Services Privacy Policy
Last Updated July 1, 2026
Overview
This Services Privacy Policy (“Services Privacy Policy”) explains how Nexxen (“Nexxen,” “we,” “us,” or “our”) collects, uses, and shares “Personal Information” in connection with our digital advertising services.
This Services Privacy Policy applies when Nexxen determines the purposes and means of processing Personal Information in connection with the Services, including when Nexxen acts as a “controller” or “business” under applicable privacy laws. It does not apply to Personal Information that Nexxen processes solely on behalf of a Client as a “processor” or “service provider.” In those cases, the Client’s privacy policy and contractual terms with Nexxen govern the processing.
1. Our Services
Nexxen operates a global advertising technology platform offering data-driven advertising solutions across websites, mobile applications, connected TV (“CTV”) platforms, linear television, and digital channels (collectively, “Digital Properties”) as part of our digital advertising services (the “Services”). Through integrated demand-side and supply-side platforms, proprietary data management tools, creative capabilities, and AI-powered technologies, Nexxen facilitates the connection of data, creative, and media across the buy and sell sides of the advertising ecosystem. Our Services support advertisers, agencies, publishers, data partners, technology providers, and other partners (“Clients”) in delivering, optimizing, and measuring targeted advertising with greater efficiency and transparency. Our platform capabilities may include real-time bidding, audience segmentation, cross-device identity resolution, contextual advertising, interest-based advertising, measurement, analytics, and ACR data licensing. We use these capabilities only where supported by an applicable legal basis, such as consent, contractual necessity, legal obligation, or legitimate interests, depending on the jurisdiction and the nature of the processing.
We design our Services to support responsible data use and to help our Clients and partners address applicable privacy requirements, including requirements under the General Data Protection Regulation (“GDPR”), California Consumer Privacy Act (“CCPA”), and similar privacy laws.
We use automated processing to create advertising segments, match identifiers, measure campaigns, optimize ad delivery, and support fraud prevention. We do not use these activities to make decisions that produce legal or similarly significant effects about individuals, such as decisions about employment, credit, housing, insurance, education, health care, or access to essential services.
Privacy Summary
Topic | What You Need to Know |
What We Collect | Device data, identifiers, browsing and interaction data, general location data, ad interactions, viewing data, inferred advertising segments, transaction or conversion data, and voluntary survey responses |
Why We Collect It | To deliver relevant ads, measure performance, prevent fraud, and improve our services |
How We Collect It | Through cookies, tracking technologies, third-party platforms, and client data integrations |
Who We Share With | Service providers, ad partners, measurement vendors, and legal/regulatory authorities if required |
Your Rights | Access, delete, correct, opt-out of sharing or selling, and restrict the processing of your data |
How to Exercise Your Rights | Visit our privacy center |
International Transfers | Data may be stored or transferred outside your region with appropriate safeguards |
Data Retention | Data is retained only as long as needed for service delivery or legal reasons |
Children’s Privacy | We do not knowingly collect, sell, share, or use for targeted advertising Personal Information relating to children or minors where prohibited by law. |
2. What Personal Information We Collect
Summary: This section explains the categories of Personal Information we collect, where it comes from, and how we use it to deliver and improve our Services.
We collect and process Personal Information from a variety of sources to operate and improve our Services. Depending on how you interact with our platform, we may collect the following types of information:
Categories of Personal Information | Examples of Personal Information | Source of Personal Information
| How Personal Information is Used |
| Device and Location Data | Device type, operating system, IP address, general location | Device/browser or CTV apps via tracking technologies, Clients | Service delivery, targeting, and fraud protection |
| Identifiers | IP address, mobile ad identifiers, hashed or obfuscated user identifiers (e.g., UUIDs, hashed email), probabilistic identifiers, and other device identifiers | Tracking Technologies on Digital Properties | Recognizing users across platforms, advertising delivery, analytics |
| Browsing and Interaction Data | Website/app interactions, timestamps, page views, clicks | Website or app interaction | Engagement analysis, content personalization |
| Viewing Data | Where enabled and permitted by law, Automatic Content Recognition (“ACR”) technology may collect certain data from a Smart TV, including the Smart TV’s identifier, IP address, viewed content, and ad exposure information. ACR Viewing Data is collected only where the Smart TV user has received notice and any required consent has been obtained through the applicable TV, device, app, or consent interface. Users may disable ACR and manage advertising preferences through supported Smart TV privacy or advertising settings. We do not knowingly disclose information that identifies a consumer as having requested or obtained specific video materials or services except as permitted by applicable law. | ACR-enabled Smart TVs | Deliver and measure personalized ads shown to you on a Smart TV or other linked devices belonging to you or your household |
| Behavioral Data | User demographics (such as age, gender, income, marital status, or interests), user preferences, patterns, click and video interactions, and behavioral or interest-based data. We may also receive information from advertisers and advertising platforms to match the right advertisements to the appropriate audiences | Inferred or third-party data partners, and Media Buyers inputs | Interest-based segmentation, campaign optimization |
| Audience Segments | Aggregated groups such as “sports fans” or “comedy viewers”
These are based on online activity, advertising-related activity, contextual signals, and permitted partner data linked through pseudonymous identifiers. We do not create or use audience segments intended to identify or target individuals based on sensitive health conditions, racial or ethnic origin, religious beliefs, sexual orientation, citizenship or immigration status, precise geolocation, biometric data, or other sensitive characteristics, except where expressly permitted by applicable law and supported by any required consent. | Inferred from activity or provided by Clients. | Tailored advertising targeting, reach expansion |
| Survey Data | If you participate in a voluntary research panel or survey, we may collect survey responses, device information, and, only with your express consent, video or webcam-based response data to help measure viewer reactions during video viewing. We do not use facial response data to identify you, authenticate you, create biometric templates, or target or retarget advertising to you, unless we separately disclose that practice and obtain any legally required consent. You may decline or disable webcam-based participation at any time. For more information, you can view Affectiva’s privacy policy. | From voluntary surveys | Market research, creative optimization, and brand testing |
Offline/Online Transaction/ Conversion data | Purchase behavior to measure ad effectiveness. | From advertisers or e-commerce events | Attribution, ROI measurement |
3. Who We Share Personal Information With and Why
Summary: This section explains who we share Personal Information with, for what purposes, and under which lawful basis.
| Categories of Personal Information Shared | How Personal Information is Used or Shared | Category of Recipients | Lawful Basis |
| Identifiers, Device and Technical Data (e.g., IP address, device type, browser type), Commercial Data (e.g., purchase behaviors) | Used to deliver services, improve functionality, and monitor performance | Affiliates and Service Providers – organizations that process data on our behalf | Contractual necessity, Legitimate interests |
| Identifiers, Browsing Data, Geolocation Data, Viewing and Interaction Data, Demographic Segments | Audience insight, ad targeting and measurement | Media Buyers | Consent, Legitimate interests |
| Identifiers, Device and Technical Data, Browsing Data, Viewing and Interaction Data, Demographic Segments, and General Location Data | Real-time bidding, platform delivery, measurement, analytics, and enabling our partners to optimize bidding and campaign performance, including through the use of aggregated and de-identified models and insights related to advertising activities | Advertising Ecosystem Participants | Consent |
| Identifiers, Device and Technical Data, Browsing Data, Viewing and Interaction Data, Demographic Segments, and General Location Data | Data licensing, audience creation, analytics, measurement, identity resolution, targeting optimization, and enabling our partners to provide, improve, optimize, and enhance advertising-related products and services, including audience segments and cross-device capabilities | Media Buyers, Data Partners, Identity Graph providers and identity resolution partners | Consent |
Identifiers, Device and Technical Data, Demographic Segments
| Real-time bidding, platform delivery | Advertising Ecosystem Participants | Consent, Legitimate interests |
Viewing and Interaction Data, Browsing Data, Survey Responses
| Campaign measurement and audience analysis | Measurement Providers | Consent |
Commercial Data, Interaction Data, Identifiers
| Performance reporting and segmentation. | Attribution and Analytics Partners | Consent, Legitimate interests |
| All categories, as necessary and limited to the transaction context | Corporate restructuring or acquisition | Business Transactions | Legitimate interests, Legal obligation |
| All categories, legally required | Legal compliance and enforcement | Legal and Compliance | Legal Obligation |
Recipient Definitions
“Service Providers” means vendors that process Personal Information on Nexxen’s behalf and under contractual restrictions.
“Clients” means advertisers, agencies, publishers, and other partners that use the Services.
“Advertising Ecosystem Participants” means participants in digital advertising transactions, including exchanges, platforms, publishers, advertisers, measurement providers, verification providers, and identity resolution providers.
“Data Partners” means companies that provide, license, match, enrich, or receive data for permitted advertising, analytics, measurement, and identity resolution purposes.
Some disclosures may be considered a “sale,” “sharing,” or processing for “targeted advertising” under certain U.S. state privacy laws. You may opt out of sale, sharing, and targeted advertising through our Privacy Center and through recognized opt-out preference signals where required by law.
Industry Memberships and Self-Regulatory Frameworks
We support industry initiatives that promote transparency, accountability, and user choice regarding the use of Personal Information for digital advertising. As part of this commitment, Nexxen participates in, adheres to, or supports the following industry frameworks and programs, as applicable.
IAB Europe Transparency & Consent Framework (“IAB EU TCF”)
Nexxen participates in the IAB EU TCF, complies with the IAB EU TCF’s Specifications and Policies, and supports the use of TCF signals where Clients have implemented an IAB Europe TCF-compliant Consent Management Platform. Our identification numbers within the IAB EU TCF are 36 for the supply-side platform and 23 for the demand-side platform.
European Interactive Digital Advertising Alliance (“EDAA”)
Nexxen adheres to the European Industry Self-Regulatory Framework on Data-Driven Advertising, which is administered by the EDAA. This framework promotes transparency and user choice in connection with interest-based advertising across Europe. For more information, please visit the EDAA website.
4. How and Why We Use Your Personal Information
Summary: This section outlines how we use the Personal Information we collect.
| Purpose | Use | Lawful Basis |
| Personalized and Interest-Based Advertising (Targeted Advertising) | Creating audience segments, curated marketplaces (including Private Marketplace (“PMP“) deals), and delivering advertising to audiences based on inferred interests, demographics, location, and other advertising-related characteristics. | Consent where required by law; otherwise legitimate interests |
| Contextual Advertising | Showing ads relevant to content you view | Consent where required by law; otherwise legitimate interests |
| Measurement and Reporting | Evaluating advertising effectiveness and managing frequency | Consent where required by law; otherwise legitimate interests |
| ID Synchronization | Matching identifiers across platforms | Consent |
Identity Graph Building
| We may enrich our proprietary identity graph, and help our Clients to create “identity” graphs, to enable Clients to locate users across various channels, such as based on common personal, device-based, or network-based identifiers (e.g., IP address). Users may opt out of this type of processing where required by law. We implement safeguards to prevent re-identification and limit the use of these graphs to advertising, analytics, audience measurement, identity resolution, and related advertising purposes only. | Consent |
| Audience Creation | Grouping users based on interests, preferences, purchase, viewing, browsing, or other advertising-related activity (for example, “sports fans,” “comedy lovers,” “frequent travelers,” or “home improvement enthusiasts”) to help our Clients, where permitted by applicable law. | Consent |
| Advertising Creative and Content Optimization | Analyzing viewer reactions and engagement This data will not be used to identify or contact you or target or re-target relevant advertising or other content to you | Consent |
| Location-Based Advertising | Tailoring advertising based on general location | Consent |
| Product Improvement | Improving, testing, and developing products and Services in ways that are reasonably necessary and proportionate to the disclosed purposes, and diagnosing errors | Legitimate Interest |
Security, fraud prevention, and fix errors, regulatory and legal compliance
| Preventing fraud, maintaining system integrity, and meeting legal obligations | Legitimate Interest, Legal Obligation |
| Statistical information | Creating aggregate or de-identified insights that are not reasonably linkable to an individual, household, browser, or device. We may obtain statistical information from commercially available sources, service providers, and partners where permitted by law. | Legitimate interests where Personal Information is processed; not applicable where information is anonymous and no longer constitutes Personal Information |
| Behavioral Advertising | Delivering advertising based on your interests or preferences that are inferred from your interactions with websites, apps, advertisements, or other digital content over time, including information we receive from our Clients, where permitted by applicable law. We obtain this information through our own Services and from third-party partners and use it to show you ads that may be more relevant to you. | Consent |
| Survey Participation | Participating in surveys | Consent |
5. Your Privacy Controls and Choices
Summary: This section outlines how users and partners can control the collection and use of Personal Information across our Services.
Industry Tools
You can manage your advertising preferences and, where available, opt out of interest-based advertising through the industry tools listed below. These tools allow you to exercise advertising choices with participating organizations and may communicate your preferences to companies that support the relevant framework.
| Industry Tool | Applicable Region | How It Works / Why You Might Use It |
| NAI Consumer Opt-Out and Global Privacy Control (GPC) mechanisms | United States | These tools allow consumers to opt out of interest-based advertising by participating companies. Where required by applicable law, we process Global Privacy Control signals and other recognized opt-out preference signals as requests to opt out of sale, sharing, and targeted advertising for the browser or device that sends the signal. |
| Your Online Choices | Europe | Provides consumers with a centralized tool to manage advertising preferences and opt out of interest-based advertising from participating companies operating in Europe. |
| DAAC Webchoices | Canada | Allows consumers to opt out of interest-based advertising from participating digital advertising companies in Canada. |
| AdChoices | Australia | Enables consumers to learn about interest-based advertising and manage advertising preferences with participating organizations in Australia. |
Device Tools
| Control | What it Does | How to Use It |
| Browser Settings | Manage Tracking Technologies | Look under Privacy or Security settings in your browser |
| Device Settings | Control advertising identifiers | Look under the “Privacy”, “Ads” or “Advertising” settings on your device |
| Global Privacy Control (GPC) | Sends a browser signal requesting websites not to sell or share personal information where recognized by applicable law | Enable GPC through a supported browser or browser extension |
| Smart TV Settings | Disable ACR and manage advertising preferences on supported Smart TVs | Look under the Privacy or Advertising Settings of your Smart TV |
To access and exercise your privacy preferences, including opting out of targeted advertising or data sale/sharing, managing consent, or submitting access or deletion requests, please visit our Privacy Center. We make no representation about the accuracy or effectiveness of other providers opt-out mechanisms, including those listed on the above industry websites.
We will process opt-out requests within the time required by applicable law. Where technically feasible, browser or device-based opt-outs are applied in real time or near real time.
6. Children
Summary: This section clarifies our policy regarding children’s data.
We do not knowingly collect, use, disclose, sell, share, or process for targeted advertising Personal Information relating to children or minors where prohibited by applicable law. We require Clients and partners to avoid transmitting Personal Information relating to children or minors to the Services unless the disclosure is permitted by law and supported by any required consent.
For example, we do not knowingly collect Personal Information online from children under 13 in the United States. We also do not knowingly sell or share Personal Information of consumers under 16 where prohibited by U.S. state privacy laws. In jurisdictions with higher age thresholds, we apply the applicable local standard.
If we learn that we have collected Personal Information relating to a child or minor in a manner not permitted by law or our contractual requirements, we will delete or de-identify the information or take other appropriate steps.
7. How Long We Keep Your Personal Information
Summary: This section outlines how long we retain Personal Information.
We retain each category of Personal Information only for as long as reasonably necessary and proportionate for the purposes described in this Services Privacy Policy, including to provide the Services, maintain security, prevent fraud, debug systems, comply with legal obligations, resolve disputes, enforce agreements, and maintain audit and compliance records.
| Category | Retention Period/Criteria |
| Identifiers and tracking data | Based on cookie, SDK, or identifier expiration periods, including a standard 13-month expiration for European users where applicable |
| Bidstream Data | 30 days |
| Survey data | As long as needed for survey, research, validation, reporting, and legal compliance purposes |
| Facial response data | As long as needed for the disclosed research purpose, then deleted, de-identified, or aggregated |
| ACR Viewing Data | As required for advertising, measurement, reporting, and legal compliance purposes, subject to applicable consent and opt-out settings |
| Aggregate or de-identified information | Up to two years or as permitted by law, provided it is maintained in aggregate or de-identified form |
We apply internal retention schedules and deletion protocols to securely remove or de-identify Personal Information when no longer needed.
Aggregated and de-identified data, which no longer identifies individuals, may be retained for analytical and reporting purposes for up to two years or as permitted by law.
8. Where We Store Personal Information
Summary: This section explains where we store and transfer your Personal Information, and the safeguards we use when data is moved across borders.
Your Personal Information may be stored and processed in jurisdictions including Australia, Canada, European Economic Area (EEA), India, Israel, Japan, Singapore, United Kingdom, and United States.
In the course of delivering our Services, your Personal Information may also be transferred to, and processed by, our service providers, Clients, and partners located in countries outside of your home jurisdiction, including outside the UK and EEA. These countries may have data protection laws that differ from, and may offer a lower level of protection than, those in your jurisdiction. Where such transfers occur and an adequacy decision has not been issued by the relevant authority (e.g., the European Commission or UK Secretary of State), we rely on Standard Contractual Clauses (SCCs) and the UK International Data Transfer Addendum. We also implement additional technical and organizational safeguards to ensure that your data is handled securely and in accordance with applicable data protection laws.
For Australian users, our APP Privacy Policy disclosures include the countries or regions where overseas recipients are likely to be located where practicable.
For Brazilian users, international transfers are supported by an applicable transfer mechanism under the LGPD, such as adequacy, standard contractual clauses, consent where applicable, or another mechanism permitted by law.
You may request information about the transfer safeguards we use by contacting us through the Privacy Center.
9. Your Rights - Europe, UK and Israel
Summary: This section explains your data protection rights based on your location.
If you’re located in the European Economic Area (EEA), United Kingdom (UK), or Israel, you have the following rights regarding your Personal Information:
Jurisdiction | Privacy Rights |
EEA | Access, Rectification, Erasure (Right to be Forgotten), Restriction of Processing, Data Portability, Objection, Withdrawal of Consent. Complaints can be lodged with the relevant data protection supervisory authority. Where we rely on consent, you may withdraw consent at any time without affecting the lawfulness of processing based on consent before withdrawal. |
UK | Same as EEA; lodge complaints with the UK Information Commissioner’s Office (ICO). Where we rely on consent, you may withdraw consent at any time without affecting the lawfulness of processing based on consent before withdrawal. |
Israel | Access, Correction, Deletion (where justified), Objection to Use for Direct Marketing. Complaints can be lodged with the Israeli Privacy Protection Authority. |
You can exercise these rights by visiting our Privacy Center.
If you have a concern about our processing of Personal Information, we encourage you to contact us so we can address your issue. However, if we are not able to resolve it, you have the right to lodge a complaint with the Data Protection Authority where you reside.
EU and UK Data Protection Officer: Nexxen Data Protection Officer
For any concerns regarding the processing of your data by Nexxen please visit our privacy center.
10. Information Security
Summary: This section describes how we protect your Personal Information using technical and organizational security measures.
We use technical and organizational measures designed to protect Personal Information against unauthorized access, alteration, disclosure, or destruction. These measures may include internal audits, role-based access controls, logical data segregation, security logging and monitoring, network security, vendor controls, and other safeguards appropriate to the nature of the Personal Information and the processing.
11. Cookies and Tracking Technology
| Technology | Purpose | Data Involved | Controls |
| Cookies and pixels | Advertising delivery, measurement, analytics, fraud prevention, and preference management | Identifiers, browser data, device data, interaction data | Browser settings, Privacy Center, consent tools where available |
| Mobile advertising IDs | Mobile advertising, measurement, and opt-out management | Mobile ad IDs, device data, app interaction data | Device advertising settings |
| CTV and ACR technologies | Smart TV ad measurement, content recognition, and ad personalization where permitted | Smart TV identifiers, IP address, viewing data, ad exposure data | Smart TV privacy and advertising settings |
| ID synchronization | Matching identifiers across platforms and partners | Pseudonymous identifiers, hashed identifiers, device identifiers | Privacy Center, GPC where applicable |
| Survey technologies | Voluntary survey participation and research | Survey responses, device information, consented facial response data where applicable | Survey consent tools and webcam controls |
12. U.S. State Privacy Laws
Summary: This section outlines your privacy rights under U.S. state laws, including the right to request access to, deletion of, and correction of your Personal Information, and to opt out of the sale, sharing, targeted advertising, or certain profiling, as applicable.
Depending on your state of residence, you may have rights to access, delete, and correct your Personal Information, and to opt out of sale, sharing, targeted advertising, or certain profiling, as applicable. This Section applies if you are a natural person who is a resident of California, Colorado, Connecticut, Delaware, Indiana, Iowa, Kentucky, Florida, Maryland, Minnesota, Montana, New Hampshire, Nebraska, New Jersey, Oregon, Rhode Island, Tennessee, Texas, Utah, Virginia, or another U.S. state with applicable privacy laws (“Consumer”), when we act in the capacity as a “business” or “controller” as defined by the laws of such states.
The following sets forth the categories of information we collect and purposes for which we may use Consumers’ personal information. (Examples provided for each category are merely examples found in the statute, and do not indicate that we necessarily collect that type of information or identifier).
a. Categories of Consumer Personal Information We Collect and Use
Depending on how you interact with us, we may collect Personal Information about you. The table below reflects categories of Personal Information under CCPA and also describes how we collect and use such categories of information.
| Categories of Personal Information | Examples | Categories of Sources | Business Purpose |
| Internet or other electronic network activity | Browser and device information, operating system, IP address, IP address, and browsing history | Through automated means such as cookies and other data collection tools when you visit a digital property that uses our advertising services technology. | Providing our advertising and related services such as campaign measurement and data marketing. |
| Commercial or transactions information | Products or services purchased, obtained, or considered, or other purchasing or consuming histories or preferences | Through automated means such as cookies and other data collection tools when you visit a digital property that uses our advertising services technology. | Providing our advertising and related services such as campaign measurement and data marketing. |
| Geolocation data | General Geolocation data and Precise Geolocation data | Through automated means such as cookies and other data collection tools when you visit a digital property that uses our advertising services technology. | Providing our advertising and related services such as campaign measurement and data marketing. |
| Geolocation data | General geolocation data | Clients and third-party aggregators | Providing our advertising and related services such as campaign measurement and data marketing. |
| Inferences drawn from Personal Information | Consumer information, lifestyle or purchasing preferences | Through automated means such as cookies and other data collection tools when you visit a digital property that uses our advertising services technology. | Providing our advertising and related services such as campaign measurement and data marketing. |
| Internet or other electronic network activity | Browser and device information, operating system, IP address, IP address, and browsing history | Clients and third-party aggregators | Providing our advertising and related services such as campaign measurement and data marketing. |
| Characteristics of protected classifications | Demographic or inferred segment information, such as broad age range or gender, where permitted by law and not used to create or target sensitive segments | Clients and third-party aggregators | Providing our advertising and related services such as campaign measurement and data marketing. |
| Identifiers | Client or third party provided identifiers; hashed or obfuscated identifiers are still treated as Personal Information where they can reasonably be linked to an individual, household, browser, or device. | Clients and third-party aggregators | Providing our advertising and related services such as campaign measurement and data marketing. |
| Inferences drawn from Personal Information | Consumer information, lifestyle or purchasing preferences | Clients and third-party aggregators | Providing our advertising and related services such as campaign measurement and data marketing. |
| Professional or employment-related information | Current or past job history or job title | From you directly when you provide such information or through automated means such as cookies and other data collection tools when you visit our digital properties. | Business operations |
| Internet or other electronic network activity information | Browser and device information, operating system, IP address, IP address, and browsing history | From you directly when you provide such information or through automated means such as cookies and other data collection tools when you visit our digital properties. | Business operations |
| Identifiers | Name, address, contact Information | From you directly when you provide such information or through automated means such as cookies and other data collection tools when you visit our digital properties. | Business operations |
b. Our Business for Selling and Sharing Personal Information
As defined in CCPA, we may share and sell the information collected from and about you as discussed above for various business purposes, with service providers and with third parties including our Clients, advertising platforms, and those advertising platforms’ customers. These business purposes often involve cross-context behavioral advertising, also known as “targeted” advertising. California and certain other U.S. state privacy laws define “sale,” “sharing,” and “targeted advertising” broadly. These terms may include disclosing identifiers, internet or electronic network activity, device information, browsing activity, or similar information to advertising ecosystem participants for cross-context behavioral advertising or targeted advertising, even when no money is exchanged.
We collect and share the personal information that we collect for the purposes below and as described in this Services Privacy Policy.
Online Advertising & Targeting
- We create audience groups based on shared traits or interests.
- These groups are built using browsing behavior to predict likely purchases or actions.
- We may work with partners who match our data with cookies or IDs (using secure methods like hashing) to target ads across websites, mobile apps, and other platforms.
- We also help build “identity graphs” that connect users across devices and channels using shared identifiers (like IP address or email).
- We use this data to improve and measure the effectiveness of ad campaigns.
Internal Business Uses
- Research and development
- Security, fraud prevention, and debugging
- Auditing and quality control
- Legal compliance
- Our own marketing (e.g., from trade shows or social media)
Sharing Personal Information
- Legal & Safety: To comply with laws, protect our rights, investigate violations, or respond to legal requests.
- Fraud Prevention: With law enforcement or partners to prevent fraud, malware, or other harm.
- Corporate Transactions: If we’re involved in a merger, sale, or similar deal, personal info may be shared.
- Service Providers: With partners who help us run, support, or improve our services.
- Aggregate/De-Identified Data: We may aggregate or de-identify information so that it is not reasonably linkable to an individual, household, browser, or device. We maintain and use Aggregate/De-Identified Information only in aggregate or de-identified form, do not attempt to re-identify it, and contractually require recipients to maintain the information in aggregate or de-identified form and not attempt to re-identify it except as permitted by law. We maintain and use Aggregate/De-Identified Information in de-identified form and do not attempt to re-identify such information.
To opt out, visit our Privacy Center or click “Do Not Sell or Share My Personal Information.” Where required by law, we also honor recognized opt-out preference signals, including Global Privacy Control.
c. Our Retention of Personal Information
We retain each category of Personal Information only for as long as reasonably necessary and proportionate for the purposes described in this Services Privacy Policy, including to provide the Services, maintain security, prevent fraud, debug systems, comply with legal obligations, resolve disputes, enforce agreements, and maintain audit and compliance records.
d. Our Retention of Personal Information
As noted above, residents of certain U.S. states have particular privacy rights (“Applicable State Residents”). The scope and nature of these rights vary in each state, so we have sought to explain these rights in the most transparent and uniform terms, below.
Without being discriminated against for exercising these rights, California residents, as well as residents of the Applicable States, have the right to request that we disclose what Personal Information we collect from you, to delete that information, and to opt-out of the sale of your personal information, subject to certain restrictions. If you are a resident of such a state, you also have the right to designate an authorized agent to exercise these rights on your behalf (so long as your state of residence continues to recognize that right).
This section describes how to exercise those rights and our process for handling those requests. We may withhold these rights to the extent that the law in your state of residence does not recognize or no longer recognizes these rights.
Note that sometimes, we act only as a “service provider” or “processor” to our customers (for instance, if they provide information to us solely to use our marketing or data management tools), in which case any consumer requests for opt-out, deletion or access to data must be made through that Client.
i. The right to access, correction and disclosure
You may have the right to request the following information about the Personal Information we have collected, used, disclosed, sold, or shared about you, subject to applicable law and verification requirements.
- the categories and specific pieces of personal information we have collected about you;
- the categories of sources from which we collected the personal information;
- the business or commercial purpose for which we collected or sold the personal information;
- the categories of third parties with whom we shared the personal information; and
- the categories of personal information that we sold or disclosed for a business purpose, and the categories of third parties to whom we sold or disclosed that information for a business purpose.
You also may request correction of your personal information, such as if you believe we have incorrect information pertaining to you.
ii. The right to deletion
You may have the right to request that we delete the personal information we have collected from you. Certain information may be exempt from such requests under applicable law. We need certain types of information so that we can provide our Services to you, and may retain certain information for important business purposes, such as fulfilling our legal obligations, or for security, auditing or de-bugging purposes.
iii. How to exercise your access and deletion rights
California residents and residents of Other Applicable States may exercise their access or deletion rights by accessing our privacy center.
For security purposes, we will verify your identity in part by requesting or automatically capturing certain information from you when you request to exercise your applicable privacy rights. For instance, you may need to provide your email address. To request that we provide you with the specific pieces of personal information we have from you or to delete personal information we have collected from you, we may also need to ask you for additional information to verify your identity. Once we have verified your identity (and your agent, as applicable), we will respond to your request as appropriate.
- Where you have requested the categories of personal information that we have collected about you, we will provide the information you have requested, except where not permitted under applicable law or otherwise exempted by the CCPA or other applicable law.
- Where you have requested specific pieces of personal information, we will provide the information you have requested, except where not permitted under applicable law or otherwise exempted by the CCPA or other applicable law.
- Where you have requested that we delete personal information that we have collected from you, we will delete any information about you that is not necessary for the purposes indicated above or another permissible business, security or legal purpose. Certain information may be exempt from such requests under applicable law.
If we are unable to complete your requests fully for any of the reasons above, we will provide you additional information about the reasons that we could not comply with your request.
iv. The right to nondiscrimination
We will not deny, charge different prices for, or provide a different level of quality of goods or services if you choose to exercise these rights.
v. The right to “opt-out” of the sale of your personal information
You have the right to opt out of the “sale” of your personal information. California law (for instance) broadly defines sale such that it may include, for example, allowing third parties to receive and use certain information, such as Tracking Technologies, IP address and/or browsing behavior, to deliver targeted advertising.
If you wish to “opt out” of our “sale” of your information, i.e., for purposes of personalized advertising, we recommend employing the options we provide and explain in Section 5. Please visit our https://nexxen.com/privacy-data-subject-rights-request/ to exercise your opt-out rights.
vi. Sensitive Personal Information Right
If applicable, you may have the right to limit the use or disclosure of Sensitive Personal Information. We use and disclose Sensitive Personal Information only as permitted by applicable law and, where required, provide a method to exercise limitation rights.
vi. Authorized Agent
You can also designate an authorized agent to make requests to exercise your rights, where applicable state law (such as the CCPA) permits you to do so. In such case, we will take steps both to verify the identity of the person seeking to exercise their rights as listed above, and to verify that your agent has been authorized to make a request on your behalf through providing us with a signed written authorization or a copy of a validly executed power of attorney.
vii. Right to Appeal
If we deny your privacy rights request and your state provides an appeal right, you may appeal our decision through the Privacy Center. We will respond to appeals within the time required by applicable law.
ix. Annual Data Requests
The table below sets forth additional privacy disclosures with respect to our processing of data subject rights requests. During the period from January 1, 2025 to December 31, 2025, we processed the following privacy rights requests from individuals in jurisdictions with applicable privacy laws.
| Request Type | Number Received | Number Complied with in Whole or Part | Number Denied* | Median Response Time in Days* | Mean Response Time in Days* |
| Access | 41 | 25 | 11 | 4 | 6 |
| Delete | 453 | 221 | 160 | 5 | 7 |
| Opt-Out | 422 | 264 | 148 | 3 | 10 |
| Correction | 0 | NA | NA | NA | NA |
| Appeals | 1 | 1 | 0 | 30 | 30 |
*Indicates maximum response time based on fulfillment across all states.
e. Texas Data Broker Disclosure:
Nexxen is registered as a Data Broker with the Texas Secretary of State, as required by Texas law. For more information, visit the Texas Secretary of State data broker registration page.
f. California “Shine the Light” Law
California’s “Shine the Light” law (Cal. Civ. Code § 1798.83) permits California residents to request and receive, once per calendar year and free of charge, information about our sharing of your personal information (if any) with third parties for their own direct marketing use. Nexxen does not share your personal information with third parties for their own direct marketing purposes. This statement does not limit the disclosures described above for advertising, measurement, analytics, fraud prevention, legal compliance, or other purposes described in this Services Privacy Policy.
13. How to Contact Us
To submit a privacy rights request, visit our Privacy Center.
Nexxen’s corporate headquarters are located at 82 Yigal Alon St., 13th Floor, Tel Aviv 6789124, Israel.
EU and UK Data Protection Officer: Nexxen Data Protection Officer
14. Updates to this Services Privacy Policy
We may update this Services Privacy Policy from time to time to reflect legal, technical, or operational changes. Any updates will become effective when posted, unless a different effective date or notice period is required by applicable law. If we make material changes, we will provide notice as required by law.
The “Last Updated” date at the top of this Policy reflects the most recent revision.