Dentsu International (referred to as “our”, “us” and “we” in this notice) is an advertising agency that is part of a global media group. Merkle is part of Dentsu International. We help our clients to improve how they advertise and market, whether by print, post, email or on websites. We believe that the responsible use of data supports business growth and builds strong relationships between brand and consumer. As a business, we are committed to respecting and protecting the privacy of all individuals with whom we interact. We are committed to being transparent in our handling and processing of Personal Data at all times in accordance with applicable privacy and data protection laws.
This Data Product Privacy Notice covers our suite of identity, data, and media solutions and product offerings in the United States, including those under our “Merkury” brand.
Identity:
Our identity offering provides data standardization, hygiene, cleansing and matching services. We also receive information from websites provided by our clients and business partners that use our cookies, pixels, and/or small pieces of code known as “web beacons” or “clear gifs”, such as the Merkury Tag (collectively, “Tracking Technology”). These offerings provide businesses with the ability to match identity signals (e.g., customer addresses, emails, website visitations) to a large majority adults in the United States.
Data:
Our data products include proprietary-branded and third-party-branded forms of data supplied to us by other companies. This data is offered to businesses to assist in their business operations and marketing efforts, including delivery of targeted, relevant advertisements to adult consumers in the United States.
Media:
Our suite of media products enable marketers to leverage identity and descriptive data to run their businesses, including to understand consumers, plan and execute marketing campaigns, and measure effectiveness of advertising efforts. When campaigns are activated, we work with partners, content owners, and publishing networks (including social media and online display advertising) to deliver our client’s advertising to you.
For activities related to our website, please see here for our Website Privacy Notice.
This Privacy Notice explains in detail the types of Personal Data we may collect or receive about you in connection with our data products, and how we use, process, and share that Personal Data.
U.S. state privacy laws, including the California Consumer Privacy Act of 2018 (“CCPA”), as amended by the California Privacy Rights Act, provides residents of their respective states with additional rights with respect to their Personal Data. Those rights are explained below in Section 7 (Your Privacy Rights).
This Privacy Notice includes certain disclosures required under applicable U.S. privacy laws. Please note that the rules implementing some of these laws are subject to change. We are committed to continual compliance with these laws and will update our processes and this notice as the rules are updated and the law requires.
In this Privacy Notice, the term “Personal Data” has the meaning ascribed to it under applicable U.S. privacy laws, and includes the term “Personal Information” as defined by the California Consumer Privacy Act of 2018, as amended.
We are a global marketing agency and operate separate data products in the U.K. and the U.S. This Privacy Notice is intended for U.S. consumers.
We receive Personal Data from third party sources like advertisers, brands, data brokers, non-profit organizations, public records, government entities, our clients (who may already do business with you), our partner publishers and partner service providers. We may also receive Personal Data from other sources such as public registers. We put information together so that we can check your Personal Data is correct and up to date, and then we keep the collection of information about you in our products (see How We Use Your Personal Data).
We also receive information from websites provided by our clients and business partners that use our Tracking Technology.
We use Tracking Technology to help us better source information about email activities and activities of visitors to our client websites and determine which marketing material is effective and preferred by our respective Publishers/Clients and their consumers.
From our sources (see Sources of Information), we get and store various types of information about people and households. These may include the following:
Except where prohibited by law or court order, we collect Personal Data for the following business purposes:
We also collect Personal Data to provide services to our clients.
As noted above, in this Privacy Notice, the term “Personal Data” has the meaning ascribed to it under applicable U.S. laws, and includes the term “personal information” as defined by the California Consumer Privacy Act of 2018, as amended.
We “sell” (as defined by statute) and “share,” as defined by applicable privacy laws, so that our clients can provide relevant and tailored advertising to you.
In the table below we set out further information about the purposes for which we use your Personal Data and the categories of third parties to which we disclose this Personal Data. In the second column, we also specify how such Personal Data is categorized under applicable U.S. privacy laws. For more information about the categories of Personal Data under applicable U.S. privacy laws, see Your Privacy Rights.
Purpose/Activity
To provide services to our clients. For example, we collect, process, keep and use the Personal Data in the products to help our clients deliver relevant advertising or marketing and find new customers.
We also use Personal Data to help our clients create advertising “segments,” for instance: “men living in a particular zip code who are aged between 20 and 30.”
To combine or match Personal Data in our products to select the most appropriate group of people for our clients’ advertising or marketing campaigns.
We also use matched or combined information to check that your information is up-to-date and accurate, confirm which devices are used by which people and conduct data analytics to assist targeting – this includes predictive data concerning people's purchasing behavior, likelihood of response to marketing or purchase of a product, brand loyalty, product and brand affinities and preferences. This may include models predicting your likely spend on various products and services (e.g. monthly spend on vehicle fuel).
To assess the effectiveness of client advertising and marketing campaigns.
To administer our services and products, and for internal operations.
For example, we use Personal Data for troubleshooting, data analysis, and testing.
To respond to any inquiries or feedback that you send us
To share information with our service providers.
To share information within the dentsu international group for business purposes.
To share information with other third parties, such as regulator and law enforcement agencies
Types of personal data that may be processed
(a) Contact Information
(b) Demographic Information
(c) Commercial Information
(d) Internet and Network Activity Information
(e) Location Information
(f) Education Information
(g) Professional and Employment Related Information
(h) Inferences from any of the information identified in Section 2
(i) Sensitive Personal Data
(a) Contact Information
(b) Demographic Information
(c) Commercial Information
(d) Internet and Network Activity Information
(e) Location Information
(f) Education Information
(g) Professional and Employment Related Information
(h) Inferences from any of the information identified in Section 2
(i) Sensitive Personal Data
(a) Contact Information
(b) Demographic Information
(c) Commercial Information
(d) Internet and Network Activity Information
(e) Location Information
(f) Education Information
(g) Professional and Employment Related Information
(h) Inferences from any of the information identified in Section 2
(i) Sensitive Personal Data
(a) Contact Information
(b) Demographic Information
(c) Commercial Information
(d) Internet and Network Activity Information
(e) Location Information
(f) Education Information
(g) Professional and Employment Related Information
(h) Inferences from any of the information identified in Section 2
(i) Sensitive Personal Data
(a) Contact Information
(b) Demographic Information
(c) Commercial Information
(d) Internet and Network Activity Information
(e) Location Information
(f) Education Information
(g) Professional and Employment Related Information
(h) Inferences from any of the information identified in Section 2
(i) Sensitive Personal Data
(a) Contact Information
(b) Demographic Information
(c) Commercial Information
(d) Internet and Network Activity Information
(e) Location Information
(f) Education Information
(g) Professional and Employment Related Information
(h) Inferences from any of the information identified in Section 2
(i) Sensitive Personal Data
(a) Contact Information
(b) Demographic Information
(c) Commercial Information
(d) Internet and Network Activity Information
(e) Location Information
(f) Education Information
(g) Professional and Employment Related Information
(h) Inferences from any of the information identified in Section 2
(i) Sensitive Personal Data
(a) Contact Information
(b) Demographic Information
(c) Commercial Information
(d) Internet and Network Activity Information
(e) Location Information
(f) Education Information
(g) Professional and Employment Related Information
(h) Inferences from any of the information identified in Section 2
(i) Sensitive Personal Data
Categories of third parties to which we disclose this personal data for a business purpose
Third-party service providers; Online advertising partners; Entities due to corporate mergers or restructuring; Other parties as required by law or to prevent or investigate illegal activities
Third-party service providers; Online advertising partners; Entities due to corporate mergers or restructuring; Other parties as required by law or to prevent or investigate illegal activities
Third-party service providers; Entities due to corporate mergers or restructuring; Other parties as required by law or to prevent or investigate illegal activities
Third-party service providers; Entities due to corporate mergers or restructuring; Other parties as required by law or to prevent or investigate illegal activities
Third-party service providers; Entities due to corporate mergers or restructuring; Other parties as required by law or to prevent or investigate illegal activities
Third-party service providers; Entities due to corporate mergers or restructuring
Third-party service providers; Entities due to corporate mergers or restructuring; Other parties as required by law or to prevent or investigate illegal activities
Other parties as required by law or to prevent or investigate illegal activities
Categories of third parties to which this information is ”shared” or “sold” for advertising/analytical purposes
Clients
Clients
We do not sell/share.
Clients
We do not sell/share.
We do not sell/share.
We do not sell/share.
We do not sell/share.
We do not maintain direct relationships for individuals whose data is in our data products. We do not have any opportunity to present disclosures or collect opt-in elections from individuals. Our products do not contain any Sensitive Personal Data or health data, which requires opt-in consent, as defined per applicable privacy laws.
We use information as otherwise disclosed or permitted by law, or as we may notify you. We may use Personal Data to create deidentified or aggregated data which does not identify you or any other individual. We may use and disclose this anonymous or aggregated data as we choose.
When a client uses our services to run an advertising or marketing campaign, we are what's known as a “service provider" or “third party” for the client provided data used for that campaign. We use that client provided Personal Data for the client's advertising or marketing campaign and act on the client's instructions.
Since our clients’ have a direct relationship with their customers, they are considered the controller or business, per applicable privacy laws, and determine the purposes and means of handling their customer Personal Data.
We are not responsible for the privacy practices of our clients and client provided Personal Data is subject to our clients’ privacy policies. Accordingly, this Privacy Notice and the rights acknowledged herein do not apply to Personal Data that is provided by our client.
Group company transfers
We are a globally operating media group consisting of multiple companies. Therefore, we may from time to time disclose your Personal Data within our group of companies.
We may disclose Personal Data with any successor to all or part of our business. For example, if part of our business is sold, we may give our customer list as part of that transaction.
Information shared with our third-party service providers
We use a number of third parties to perform business functions on our behalf to provide our products to clients. We will only disclose Personal Data to these vendors and service providers to enable them to provide their services.
Information shared with clients and entities authorized by our clients.
We may share Personal Data from our products with clients and their agencies and other entities authorized by them for their analytics, profiling, and/or marketing purposes including email and postal mail fulfillment providers. We will provide our clients with information so that they can send marketing or show ads to consumers. We may share hashed or anonymized user data from email communications or website activities with third parties so they may set cookies and/or collect your data directly from you (e.g. through a cookie or other technology) for their own use and subject to their own privacy policies. This data may be combined and linked with data from other sources. Our clients may include advertising networks, internet service providers, data analytics providers, government entities, operating systems and platforms, social networks, and data brokers. We do not share Personal Data from our products with individual consumers for private use.
Information shared with online advertising partners.
We may share your Personal Data with social media platforms, advertising networks, and ad tech companies who allow us to buy advertising space for our clients. This may mean that you receive our clients’ marketing messaging when you use those social media platforms and other digital properties.
Information shared with other parties as required by law or to prevent or investigate illegal activities
Where required or permitted by law, Personal Data may be provided to others, such as regulator and law enforcement agencies, for example in response to a court order or a subpoena, or in response to a law enforcement agency’s request, or where we believe it is necessary to investigate, prevent or take action regarding illegal activities or to protect dentsu international, our websites, customers, employees, and business partners from fraud or other malicious activity, and as otherwise required by law.
We may share Personal Data for other reasons we may describe to you from time to time or as permitted by law.
The Personal Data in our products is kept in the U.S. and backed up in the U.S. We are a globally operating media group consisting of multiple companies. Therefore, we may from time to time disclose your Personal Data within our group of companies. Some of our group companies are located in the European Union (“EU”) or European Economic Area (“EEA”), and we implement and maintain policies designed to ensure the security of such disclosures and transfers in accordance with the applicable privacy and data protection laws.
We update data in our systems at least every thirty days. As indicated in Your Choices section below, you can request that we delete Personal Data we have associated with you; however, we may continue to receive Personal Data about you from our partners or clients after we have processed your deletion request.
This section explains the choices you may exercise over the use of your Personal Data in our U.S. data products.
U.S. state privacy laws, including the California Consumer Privacy Act (“CCPA”), as amended, provides residents of their respective states with additional rights with respect to their Personal Data.
Depending on where you live and what you are asking us to do, we may or may not be obligated to comply with your request, and/or the time required to complete a request may vary. Based on how we collect and utilize your Personal Data, you may have the following rights:
You can make these requests online by clicking here, or by calling us at (+1) (833) 570-5939 (toll-free in the US). For any business-to-business requests, you can make these requests online by clicking here, or by calling us at (+1) (833) 570-5939 (toll-free in the US). For any employment related requests, you can make these requests online by clicking here.
We may deny certain requests, or fulfill a request only in part, based on our legal rights and obligations. For example, we may retain Personal Data as permitted by law, such as for tax or other record keeping purposes, to maintain an active account, and to process transactions and facilitate customer requests. Note that for purposes of these requests under this Privacy Notice, Personal Data does not include information about job applicants, employees and other of our personnel; information about employees and other representatives of third-party entities we may interact with; or information we have collected as a service provider to our clients. Finally, please note that we are required by California Civil Code section 1798.105(d) to keep a record of your request.
Only you, or a person or business entity that you authorize to act on your behalf (an "Authorized Agent"), may make the requests set forth above. You may also make a request on behalf of your minor child. For California residents, Authorized Agents must be an entity registered with the California Secretary of State or a person.
The request should include your contact information and describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it. In addition, you should provide sufficient information (including information that reasonably enables us verify the identifying information we currently maintain about you) that allows us to reasonably verify that you are the person about whom we collected the Personal Data or an authorized representative.
We will respond to consumer requests in a reasonably timely manner. If we require extra time to respond, we will inform you of the reason and extension period in writing. In order to protect the security of your Personal Data, we will not honor a request if we cannot verify your identity or authority to make the request and confirm the Personal Data relates to you. The method used to verify your identity will depend on the type, sensitivity and value of the information, including the risk of harm to you posed by any authorized access or deletion. Generally speaking, verification will be performed by matching the identifying information provided by you to the Personal Data that we already have.
Any disclosures we provide for California residents will only cover the 12-month period preceding our receipt of your request (and will not be made more than twice in a 12-month period). If we cannot comply with a request, or cannot fully comply with a request, the response we provide will also explain the reasons we cannot comply. If we deny your request in whole or in part, you may have the right to appeal the decision. In such circumstances, we will provide you with information regarding the appeals process.
Data Subject Rights Requests Metrics - California Consumer Privacy Act
If you reside in California, you have the right to ask us one time each year if we have shared personal data with third parties for their direct marketing purposes. To make a request, please send us an email, or write to us at the address listed below. Indicate in your letter that you are a California resident making a “Shine the Light” inquiry.
We maintain appropriate organizational and technological safeguards to help protect against unauthorized use, access to or accidental loss, alteration or destruction of Personal Data whether in physical or electronic form. We also seek to ensure our service providers and/or any approved external third-parties who store or process Personal Data on our behalf do the same. The safeguards we use, depending on the circumstances, may include firewalls, penetration testing, vulnerability scans, encryption and restricted access to our IT systems.
This Privacy Notice is limited to the Personal Data received and used by us in connection with our products and does not apply to Personal Data collected through one of our websites. For information regarding our websites, please visit our Website Privacy Notice. We may obtain information through various sources (see Sources of Information) and are not responsible for the privacy practices of such sources. We also may share information with our clients and other third parties and are not responsible for the privacy practices of such clients and third parties.
We do not actively seek to collect Personal Data about children. If you have any concerns about your child’s privacy in relation to our services, or if you believe that your child may have entered Personal Data onto our website, please contact us at dpous@merkleinc.com. We will delete such Personal Data from our records or seek verifiable parental or legal guardian consent to retain such information within a reasonable time.
Merkle is a registered data broker under California, Oregon, Texas, and Vermont. To conduct business in Texas, a data broker must register with the Texas Secretary of State (Texas SOS). Information about data broker registrants is available on the Texas SOS website.
Merkle Incorporated is registered with the Oregon Secretary of State.
This Privacy Notice may be updated from time to time to reflect changes in law, best practice or a change in our practices regarding the treatment of Personal Data. The date of the most recent revision will appear below. You should review this page from time to time to ensure that you are happy with any changes that have been made. If you do not agree to the changes, please do not continue to use our services and please refrain from sharing your Personal Data with us.
This policy is effective as of Apr 17, 2025.
If you have any questions about this Privacy Notice or would like to exercise any of the rights mentioned above, you can contact our Data Protection Officer in any of the following ways:
Address: Data Protection Officer
Merkle Inc.
7001 Columbia Gateway Drive
Columbia, MD 21046
Telephone:
(+1) (833) 570-5939 (US, toll-free)
Or by email at: dpous@merkleinc.com