Join 300+ software vendors who advertise on Netnetix partner sites. Get started.

Privacy Policy

Last updated: 01. July 2025

Introduction

Welcome to the Netnetix Privacy Policy. Netnetix is a B2B advertising platform operated by Revbox Ltd ("we" or "us"). We are committed to protecting your privacy and complying with all applicable UK and EU data protection laws, including the UK General Data Protection Regulation (UK GDPR), the EU GDPR, the Data Protection Act 2018, and the Privacy and Electronic Communications Regulations (PECR).

This policy explains how we collect, use, share, and protect personal data in the context of the Netnetix platform. It applies to personal data of our business users (advertisers) and end-users who interact with ads and other content served through our publisher network. Revbox Ltd is the data controller for the personal data described in this policy, with its registered address at 71–75 Shelton Street, Covent Garden, London WC2H 9JQ, United Kingdom. If you have any questions about this policy or your data, please contact us using the details in the Contact Information section below.

Data We Collect

Business (Advertiser) User Data: When you sign up or interact as an advertiser on Netnetix, we collect business contact information and account details. This includes your name, business email address, phone number (if provided), job title or role, company name, and billing information (such as billing address and payment details for invoicing). We collect this information so that you can create an account, run advertising campaigns, and for us to process transactions and communicate with you. We do not ask for or intentionally collect any special category personal data (such as racial or ethnic origin, health data, etc.) from our business users.

End-User Data (Advertising Analytics): Netnetix also collects limited data about end-users (individuals who browse our partners' websites and see or interact with Netnetix-served ads or product links). When an end-user views a page or an advertisement on a publisher's site that is part of the Netnetix network, our tracking pixel may collect:

  • IP Address: We log the end-user's IP address when an ad is viewed or clicked. From the IP address, we infer an approximate geographic location (e.g., city or region). This helps us deliver or report on location-relevant content (for example, to ensure ads are shown in appropriate regions or to provide aggregate analytics by region). We generally treat IP addresses as personal data, as they can reveal a user's general location and internet service provider and may indirectly identify someone when combined with other information. However, we do not collect information that directly identifies end-users (such as name or email) via our ads.

  • Device and Browser Information: We collect basic technical info transmitted by the end-user's device when loading the ad pixel. This may include browser type, operating system, device type, and other standard header information. We do not set cookies on the end-user's device, and the tracking pixel does not itself store any data on the device (see Cookies and Tracking below). The information collected is only what the user's browser automatically shares with our servers (such as IP and user-agent). We do not collect sensitive personal identifiers like cookies, login IDs, or anything from the end-user's device storage.

  • Event Data (Ad Interactions): We record event-level data about the ads or product links shown. For example, we log when an ad is displayed (an impression), when it's clicked, and any associated context such as the timestamp, the web page or publisher site where it appeared, and an identifier for the advertisement or campaign. If a user clicks an ad leading to an advertiser's site, we may track that click event for reporting and analytics. This data helps us measure campaign performance (e.g., click-through rates), improve our service, and detect fraudulent or invalid clicks. The event data is tied to a pseudonymous identifier (such as a campaign or pixel ID) and an IP address, but not to the end-user's real identity.

No Special Categories of End-User Data: Netnetix does not collect or process any special categories of personal data from end-users. We do not knowingly collect data on end-users' race, religion, health, political opinions, sexual life, or other sensitive information. The end-user data we handle is limited to the analytics described above (IP-based location and engagement metrics). We also do not intentionally collect data on anyone under the age of 16 in the EU (or applicable age of a "child" in other jurisdictions), and our services are not directed to children.

Purpose of Processing Personal Data

We only use personal data for specific, explicit, and legitimate purposes. Below is an overview of how we use the data we collect:

  • Providing and Improving the Service (Advertisers): For our business users, we use your personal data to create and manage your Netnetix account, authenticate you when you log in, and provide you with our advertising services. This includes displaying your ads on our publisher network, tracking campaign performance, and facilitating payments or billing. We also use your contact information to send service-related communications, such as account confirmations, invoices, important platform updates, and customer support responses. Additionally, we may use aggregated information about campaign performance (which could include your campaign results) to analyse and improve our platform's effectiveness and features.

  • Advertising Analytics and Network Operations (End-Users): We use end-user data (IP addresses and event data) to operate our advertising network. Specifically, this data helps us ensure ads are delivered effectively and to the right general location, to count ad impressions and clicks for billing and reporting, and to provide advertisers and publishers with performance analytics (for example, how many users clicked an ad on a given publisher's site). We may derive approximate location from IP to avoid showing irrelevant ads (e.g., language or region-specific ads). End-user data also enables us to detect and prevent fraudulent or malicious activity – for instance, identifying unusual click patterns or repeated fake impressions as part of our efforts to maintain network security and integrity.

  • Customer Support and Communications: If you contact us with a question or need help, we will use the personal data you provided (which may include contact details or relevant account info) to assist you. For example, we may review your campaign data or recent activity on the platform to resolve an issue. We may also send notices or announcements to advertisers about new features or updates to our service. We will only send marketing or promotional emails to our business contacts where permitted by law – typically either on the basis of your consent or under the "soft opt-in" rule for existing customers. In any marketing email, we will give you a clear opportunity to opt out or unsubscribe.

  • Legal Compliance and Legitimate Business Interests: We process certain data as needed to comply with our legal obligations and to pursue our legitimate interests as a business. For example, we retain transaction records and billing information to meet accounting and tax requirements. We may process personal data to establish or defend legal claims if they arise. We also maintain logs of platform activity (including IP addresses) to ensure IT security, prevent fraud, and debug or troubleshoot the platform – these uses are in our legitimate interest in keeping our service secure and reliable. When we rely on legitimate interests, we always consider the potential impact on individuals' rights and have implemented measures to protect your privacy (see Legal Basis below).

Legal Basis for Processing

Under UK and EU law, we must have a valid legal basis to process personal data. We rely on the following legal bases, depending on the context:

  • Contractual Necessity: If you are an advertiser (or working for an advertiser) using the Netnetix platform, we process your personal data primarily on the basis of contract. When you register or enter into an agreement to use Netnetix, a contract is formed between you (or your company) and Revbox Ltd for our services. We need to process your data to fulfil that contract – for example, to maintain your account, serve your ads, provide reports, and handle payments. Without this data, we cannot provide the service you expect. Likewise, if you request a demo or inquire about our services, we process your contact details to take steps at your request prior to entering into a contract.

  • Legitimate Interests: We process both advertiser and end-user data for purposes that support our legitimate interests in operating and improving a safe, effective advertising platform, provided that those interests are not overridden by individuals' data protection rights. We rely on legitimate interests to collect and use end-user analytics data via our tracking pixel, as this data is necessary to provide the advertising service (measuring impressions, preventing fraud, etc.) in a way that most users would expect from an online ad network. We also rely on legitimate interests to send relevant communications to our business users about our services (for example, mild promotional updates or product alerts to our existing customers), and to conduct analytics on how advertisers use the platform so we can improve the user experience. When we process data under legitimate interests, we ensure that the processing is proportional and respects your privacy. For instance, for end-users, we limit data collection to non-identifying information and provide the ability to opt out of further data processing where feasible. You have the right to object to any processing based on our legitimate interests (see Your Rights below).

  • Legal Obligation: In some cases, we must process personal data to comply with a legal obligation. This includes retaining certain records to satisfy accounting, tax, and financial regulations, or disclosing information to law enforcement or regulatory authorities when we are legally required to do so. For example, UK tax law may require us to keep invoice information (which may include an advertiser contact name and address) for a number of years. If we are subject to an audit or receive a lawful warrant or order, we may process personal data as necessary to comply with those obligations.

  • Consent: As a rule, Netnetix does not rely on consent for the majority of its processing, since we operate on a B2B basis and use either contract or legitimate interests as described above. We are also designed to operate without cookies for end-user tracking, meaning we generally do not need cookie consent for analytics. However, there may be limited situations where we do seek consent: for instance, if we ever want to post a customer testimonial with personal details, or if we send certain marketing emails in jurisdictions requiring opt-in consent, we will obtain your consent. If consent is our legal basis, you have the right to withdraw that consent at any time, and we will stop the processing in question. Withdrawing consent will not affect the lawfulness of any processing we already carried out based on your consent.

Cookies and Tracking Technologies

End-User Tracking Technologies: Netnetix uses tracking pixels (also known as web beacons or tags) on participating publisher websites to gather analytics and performance data about ads. The tracking pixel is a small snippet of code (or a tiny image file) that loads when an ad is served, triggering a request to our servers. This allows us to log information such as the end-user's IP address, user agent header information (which includes browser type, operating system, and device type), and a session ID (which may be obtained from a publisher site cookie, though Netnetix does not set this cookie). This information helps us measure ad impressions and clicks, and provides associated context such as the timestamp, the web page or publisher site where it appeared, and an identifier for the advertisement or campaign. All data transmitted by the pixel is used for the limited purposes of analytics, reporting, and fraud detection within the Netnetix network.

Advertiser User Cookies and Local Storage: For our business users (advertisers) interacting with the Netnetix platform, we use cookies and, where necessary, local storage. These are essential for the functionality of the platform and to enhance your user experience. We set:

  • Functional Cookies/Local Storage: These are used to remember your preferences (e.g., language, currency), maintain your login session, and store user account information. They are necessary for you to log in, navigate the platform, and use its features effectively.

  • Analytics Cookies/Local Storage: We use these to understand how advertisers interact with our platform. This helps us monitor platform performance, identify areas for improvement, and optimize the user interface. The data collected through these technologies is typically aggregated and used for internal analysis.

If cookies are disabled in your browser or for another functional reason, we may use local storage instead of cookies to achieve the same operational purposes.

PECR and Consent for Tracking of End-Users: Because the Netnetix pixel primarily relies on information transmitted by the browser and does not write data to the end-user's device (such as cookies or local storage set by Netnetix itself), its use may not strictly require a cookie consent banner for this functionality alone under certain interpretations of PECR. However, we recognise that tracking pixels involve the collection of user information when communicating online. Netnetix and our publisher partners are committed to complying with applicable regulations. We are currently reviewing privacy on Appvizer sites and changes will be implemented. Each publisher in our network is responsible for informing users of the data collected on their site – so you may see our pixel referenced in a publisher's cookie or privacy policy where required. We rely on legitimate interest as the legal basis for processing end-user analytics data via the pixel, due to its limited and non-intrusive nature, and we ensure transparency about this processing. End-users who do not wish to be tracked by the Netnetix pixel can generally use browser settings or extensions to block tracking content; an ad-blocking tool that stops third-party requests will also prevent our pixel from loading.

No Advertising Cookies for End-Users: Netnetix does not use cookies or similar storage technologies on end-users' devices for the purpose of cross-site advertising tracking or profiling. Our platform is designed to minimize data collection from end-users and respect privacy by operating without persistent identifiers being set on their devices by Netnetix.

Data Sharing and Disclosure

We treat your personal data with care and confidentiality. However, in order to run our platform and provide services, we sometimes need to share data with third parties. Any sharing is done under strict conditions and in compliance with data protection law. The key instances in which we share personal data are:

  • Publisher Partners: If you are an advertiser, we may share certain data about your advertising campaigns with the publisher sites on which your ads appear. For example, we provide participating publishers with reports about ad performance on their own sites – such reports might include metrics like impressions, clicks, and conversions for the ads displayed, and could include breakdowns by approximate user geography or device category. These reports help publishers understand the value and effectiveness of our network. We may also disclose to an advertiser which publisher sites contributed to their ad traffic and in what volume. All such sharing is inherent in the operation of a transparent advertising marketplace.

  • Service Providers (Sub-Processors): We employ trusted third-party companies to help us operate and support the Netnetix platform. These third parties act as data processors on our behalf – in other words, they process personal data only under our instructions and for our purposes. Examples of services for which we use sub-processors include: cloud hosting and storage (for example, Amazon Web Services), data centre and infrastructure services, email delivery services (to send account notifications), payment processing for advertiser billing, analytics tools for platform performance monitoring, customer relationship management tools to manage customer relationships, and customer support software. When we share data with service providers, we only share what is necessary for them to perform their function. All our processors are bound by data processing agreements that require them to protect personal data to the same standards we do and to use it only for the agreed-upon service. They are not permitted to use your data for their own purposes. Where a sub-processor is located outside the UK/EU, we will ensure lawful transfer mechanisms are in place (see International Data Transfers below). A current list of major sub-processors can be provided upon request.

  • Corporate Transactions: If Revbox Ltd undergoes a business transaction such as a merger, acquisition, corporate restructuring, or sale of some or all assets, personal data held by Netnetix may be transferred to the new owner or partner as part of that deal. This would be done in accordance with applicable law (for example, ensuring the recipient agrees to uphold the same privacy protections). Any successor entity or buyer will be bound by this privacy policy with respect to your personal data, or you will be given notice and a chance to opt out if data will be used in a materially different way. In the event of an insolvency or similar proceeding, data may be transferred as part of the business assets only if and as permitted by law.

  • Legal Compliance and Protection: We may disclose personal data to third parties (such as courts, law enforcement authorities, regulators, or other government agencies) if required to do so by law or if we believe in good faith that such action is necessary to: (i) comply with a legal obligation, process, or request (e.g., a subpoena, warrant, or court order); (ii) enforce our Terms of Service or other agreements; (iii) investigate or defend against legal claims; or (iv) protect the rights, property, or safety of Revbox, our users, or the public. For example, if a law enforcement agency provides a lawful request relating to a criminal investigation, we may be obligated to provide relevant data. In all cases, we will only disclose the minimum data necessary and will ensure any request is valid and proportionate.

  • Other Third Parties: Aside from the parties above, we do not rent or sell personal data to third-party companies for their own independent use. In particular, we do not share our advertiser or end-user personal data with data brokers or social media platforms for advertising outside of the Netnetix context. If we ever need to share data with any other category of third party (for example, an independent auditor or consultant), we will do so only with a proper legal basis and we will update this privacy policy or notify you as required.

Sub-Processors and GDPR Compliance

As noted, any third-party processors ("sub-processors") we engage are subject to stringent contractual obligations to protect your data. Under Article 28 of the GDPR, we have put in place Data Processing Agreements with all our sub-processors. These agreements require, among other things, that the sub-processor: processes personal data only on our documented instructions, keeps the data confidential, implements robust security measures, and ensures any further sub-processors do the same. If we add or change significant sub-processors that handle personal data, we will endeavour to notify our clients (for example, via an update to our website or direct communication) in line with contractual commitments. By using Netnetix, our business customers authorise us to engage such sub-processors as needed to provide the service, provided we maintain responsibility and compliance as described.

Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, or to meet legal and business requirements. Because our business users often run recurring campaigns and need ongoing access to performance data, we generally keep advertiser account data and campaign information for the duration of the business relationship.

  • Advertiser Data Retention: If you are a customer, we will retain your account information and campaign history while you continue to use Netnetix. If you cease using the platform or request account closure, we will delete or anonymise your personal data upon request, except where we need to keep it for legitimate business or legal reasons. For example, we may retain certain records to comply with laws (tax or financial reporting requirements) or to be able to resolve disputes. In general, this means we might keep contract and billing information for a number of years as required by law (e.g., UK companies must keep invoices for at least the statutory retention period). We may also keep minimal contact information on an internal "do not contact" list if you have opted out of marketing, to ensure we respect that going forward. Aside from such obligations, we periodically review the data we hold and erase or anonymise data that we no longer need.

  • End-User Data Retention: End-user advertising interaction data (impressions, clicks, IP logs) is retained for only as long as it is useful for our legitimate operational needs. In practice, we typically retain detailed event-level logs for a short period (to allow us to aggregate statistics, investigate fraud, or debug issues), after which we either delete them or aggregate/anonymise the data. Aggregated analytics (which no longer identify any individual) may be kept for longer to study performance trends. We strive to minimise retention of raw personal data in this context, following the principle of data minimisation. For instance, IP addresses might be truncated or hashed after initial processing, unless needed to investigate security incidents. In any case, we will not keep end-user personal data for longer than necessary relative to the purposes described in this policy.

Please note that, except where a specific law requires a certain retention period, we do not commit to retaining personal data for any fixed term, and we may delete or anonymise data at our discretion when we have no further need for it. Conversely, if the law permits, we may retain data for a longer period in archived form (with appropriate safeguards) if we believe it is necessary for legal, audit, or legitimate business purposes. We always handle retained data in accordance with this privacy policy.

International Data Transfers

Netnetix is a globally accessible service. While Revbox Ltd is based in the UK, we and our sub-processors may process data in various countries. Specifically, many of our servers and cloud infrastructure are located in data centres within the European Economic Area (EEA). However, some of our service providers (and Revbox's own parent or affiliate operations) may be located outside of the UK and EEA – for example, in the United States or other jurisdictions. Whenever we transfer personal data across borders, we take steps to ensure that adequate protection travels with the data.

If your personal data is transferred to a country that is not recognised by the European Commission or UK Information Commissioner's Office as providing an adequate level of data protection, we will implement appropriate safeguards as required by GDPR. Our primary mechanism is to use the European Commission's Standard Contractual Clauses (SCCs) (and the UK "International Data Transfer Addendum" where applicable). These are legally binding contract terms that obligate the recipient to protect your data to EU/UK standards. In some cases we may rely on other permitted transfer solutions, such as an adequacy decision (if the destination country has been officially approved as having strong data protection laws), or verified compliance frameworks (for instance, the EU-US Data Privacy Framework if applicable, for transfers to certified US entities). We will also assess any data transfers on a case-by-case basis to ensure that your rights remain enforceable and effective.

You can request more information about international transfers and the safeguards we use by contacting us. Despite different laws in other countries, our handling of your data will always be governed by this policy and by UK/EU law obligations. We remain responsible for protecting personal data, even when it is transferred to, or accessed by, our affiliates or partners abroad.

Your Rights

As an individual whose personal data we process, you have certain rights under GDPR and related data protection laws. Netnetix is committed to honouring your rights. These include:

  • Right to Access: You have the right to request confirmation of whether we are processing your personal data, and if so, to obtain a copy of the personal data we hold about you. This is often referred to as a "Data Subject Access Request." We will provide you with a copy of the information in a commonly used format, unless doing so adversely affects the rights of others. For advertiser users, much of your basic account data and campaign information is available by logging into your account, but you can also contact us for a full report.

  • Right to Rectification: If any of your personal data we have is inaccurate or incomplete, you have the right to have it corrected. For example, business users can update their contact details or company name by contacting us or via their account settings. We encourage you to keep your information up to date and will promptly rectify any errors you report.

  • Right to Erasure: You have the right to request deletion of your personal data in certain circumstances – for instance, if the data is no longer necessary for the purposes for which it was collected, if you withdraw consent (and no other legal basis applies), or if you object to processing and we have no overriding legitimate grounds to continue. We will honour valid erasure requests and will also take steps to inform any third parties processing your data on our behalf to delete it as well. Please note there are some exceptions: we may retain data if needed to comply with a legal obligation or to establish/exercise/defend legal claims. If an advertiser user asks to delete their account, we will remove personal details but may keep transactional records as required by law, as explained in Data Retention.

  • Right to Restrict Processing: You have the right to ask us to restrict (pause) the processing of your personal data in certain scenarios. For example, you can request restriction if you contest the accuracy of the data (while we verify it), or if you objected to our processing based on legitimate interests (while we consider the request). When processing is restricted, we will still store your data but not use it further until the issue is resolved. If the restriction is lifted, we will inform you.

  • Right to Object: You have a right to object to our processing of your personal data at any time when that processing is based on legitimate interests (or performed for direct marketing). This includes the right to object to our processing of end-user data on the basis of legitimate interest. If you lodge an objection, we will stop the processing in question unless we can demonstrate compelling legitimate grounds for the processing that override your rights, or if we need to continue processing for the establishment, exercise or defence of legal claims. You always have an absolute right to object to your data being used for direct marketing – if you opt out or object, we will stop sending marketing messages.

  • Right to Data Portability: For any personal data you provided to us directly (applicable mainly to advertiser users) and which we process by automated means on the basis of contract or consent, you have the right to request a copy in a structured, commonly used, machine-readable format (for example, CSV or JSON). You also have the right to have that data transmitted to another controller, where technically feasible. This right enables you to reuse your data across different services. Note that this right applies to data you actively provided (like your account information or content of inquiries) and not to derived or inferred data like internal analytics.

  • Right Not to be Subject to Automated Decisions: Netnetix does not make any decisions about individuals that have legal or similarly significant effects solely by automated means (without human involvement). We do not engage in automated profiling of end-users – our ad targeting is contextual or based on non-sensitive criteria. However, for completeness, you have the right not to be subject to a purely automated decision that significantly affects you, unless it is necessary for a contract with you, authorised by law, or based on your explicit consent. In the unlikely event we ever implement automated decision-making that falls under Article 22 GDPR, we will ensure you have the right to obtain human intervention and to express your point of view.

  • Right to Withdraw Consent: Where we rely on consent for any processing, you have the right to withdraw your consent at any time. This will not affect the lawfulness of processing carried out before withdrawal. For example, if you consented to receive a newsletter, you can opt out at any time and we will stop sending it. Since our primary bases are contract and legitimate interest, consent withdrawal mainly applies to optional communications or future features.

  • Right to Lodge a Complaint: If you believe we have infringed your data protection rights or disagree with how we've handled your personal data, you have the right to lodge a complaint with a supervisory authority. Revbox Ltd's lead supervisory authority in the UK is the Information Commissioner's Office (ICO). You can contact the ICO or your local EU data protection authority. We would, however, appreciate the chance to address your concerns first, so we invite you to contact us directly to discuss any issue. We will do our best to resolve it in a satisfactory manner.

Exercising Your Rights: You can exercise the above rights at any time by contacting us (see Contact Information below). For security, we may need to verify your identity before fulfilling certain requests, to ensure we don't disclose data to an unauthorised person. We will respond to your request as soon as possible and no later than one month from receipt (or inform you if we need an extension for complex requests, as permitted by law). There is no fee for making a request, unless it is manifestly unfounded or excessive, in which case we may charge a reasonable fee or refuse the request (we will explain our reasoning in such cases).

Please note that if you are an end-user who has seen an ad, we likely have minimal information (and no direct identifiers) about you. In such cases, if you make a rights request, we might require additional details (like the IP address and time of interaction) to locate any records. If we cannot identify data relating to you, we will inform you of this. But the above rights still apply to the extent that we hold personal data about you which is identifiable.

Security Measures

Revbox Ltd takes information security very seriously. We have implemented appropriate technical and organisational measures to protect personal data against unauthorised access, alteration, disclosure, or destruction. These measures include:

  • Encryption: All data transmitted between your browser and our platform is encrypted using industry-standard protocols (such as TLS/SSL). This protects your information from eavesdropping while it travels over the internet. We also encrypt sensitive data at rest in our databases or storage, especially financial information and passwords (which are stored in hashed form).

  • Access Control: Access to personal data within our organisation is restricted on a need-to-know basis. Only authorised personnel from Revbox Ltd or publishing partners involved in the Netnetix network who require access to operate the Netnetix service (for example, operations and support teams) can view personal data. We employ role-based access controls and staff authentication mechanisms to prevent unauthorized access. All staff with such access are bound by confidentiality obligations.

  • Infrastructure Security: We host Netnetix on secure, modern cloud infrastructure (for instance, on Amazon Web Services data centres) which employ robust physical and network security. Our servers are protected by firewalls, regular security patching, and monitoring systems to guard against intrusion. We utilise security services to detect and mitigate threats such as DDoS attacks or suspicious activities.

  • Operational Security: We maintain policies and procedures to manage data securely throughout its lifecycle. This includes secure software development practices, regular data backups, and (where appropriate) pseudonymisation or anonymisation of data. We also train our employees on data protection best practices and incident response.

  • Monitoring and Testing: We monitor our systems for vulnerabilities and have an incident response plan for any suspected data breaches. While no internet service can be guaranteed 100% secure, we strive to continuously update and improve our security measures. In the unfortunate event of a data breach affecting personal data, we will follow legal requirements for notification, which may include informing the ICO and affected individuals when required by law.

By using our service, you also play a role in security. We encourage business users to use strong, unique passwords for their accounts and to keep their login credentials confidential. If you believe your account has been compromised or detect any unusual activity, please notify us immediately.

Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us. Revbox Ltd is the data controller for Netnetix, and you can reach our data protection team through the following:

  • Postal Mail: You may also write to us at our registered business address:
    Revbox Ltd – Data Protection Officer (DPO)/Privacy Team
    71–75 Shelton Street, Covent Garden
    London WC2H 9JQ
    United Kingdom

  • Contact Form: Alternatively, you can reach out via our website's contact page. If using the contact form, please mention that your inquiry is related to privacy or data protection so it can be directed appropriately.

We will respond to all legitimate requests as soon as possible, and at the latest within any timeframe required by law. If you are an EU resident and wish to contact an EU representative for Revbox Ltd (if applicable), please let us know and we will provide details if we have designated one.

Changes to this Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or for other operational reasons. If we make significant changes, we will notify our users by appropriate means – for example, by emailing registered advertisers or by posting a prominent notice on our website or within the platform. The "last updated" date in this policy will always indicate when the latest changes were made. We encourage you to review this Privacy Policy periodically to stay informed about how we protect your data.

If we propose to use your personal data for a new purpose that is not covered by this policy, we will seek your consent or provide you with a chance to opt out, as required by law, before we start that processing.