Privacy Policy and Security Statement

At UDOOH, we understand the importance of privacy and security in the Out-of-Home (OOH) advertising industry. Our commitment to protecting your data is at the core of our business practices. This document outlines our approach to privacy and security for our operations in India.


1. Data Collection and Usage

Our hyperlocal OOH advertising solutions rely on the collection and processing of specific data to deliver targeted and effective campaigns. This includes customer-provided audience networks comprising both customers and prospects, location data for proximity-based targeting to OOH screens, and campaign performance metrics. We utilize this information exclusively for the purpose of executing targeted advertising campaigns and enhancing our services within the Indian market. Our data collection practices are designed to balance the need for effective advertising with respect for individual privacy, in accordance with Indian data protection norms.


2. Data Protection and Security

To safeguard your valuable data, we implement a comprehensive array of security measures tailored to the Indian regulatory environment. These include state-of-the-art encryption protocols for data both in transit and at rest, regular and rigorous security audits, and vulnerability assessments to identify and address potential weaknesses. We enforce strict access controls and authentication protocols to ensure that only authorized personnel can interact with sensitive information. Furthermore, our infrastructure is built on secure cloud platforms, leveraging advanced security features to create a robust defense against potential threats, with data storage compliant with Indian data localization requirements.


3. Compliance

Our commitment to data protection extends to full compliance with relevant Indian regulations and standards. We maintain an active stance on regulatory compliance, regularly reviewing and updating our practices to align with the Information Technology Act, 2000, recommendations of Telecom Regulatory Authority of India (TRAI), THE Digital Personal Data Protection Act, 2023, the rules made therein, the subsequent amendments, as well as any forthcoming data protection legislation in India. This proactive approach ensures that our data handling practices not only meet but often exceed legal requirements in India, providing our clients with the assurance that their data is handled with the utmost care and in accordance with the latest national regulatory standards.


4. Transparency and Control

We believe in empowering our clients with transparency and control over their data, in line with Indian privacy norms. To this end, we offer customizable privacy settings that allow clients to tailor their data sharing preferences according to their specific needs and comfort levels. We provide options for managing audience network data, giving clients the ability to update, modify, or remove information as needed. Additionally, we maintain clear and comprehensive audit trails of system access and changes, ensuring that all interactions with client data are traceable and accountable, adhering to Indian legal requirements for data handling and storage.


5. Data Accuracy and Reporting

Accuracy in reporting is crucial in the OOH advertising industry, particularly for Proof of Play and campaign performance metrics in the Indian market. We maintain stringent internal controls on our reporting processes to ensure the highest level of accuracy. Our systems are designed to provide transparent and precise billing practices based on verified data, in compliance with Indian financial regulations. We regularly audit our reporting mechanisms to maintain their integrity and reliability, giving our clients confidence in the accuracy of our performance metrics and financial information.


6. Content Protection

Protecting the integrity of advertising content is a key priority for us, especially considering the diverse cultural context of India. We implement robust measures to ensure that only authorized and appropriate content reaches our OOH screens. This includes multi-level authentication protocols. We operate on a principle of least-privilege access control for our staff, limiting content manipulation capabilities to only those employees whose roles necessitate such access. Furthermore, we maintain comprehensive audit trails of all user access and actions related to content management, providing a clear record of all interactions with advertising materials.


7. Continuous Improvement

Our dedication to privacy and security is an ongoing commitment, evolving with the dynamic digital landscape of India. We regularly conduct training sessions for our staff, ensuring they are up-to-date with the latest data protection and security best practices relevant to the Indian market. Our security team continuously monitors our systems and practices, identifying areas for improvement and implementing enhancements as needed. We periodically review and update our privacy and security policies to reflect evolving threats, technological advancements, and regulatory changes in India, ensuring that our protection measures remain current and effective.


8. Third-Party Relationships

We recognize that the security of our system is only as strong as its weakest link. Therefore, we carefully vet and continuously monitor any third-party services integrated into our operations within India. Our selection process for partners and service providers includes rigorous security assessments to ensure they meet our high standards for data protection and security, as well as compliance with Indian regulations. We maintain ongoing oversight of these relationships, regularly reviewing their security practices and compliance with our data protection requirements to minimize potential vulnerabilities in our ecosystem.


9. Incident Response

Despite our best efforts to prevent security incidents, we acknowledge that no system is immune to all threats. To address this reality, we have established a dedicated incident response team and detailed procedures to swiftly identify, contain, and mitigate any potential security incidents or data breaches within our Indian operations. Our response plan includes clear communication protocols to ensure that affected parties are promptly notified and kept informed throughout the resolution process, in accordance with Indian legal requirements. We regularly test and update our incident response procedures to ensure their effectiveness in the face of evolving threats.


10. Opt Out

Anyone wishing to not receive commercial and promotional messages and emails from us may opt out by clicking on the unsubscribe link at the bottom of our emails. Please note that you are not permitted to unsubscribe or opt-out of non-commercial and non-promotional messages regarding your account, such as account verification, changes or updates to features of the services, or technical or security notices.


11. Limitations and Disclaimer

While we employ industry-standard security measures and continuously strive to protect your data within the Indian context, it's important to acknowledge that no system can guarantee 100% security in the digital landscape. We are committed to implementing and maintaining robust security practices, but we cannot provide an unconditional assurance of complete invulnerability. We encourage our clients to stay informed about cybersecurity best practices and to work in partnership with us to maintain the highest possible level of data protection. For more information about our privacy and security practices, or to exercise your data rights in accordance with Indian law, please contact our dedicated privacy team at [support@udooh.com]. This privacy policy is subject to change, and we encourage you to review it periodically to stay informed about how we protect your data in India.


Last updated: 27th September 2024