Services Privacy Policy

Last Updated July 1, 2026

Overview

This Services Privacy Policy (“Services Privacy Policy”) explains how Nexxen (“Nexxen,” “we,” “us,” or “our”) collects, uses, and shares “Personal Information” in connection with our digital advertising services.

This Services Privacy Policy applies when Nexxen determines the purposes and means of processing Personal Information in connection with the Services, including when Nexxen acts as a “controller” or “business” under applicable privacy laws. It does not apply to Personal Information that Nexxen processes solely on behalf of a Client as a “processor” or “service provider.” In those cases, the Client’s privacy policy and contractual terms with Nexxen govern the processing.

1. Our Services

Nexxen operates a global advertising technology platform offering data-driven advertising solutions across websites, mobile applications, connected TV (“CTV”) platforms, linear television, and digital channels (collectively, “Digital Properties”) as part of our digital advertising services (the “Services”). Through integrated demand-side and supply-side platforms, proprietary data management tools, creative capabilities, and AI-powered technologies, Nexxen facilitates the connection of data, creative, and media across the buy and sell sides of the advertising ecosystem. Our Services support advertisers, agencies, publishers, data partners, technology providers, and other partners (“Clients”) in delivering, optimizing, and measuring targeted advertising with greater efficiency and transparency. Our platform capabilities may include real-time bidding, audience segmentation, cross-device identity resolution, contextual advertising, interest-based advertising, measurement, analytics, and ACR data licensing. We use these capabilities only where supported by an applicable legal basis, such as consent, contractual necessity, legal obligation, or legitimate interests, depending on the jurisdiction and the nature of the processing.

We design our Services to support responsible data use and to help our Clients and partners address applicable privacy requirements, including requirements under the General Data Protection Regulation (“GDPR”), California Consumer Privacy Act (“CCPA”), and similar privacy laws.

We use automated processing to create advertising segments, match identifiers, measure campaigns, optimize ad delivery, and support fraud prevention. We do not use these activities to make decisions that produce legal or similarly significant effects about individuals, such as decisions about employment, credit, housing, insurance, education, health care, or access to essential services.

Privacy Summary

Topic

What You Need to Know

What We Collect

Device data, identifiers, browsing and interaction data, general location data, ad interactions, viewing data, inferred advertising segments, transaction or conversion data, and voluntary survey responses

Why We Collect It

To deliver relevant ads, measure performance, prevent fraud, and improve our services

How We Collect It

Through cookies, tracking technologies, third-party platforms, and client data integrations

Who We Share With

Service providers, ad partners, measurement vendors, and legal/regulatory authorities if required

Your Rights

Access, delete, correct, opt-out of sharing or selling, and restrict the processing of your data

How to Exercise Your Rights

Visit our privacy center

International Transfers

Data may be stored or transferred outside your region with appropriate safeguards

Data Retention

Data is retained only as long as needed for service delivery or legal reasons

Children’s Privacy

We do not knowingly collect, sell, share, or use for targeted advertising Personal Information relating to children or minors where prohibited by law.

2. What Personal Information We Collect

Summary: This section explains the categories of Personal Information we collect, where it comes from, and how we use it to deliver and improve our Services.

We collect and process Personal Information from a variety of sources to operate and improve our Services.  Depending on how you interact with our platform, we may collect the following types of information:

Categories of Personal Information

Examples of Personal Information

Source of Personal Information

 

How Personal Information is Used
Device and Location DataDevice type, operating system, IP address, general locationDevice/browser or CTV apps via tracking technologies, ClientsService delivery, targeting, and fraud protection
Identifiers

IP address, mobile ad identifiers, hashed or obfuscated user identifiers (e.g., UUIDs, hashed email), probabilistic identifiers, and other device identifiers

Tracking Technologies on Digital PropertiesRecognizing users across platforms, advertising delivery, analytics
Browsing and Interaction DataWebsite/app interactions, timestamps, page views, clicksWebsite or app interactionEngagement analysis, content personalization
Viewing Data

Where enabled and permitted by law, Automatic Content Recognition (“ACR”) technology may collect certain data from a Smart TV, including the Smart TV’s identifier, IP address, viewed content, and ad exposure information. ACR Viewing Data is collected only where the Smart TV user has received notice and any required consent has been obtained through the applicable TV, device, app, or consent interface. Users may disable ACR and manage advertising preferences through supported Smart TV privacy or advertising settings.

We do not knowingly disclose information that identifies a consumer as having requested or obtained specific video materials or services except as permitted by applicable law.

ACR-enabled Smart TVsDeliver and measure personalized ads shown to you on a Smart TV or other linked devices belonging to you or your household
Behavioral Data

User demographics (such as age, gender, income, marital status, or interests), user preferences, patterns, click and video interactions, and behavioral or interest-based data. We may also receive information from advertisers and advertising platforms to match the right advertisements to the appropriate audiences

Inferred or third-party data partners, and Media Buyers inputsInterest-based segmentation, campaign optimization
Audience Segments

Aggregated groups such as “sports fans” or “comedy viewers”

 

These are based on online activity, advertising-related activity, contextual signals, and permitted partner data linked through pseudonymous identifiers. We do not create or use audience segments intended to identify or target individuals based on sensitive health conditions, racial or ethnic origin, religious beliefs, sexual orientation, citizenship or immigration status, precise geolocation, biometric data, or other sensitive characteristics, except where expressly permitted by applicable law and supported by any required consent.

Inferred from activity or provided by Clients.Tailored advertising targeting, reach expansion
Survey Data

If you participate in a voluntary research panel or survey, we may collect survey responses, device information, and, only with your express consent, video or webcam-based response data to help measure viewer reactions during video viewing. We do not use facial response data to identify you, authenticate you, create biometric templates, or target or retarget advertising to you, unless we separately disclose that practice and obtain any legally required consent. You may decline or disable webcam-based participation at any time. For more information, you can view Affectiva’s privacy policy.

From voluntary surveysMarket research, creative optimization, and brand testing

Offline/Online Transaction/

Conversion data

Purchase behavior to measure ad effectiveness.From advertisers or e-commerce eventsAttribution, ROI measurement

 

3. Who We Share Personal Information With and Why

Summary: This section explains who we share Personal Information with, for what purposes, and under which lawful basis.

Categories of Personal Information SharedHow Personal Information is Used or SharedCategory of RecipientsLawful Basis
Identifiers, Device and Technical Data (e.g., IP address, device type, browser type), Commercial Data (e.g., purchase behaviors)Used to deliver services, improve functionality, and monitor performanceAffiliates and Service Providers – organizations that process data on our behalfContractual necessity, Legitimate interests
Identifiers, Browsing Data, Geolocation Data, Viewing and Interaction Data, Demographic SegmentsAudience insight, ad targeting and measurementMedia BuyersConsent, Legitimate interests
Identifiers, Device and Technical Data, Browsing Data, Viewing and Interaction Data, Demographic Segments, and General Location Data Real-time bidding, platform delivery, measurement, analytics, and enabling our partners to optimize bidding and campaign performance, including through the use of aggregated and de-identified models and insights related to advertising activitiesAdvertising Ecosystem ParticipantsConsent
Identifiers, Device and Technical Data, Browsing Data, Viewing and Interaction Data, Demographic Segments, and General Location DataData licensing, audience creation, analytics, measurement, identity resolution, targeting optimization, and enabling our partners to provide, improve, optimize, and enhance advertising-related products and services, including audience segments and cross-device capabilitiesMedia Buyers, Data Partners, Identity Graph providers and identity resolution partnersConsent

Identifiers, Device and Technical Data, Demographic Segments

 

Real-time bidding, platform deliveryAdvertising Ecosystem ParticipantsConsent, Legitimate interests

Viewing and Interaction Data, Browsing Data, Survey Responses

 

Campaign measurement and audience analysisMeasurement ProvidersConsent

Commercial Data, Interaction Data, Identifiers

 

Performance reporting and segmentation.Attribution and Analytics PartnersConsent, Legitimate interests
All categories, as necessary and limited to the transaction contextCorporate restructuring or acquisitionBusiness TransactionsLegitimate interests, Legal obligation
All categories, legally requiredLegal compliance and enforcementLegal and ComplianceLegal Obligation

Recipient Definitions

“Service Providers” means vendors that process Personal Information on Nexxen’s behalf and under contractual restrictions.

“Clients” means advertisers, agencies, publishers, and other partners that use the Services.

“Advertising Ecosystem Participants” means participants in digital advertising transactions, including exchanges, platforms, publishers, advertisers, measurement providers, verification providers, and identity resolution providers.

“Data Partners” means companies that provide, license, match, enrich, or receive data for permitted advertising, analytics, measurement, and identity resolution purposes.

Some disclosures may be considered a “sale,” “sharing,” or processing for “targeted advertising” under certain U.S. state privacy laws. You may opt out of sale, sharing, and targeted advertising through our Privacy Center and through recognized opt-out preference signals where required by law.


Industry Memberships and Self-Regulatory Frameworks

We support industry initiatives that promote transparency, accountability, and user choice regarding the use of Personal Information for digital advertising. As part of this commitment, Nexxen participates in, adheres to, or supports the following industry frameworks and programs, as applicable.

IAB Europe Transparency & Consent Framework (“IAB EU TCF”)

Nexxen participates in the IAB EU TCF, complies with the IAB EU TCF’s Specifications and Policies, and supports the use of TCF signals where Clients have implemented an IAB Europe TCF-compliant Consent Management Platform. Our identification numbers within the IAB EU TCF are 36 for the supply-side platform and 23 for the demand-side platform.

European Interactive Digital Advertising Alliance (“EDAA”)

Nexxen adheres to the European Industry Self-Regulatory Framework on Data-Driven Advertising, which is administered by the EDAA. This framework promotes transparency and user choice in connection with interest-based advertising across Europe. For more information, please visit the EDAA website.

4. How and Why We Use Your Personal Information

Summary: This section outlines how we use the Personal Information we collect.

Purpose

Use

Lawful Basis
Personalized and Interest-Based Advertising (Targeted Advertising) Creating audience segments, curated marketplaces (including Private Marketplace (“PMP“) deals), and delivering advertising to audiences based on inferred interests, demographics, location, and other advertising-related characteristics.Consent where required by law; otherwise legitimate interests
Contextual Advertising Showing ads relevant to content you viewConsent where required by law; otherwise legitimate interests
Measurement and ReportingEvaluating advertising effectiveness and managing frequencyConsent where required by law; otherwise legitimate interests
ID SynchronizationMatching identifiers across platformsConsent

Identity Graph Building

 

We may enrich our proprietary identity graph, and help our Clients to create “identity” graphs, to enable Clients to locate users across various channels, such as based on common personal, device-based, or network-based identifiers (e.g., IP address). Users may opt out of this type of processing where required by law. We implement safeguards to prevent re-identification and limit the use of these graphs to advertising, analytics, audience measurement, identity resolution, and related advertising purposes only.Consent
Audience CreationGrouping users based on interests, preferences, purchase, viewing, browsing, or other advertising-related activity (for example, “sports fans,” “comedy lovers,” “frequent travelers,” or “home improvement enthusiasts”) to help our Clients, where permitted by applicable law.Consent
Advertising Creative and Content Optimization

Analyzing viewer reactions and engagement

This data will not be used to identify or contact you or target or re-target relevant advertising or other content to you

Consent
Location-Based Advertising Tailoring advertising based on general locationConsent
Product ImprovementImproving, testing, and developing products and Services in ways that are reasonably necessary and proportionate to the disclosed purposes, and diagnosing errorsLegitimate Interest

Security, fraud prevention, and fix errors, regulatory and legal compliance

 

Preventing fraud, maintaining system integrity, and meeting legal obligationsLegitimate Interest, Legal Obligation
Statistical informationCreating aggregate or de-identified insights that are not reasonably linkable to an individual, household, browser, or device. We may obtain statistical information from commercially available sources, service providers, and partners where permitted by law.Legitimate interests where Personal Information is processed; not applicable where information is anonymous and no longer constitutes Personal Information
Behavioral Advertising

Delivering advertising based on your interests or preferences that are inferred from your interactions with websites, apps, advertisements, or other digital content over time, including information we receive from our Clients, where permitted by applicable law. We obtain this information through our own Services and from third-party partners and use it to show you ads that may be more relevant to you.

Consent
Survey ParticipationParticipating in surveysConsent

5. Your Privacy Controls and Choices

Summary: This section outlines how users and partners can control the collection and use of Personal Information across our Services.

Industry Tools

You can manage your advertising preferences and, where available, opt out of interest-based advertising through the industry tools listed below. These tools allow you to exercise advertising choices with participating organizations and may communicate your preferences to companies that support the relevant framework.

Industry ToolApplicable Region

How It Works / Why You Might Use It

NAI Consumer Opt-Out and Global Privacy Control (GPC) mechanismsUnited StatesThese tools allow consumers to opt out of interest-based advertising by participating companies. Where required by applicable law, we process Global Privacy Control signals and other recognized opt-out preference signals as requests to opt out of sale, sharing, and targeted advertising for the browser or device that sends the signal.
Your Online ChoicesEuropeProvides consumers with a centralized tool to manage advertising preferences and opt out of interest-based advertising from participating companies operating in Europe.
DAAC WebchoicesCanadaAllows consumers to opt out of interest-based advertising from participating digital advertising companies in Canada.
AdChoicesAustraliaEnables consumers to learn about interest-based advertising and manage advertising preferences with participating organizations in Australia.

Device Tools

ControlWhat it Does

How to Use It 

Browser SettingsManage Tracking TechnologiesLook under Privacy or Security settings in your browser
Device SettingsControl advertising identifiersLook under the “Privacy”, “Ads” or “Advertising” settings on your device
Global Privacy Control (GPC)Sends a browser signal requesting websites not to sell or share personal information where recognized by applicable lawEnable GPC through a supported browser or browser extension
Smart TV SettingsDisable ACR and manage advertising preferences on supported Smart TVsLook under the Privacy or Advertising Settings of your Smart TV

To access and exercise your privacy preferences, including opting out of targeted advertising or data sale/sharing, managing consent, or submitting access or deletion requests, please visit our Privacy Center. We make no representation about the accuracy or effectiveness of other providers opt-out mechanisms, including those listed on the above industry websites.

We will process opt-out requests within the time required by applicable law. Where technically feasible, browser or device-based opt-outs are applied in real time or near real time.

6. Children

Summary: This section clarifies our policy regarding children’s data.

We do not knowingly collect, use, disclose, sell, share, or process for targeted advertising Personal Information relating to children or minors where prohibited by applicable law. We require Clients and partners to avoid transmitting Personal Information relating to children or minors to the Services unless the disclosure is permitted by law and supported by any required consent.

For example, we do not knowingly collect Personal Information online from children under 13 in the United States. We also do not knowingly sell or share Personal Information of consumers under 16 where prohibited by U.S. state privacy laws. In jurisdictions with higher age thresholds, we apply the applicable local standard.

If we learn that we have collected Personal Information relating to a child or minor in a manner not permitted by law or our contractual requirements, we will delete or de-identify the information or take other appropriate steps.

7. How Long We Keep Your Personal Information

Summary: This section outlines how long we retain Personal Information.

We retain each category of Personal Information only for as long as reasonably necessary and proportionate for the purposes described in this Services Privacy Policy, including to provide the Services, maintain security, prevent fraud, debug systems, comply with legal obligations, resolve disputes, enforce agreements, and maintain audit and compliance records.

CategoryRetention Period/Criteria
Identifiers and tracking dataBased on cookie, SDK, or identifier expiration periods, including a standard 13-month expiration for European users where applicable
Bidstream Data30 days
Survey data

As long as needed for survey, research, validation, reporting, and legal compliance purposes

Facial response dataAs long as needed for the disclosed research purpose, then deleted, de-identified, or aggregated
ACR Viewing DataAs required for advertising, measurement, reporting, and legal compliance purposes, subject to applicable consent and opt-out settings
Aggregate or de-identified information

Up to two years or as permitted by law, provided it is maintained in aggregate or de-identified form

We apply internal retention schedules and deletion protocols to securely remove or de-identify Personal Information when no longer needed.

Aggregated and de-identified data, which no longer identifies individuals, may be retained for analytical and reporting purposes for up to two years or as permitted by law.

8. Where We Store Personal Information

Summary: This section explains where we store and transfer your Personal Information, and the safeguards we use when data is moved across borders.

Your Personal Information may be stored and processed in jurisdictions including Australia, Canada, European Economic Area (EEA), India, Israel, Japan, Singapore, United Kingdom, and United States.

In the course of delivering our Services, your Personal Information may also be transferred to, and processed by, our service providers, Clients, and partners located in countries outside of your home jurisdiction, including outside the UK and EEA. These countries may have data protection laws that differ from, and may offer a lower level of protection than, those in your jurisdiction. Where such transfers occur and an adequacy decision has not been issued by the relevant authority (e.g., the European Commission or UK Secretary of State), we rely on Standard Contractual Clauses (SCCs) and the UK International Data Transfer Addendum. We also implement additional technical and organizational safeguards to ensure that your data is handled securely and in accordance with applicable data protection laws.

For Australian users, our APP Privacy Policy disclosures include the countries or regions where overseas recipients are likely to be located where practicable.

For Brazilian users, international transfers are supported by an applicable transfer mechanism under the LGPD, such as adequacy, standard contractual clauses, consent where applicable, or another mechanism permitted by law.

You may request information about the transfer safeguards we use by contacting us through the Privacy Center.

9. Your Rights - Europe, UK and Israel

Summary: This section explains your data protection rights based on your location.

If you’re located in the European Economic Area (EEA), United Kingdom (UK), or Israel, you have the following rights regarding your Personal Information:

Jurisdiction

Privacy Rights

EEA

Access, Rectification, Erasure (Right to be Forgotten), Restriction of Processing, Data Portability, Objection, Withdrawal of Consent. Complaints can be lodged with the relevant data protection supervisory authority. Where we rely on consent, you may withdraw consent at any time without affecting the lawfulness of processing based on consent before withdrawal.

UK

Same as EEA; lodge complaints with the UK Information Commissioner’s Office (ICO). Where we rely on consent, you may withdraw consent at any time without affecting the lawfulness of processing based on consent before withdrawal.

Israel

Access, Correction, Deletion (where justified), Objection to Use for Direct Marketing. Complaints can be lodged with the Israeli Privacy Protection Authority.


You can exercise these rights by visiting our Privacy Center.

If you have a concern about our processing of Personal Information, we encourage you to contact us so we can address your issue. However, if we are not able to resolve it, you have the right to lodge a complaint with the Data Protection Authority where you reside.

EU and UK Data Protection Officer: Nexxen Data Protection Officer

For any concerns regarding the processing of your data by Nexxen please visit our privacy center.

10. Information Security

Summary: This section describes how we protect your Personal Information using technical and organizational security measures.

We use technical and organizational measures designed to protect Personal Information against unauthorized access, alteration, disclosure, or destruction. These measures may include internal audits, role-based access controls, logical data segregation, security logging and monitoring, network security, vendor controls, and other safeguards appropriate to the nature of the Personal Information and the processing.  

11. Cookies and Tracking Technology

Technology Purpose Data Involved Controls
Cookies and pixels Advertising delivery, measurement, analytics, fraud prevention, and preference management Identifiers, browser data, device data, interaction data Browser settings, Privacy Center, consent tools where available
Mobile advertising IDs Mobile advertising, measurement, and opt-out management Mobile ad IDs, device data, app interaction data Device advertising settings
CTV and ACR technologies Smart TV ad measurement, content recognition, and ad personalization where permitted Smart TV identifiers, IP address, viewing data, ad exposure data Smart TV privacy and advertising settings
ID synchronization Matching identifiers across platforms and partners Pseudonymous identifiers, hashed identifiers, device identifiers Privacy Center, GPC where applicable
Survey technologies Voluntary survey participation and research Survey responses, device information, consented facial response data where applicable Survey consent tools and webcam controls

12. U.S. State Privacy Laws

Summary: This section outlines your privacy rights under U.S. state laws, including the right to request access to, deletion of, and correction of your Personal Information, and to opt out of the sale, sharing, targeted advertising, or certain profiling, as applicable.

Depending on your state of residence, you may have rights to access, delete, and correct your Personal Information, and to opt out of sale, sharing, targeted advertising, or certain profiling, as applicable. This Section applies if you are a natural person who is a resident of California, Colorado, Connecticut, Delaware, Indiana, Iowa, Kentucky, Florida, Maryland, Minnesota, Montana, New Hampshire, Nebraska, New Jersey, Oregon, Rhode Island, Tennessee, Texas, Utah, Virginia, or another U.S. state with applicable privacy laws (“Consumer”), when we act in the capacity as a “business” or “controller” as defined by the laws of such states.   

The following sets forth the categories of information we collect and purposes for which we may use Consumers’ personal information. (Examples provided for each category are merely examples found in the statute, and do not indicate that we necessarily collect that type of information or identifier).

a. Categories of Consumer Personal Information We Collect and Use

Depending on how you interact with us, we may collect Personal Information about you. The table below reflects categories of Personal Information under CCPA and also describes how we collect and use such categories of information.

Categories of Personal Information ExamplesCategories of SourcesBusiness Purpose
Internet or other electronic network activity Browser and device information, operating system, IP address, IP address, and browsing historyThrough automated means such as cookies and other data collection tools when you visit a digital property that uses our advertising services technology.Providing our advertising and related services such as campaign measurement and data marketing.
Commercial or transactions informationProducts or services purchased, obtained, or considered, or other purchasing or consuming histories or preferencesThrough automated means such as cookies and other data collection tools when you visit a digital property that uses our advertising services technology.Providing our advertising and related services such as campaign measurement and data marketing.
Geolocation dataGeneral Geolocation data and Precise Geolocation dataThrough automated means such as cookies and other data collection tools when you visit a digital property that uses our advertising services technology.Providing our advertising and related services such as campaign measurement and data marketing.
Geolocation dataGeneral geolocation dataClients and third-party aggregatorsProviding our advertising and related services such as campaign measurement and data marketing.
Inferences drawn from Personal InformationConsumer information, lifestyle or purchasing preferencesThrough automated means such as cookies and other data collection tools when you visit a digital property that uses our advertising services technology.Providing our advertising and related services such as campaign measurement and data marketing.
Internet or other electronic network activity Browser and device information, operating system, IP address, IP address, and browsing historyClients and third-party aggregatorsProviding our advertising and related services such as campaign measurement and data marketing.
Characteristics of protected classifications

Demographic or inferred segment information, such as broad age range or gender, where permitted by law and not used to create or target sensitive segments

Clients and third-party aggregatorsProviding our advertising and related services such as campaign measurement and data marketing.
IdentifiersClient or third party provided identifiers; hashed or obfuscated identifiers are still treated as Personal Information where they can reasonably be linked to an individual, household, browser, or device.Clients and third-party aggregatorsProviding our advertising and related services such as campaign measurement and data marketing.
Inferences drawn from Personal InformationConsumer information, lifestyle or purchasing preferencesClients and third-party aggregatorsProviding our advertising and related services such as campaign measurement and data marketing.
Professional or employment-related informationCurrent or past job history or job titleFrom you directly when you provide such information or through automated means such as cookies and other data collection tools when you visit our digital properties.Business operations
Internet or other electronic network activity informationBrowser and device information, operating system, IP address, IP address, and browsing historyFrom you directly when you provide such information or through automated means such as cookies and other data collection tools when you visit our digital properties.Business operations
Identifiers Name, address, contact InformationFrom you directly when you provide such information or through automated means such as cookies and other data collection tools when you visit our digital properties.Business operations

 

b. Our Business for Selling and Sharing Personal Information

As defined in CCPA, we may share and sell the information collected from and about you as discussed above for various business purposes, with service providers and with third parties including our Clients, advertising platforms, and those advertising platforms’ customers.  These business purposes often involve cross-context behavioral advertising, also known as “targeted” advertising. California and certain other U.S. state privacy laws define “sale,” “sharing,” and “targeted advertising” broadly. These terms may include disclosing identifiers, internet or electronic network activity, device information, browsing activity, or similar information to advertising ecosystem participants for cross-context behavioral advertising or targeted advertising, even when no money is exchanged. 

We collect and share the personal information that we collect for the purposes below and as described in this Services Privacy Policy.

Online Advertising & Targeting

  • We create audience groups based on shared traits or interests.
  • These groups are built using browsing behavior to predict likely purchases or actions.
  • We may work with partners who match our data with cookies or IDs (using secure methods like hashing) to target ads across websites, mobile apps, and other platforms.
  • We also help build “identity graphs” that connect users across devices and channels using shared identifiers (like IP address or email).
  • We use this data to improve and measure the effectiveness of ad campaigns.


Internal Business Uses

  • Research and development
  • Security, fraud prevention, and debugging
  • Auditing and quality control
  • Legal compliance
  • Our own marketing (e.g., from trade shows or social media)


Sharing Personal Information

  • Legal & Safety: To comply with laws, protect our rights, investigate violations, or respond to legal requests.
  • Fraud Prevention: With law enforcement or partners to prevent fraud, malware, or other harm.
  • Corporate Transactions: If we’re involved in a merger, sale, or similar deal, personal info may be shared.
  • Service Providers: With partners who help us run, support, or improve our services.
  • Aggregate/De-Identified Data: We may aggregate or de-identify information so that it is not reasonably linkable to an individual, household, browser, or device. We maintain and use Aggregate/De-Identified Information only in aggregate or de-identified form, do not attempt to re-identify it, and contractually require recipients to maintain the information in aggregate or de-identified form and not attempt to re-identify it except as permitted by law. We maintain and use Aggregate/De-Identified Information in de-identified form and do not attempt to re-identify such information.


To opt out, visit our Privacy Center or click “Do Not Sell or Share My Personal Information.” Where required by law, we also honor recognized opt-out preference signals, including Global Privacy Control.

c. Our Retention of Personal Information

We retain each category of Personal Information only for as long as reasonably necessary and proportionate for the purposes described in this Services Privacy Policy, including to provide the Services, maintain security, prevent fraud, debug systems, comply with legal obligations, resolve disputes, enforce agreements, and maintain audit and compliance records.

d. Our Retention of Personal Information

As noted above, residents of certain U.S. states have particular privacy rights (“Applicable State Residents”).  The scope and nature of these rights vary in each state, so we have sought to explain these rights in the most transparent and uniform terms, below.

Without being discriminated against for exercising these rights, California residents, as well as residents of the Applicable States, have the right to request that we disclose what Personal Information we collect from you, to delete that information, and to opt-out of the sale of your personal information, subject to certain restrictions.  If you are a resident of such a state, you also have the right to designate an authorized agent to exercise these rights on your behalf (so long as your state of residence continues to recognize that right).

This section describes how to exercise those rights and our process for handling those requests.  We may withhold these rights to the extent that the law in your state of residence does not recognize or no longer recognizes these rights.

Note that sometimes, we act only as a “service provider” or “processor” to our customers (for instance, if they provide information to us solely to use our marketing or data management tools), in which case any consumer requests for opt-out, deletion or access to data must be made through that Client.

i. The right to access, correction and disclosure

You may have the right to request the following information about the Personal Information we have collected, used, disclosed, sold, or shared about you, subject to applicable law and verification requirements.  

  • the categories and specific pieces of personal information we have collected about you;
  • the categories of sources from which we collected the personal information;
  • the business or commercial purpose for which we collected or sold the personal information;
  • the categories of third parties with whom we shared the personal information; and
  • the categories of personal information that we sold or disclosed for a business purpose, and the categories of third parties to whom we sold or disclosed that information for a business purpose.

You also may request correction of your personal information, such as if you believe we have incorrect information pertaining to you.


ii. The right to deletion 

You may have the right to request that we delete the personal information we have collected from you.  Certain information may be exempt from such requests under applicable law.  We need certain types of information so that we can provide our Services to you, and may retain certain information for important business purposes, such as fulfilling our legal obligations, or for security, auditing or de-bugging purposes.

iii. How to exercise your access and deletion rights 

California residents and residents of Other Applicable States may exercise their access or deletion rights by accessing our privacy center.

For security purposes, we will verify your identity in part by requesting or automatically capturing certain information from you when you request to exercise your applicable privacy rights.  For instance, you may need to provide your email address. To request that we provide you with the specific pieces of personal information we have from you or to delete personal information we have collected from you, we may also need to ask you for additional information to verify your identity.  Once we have verified your identity (and your agent, as applicable), we will respond to your request as appropriate.  

  • Where you have requested the categories of personal information that we have collected about you, we will provide the information you have requested, except where not permitted under applicable law or otherwise exempted by the CCPA or other applicable law.
  • Where you have requested specific pieces of personal information, we will provide the information you have requested, except where not permitted under applicable law or otherwise exempted by the CCPA or other applicable law.
  • Where you have requested that we delete personal information that we have collected from you, we will delete any information about you that is not necessary for the purposes indicated above or another permissible business, security or legal purpose.  Certain information may be exempt from such requests under applicable law.

If we are unable to complete your requests fully for any of the reasons above, we will provide you additional information about the reasons that we could not comply with your request.


iv. The right to nondiscrimination 

We will not deny, charge different prices for, or provide a different level of quality of goods or services if you choose to exercise these rights.

v. The right to “opt-out” of the sale of your personal information 

You have the right to opt out of the “sale” of your personal information.  California law (for instance) broadly defines sale such that it may include, for example, allowing third parties to receive and use certain information, such as Tracking Technologies, IP address and/or browsing behavior, to deliver targeted advertising.

If you wish to “opt out” of our “sale” of your information, i.e., for purposes of personalized advertising, we recommend employing the options we provide and explain in Section 5. Please visit our https://nexxen.com/privacy-data-subject-rights-request/ to exercise your opt-out rights.


vi. Sensitive Personal Information Right 

If applicable, you may have the right to limit the use or disclosure of Sensitive Personal Information. We use and disclose Sensitive Personal Information only as permitted by applicable law and, where required, provide a method to exercise limitation rights.

vi. Authorized Agent

You can also designate an authorized agent to make requests to exercise your rights, where applicable state law (such as the CCPA) permits you to do so.   In such case, we will take steps both to verify the identity of the person seeking to exercise their rights as listed above, and to verify that your agent has been authorized to make a request on your behalf through providing us with a signed written authorization or a copy of a validly executed power of attorney.

vii. Right to Appeal

If we deny your privacy rights request and your state provides an appeal right, you may appeal our decision through the Privacy Center. We will respond to appeals within the time required by applicable law.  

ix. Annual Data Requests

The table below sets forth additional privacy disclosures with respect to our processing of data subject rights requests. During the period from January 1, 2025 to December 31, 2025, we processed the following privacy rights requests from individuals in jurisdictions with applicable privacy laws.  

 

Request TypeNumber ReceivedNumber Complied with in Whole or PartNumber Denied*Median Response Time in Days*Mean Response Time in Days*
Access41251146
Delete45322116057
Opt-Out422264148310
Correction0NANANANA
Appeals1103030

*Indicates maximum response time based on fulfillment across all states. 

e. Texas Data Broker Disclosure:

Nexxen is registered as a Data Broker with the Texas Secretary of State, as required by Texas law. For more information, visit the Texas Secretary of State data broker registration page.

f. California “Shine the Light” Law

California’s “Shine the Light” law (Cal. Civ. Code § 1798.83) permits California residents to request and receive, once per calendar year and free of charge, information about our sharing of your personal information (if any) with third parties for their own direct marketing use.  Nexxen does not share your personal information with third parties for their own direct marketing purposes. This statement does not limit the disclosures described above for advertising, measurement, analytics, fraud prevention, legal compliance, or other purposes described in this Services Privacy Policy.

13. How to Contact Us

To submit a privacy rights request, visit our Privacy Center.

Nexxen’s corporate headquarters are located at 82 Yigal Alon St., 13th Floor, Tel Aviv 6789124, Israel.

EU and UK Data Protection Officer: Nexxen Data Protection Officer

14. Updates to this Services Privacy Policy

We may update this Services Privacy Policy from time to time to reflect legal, technical, or operational changes. Any updates will become effective when posted, unless a different effective date or notice period is required by applicable law. If we make material changes, we will provide notice as required by law.

The “Last Updated” date at the top of this Policy reflects the most recent revision.