Pour les personnes situées dans l’UE : Le Règlement général relatif à la protection des données de l’UE (« RGPD ») entrera en vigueur le 25 mai 2018. Le RGPD met à jour et remplacera la législation en vigueur dans les États membres reposant sur la Directive de l’UE relative à la protection des données (46/95/CE). Le respect de la vie privée et la protection des données étant deux notions importantes pour nous, nous vous communiquons les informations supplémentaires que vous êtes en droit de recevoir en vertu du RGPD.

Nous avons inclus des informations concernant le traitement que nous effectuons de vos données, et nous expliquons ici le fondement de notre démarche :

  • Lorsque vous souscrivez à l’un de nos produits ou services, nous traitons vos données à caractère personnel afin d’exécuter le contrat que nous avons conclu avec vous ;
  • Nous pouvons traiter vos données à caractère personnel lorsqu’une loi communautaire l’exige ;
  • Si nous avons un intérêt légitime à traiter des données, par exemple à des fins de prospection directe ou d’étude ; ou
  • Nous traiterons également vos données à caractère personnel si vous nous avez donné votre consentement.

Le RGPD vous donne également des droits supplémentaires en matière de protection des données et vous pouvez nous demander d’exercer les droits suivants :

  • Rectifier toute donnée à caractère personnel incorrecte ou incomplète ;
  • Vous opposer à notre traitement de vos données à caractère personnel, dans certaines circonstances, si nous le faisons sur la base de nos intérêts légitimes ;
  • Vous opposer à toute prise de décision automatisée basée sur votre comportement, telle que l’analyse à des fins de prospection directe. Nous réalisons un traitement automatisé lorsque nous utilisons des cookies installés sur des sites tiers afin de mesurer l’audience sur Internet, lesquels évaluent la façon dont vous interagissez avec les sites Internet et utilisez les sites des différents éditeurs, ou afin d’analyser les habitudes des téléspectateurs lorsque vous participez à l’un de nos groupes d’études, et que vous faites partie des membres de notre groupe d’étude ;
  • Retirer votre consentement au traitement de vos données à caractère personnel ;
  • Soumettre une réclamation auprès de votre autorité de protection des données nationale dans votre pays de résidence. 

Nous recourons au traitement automatisé à des fins de prospection et d’étude sur les médias et de mesure de la publicité. Nous utilisons notamment les méthodes de traitement suivantes : recueil de données auprès de notre réseau numérique de recensement mettant en œuvre un code logiciel, désigné « marquage » ; mesure du placement publicitaire, de la visibilité, de l’implication des utilisateurs, de la sécurité de la marque et de l’audience ; obtention d’informations sur les téléspectateurs auprès des opérateurs de satellites, de télécommunications et de câbles portant sur les décodeurs et les spectateurs de Vidéos à la Demande (VOD) ; mesure des recettes brutes et des informations de fréquentation auprès des cinémas. Les informations concernant les internautes et les téléspectateurs ainsi que les résultats des sondages sont utilisés conjointement avec les informations provenant de millions de membres d’autres groupes d’étude afin de créer des rapports sur les tendances sur Internet, les habitudes des téléspectateurs, ainsi que les activités de commerce électronique et d’usage des appareils mobiles. Dans la plupart des cas, ces informations sont fictives (pseudonymes) et/ou rendues anonymes et ne permettront pas de vous identifier par votre nom ou par foyer. Dans certains cas, nous utilisons des données longitudinales sur le comportement à des fins d’identification, pour déduire l’appartenance des téléspectateurs (par centre d’intérêt et démographique), données que nous utilisons pour établir nos rapports. Il s’agit d’une étude de probabilité et non d’une lecture directe de ces données.

Si nous recueillons et traitons vos données à caractère personnel afin de répondre à votre demande de produits et services ou de respecter des conditions contractuelles, il se peut que nous ne soyons pas en mesure de répondre à votre demande ou de respecter nos engagements contractuels en l’absence de telles données. Lorsque vous cherchez à exercer un droit, nous pouvons vous demander des informations complémentaires afin de nous permettre de vérifier votre identité et de répondre à votre demande.

Voir notre Politique de confidentialité

comScore is a recognized global leader in cross-platform measurement of audiences, advertising and consumer behavior. Built on precision and innovation, comScore combines proprietary TV, digital and movie viewing data with vast demographic details to measure consumers’ multiscreen behavior at scale. With more than 3,200 clients and a global footprint in 70 countries, comScore is delivering the future of media measurement.

comScore products and services help our customers measure audiences and consumer behavior across media platforms, while also providing a validation of advertising delivery and its effectiveness. Our products and services are organized around four major offerings:

  • Digital Audience Measurement: provides the size, behavior and characteristics of online audiences across multiple digital platforms including computers, tablets, smartphones, game consoles and other connected devices.
  • Advertising Measurement:  provides end-to end solutions for planning, optimization and evaluation of advertising campaigns.
  • TV and Cross-Platform Measurement: measures consumer viewership of television content for both linear and on-demand viewing in the U.S. at the national level and in [all 210] local markets.  Provides an unduplicated view of cross-platform consumer behavior when integrated with our Digital Audience and Advertising Measurement products and services.
  • Movie Measurement: precisely measures movie viewership, uses social media and exit polling to capture audience demographics and sentiment and provides tools to the largest movie studios and movie theater customers around the world.

The following identifies the different categories of recipients with who we may share your personal data. This may include:

  • Our selected third party partners;
  • Third party data enrichers, data quality aggregators and providers of data cohort matching services;
  • Our customers;
  • Our vendors, consultants, agents, contractors, and other service providers that we use to support our business;
  • Joint industry committees (“JIC’s”) involved in media audience measurement and research. Further details of JIC’s can be found here: http://i-jic.org/about_us;
  • comScore affiliates, subsidiaries, or parent companies; and
  • A prospective seller or buyer in the event of a sale or purchase of any comScore business or asset.

The GDPR Preparedness Kit – May 2018 is Coming

Here is a comScore FAQ to help you with your GDPR compliance.[1]

Executive Summary  

  • The General Data Protection Regulation (GDPR) goes into effect on May 25, 2018.
  • Most of comScore products fall under GDPR. As comScore collects, stores and uses personal data, it is 'processing’ personal data and subject to the rules under the GDPR; comScore additionally sells market solutions in the EU commercial marketplace.
  • Under GDPR, we are required to update contract provisions with any company where we provide, receive or exchange data with that company. We have done this outreach in March and April of 2018.
  • You can direct any questions to GDPR@comscore.com.

 

What is the GDPR?

  • The General Data Protection Regulation (GDPR) is a new European Union (EU) law that will update and replace all existing national data protection legislation in Europe. It will apply and be enforced across all EU and European Economic Area (EEA) markets from May 25, 2018.
  • The GDPR is a comprehensive reform because it applies directly to all EU and EEA markets and therefore represents one data protection law applicable across all of the EU. However, the GDPR does allow EU countries to issue their own data protection laws on some topics.  
  • The GDPR will have a global impact: it imposes new rules on companies – regardless of their location - that offer goods and services directly to people in the EU, or that ‘monitor’ their behavior (e.g. for analytics or behavioral targeting purposes).
  • The GDPR introduces new rules for the governance of personal data, building upon existing EU data protection laws. It broadens the scope of personal data to include scenarios where an individual is both “identified” and “identifiable” and specifically includes the use of online identifiers (e.g. cookies).  

 

What does comScore do?

comScore is a recognized global leader in cross-platform measurement of audiences, advertising and consumer behavior.  Built on precision and innovation, comScore combines proprietary TV, digital and movie viewing data with vast demographic details to measure consumers’ multiscreen behavior at scale.  With more than 3,200 clients and a global footprint that spans more than 75 countries, comScore is delivering the future of media measurement.

Our Products and Services
comScore products and services help our customers measure audiences and consumer behavior across media platforms, while also providing a validation of advertising delivery and its effectiveness. 

Our products and services are organized around four major offerings:

  • Digital Audience Measurement: provides the size, behavior and characteristics of online audiences across multiple digital platforms including computers, tablets, smartphones, game consoles and other connected devices.
  • Advertising Measurement:  provides end-to end solutions for planning, optimization and evaluation of advertising campaigns.
  • TV and Cross-Platform Measurement: measures consumer viewership of television content for both linear and on-demand viewing in the U.S. at the national level and in [all 210] local markets.  Provides an unduplicated view of cross-platform consumer behavior when integrated with our Digital Audience and Advertising Measurement products and services.
  • Movie Measurement: precisely measures movie viewership, uses social media and exit polling to capture audience demographics and sentiment and provides tools to the largest movie studios and movie theater customers around the world.

Third Party Accreditation, Certification and Review
comScore is committed to providing the market with transparency into the methods, methodologies, practices and techniques we use in our measurement. To do so, we continuously engage with third-party auditors around the world to prove the soundness of our measurement methods. Learn more at https://www.comscore.com/About-comScore/Third-Party-Review.

 

Does the GDPR apply to comScore?

  • Yes. ‘Processing’ means any operation performed on personal data, such as collection, recording, organizing, structuring, storing, adapting or altering, retrieving, consulting, using, disclosing by transmission, disseminating or otherwise making available, aligning or combining, restricting, erasing or destructing. As comScore collects, stores and uses personal data it is ‘processing’ personal data and subject to the rules under the GDPR.

The following are examples of our data sourcing:

  • Digital Audience Measurement:  We have created an opt-in Total Home Panel® which can capture all forms of data that run through a home’s internet connection.  This expands our intelligence to include OTT and IOT behavior and is captured in an aggregate form.
  • Advertising Measurement:  We integrate many of our services with ad serving platforms. We collect data from our census digital network implementing software code, referred to as “tagging.”
  • TV: We obtain television viewership information from satellite, telecommunications and cable operators covering set top boxes and Video OnDemand (VOD) viewership.
  • Movie Measurement: We measure gross receipts and attendance information from movie theaters.  

 

What ‘personal data’ does comScore collect?

As you can see from above, comScore collects personal data through a variety of ways, including directly from individuals who are panelists, from publishers or third parties that comScore may partner with. 

  • The types of personal data collected about individuals may include, for example, user demographic data (i.e. region, language, age group, gender, etc.), the types of cookies deployed to an individual’s device, URLs/websites and webpages visited and other web browsing activity data, device identifiers and information included in online forms the individual may have completed. 

 

What is the ePrivacy Regulation (ePR)?

  • The ePrivacy Regulation is a draft piece of legislation being discussed in the EU with the aim of reforming the existing ePrivacy Directive (aka ‘cookie directive’) which requires the user’s informed consent for the storing of information of a device or accessing that information (e.g. via a cookie or Advertising ID). It aims to align with the GDPR but as a sector-specific regulation for electronic communications, ComScore will need to comply with it as well as the GDPR. The ePrivacy Regulation has not yet been agreed upon and it is still in draft form. We will continue to monitor updates on the ePrivacy Regulation as necessary but it will not distract us from preparing for the GDPR.

 

What is comScore doing to comply with GDPR?

  • comScore has significant experience in protecting data, championing privacy, and complying with complex regulations. We believe that the GDPR is an important step forward for clarifying and enabling individual privacy rights. 
  • comScore is in the process of taking all necessary steps to comply with the GDPR, including evaluating all our data processing activities and reviewing contracts as well as privacy and security policies, and procedures, to ensure that they are in line with the GDPR in advance of the May 25, 2018 deadline.
  • We are also reviewing how we communicate our data processing activities and privacy policies in our ‘Privacy Notice’. The GDPR outlines very clear transparency requirements for organizations and we will be setting out the “who, how, what, why, where and what” of comScore’s data processing activities in clear and plain language.
  • comScore complies with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Economic Area and Switzerland to the United States. To learn more, please view our EU-U.S. Privacy Shield and Swiss-U.S. Privacy Shield Statement
  • comScore has been actively engaged in several key industry and legal organizations to better understand the GDPR requirements.  These organizations include: ESOMAR, IAB GDPR Implementation Working Group, Association of Corporate Counsel (ACC), International Association of Privacy Professionals (IAPP).  

 

Can you provide some insight on your data security?

  • Our Information Security team has implemented a number of security controls pertaining to comScore’s business, including:
    • SSAE16 SOC 1 and SOC 2 compliant data centers
    • DDOS prevention service
    • Intrusion detection/prevention services
    • Encryption of data in transit and at rest
    • Disaster recovery plan and failover site
    • Security and privacy awareness training for employees and vendors

If you have additional questions, please contact us at gdpr@comscore.com.

[1] Legal disclaimer: This should not be construed as legal advice nor is intended to be a complete listing of GDPR obligations. comScore recommends that entities subject to legislation seek legal counsel from qualified sources.