Innovid and Consumer Privacy

Data Protection and Consumer Privacy is Paramount to Innovid:

As the only independent omni-channel advertising, analytics and measurement platform built for television, Innovid is dedicated to a high standard of consumer privacy and data protection, while maintaining quality online advertising and measurement services for various advertisers, agencies, publishers and other businesses across various third party websites and online media.  

Innovid has restrictive policies for the collection, use and sharing of consumer data. We maintain membership with the Network Advertising Initiative (NAI) and the Digital Advertising Alliance (DAA), and also maintain accreditation with the Media Rating Council (MRC). We are also a participating vendor in the IAB Europe Transparency & Consent Framework (TCF). 

Innovid’s collection of data generally consists of basic data elements associated with advertisements served or measured by Innovid, such as impressions, clicks, mouse movements, viewing duration, IP address, date and time of interaction, information about the general geographical location from which a consumer is viewing an advertisement, device type, and other generic identifiers made available by the browser or device. Innovid collects these data elements on behalf of its clients in a privacy-compliant manner for the clients’ legitimate business interests and purposes, in order to effectively measure and evaluate the performance of the client’s advertising campaigns, deliver, schedule and sequence ads, administer the client’s account, and/or provide the client with engagement or performance analysis.  

At a client’s request (where the client uses Innovid’s ad serving services), Innovid may assist the client to target its ads based on the client’s first-party data or based on data from the client’s selected data management platform. Innovid also offers frequency and ad personalization features such as ad sequencing and creative decisioning based on factors such as general geographic location, time of day and number of exposures. However, Innovid does not create user segments. Innovid also does not collect any categories of data deemed sensitive under applicable laws or NAI standards. In a limited number of use cases, the client also has the option to have Innovid collect user-volunteered email addresses or phone numbers on its behalf from selected advertising formats; in these cases, such user-volunteered data is collected from the consumer solely on an opt-in basis, and is used solely to fulfill the client’s request.  

Please read the Innovid Privacy Policy for further details regarding Innovid’s data collection, usage and sharing practices.  

Innovid Upholds Consumer Choice:

We believe consumers should have the right to control how ads are targeted to them, and how their activity is measured, across online media. Innovid respects the consumer’s choice to opt-out of interest-based advertising and ad measurement. For more information regarding the opt-out options offered by Innovid, please see here.  

Innovid is also in compliance with the standards set by the NAI, the leading self-regulatory association comprised of third-party digital advertising companies, and maintains membership with NAI and DAA. For additional information on NAI standards and how to use advertising choice mechanisms, please see NAI page located here. 

Security and Compliance with Applicable Laws and Regulations:

Innovid is committed to data security and takes a variety of measures in line with industry practice to safeguard the data in its possession from unauthorized alteration, destruction, access or misuse. We maintain tight controls over all the data we collect, retaining it in firewalled and secured databases with strictly limited and controlled access rights, designed to ensure that the data is secure. Additional security measures include encryption of personal information at rest and in transit, maintaining a strict password policy, the use of multi-factor authentication for key systems, maintaining antivirus measures and vulnerability management policies, and the use of various security technologies designed to prevent unauthorized activity.  

Innovid maintains compliance with the EU General Data Protection Regulation (GDPR). Innovid uses EU Standard Contractual Clauses as a mechanism to enable the transfer of personal data from the European Union, the United Kingdom, and Switzerland to the United States, In addition, Innovid maintains self-certification under the EU-US Data Privacy Framework. We have appointed a data protection officer, have a process for responding in a timely manner to data subjects seeking to exercise their rights under GDPR, and take a proactive approach to putting the necessary contractual provisions in place with our vendors and clients.   

Innovid has taken a comprehensive approach to U.S. state privacy law compliance, including CCPA, CPRA and VCPDA, and will continue to monitor and adjust our approach as state laws and regulations continue to evolve, to ensure we maintain compliance. As between Innovid and its clients, Innovid is a service provider and does not “sell” or “share” personal information as contemplated under CCPA, CPRA and similar state laws.   

Data policy and privacy regulations are dynamic and constantly changing. In addition to performing yearly internal audits, Innovid continues to monitor its compliance with applicable laws and regulations.  

For any privacy-related request, please email