Privacy Policy Sept. 30th, 2016

TRUSTe European Safe Harbor certificationValidate TRUSTe privacy certification

The Trade Desk is committed to protecting consumer privacy and respecting your right to choice as it relates to advertising and the data used to help serve ads relevant to those consumers. The Trade Desk is a technology company that helps advertisers connect with consumers who are interested in, or could benefit from, the advertisers’ products. Protecting consumer privacy is a top priority to The Trade Desk. See below for our complete Privacy Policy. You can go directly to the section of the Privacy Policy that you want to read:

· The Trade Desk Services Privacy Practices

· Privacy Practices for Our Website

Consumer Opt-Out Choices

The Trade Desk Services: If you would prefer not to have The Trade Desk serve you relevant ads, you may go to our opt-out page to learn more: Opt Out of Relevant Advertising. If you opt out through this page, you may continue to see ads from The Trade Desk, but these ads will not be targeted based on your online activity history. For more information on The Trade Desk services and our practices, please see below.

Third Parties on The Trade Desk Website: We may allow certain third parties to collect data about your web viewing behavior on The Trade Desk website and combine this data with information collected from other websites over time for purposes that include interest-based advertising. If you would like to learn more about this type of advertising, or would prefer to opt-out of interest-based advertising, U.S. residents may visit www.aboutads.info/choices or www.networkadverising.org/choices, European residents may visit www.youronlinechoices.com, and Canadian residents may visit http://youradchoices.ca/choices/. For more information on The Trade Desk website practices, please see below.

Commitment to Industry Self-Regulation: The Trade Desk follows the Digital Advertising Alliance (“DAA”) Self-Regulatory Principles and adheres to the Network Advertising Initiative (NAI”) Code of Conduct as a member of NAI. Click here if you would like further information regarding the DAA principles and here if you would like information about the NAI Code of Conduct. Consistent with these principles, the health/fitness related segments available in The Trade Desk for behavioral advertising can be viewed here.

The Trade Desk also adheres to the European Interactive Digital Advertising Alliance’s (“EDAA”) principles. You can learn more and opt out of behavioral advertising here.

Further, The Trade Desk follows the Canadian Self-Regulatory Principles for Online Behavioural Advertising’s (“DAAC”) principles. You can learn more and opt out of behavioral advertising here. Please contact privacy@thetradedesk.com for any questions about The Trade Desk privacy, security, and data practices. Please see below for our complete Privacy Policy.

The Trade Desk Services Privacy Practices

Posted: August 24, 2016, Effective Date: September 24, 2016.

For the prior version of the privacy policy, please click here.


Contents

BACKGROUND REGARDING OUR TECHNOLOGY AND SERVICES

PRIVACY PRACTICES FOR OUR TECHNOLOGY

How We Use Information Our Technology Collects

Cookies, Web Beacons and Mobile SDKs

Information Sharing

Interest-Based Advertising and Opting Out

Opting Out on iOS Devices Such as iPhones, iPads or iPods

Opting Out on Android Devices

Data Storage and Security

Changes To Our Policy

International Transfers and Safe Harbor

Contacting Us

PRIVACY PRACTICES FOR OUR WEBSITE

Information We Collect On Our Website

Communications From The Site

Who We Share PII With

Third Party Websites

Updating / Deleting your PII

Data Retention

Security

Automatic Data Collection

Testimonials

Changes To This Privacy Policy

Contact Us

BACKGROUND REGARDING OUR TECHNOLOGY AND SERVICES.

The Trade Desk, Inc. (“we”, “us”, or “our”) provides an online advertising and technology platform and we are headquartered in the United States. We provide this privacy policy to inform you about how we collect and use data on our corporate website, which is located at www.thetradedesk.com (the “Website”), and how our technology platform and related technology, such as pixels` (“Technology”) processes information on behalf of online advertisers, website owners, data providers and other businesses that use our services (those online advertisers and their agencies who use our technology are defined as our “Clients”). If you have any questions about this privacy policy, please feel free to contact us at privacy@thetradedesk.com. The Trade Desk runs a buying platform for media and data. The Trade Desk Technology allows our Clients to buy ad space on websites, in apps, and on other digital platforms, and allows for the use of proprietary and third party data in the purchase of that ad space. When ad space is bought or sold digitally (usually to an advertiser or ad agency by a publisher or other content provider) the Technology, fulfills the transaction by delivering the ad to internet and mobile users who visit that site, use that application, or watch certain videos (for example). Generally, an Internet user’s computer, browser or device comes into contact with The Trade Desk when a user views an ad delivered or serviced by or with our Technology. Serving users relevant advertising is sometimes referred to as interest based advertising or online behavioral advertising (“OBA”).

PRIVACY PRACTICES FOR OUR TECHNOLOGY

Information Our Technology Collects. We believe that consumers prefer more (rather than less) relevant ads, tailored to their interests. To do this, we collect a variety of data from Clients, from data suppliers, and across platforms, to help optimize ads and increase the likelihood that a particular unique, but anonymous, user will be interested in (rather than potentially annoyed by) an ad shown. For more information on the technology used to collect the below information, please refer to the below section titled “Cookies, Web Beacons and Mobile SDKs.

• Our Technology collects information generally known as non-personally identifiable information (“Non-PII”) that may include, but is not limited to, your IP host address, the date and time of the ad request, specific location information of your device (which may be derived from, for example, your device’s GPS, Bluetooth, or WiFi signals), pages viewed, browser type, the referring URL, Internet Service Provider, and your computer’s operating system, as well as how you interact with a web page or ad. We may also collect Non-PII such as age, gender, income, education, interests, and usage activity from Clients or other third parties. We also may collect analogous Non-PII from mobile platforms, which may include information about your interactions with those applications (including your IP address and time-stamp information), and information about your mobile device (including device type, handset name, operating system information, mobile identifiers such as Apple IDFA and Android Advertising ID, app-specific identifiers, and a list of the applications your device interacts with).

• Sometimes, we obtain the above information from other ad platforms, application platforms or providers, customers or websites and services (including our Clients). We may work with Clients or other third parties to synchronize or “sync” unique, anonymous identifiers to match our Clients’ Non-PII data or identifiers to our own, in order to enhance data points about a particular unique browser or device, and thus enable or send ads that are more relevant, match consumers to their likely product interests, or better synchronize, cap, or otherwise optimize advertising.

How We Use Information Our Technology Collects

The Trade Desk uses Non-PII to target and serve or to help our Clients to target and serve relevant advertising to consumers and to perform attribution analysis or other analytics regarding advertising audiences, as well as to compile, match and link audiences on behalf of Clients. For instance, we may, or help our Clients to, use this Non-PII to:

• Determine what ad to show a consumer, and customize ads to particular types of audiences;

• Customize ads to the type of web page users are viewing;

• Limit the number of times a consumer sees an ad or a type of ad;

• Perform analysis of how effective the ads are;

• Help advertisers learn more about their own consumers.

Sometimes we may use or make available to Clients products or services from third parties that utilize their data and the Non-PII we collect or receive (such as IP Address) to recognize users or try to resolve a commonality of users (or households) across platforms or across devices, such as smartphones, computers, tablets or related browsers or to connect app usage to browser usage on the same device. For instance, we might infer that a common IP address seen across different devices represents a common user (or a related or similar user), and use that inference in tailoring ads. Occasionally, we receive anonymized data sets (which may constitute hashed or obfuscated personally identifiable information (“PII”)), in order to promote, test or validate the accuracy of such inferences.

We do not knowingly collect or obtain from third parties, any personal data, including any “sensitive personal data,” for OBA purposes, as defined under Directive 95/46/EC, and we contractually prohibit third parties from putting this data in our platform.

In adherence to EDAA requirements, we do not create segments for OBA purposes that are specifically designed to target children (age 12 and under). While this does not mean that ad delivery will not occur, it means that we will not specifically target ads to children ages 12 and under.

Cookies, Web Beacons and Mobile SDKs

In order to help make the online advertisements more relevant to users, our Technology uses the standard “cookies” feature of major browser applications that allows us to store a small piece of data on users’ computers about users’ visits to certain websites. We also use cookies to understand users’ browsing and buying activities so that we can measure the success of online advertising campaigns we run.

Cookies are small text files that web servers typically send to users’ computer when they visit a website. Cookies are stored as text files on users’ hard drive, and can be accessed by web servers when the user visits a website or views an advertisement. Cookies are used by companies to collect and send information about a user’s website visits – for example, number of visits, average time spent, pages viewed, navigation history through the website, and other statistics. This information helps companies improve a user’s online experience in many ways: for example, by allowing companies to monitor website performance, making the website easier to use, measuring the effectiveness of their promotional placements, and tailoring their website (including the ads and offers they receive) to better match a user’s interests and preferences. Users who prefer not to accept cookies can set their Internet browser to notify them when they receive a cookie or to prevent cookies from being placed on their hard drive.

The Trade Desk cookie is set to expire after one year; our opt-out cookie lasts longer. Our cookie expiration may reset upon further interaction between ourselves (or as applicable a Client) and a browser or device.

The Trade Desk also uses web beacons (also known as 1×1 gifs), along with cookies, to determine if a user has visited a particular website. These beacons aid in providing more relevant advertising to the user, as well measuring the success of an advertising campaign, but provide no personally identifiable information.

HTML5 and Locally Stored Objects. Similar to cookies are pieces of code known as “locally stored objects,” which we may also use for storing Non-PII. Locally stored objects, such as HTML5 Web Storage, are used for similar purposes as cookies but typically contain a greater amount and different types of data than browser cookies. Most current versions of common web browsers clear this locally stored data when you delete or clear your cookie cache. To confirm whether this is the case for the browser you are using, or to learn more about how to precisely control this data storage, please consult the Help function of your browser.

Mobile Device Identifiers and SDKs. We may sometimes work with Clients that use mobile SDKs to collect information. A mobile SDK is the mobile app version of a pixel tag or beacon (see those descriptions, above). The SDK is a bit of computer code that app developers can include in their apps to enable ads to be shown, data to be collected, and related services to be implemented. We may use this technology, or work with others who use this technology, to deliver certain advertising through mobile applications and browsers based on information associated with mobile devices. If you’d like to opt-out from having ads tailored to you in this way on your mobile device, please follow the instructions in the “Choices” section below.

Information Sharing

The Trade Desk may share the Non-PII that we collect and receive in various ways.

• Primarily, we work with Clients and other third parties to help optimize ads and make them more likely to be relevant to consumers, by comparing, syncing and sharing the Non-PII described above. For instance, we may share to other ad platforms, customers or websites and services (including our Clients) Non-PII we have collected (generally, unique, anonymous identifiers representing consumers’ browsers), in order for these third parties to match their unique identifiers to our own, so that we can “sync” identifiers in order to help them show more relevant ads, match consumers to their likely interests, or better synchronize, cap, or otherwise optimize advertising.

• Further, the Non-PII we collect and receive may be processed on our behalf by third-party service providers that assist us in running our business, including providers of data storage and processing facilities.

• We may disclose your information to third parties when we reasonably believe we are obligated to do so by law, and in order to investigate, prevent, or take action regarding suspected or actual activities that may harm any person, our company, the Technology, or otherwise violate any law.

• Also, in the event The Trade Desk is merged into another company, or another company acquires all or substantially all of The Trade Desk’s assets, including, without limitation, in the event of bankruptcy, all data compiled or owned by The Trade Desk may be among the items transferred in that transaction.

• Finally, we may share aggregated, non-personal information with Clients in connection with reporting and accounting needs as well as with other unaffiliated third parties for various purposes such as statistical or educational analysis (such as the creation of predictive models).

Interest-Based Advertising and Opting Out

The Trade Desk uses cookies, Web beacons, pixels and other technologies to collect web viewing data across non-affiliated sites over time. In addition, The Trade Desk collects app usage data across non-affiliated apps over time. We may also collect such Web viewing and app usage data from other ad platforms, application platforms or providers, customers or websites and services (including our Clients) and we may combine this information with any information that we have collected about you. We use this data to infer your interests and to provide more relevant advertising to you. This is known as Interest-Based Advertising (“IBA”).

We may also facilitate our Clients’ efforts to place a cookie or other tracking technology on a website with which our Client has a relationship, and we may allow our Clients to collect information about your web viewing behavior on our website. This information may be combined with other data collected from other websites over time for IBA purposes.

The Trade Desk follows the Digital Advertising Alliance (“DAA”) Self-Regulatory Principles and the Network Advertising Initiative (“NAI”) Code of Conduct.

Opting Out for Web-based IBA: If you’d like to opt-out from having The Trade Desk use your Web viewing data and other Non-PII for web-based IBA purposes, please click here for more information on IBA and the choices that The Trade Desk offers with respect to IBA. The DAA and NAI also provide websites where you can learn more about IBA and opt out of receiving targeted ads from our advertising partners who participate in the DAA or NAI programs. You can access these websites at www.aboutads.info/choices and at www.networkadvertising.org/choices. Residents of the EEA and Switzerland may visit www.youronlinechoices.com. If you are located in Canada, you can access this information at http://youradchoices.ca/choices/.

Opting Out for App-based IBA: If you are using a mobile device, you may be able to opt out of receiving IBA by The Trade Desk based on app usage data, through your device settings as described below. We provide the following descriptions solely for informational purposes. For additional information and up to date methods of opting out, you should consult your device settings, and instructions provided by device manufacturers.

Opting Out on iOS Devices Such as iPhones, iPads or iPods

If you have an Apple device, you can opt out of our IBA services by updating to iOS 6.0 or higher, and setting Limit Ad Tracking to ‘ON’. You can do this by clicking on Settings -> General -> About -> Advertising and toggling Limit Ad Tracking to ‘ON’. Our systems are designed to respect your choice and not use information to provide IBA when this setting is ON. Again, you should consult Apple’s support web pages and instructions for the most current applicable settings.

Opting Out on Android Devices

If you have an Android device and would like to opt out of our IBA services, you may do this as follows:

1. Open the Google Settings app on your device

2. Select Personal info & privacy à Ads settings à Manage Ad Settings

3. Turn to “off” the “Ads based on your interests” option.

Our systems are likewise designed to respect these choices transmitted by your Android device. Again, however, please consult Google’s settings and instructions for the most current settings information.

Please note that these settings do not block ads, but rather will not base ads on your interests.

Data Storage and Security

We retain the Non-PII collected via our Technology for up to eighteen months. After 18 months (or sooner) the data is stored in aggregate for up to three years.

The security of your information is important to us. The Trade Desk has implemented security measures, including physical, electronic and administrative safeguards, to prevent the loss, misuse, and alteration of the information that our Technology collects, but we make no assurances about our ability to prevent such loss, misuse, to you or to any third party arising out of any such loss, misuse, or alteration.

Changes To Our Policy

We may revise this policy at any time. Any changes and/or updates to the policy will be updated directly on this page. We encourage you to visit this page periodically to review our current privacy policy so that you will always know what information we gather and how we may use that information.

International Transfers and Safe Harbor

The Trade Desk operates the Technology from servers located in the United States of America and the information it collects through Clients is processed in the United States of America. Laws governing the collection and use of data in the United States may not be equivalent to those in the country where you reside, but The Trade Desk will at all times protect your data in accordance with this Policy.

To the extent they are applicable, The Trade Desk, Inc. complies with the principles of the U.S./EU and U.S./Swiss Safe Harbor Frameworks regarding Notice, Choice, Onward Transfer, Security, Data Integrity, Access and Enforcement with respect to the personal information it receives in the U.S. from the relevant European countries. To exercise their rights under Safe Harbor or file a complaint, residents of those countries may contact The Trade Desk, Inc. as described in the next section of this privacy policy, and our business customers can log into their accounts to directly access and correct certain information they have submitted. In the event we are unable to resolve a disagreement with a covered European resident regarding the handling of his or her personal information under Safe Harbor, we agree to resolve the matter through TRUSTe. To learn more about the Safe Harbor Frameworks, please visit http://www.export.gov/safeharbor. You can search for and review our Safe Harbor certification at https://safeharbor.export.gov/list.aspx.

Contacting Us

Should you have any questions in regards to this policy or The Trade Desk’s privacy practices, please contact our representatives at the following email and they will be more than happy to clarify and assist you in any way possible: privacy@thetradedesk.com, or by mail at:

Privacy

The Trade Desk, Inc.

42 N. Chestnut Street

Ventura, CA 93001


PRIVACY PRACTICES FOR OUR WEBSITE

Posted: August 24, 2016, Effective Date: September 24, 2016. For the prior version of the privacy policy, please click here.

This privacy policy describes how The Trade Desk collects and uses the personal information you provide on our Web site: www.thetradedesk.com. It also describes the choices available to you regarding our use of your personally identifiable information (“PII”) and how you can access and update this information.

The Trade Desk has received TRUSTe’s Privacy Seal signifying that this privacy statement and our practices have been reviewed for compliance with the TRUSTe program viewable on the validation page available by clicking the TRUSTe seal. The TRUSTe certification covers personal information collected through this site: www.thetradedesk.com.

If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact TRUSTe at https://feedback-form.truste.com/watchdog/request.

To the extent they are applicable, The Trade Desk, Inc. complies with the principles of the U.S./EU and U.S./Swiss Safe Harbor Frameworks regarding Notice, Choice, Onward Transfer, Security, Data Integrity, Access and Enforcement with respect to the personal information it receives in the U.S. from the relevant European countries. To exercise their rights under Safe Harbor or file a complaint, residents of those countries may contact The Trade Desk, Inc. as described at the end of this privacy policy, and our business customers can log into their accounts to directly access and correct certain information they have submitted. In the event we are unable to resolve a disagreement with a covered European resident regarding the handling of his or her personal information under Safe Harbor, we agree to resolve the matter through the International Centre for Dispute Resolution / American Arbitration Association Safe Harbor Dispute Resolution Program (http://go.adr.org/safeharbor). To learn more about the Safe Harbor Frameworks, please visit http://www.export.gov/safeharbor. You can search for and review our Safe Harbor certification at https://safeharbor.export.gov/list.aspx.


Information We Collect On Our Website

We collect PII such as name, email address and phone number when you contact us with questions regarding our service or to request a demonstration of our product.

We and/or our selected third-party partners may also collect data about visitors’ activities on this Website and across the Internet over time for non-advertising purposes, including to conduct analytics, measure trends, and streamline website usability. Please see the section below on “Automatic Data Collection” for more information.

How We Use Information We Collect On Our Website

On this Website, PII is only collected on the Contact Us, Request a Demo, Get More Info, or Newsletter Signup sections.

Communications From The Site

Newsletters

If you wish to subscribe to our newsletter, we will use your email address to send the newsletter to you. If you no longer wish to receive these email communications you can follow the unsubscribe instructions contained in the emails you receive or by contacting us at privacy@thetradedesk.com.

Service-related Announcements

We will send you strictly service-related announcements on rare occasions when it is necessary to do so. For instance, if our service is temporarily suspended for maintenance, we might send you an email.

Generally, you may not opt-out of these communications, which are not promotional in nature. If you do not wish to receive them, you have the option to deactivate your account.

Who We Share PII With

We will share your personal information with third parties only in the ways that are described in this privacy statement.

• We may provide your personal information to companies that provide services to help us with our business activities such as sending email communications on our behalf. These companies are authorized to use your personal information only as necessary to provide these services to us.

• We may also disclose your personal information:

o As required by law, such as to comply with a subpoena, or similar legal process,

o When we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request,

o If The Trade Desk is involved in a merger, acquisition, or sale of all or a portion of its assets, you will be notified via email and/or a prominent notice on our Web site of any change in ownership or uses of your personal information, as well as any choices you may have regarding your personal information, or

o any other third party with your prior consent to do so.

Third Party Websites

The Trade Desk Website may contain links to and advertisements for websites operated by third parties whose privacy practices may differ from ours. While we endeavor to associate only with reputable entities, The Trade Desk is not responsible for the privacy practices of these other websites. We encourage you to check the privacy policies of all websites that you visit.

Updating / Deleting your PII

If you’d like us to update, correct, delete, or deactivate any PII that you have provided to us on this Website, please resubmit your contact information on the Contact Us page or send your request to us at

Data Retention

We will retain your information for as long as your account is active or as needed to provide you services. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.

Security

The security of your personal information is important to us. The Trade Desk has implemented security measures to prevent the loss, misuse, and alteration of the information that our Technology collects, but we make no assurances about our ability to prevent such loss, misuse, to you or to any third party arising out of any such loss, misuse, or alteration.

Third Party Advertisers

The Trade Desk follows the Digital Advertising Alliance Self-Regulatory Principles and the Network Advertising Initiative Code of Conduct. We may allow certain third parties to collect data about your web viewing behavior on The Trade Desk website and combine this data with information collected from other websites over time for purposes that include interest-based advertising. If you would like to learn more about this type of advertising, or would prefer to opt-out of interest-based advertising, U.S. residents may visit www.aboutads.info/choices or www.networkadverising.org/choices, European residents may visit www.youronlinechoices.com, and Canadian residents may visit http://youradchoices.ca/choices/. These websites allow you to opt-out of interest-based advertising by companies participating in these self-regulatory programs. To learn more about how to opt-out of interest-based advertising by The Trade Desk, please visit our Opt-Out Page.

Automatic Data Collection

We and/or our selected third-party partners may also collect data about visitors’ activities on this Website and across the Internet over time for non-advertising purposes, including to conduct analytics, measure trends, and streamline website usability. The technologies used for this purpose may include log files, cookies, web beacons, and social media plug-ins as described below. One of the service providers we may use is Google Analytics. To learn more about how Google Analytics collects and processes data and the choices you may have to control these activities, you may visit http://www.google/com/intl/en/policies/privacy/partners/.

Log Files

As is true of most Web sites, we and our third party tracking-utility partner(s) may gather certain information automatically and store it in log files. This information includes internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, operating system, date/time stamp, and clickstream data.

We use this information to analyze trends, to administer the site, to track users’ movements around the site and to gather demographic information about our user base as a whole.

Cookies

A cookie is a small text file that is stored on a user’s computer for record-keeping purposes. We use cookies on this site. We do link the information we store in cookies to any personally identifiable information you submit while on our site.

You can remove persistent cookies by following directions provided in your Internet browser’s “help” file. If you reject cookies, you may still use our site, but your ability to use some areas of our site, such as contests or surveys, may be limited.

The use of cookies by our partners and service providers is not covered by our privacy statement. We do not have access or control over these cookies.

Clear Gifs

Our third party partners or service providers may employ a software technology called clear gifs (a.k.a. Web Beacons/Web Bugs), that help us better manage content on our site by informing us what content is effective. Clear gifs are tiny graphics with a unique identifier, similar in function to cookies, and are used to track the online movements of Web users. In contrast to cookies, which are stored on a user’s computer hard drive, clear gifs are embedded invisibly on Web pages and are about the size of the period at the end of this sentence. We tie the information gathered by clear gifs to our customers’ personally identifiable information.

We use clear gifs in our HTML-based emails to let us know which emails have been opened by recipients. This allows us to gauge the effectiveness of certain communications and the effectiveness of our marketing campaigns.

Social Media

Our Web site includes Social Media Features, such as the Facebook Like button. These Features may collect your IP address, which page you are visiting on our site, and may set a cookie to enable the Feature to function properly. Social Media Features are either hosted by a third party or hosted directly on our Site. Your interactions with these Features are governed by the privacy policy of the company providing it. Please see above for more information on third-party advertising activities on our Site.

California Do Not Track Disclosure

Please note that The Trade Desk does not currently honor browsers’ DNT (do not track) settings.

Testimonials

We post customer testimonials on our web site which may contain personally identifiable information. We obtain the customer’s consent via email prior to posting the testimonial to post their name along with their testimonial. If you want your testimonial removed please contact us at privacy@thetradedesk.com.

Changes To This Privacy Policy

We may update this privacy policy to reflect changes to our information practices. We encourage you to periodically review this page for the latest information on our privacy practices.

Contact Us

If you have any questions or suggestions regarding our privacy policy, please contact us at: 42 N. Chestnut Street, Ventura, CA 93001 or via email at privacy@thetradedesk.com.

FOLLOW ON TWITTER