• Ipsos MORI UK Limited is a specialist research agency, commonly known as “Ipsos.” Ipsos is part of the Ipsos worldwide group of companies and a member of the Market Research Society. As such, we adhere to the Market Research Society Code of Conduct, along with all associated regulations and guidelines. Ipsos is also an approved vendor in the IAB TCF Global Vendor List, ensuring close collaboration with publishers under UK PECR and EU GDPR rules.
• Fistnet d.o.o. (part of the Ipsos group of companies) is a solution provider of the DotMetrics audience measurement network tool, commonly referred to as “DotMetrics,” and is also an approved vendor in the IAB TCF Global Vendor List.

When we refer to “we” “our” or “us” in this privacy notice, it means Ipsos and DotMetrics, who are joint data controllers for this aspect of the project.

• Online publisher is a term used for publishers that create and upload webpages and/or apps, updating webpages, posting blogs, or otherwise processing and providing online publishing. The published content may include text, images, videos, and other types of media.
• RealityMine Limited, provides the passive metering technology (via an app/VPN) that we use to measure the behaviour of Ipsos iris panellists on multiple devices and platforms. This applies only if you are a member of the Ipsos iris panel, which you will have signed up to separately.

For queries regarding panel membership, please contact panel@ipsosiris.com.

UKOM (UK Online Measurement Ltd), the cross-industry body which sets and governs the standard for UK online audience measurement, has appointed Ipsos to carry out this online audience measurement study, known as “Ipsos iris,” beginning January 2021.

The Ipsos iris study aims to cover the audience measurement of the number of individuals using webpages, applications, search, social, and advertising networks across multiple platforms (PC/laptop, smartphones, and tablets) for UK homes, workplaces, and other locations. Activity is measured via a script/cookie placed on an online publisher’s site, and all collected data is anonymised and fused with other data sources to create a synthetic dataset, which is then shared with the online publisher or forms part of the overall industry statistics. The results of the study help online publishers, and the industry better understand audience profiles and behaviors and to optimise content and/or plan their online strategies.

A web intercept survey may be introduced through the same tag if approved by the online publisher. The purpose of the web intercept survey is to better calibrate demographic profile representation of the webpage/application and its sections in the delivered data. If you are asked to take part, you will have access to a separate privacy notice for that specific part of the study.

Our legal basis for placing and using cookies on your device and processing your data for this research study is consent. By providing your consent on the tagged site (e.g., via a cookie banner, consent management platform, or similar mechanism), you agree to the measurement activities described in this privacy notice. You can withdraw your consent at any time (please see the “Your Rights” section for details).

Online Publisher’s Legal Basis: The legal basis for the placement of cookies by the online publisher is handled separately, as part of your visit to their tagged site. Please refer to the specific privacy notice of the tagged site for more details on the publisher’s legal basis.

Ipsos and DotMetrics: We only process your data with your explicit consent, as indicated above. This means we will not use your data unless you have granted permission via the tagged site’s consent mechanism. If you wish to object or withdraw your consent at any time, please see Your Rights below.

When you visit a tagged site, we only collect and process what is necessary for this study. We serve internet cookies for your webpage visits, detailed in the Cookies section below.

IP Address Collection

We collect your IP address when you access the tagged site for the following purposes:

• To establish if you are located in the United Kingdom and the overall UK region.
• To gauge the speed of your internet connection and type of IP provider.

This information is only used for research and analysis and is never used for profiling or automated decision-making.

Browser and Device Data

• We collect web browser type index and computer type index to help us understand how the site displays to you and to ensure accurate measurement.
• We also collect the referring webpage (i.e., the page you visited immediately before arriving at the tagged site).
• Opt-Out: You can request to be disconnected from the measurement on the device you are using—please see the Contact section below.

We use digital fingerprint technology, also known as “Machine Identification,” to gather certain information about your computer, hardware, and software (e.g., IP address, display settings, browser type, and operating system). We convert this information into a unique serial number (the digital fingerprint) which determines whether it matches previous fingerprints.

The data collected in this process and the resulting digital fingerprint are securely stored on protected servers and used for the following purposes:

• Quality control and fraud prevention
• Determination of device type (e.g., whether the site is accessed via a desktop, TV, app, or mobile interface)

Anonymous “Pageview +1” Measurement

When a user visits a tagged site without providing consent, our system doesn’t drop a cookie on the visitor’s device, but still records a single anonymous pageview increment (+1) or a video counter increment (+1).

• This ensures that we register an anonymous visit occurred, without associating it with any personally identifiable data.
• No IP address, device fingerprint, or personal data is collected in such cases.
• This type of measurement is fully aggregated, non-identifiable, and used solely for audience analytics.

Your IP address or device fingerprint remains completely unknown to us on the current tagged site unless you actively provide consent for full data collection.

When you give us consent we install cookies on your device so we can identify how often you visit the tagged site(s) and the type of device used. The cookies are used exclusively for the purposes of the Ipsos iris online measurement study. On your first visit to a tagged site, the cookie helps identify your connected device.

For more information on setting, editing, or deleting cookies:

• http://www.allaboutcookies.org
• http://www.youronlinechoices.com/uk

For specific instructions on how to install cookies that prevent measurement for this study, please visit the DotMetrics Privacy Centre—contact details are in the Contact section below.

The types of cookies used on the tagged site(s) are:

Host domain for all cookies, except DotMetrics.DomainCookie, is uk-script.dotmetrics.net

We take our information security responsibilities seriously and apply various precautions to ensure your information is protected from loss, theft, or misuse. Our security measures include:

• Appropriate physical security of offices
• Controlled and limited access to computer systems
• Division of overall data storage into layered, anonymous and pseudonymised databases
• Full server encryption

• Collecting demographic information for research
• General abstracted audience analytics of web traffic for online publishers’ sites and applications
• Diagnosing problems related to hardware and software solutions

• Access: You have the right to access your data, including personal data, within the limited period that we hold it.
• Withdraw Consent: You can withdraw your consent to Ipsos and DotMetrics processing your data at any time.
• Rectification: You have the right to rectify any incorrect or out-of-date data about you that we may hold.
• Deletion: You have the right to request that we delete your data.

If you have any complaints, we would appreciate the opportunity to resolve any issue first at dpo@dotmetrics.net. However, you are always entitled to contact our regulatory body, the UK’s Information Commissioner’s Office (ICO).

Details can be found at https://ico.org.uk/global/contact-us/ or by emailing casework@ico.org.uk.

Important: When you access a tagged site anonymously or without providing information that identifies you as a specific data subject, but later wish to exercise your rights, you may need to provide some personal information (e.g., first and last name plus an email address). By providing this, you consent to us processing your personal data; we will record evidence of that consent in the Data Privacy Centre.

We will only retain your data in a way that can identify you for as long as is necessary to support the Ipsos iris research study and its findings. Practically, after we have reported the anonymised research findings to the online publishers and carried out the necessary quality control checks, we will securely remove your personal, identifying data from our systems.

Where will my personal data be processed and stored, and who will have access?

• DotMetrics will collect, process, and store your data in secure data centers/servers within the European Union. Specifically, our primary server location is in Ireland.
• Ipsos staff involved in this research project or who need access to support the systems used. This may include staff in:
• Other Ipsos Group companies involved in this research, some located in other countries. We always ensure data is transferred safely and securely.
• Sub-contractors who may process data on Ipsos’ behalf and under our control (e.g., service providers hosting or providing tech support).

Where required by law or regulation, we may be compelled to disclose some of your information to relevant authorities (e.g., in a police investigation).

Such processing may involve transferring your personal data to countries outside the UK/EU, including the EEA, the USA, and India. We take great care to ensure any transfers are secure and comply with all applicable data protection and privacy laws. We use EU standard contractual clauses for every intra-group data transfer (even within the EU) as part of our Intra-Group Master Services Agreement (MSA). Any sub-contractors are also bound by strict data privacy and security requirements.

• DotMetrics will collect, process and store your data in data centers and servers within the European Union.
• Ipsos staff involved in this research project, or who need access in order to directly support the systems used. This may include staff in:
  • Other Ipsos Group companies involved in this research, some of which may be located in other countries. The data will always be moved safely and securely and where possible will be pseudonymised.
  • Our sub-contractors who may carry out some of the processing on Ipsos’ behalf, and under Ipsos’ control; for example: the service providers who host or provide technical support for our systems.
  • Where required by law or regulation, we may be required to disclose some of your information to relevant authorities; for example, if you are being investigated by the police for criminal activity.

This may also involve transferring and partially processing your personal data in other countries outside of the UK/EU, including the USA, EEA and India. However, we can reassure you we take great care to ensure any transfers are carried out securely and in compliance with all applicable data protection and data privacy legal requirements through EU standard contractual clauses, which are in place for every intra-group data transfer (even within the EU) and this forms part of the Intra-Group Master Services Agreement (MSA). We can also assure you that any sub-contractors involved are also required to abide by the same data privacy and security requirements as Ipsos.

While the Ipsos iris study focuses primarily on individuals aged 16 and older, some panel members may be younger than 16 but only under explicit parental or guardian consent. If we become aware that personal information relating to a minor has been collected without such consent, we will take the steps necessary to delete it.

If you wish to use your work device for this measurement study, you must first confirm with your employer that you are not breaching company policies by installing or using any measurement software on your employer’s devices.

Contact Fistnet d.o.o./DotMetrics Data Protection Officer:

Email:

dpo@dotmetrics.net

Post:

Fistnet d.o.o.
Aleja Lipa 1b
10 000 Zagreb
Croatia

Access the DotMetrics Privacy Centre: https://dotmetrics.net/privacy-center

Contact Ipsos

Email:

Ipsosiris-compliance@ipsos.com

Post:

Ipsos iris Study
Data Protection Officer, Compliance Department
Ipsos MORI UK Limited
3 Thomas More Square
London E1W 1YW
United Kingdom

We keep our privacy policy under regular review and will inform you of any updates. The latest version was last updated on 10th April 2025.