Privacy Policy

Last updated: May 16, 2025

Welcome to https://bannernest.com (the "Site"). We understand that privacy online is important to users of our Site, especially when conducting business. This statement governs our privacy policies with respect to those users of the Site ("Visitors") who visit without transacting business and Visitors who register to transact business on the Site and make use of the various services offered by Bannernest(collectively, "Services") ("Authorized Customers"). Authorized Customers include both "Publishers" (who offer ad space) and "Advertisers" (who purchase ad space).

Personally Identifiable Information

"Personally Identifiable Information" (PII) refers to any information that identifies or can be used to identify, contact, or locate the person to whom such information pertains, including, but not limited to, name, email address, and financial profiles (like payment or payout information). PII does not include information that is collected anonymously (that is, without identification of the individual user) or demographic information not connected to an identified individual.

What Personally Identifiable Information is collected?

We may collect basic user profile information from all of our Visitors, such as IP addresses and browser types for analytics and security.

We collect the following additional information from our Authorized Customers (Publishers and Advertisers):

• For all Authorized Customers: Email address (for account creation and communication), and role (Publisher or Advertiser).
• For Publishers: Stripe Account ID (for receiving payouts), and website domain(s) where ads will be displayed.
• For Advertisers: Ad text, ad link URL, and payment information (which is processed directly by Stripe; we do not store full credit card details).
• For Ad Interactions: For tracking ad performance, we may collect IP hash and user agent strings associated with ad impressions and clicks.

What organizations are collecting the information?

In addition to our direct collection of information, our primary third-party service vendor, Stripe, collects information for payment processing (for Advertisers) and facilitating payouts (for Publishers via Stripe Connect). We do not control how Stripe uses such information, but we encourage you to review their privacy policy. Stripe acts as a payment processor and may store, retain, or use the information given to them according to their policies.

How does the Site use Personally Identifiable Information?

We use PII to:

• Customize the Site and make appropriate service offerings.
• Fulfill buying (for Advertisers) and selling (for Publishers) requests on the Site.
• Create and manage user accounts.
• Process payments and payouts through Stripe.
• Display advertisements on Publisher sites.
• Track ad impressions and clicks for performance analysis.
• Communicate with Visitors and Authorized Customers regarding their accounts, transactions, service updates, or in response to specific inquiries.
• Improve our services, for security purposes, and to prevent fraud.

We may email Visitors and Authorized Customers about research or purchase and selling opportunities on the Site or information related to the subject matter of the Site.

With whom may the information be shared?

PII about Authorized Customers is primarily used to facilitate the services offered by Bannernest.

• Stripe: We share necessary PII with Stripe for payment processing and to manage Stripe Connect accounts for Publishers.
• Aggregated Data: We may share aggregated information about our Visitors and Authorized Customers (e.g., demographics, site usage statistics) with affiliated agencies or third-party vendors for analysis and service improvement. This aggregated data does not contain PII.

We also offer the opportunity to "opt out" of receiving non-essential information or being contacted by us for marketing purposes by any agency acting on our behalf.

How is Personally Identifiable Information stored?

PII collected by Bannernest is stored in our PostgreSQL database, hosted securely. It is not accessible to unauthorized third parties or employees of Bannernest except for use as indicated above and for maintaining and improving the service. We implement security measures to protect this data.

What choices are available to Visitors regarding collection, use and distribution of the information?

Visitors and Authorized Customers may opt out of receiving unsolicited information from or being contacted by us and/or our vendors and affiliated agencies for marketing purposes by responding to emails as instructed, or by contacting us at [email protected].

Cookies

A cookie is a string of information that a website stores on a visitor's computer, and that the visitor's browser provides to the website each time the visitor returns.

Are Cookies Used on the Site?

Yes, cookies are used for a variety of reasons:

• Session Management: We use cookies for authentication (via NextAuth) and to maintain user sessions. For example, if an Authorized Customer is logged on and the site is unused for a period, we may automatically log the Authorized Customer off for security.
• Preferences: To obtain information about the preferences of our Visitors and the services they select.
• Ad Delivery and Tracking: Our `ad.js` script, used by Publishers to display ads, may use cookies or similar technologies to help track ad impressions and clicks, and to prevent fraud.
• Analytics: To understand how our Site is used.

Visitors who do not wish to have cookies placed on their computers should set their browsers to refuse cookies before using https://bannernest.com, with the drawback that certain features of the website (like logging in) may not function properly without the aid of cookies.

Cookies used by our service providers

Our service providers, such as Stripe (for payment forms) and any analytics providers we may use, also use cookies, and those cookies may be stored on your computer when you visit our website. We recommend reviewing their respective cookie policies.

How does Bannernest use login information?

Bannernest uses login information, including, but not limited to, IP addresses, ISPs, and browser types, to analyze trends, administer the Site, track a user's movement and use (particularly for ad event tracking where we may store an `ipHash` and `userAgent`), and gather broad demographic information. This is also used for security and fraud prevention.

What partners or service providers have access to Personally Identifiable Information from Visitors and/or Authorized Customers on the Site?

Bannernest has entered into and will continue to enter into partnerships and other affiliations with a number of vendors. Currently, our primary partner for handling PII is Stripe, for payment processing and publisher payouts. Such vendors may have access to certain PII on a "need-to-know" basis for evaluating Authorized Customers for service eligibility or for providing their services. Our privacy policy does not cover their collection or use of this information beyond our direct instructions for service provision. We utilize Coolify for hosting, but they do not have routine access to PII.

Disclosure of Personally Identifiable Information to comply with the law: We will disclose PII in order to comply with a court order or subpoena or a request from a law enforcement agency to release information. We will also disclose PII when reasonably necessary to protect the safety of our Visitors and Authorized Customers.

How does the Site keep Personally Identifiable Information secure?

All of our employees who might have access to data are familiar with our security policy and practices. The PII of our Visitors and Authorized Customers is only accessible to a limited number of qualified personnel who are given credentials in order to gain access to the information. We audit our security systems and processes on a regular basis. Sensitive information, such as payment details, is handled by Stripe, which is PCI compliant. We enforce HTTPS on our site, use Content Security Policy (CSP) headers for our ad embed script, and practice input sanitization. While we take commercially reasonable measures to maintain a secure site, electronic communications and databases are subject to errors, tampering, and break-ins, and we cannot guarantee or warrant that such events will not take place and we will not be liable to Visitors or Authorized Customers for any such occurrences.

How can Visitors correct any inaccuracies in Personally Identifiable Information?

Visitors and Authorized Customers may contact us to update PII about them or to correct any inaccuracies by emailing us at [email protected], or through their account dashboard where available.

Can a Visitor delete or deactivate Personally Identifiable Information collected by the Site?

We provide Visitors and Authorized Customers with a mechanism to request the deletion/deactivation of PII from the Site's database by contacting us at [email protected]. However, because of backups and records of deletions, it may be impossible to delete a Visitor's entry without retaining some residual information for a limited period. An individual who requests to have PII deactivated will have this information functionally deleted from our active databases, and we will not sell, transfer, or use PII relating to that individual in any way moving forward, except as required for legal or regulatory compliance.

Your rights

These are summarized rights that you may have under data protection laws such as GDPR, depending on your location:

• The right to access
• The right to rectification
• The right to erasure
• The right to restrict processing
• The right to object to processing
• The right to data portability
• The right to complain to a supervisory authority
• The right to withdraw consent

To exercise these rights, please contact us at [email protected].

What happens if the Privacy Policy Changes?

We will let our Visitors and Authorized Customers know about changes to our privacy policy by posting such changes on the Site and updating the "Last updated" date. If we are changing our privacy policy in a manner that might cause disclosure of PII that a Visitor or Authorized Customer has previously requested not be disclosed, we will endeavor to contact such Visitor or Authorized Customer to allow them to prevent such disclosure, where feasible.

Contact Us

If you have any questions about this Privacy Policy, please contact us:

• By email: [email protected]