Privacy & Consent Management

The Untitled ID Tag is both CCPA and GDPR Compliant. Our data is collected through user opt-ins, including marketing opt-ins, only within the United States/for U.S.-based contacts. In this model, we act as a data processor, enabling our customers—as the data controllers—to leverage information originating from their own web properties. Our clients are able to collect data from their websites and view their specific results by disclosing the data being collected and transmitted within their website’s Privacy Policy.

Privacy and disclosures are a critical component to the Untitled ID Tag process. In order to remain in good standing there are two core disclosures that must be available on any website that includes an iframe or javascript tag. Those disclosures include a privacy policy and a consent management string/service (also known as Cookie Consent Banner).

Privacy Policy Information

The privacy policy must be globally accessible on the website. It must also include specific references to the use of cookies for the purpose of marketing and re-marketing. Untitled has provided a compliant template as reference.

Consent String

In addition to the privacy policy, Untitled requires notification and collection of consent for cookies using a consent management string/service. By utilizing a consent string authorization on your website (a banner that pops up for new visitors that states “This Website Uses Cookies”), your customers can opt-out of our tag being fired if not accepting. This consent string is built into many publishing platforms and there are services available for websites that don't have this service embedded. The following list is provided for convenience and it not a complete or exclusive list.

Consent Management Services

• Osano

• CookieYes

• Cookiebot

Allowing Customers to Opt Out

In order to meet CCPA standards, we ask that our customers add a link to the Untitled CCPA form within their Privacy Policy.

If a California resident requests to have their information removed, Untitled will delete all records of the user from our data sets in order to meet the CCPA standards.

Additionally, for California residents who may have already opted out of advertising on your web property, we ask that our client send us these records before accessing the feature so we can remove these individuals from showing up in your data sets.

Security & Compliance FAQs

Is the tool GDPR compliant?

Yes - the Untitled ID Tag services does not collect or store any data from individuals in the EU. Only within the United States/for U.S.-based contacts.

Is any PII transmitted to 3rd-parties?

No. We do not transmit any PII with 3rd parties in order to resolve your website visitors. We leverage our joint first-party data through a consent string authorization and collect device information from the visitor’s browser to match against our second and third-party data sources out-of-band and/or offline. If you have questions about this process or want to confirm you're in good standing before enabling the ID Tag feature, feel free to reach out—we’re happy to help.

What does the JavaScript code send Untitled?

IP, Time Stamp, Cookies, Browser Specifications, and the referring URL. We can provide a schema for you to review.

Can the code be hacked and be exploited?

No. It is a JavaScript code snippet that fires and captures specific fields once loaded.

How does your team test the efficacy and security of the code?

We use a 3rd-party firm to review our tag security.

Does the tag collect information on minors?

We do not collect or solicit personal information from anyone deemed a minor. In the event that we learn that we have collected personal information from a minor without verification of parental consent, we will delete that information as quickly as possible. If you believe that we might have any information from or about a minor, please contact us using the contact information provided on the Website.