Privacy Policy

Adbustr ("Adbustr", "we", "our") operates as an independent supply-side advertising platform. This Privacy Policy describes how we collect, use, disclose, and safeguard information in connection with our exchange operations.

1. Information we collect

In the ordinary operation of our exchange, we receive information from publishers, advertisers, demand-side platforms, and end-user devices.

• Device identifiers (IDFA, AAID, device-graph identifiers)
• IP addresses and approximate geographic location
• Browser and operating system metadata
• Contextual signals per OpenRTB 2.6 Content / App / Site objects
• Bid request and bid response telemetry
• Attribution events from Mobile Measurement Partners

2. How we use information

• To operate, secure, and improve our exchange
• To compute pCVR scores via our Resonance decision engine
• To detect and prevent invalid traffic and ad fraud
• To meet our contractual and regulatory obligations

3. Legal bases (GDPR)

• Article 6(1)(b) — performance of contract with our DSP and publisher partners
• Article 6(1)(f) — legitimate interest in operating a fraud-resistant programmatic exchange

4. Recipients

We share information with: integrated DSP partners, Mobile Measurement Partners (AppsFlyer, Adjust, Singular, Kochava), invalid-traffic verification providers (Pixalate), and our infrastructure subprocessors (Vercel, Cloudflare, Resend, Plausible).

5. Data subject rights

EU/EEA/UK residents have rights under GDPR Articles 15–22. California residents have equivalent rights under the CCPA. Exercise rights by contacting privacy@adbustr.com.

6. Data retention

Raw event data: 13 months. Aggregated and anonymized analytics: 7 years.

7. International transfers

Data may be processed in the European Union and the United States, governed by Standard Contractual Clauses or the EU-US Data Privacy Framework where applicable.

8. Contact

Privacy inquiries: privacy@adbustr.com. Data Protection Officer: dpo@adbustr.com.