1. How does Sift comply with GDPR? 

Sift has procedures in place to comply with all applicable GDPR requirements.

2. What data does Sift collect through its advertising service?

To learn about the data we collect and purpose of collection, please visit our privacy policy at https://www.sift.co/privacy

3. What happens if an EU user does not consent?

If an EU user does not consent, our partners will pass along a digital flag to indicate that they have not received consent to process data. As a result, we will not collect and process personal data such as device identifiers, location data, and other demographic and interest data.

4. Does Sift maintain and review records of processing activities?

Yes. All processing activities are recorded and regularly reviewed.

5. How does Sift comply with the EU Data Subject Rights under GDPR?

Sift has appropriate technical and organizational procedures in place to meet all applicable provisions of the GDPR for EU Data Subject Rights. Additionally, our privacy policy describes choices and rights consumers have for managing their personal data and opt-out choices.

6. How does Sift handle data transfers from the EU? 

Sift complies with the EU-US Privacy Shield Framework and the Swiss-US Privacy Shield Framework. Sift is responsible for the processing of personal data it receives, under each Privacy Shield Framework, and complies with the Privacy Shield Principles for all onward transfers of personal data from the EU and Switzerland, including the onward transfer liability provisions.

7. Does Sift have appropriate measures in place to secure user data?

Yes. Sift has implemented appropriate policies and procedures for data security, breach notification, and security awareness training.

8. Has Sift designated a Data Protection Officer?

Yes. The contact email is privacy@sift.co.