Effective Date: May 23, 2018

Your Privacy is our top priority, so we provide this Privacy Policy to describe our practices and procedures as to how Xendiz collects, uses and discloses information, and what rights you have with respect to the personal information. Please read this Policy carefully.

This Policy is incorporated into, and subject to, Xendiz Terms & Conditions. All terms undefined in this Policy should be understood and have the same meaning as in Terms & Conditions.

Xendiz takes your privacy seriously, so we will collect and process your personal information only after we obtain your explicit consent. If you do not accept this Privacy Policy, please do not use this website.

We reserve the right to revise this Privacy Policy from time to time. The most current version of the Privacy Policy will be available on this page, so you can be always aware of the up-to-date information. For changes to this Privacy Policy that may be materially less restrictive on our collection, usage and/or disclosure of personal information you have already provided to us, we will attempt to obtain your consent before implementing the changes.

For all other changes, it is at your sole responsibility to review the terms of this Policy from time to time to ensure you agree with it and any applicable amendments. Your continued use of the Website constitutes your acceptance of the new Privacy Policy.


Xendiz (“we”, “us”) is an advertising platform, based on openRTB protocol, using machine learning algorithms for maximizing advertising efficiency. In other words, we facilitate the purchase of media advertising inventory in real-time binding (RTB) auctions, providing a specific software tool for advertisers (“Demand Side Platform”, “DSP”) and publishers (“Supply Side Platform”, “SSP”) to be connected. Please find more about our Services at Xendiz Terms & Conditions.


Personal information, or Personal Data, means any information relating to the User and that alone or in cumulation with other pieces of information gives the opportunity to the person that collects and processes such information to identify the User as a person. It can be User’s name, identification number, location data, or information related to physical, physiological, genetic, mental, economic, cultural or social life.


Personally Identifiable Information (“PPI”). This is information that allows to identify you as a specific individual. We may collect PPI, including, but not limited to User’s name, email, and company name, provided by our potential partners in a request form on the website.

Non-Personally Identifiable Information (“Non-PPI”). This is information that does not personally identify you. We may collect the following Non-PPI, which may include:

  • Log File Information. The log files occur on the website and collect data including your IP address, browser type, operating system, Internet Service Provider, network carrier information.
  • Mobile Device Information. We may also collect the following mobile specific information: device type, make and model, operating system, mobile advertising identifiers, operating system device identifier, the GPS location of your device (if opted-in).
  • Non-Precise Geographic Location. Your device may be capable of sharing your geographic location with the apps or web pages you visit using the device. It might be possible through GPS coordinates and/or information about Wi-Fi networks in your vicinity. We collect information of your non-precise geographic information, limited to the country and city of the device location.
  • Analytics. We may also collect information, provided by Google Analytics, such as your IP host address, Internet service provider, browser type, operating system and language, referring and exit pages and URLs, date and time, amount of time spent on particular pages, number of links you click, search terms, and other data. This information is collected automatically and anonymized by Google Analytics. You can also opt-out from being tracked by Google Analytics:
  • Cookies and Pixel Tags. These are the small files stored on a User’s internet enabled device (computer, mobile phone etc.) to understand the User’s experience on the website. We use cookies to customize our website to your needs, display personalized content, store the User’s preferences, and measure the promotional effectiveness. We also use pixel tags, some small blocks of code on a webpage that allows us to set, read and modify cookies.

  • You may also refuse the use of cookies by selecting the relevant settings on your browser. Please note that if you opt-out cookies once, you may need to renew your choice, when using different device or Internet browser.

    Special Categories of Personal Information. We do not collect any personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation.


  • Directly. As a general principle, we do not collect any data directly from their owners, unless the data subject intends to become our partner. We may collect data about our potential partners directly, when they fill a request form on the website and under the terms of our agreement and this Policy.
  • Automatically. This is information that is reported when the User access the website. Our servers may automatically record certain Non-PII information.
  • From Third Parties or Publicly Available Sources. In all other cases, we usually process information, provided by our partners (DSP, SSP), collected with the use of their own software and services. In this respect, we place our partners under the commitment to comply with all applicable laws in all applicable jurisdictions.

  • We may combine the information we receive from third parties with the information we directly collect from you and use such information accordingly to this Privacy Policy and requirements under applicable EU data protection and privacy laws.


We may use the information collected in the following ways:

Xendiz commits to use the information collected solely for the purposes described in this Privacy Policy. If we decide to modify and/or add any purpose, we will inform you about all changes and ask for your consent prior to the application of any amendments.


Except as otherwise provided in this Policy, permitted or required under law, we will not intentionally disclose any personal information about you as a specific individual to third parties without your prior consent.

Except as otherwise provided in this Policy, permitted or required under law, we will not intentionally disclose any personal information about you as a specific individual to third parties without your prior consent.

We may disclose certain NII to third parties to carry out business activity, comply with the reporting obligations, to understand the User’s preferences, habits, usage patterns, to provide the relevant content and services via the website.

We may also disclose personal data or other information: (i) in connection with a government inquiry, dispute or other legal process or request; (ii) when we, in good faith, believe that such disclosure is necessary to detect, prevent any fraud, investigate potential violations of our Terms & Conditions; (iii) to provide the security of the website, protect our property or legal rights, enforce our agreements or ensure other security measures.


Where we store and process information within the European Union, we may use appropriate contracts approved by the European Commission.

We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission.

We may transfer, store and process personal information on the servers located in the United States. With respect to the personal information transferred to the United States, Xendiz complies with EU-US Privacy Shield Framework.


We maintain the appropriate administrative, technical and physical safeguards to any accidental or unlawful destruction, loss, unauthorized alteration, unauthorized disclosure or access, misuse, and any other form of breach in regard to your personal information. These measures provide sound industry standard security.

Although we make efforts to protect your privacy, Xendiz cannot guarantee a 100% security of any information you transmit to us.

If you believe your personal information has been compromised, please contact us at

If we find out of any security systems breach, we will inform you and the relevant authorities of the occurrence of the breach accordingly to the applicable law.


We retain personal information collected from you as long as we need it to fulfill the purposes for which it was initially collected, unless otherwise is required by law. We will retain and use the information collected with regard to the applicable laws requirements, as follows:

  • accounting source documents is retained for the period of 7 years according to the Estonian accounting and taxation laws;
  • employment contracts are retained for the period of 10 years according to the Estonian Civil Code Act.

In some circumstances, we may delete your personal data on your request, as described below in this Policy. We may also anonymize your personal information (so it will be no longer associated with you) for analytical or statistical purposes.


Under the GDPR, Users from EU and EEA are subject to a number of rights regarding the collection and processing of their personal information, including:

  • Right to be informed. You are entitled to receive concise, transparent, intelligible, easily accessible information regarding the purposes for processing of personal data, retention periods for storing of the respective personal data, persona data sharing particularities and other.
  • Right to access. You are able to ask us how and in which way Xendiz is using your personal data as well as to check the lawfulness of the processing.
  • Right to rectification. You may inquire us to rectify inaccurate, incomplete and/or misleading data to any piece of personal information, as well as provide us with the accurate, complete and/or updated data.
  • Right to erasure. This means that you may request us to erase the information that is no longer necessary for the purposes for which it was collected, as well as no legal grounds for processing exists.
  • Right to restrict processing. If you have a particular reason to restrict processing, either we process inaccurate data, or there is no need to continue processing your data, you may request us to restrict such processing.
  • Right to withdraw consent. You may ask us to withdraw your consent for the collection and processing personal information at any time. Exercising this right will not affect the lawfulness of processing based on consent before its withdrawal.

If you have any concerns regarding your rights, please do not hesitate to contact Xendiz’s Data Protection Team at

We will answer your request as soon as possible and without undue delay but no longer than within one month from the date of its receipt.

You also have the possibility to file a complaint to the supervisory authority that is empowered to process such complaints in your country.


This website is not intended for children under the age of 16 and we do not knowingly or intentionally collect any information relating to children.


If you have any questions about this Privacy Policy, please feel free to contact us at