights, subject to certain exceptions and limitations.

You may exercise your rights by:

If you are not satisfied with our response to your request, we hope you will reach out to us first at For residents of the EEA or the UK, if you are still unhappy, you have the right to complain to your Data Protection Authority. Additionally, for Colorado, Connecticut, and Virginia residents, if you have submitted a request that we have not reasonably fulfilled, you may contact us to appeal our decision by sending an email with the subject line “Appeal” to

Verification Process and Required Information. We may need to request additional information from you to verify your identity or understand the scope of your request. We will require you to provide, at a minimum, your full name and email address.

Authorized Agents. Depending on your jurisdiction, you may also designate an agent to make requests to exercise your rights. We will take steps both to verify the identity of the person seeking to exercise their rights as listed above, and to verify that your agent has been authorized to make a request on your behalf by providing us with a signed written authorization or a copy of a power of attorney.

Contact Us

If you have questions related to this policy, or regarding AtData’s products or services, please contact us at:

Privacy Officer
770 Legacy Pl
Dedham, MA 02026