Retarget audiences across all channels with Zeta’s proprietary ID resolution Zync™ pixels
Privacy Considerations and Guidelines
How does Zeta Zync™ Work?
Zeta’s first-party data is primarily organized around email addresses that have been provided directly to a Zeta property or a third party along with the user’s consent to use this data for marketing purposes.
To retarget a customer who has visited a website with a Zync™ pixel embedded, the following process takes place:
Zeta’s Zync™ pixel fires when a visitor accesses an advertiser’s web page.
This initiates a call to Zeta’s server, which places a Zync cookie on the user’s browser.
Cookie synching occurs between Zync and Zeta’s own and third-party data sources. We are then able to associate many Zync cookie IDs to an MD5 hashed email address. These hashes cannot be reverse-engineered to produce an email address but can be matched to identical values created by using the same hashing algorithm on the same email address.
Zeta compares the hashed data to hashed values of its client’s permissioned data.
Wherever matches can be found, Zeta is able to indicate that an action should be taken (e.g., send an email).
Privacy and Legal Considerations
Zeta and Zync™ comply with the following applicable legal requirements as described below:
Identity resolution via cookies is legal in the United States: As long as companies are transparent about their data use practices through privacy policies and notifications, and provide consumers with the ability to easily exercise their legal rights (including the right to obtain copies of data, opt-out, or request that data be deleted), identity resolution using cookies is a legal practice.
Zeta does not currently perform cookie-based identity resolution for users based outside the United States (as determined by IP address).
Zeta is a member of the Digital Advertising Alliance (DAA): Zeta follows the DAA’s self-regulatory code and participates in the AdChoices program.
While the DAA privacy code prohibits transferring programmatic (i.e., cookie-based) data to a third party (meaning a separate company) for it to reidentify, it does not prohibit a company from re-identifying online data itself.
With Zync, Zeta engages indirect data collection from users via the Zync pixel and then performs identity resolution using its own data (including data sourced from its data partners).
Zeta data is subsequently matched with client data, and actions (advertising, by various channels) are indicated back to the client, which may be executed by Zeta as a processor/service provider (e.g., sending email from a client CRM system).
No data that was previously unknown to the client is transmitted from Zeta to its client; the Zeta system simply allows websites to detect visits from its registered users who are not currently signed in and utilizes its own data obtained from such users to target them with advertising.
Zeta also hosts a Rights Request page: Users can see data associated with their Zeta cookies in real-time. Buttons at the site also enable the user to opt-out of online behavioral advertising, export a copy of their data, or delete their data. Advertiser websites and privacy policies may link directly to the Rights Request page.
More Information: If you have additional questions about privacy considerations relating to the Zync identity resolution process, please contact Ben Hayes, Chief Privacy Officer & Sr. VP, Legal.
Zync Notice Guidelines and Sample Language for Privacy Notices on Publisher Websites
The following is not intended or offered as a legal advice. Publishers should assess their specific legal requirements and the requirements of self-regulatory programs in which they may participate for determining which form of notice is best suited to their requirements.
Zync Website Notice Guidelines
Websites using the Zync pixel must provide privacy notices to consumers that address the following points:
How can our subscribers find out where their data has been sent/shared?
Websites using the Zync pixel for intelligent retargeting should include just-in-time (e.g. pop-up or banner) notices, and/or disclosures in their privacy policies that would enable an individual to understand how and where their data has been shared. Zeta can be named explicitly in privacy policies for this purpose.
How can our subscribers have their data deleted/forgotten?