About this privacy statement

Our data privacy statement, sets out how we handle personal data. We are aware of the importance to users of how personal data are handled and we assure you that we observe all relevant legal requirements. We consider the protection of your privacy to be of paramount importance. For this reason, compliance with the legal requirements on data privacy is, for us, a matter of course.

We reserve the right to make amendments at any time to this data privacy statement for future effect.

Data protection commissioner

You can contact our data protection officer (s) at:
ePrivacy GmbH
represented by Prof. Dr. Christoph Bauer
Große Bleichen 21
20354 Hamburg
c.bauer@eprivacy.eu

Contact

Nano Interactive GmbH
Lindwurmstr, 27
80337  München, Germany

privacy@nanointeractive.com

Personal data

At Nano Interactive, we are committed to respecting your privacy and protecting your personal
data in full compliance with the General Data Protection Regulation (GDPR) and the California
Consumer Privacy Act (CCPA).

Our Nano LIIFT technology does not collect personal data in a way that identifies
individuals. While we do collect IP addresses as part of standard internet communication, we
immediately truncate the last octet, rendering the IP address non-identifiable and
anonymized. This ensures that no directly identifiable information is stored or processed for the
purposes of our targeting technology.

We do not use cookies, mobile identifiers, or any cross-site tracking techniques. Our technology
operates entirely without storing or linking to personal profiles.

Personal data may be collected only in specific cases where you actively provide it—such as
when submitting a contact form, signing up for email newsletters, or engaging in other direct
interactions on our website. In these instances, your data is processed solely with your explicit
consent, and only for the purpose you have agreed to.

We never combine voluntarily provided personal information with data collected through our ad
technology.

Requirement or obligation to provide data

In so far as this is not expressly stated, when data are collected, the provision of data is neither required nor obligatory.

Legal basis

Nano Interactive operates its LIIFT technology with privacy by design and by default, ensuring
compliance with the General Data Protection Regulation (GDPR) and the California Consumer
Privacy Act (CCPA).

Nano LIIFT does not process personal data as defined under GDPR Article 4(1). While we
collect IP addresses for technical purposes, they are immediately anonymized by truncating the
last octet. As a result, this data cannot be used to identify an individual and does not fall under
the scope of personal data processing.

For any situations where personal data may be collected—such as via contact forms or newsletter
subscriptions—processing is conducted solely based on explicit user consent, in accordance
with GDPR Article 6(1)(a). We never combine voluntarily provided personal information with
any anonymized data used in our advertising technology.

Under the California Consumer Privacy Act (CCPA), we do not collect, sell, or share personal
information as defined in Sections 1798.100 and 1798.140. The anonymized technical data we
collect cannot reasonably be linked to any identifiable consumer or household.
Nano Interactive’s commitment to transparency and data minimization ensures that all data
practices follow the principles set forth in GDPR Article 25 and similar frameworks in other
jurisdictions.

Data sources

Nano Interactive’s LIIFT platform operates without the use of personal data, cookies, or any
form of cross-site tracking.


Our targeting technology relies exclusively on real-time contextual signals—such as the
content of the webpage a user is viewing and basic technical details about the device and
connection. These signals are processed instantly and are never used to identify or track
individuals.


We collect:

  • Page content and contextual keywords to assess relevance,
  • Browser and operating system information, derived from the User Agent string, to
    support compatibility and ad rendering,
  • Geographic information (Country and City), extracted from the IP address before
    truncating the last octet, for contextual targeting based on general location.

We do not store or process:

  • Full or raw IP addresses,
  • Cookies or persistent identifiers,
  • Historical user behavior or profiles,
  • Data from third-party brokers.

The data used by LIIFT is strictly non-identifiable and anonymized, ensuring full compliance
with GDPR and CCPA. No personal profiles are created or retained, and no data is used to
recognize returning users.
Any personal data collected through user-initiated actions on our website (e.g., contact forms,
newsletter sign-ups) is handled separately, processed only with explicit consent, and never
connected to LIIFT data.

Retention period

Nano Interactive retains only the minimal, anonymized data necessary to provide and improve its
services, for a limited duration.

For the purposes of ad delivery and campaign performance measurement, Nano LIIFT stores
anonymized, non-personal data—including contextual metadata, truncated IP addresses, and
derived geographic information (such as country and city)—for a maximum of 24 months. This
data is used solely to monitor, analyze, and optimize advertising campaigns without identifying
or profiling individual users.

We do not retain:

  • Full or raw IP addresses,
  • Cookies or persistent identifiers,
  • Any data that can be linked to individual users or tracked across sessions.

Personal data collected through direct interactions (such as web forms or newsletter sign-ups) is
retained only as long as necessary for the stated purpose and is deleted promptly upon request or
withdrawal of consent.
Our retention practices comply with the principles of data minimization and storage limitation
as outlined in GDPR Article 5(1)(e) and consistent with CCPA requirements.

GDPR & Data Transparency

An external audit conducted by ePrivacy, an independent organization, has confirmed that Nano Interactive does not transfer any data outside of the European Economic Area (EEA). All data processing and storage activities are conducted within our secure data centers located in Germany and Ireland.

Nano Interactive employs robust data processing practices that prioritise the protection and safety of personal data. Immediate IP anonymization is implemented to ensure a high standard of data security.

As a result, Nano Interactive is not obligated to prepare any Transfer Impact Assessments (TIA) and is exempt from the requirement to maintain a Data Protection Impact Assessment (DPIA).

Information regarding our targeting service

Data collection and usage

We specialize in displaying ads that are relevant to you. We do this by collecting the following kinds of data on the websites or apps of our publisher partners or advertisers:

  • Events related to your browsing behavior on one of our partner publishers’ websites or apps
  • Events related to our ad serving activities (eg impressions, impressions per user, clicks, viewability, conversions, fraud)
  • We process full IP addresses for a fraction of a second (but never stored), truncating so that the last three digits are anonymised and therefore pseudonymous. We only store truncated IP addresses.

This allows us to show you advertising that is more relevant to you. We do not at any point collect contact information such as your name, address, phone number, email address, credit card information, or anything else that can allow us or our clients to contact you directly. There is no way for us to know who you are. We only collect data from our trusted data partners and do not collect data from public sources.

In order for us to process your data, you will have already accepted cookies or similar technologies from one of the publishers or advertisers we work with. You can change your preferences at any time as set out in Section 6. below.

 

Data sharing

Nano Interactive collaborates with a select group of trusted partners to deliver, measure, and optimize advertising campaigns while maintaining strict data privacy standards.

The following partners may receive anonymized, non-identifiable data processed by Nano LIIFT solely for the purposes of ad delivery, measurement, and verification:

We do not share any personal data that could identify individuals. All data provided to these partners is anonymized and aggregated, consistent with privacy regulations including GDPR and CCPA.

Our partners are carefully vetted to ensure they uphold rigorous privacy and security standards and comply with applicable data protection laws. We maintain agreements to safeguard data and restrict use strictly to authorized purposes.

The recipients of forwarded data are sometimes seated outside of the European Union. Nano Interactive transfers forwarded data only to third countries if the data protection level of the third country is adequate or if the recipients has provided appropriate safeguards.

 

Information regarding our Marketing

Data collection and usage

Nano Interactive collects only the minimal, non-identifiable data necessary to provide its advertising services while fully respecting user privacy.

Our LIIFT platform collects the following data exclusively for contextual and technical purposes:

  • Page content and contextual signals to deliver relevant advertising in real time,
  • Browser and operating system information extracted from the User Agent string, used solely to ensure ad compatibility and optimal rendering,
  • Geographic information (Country and City) derived from the IP address before anonymization,
  • Anonymized IP addresses, with the last octet truncated to prevent identification.

This data is processed in real time and stored only in an anonymized form to improve campaign performance and reporting. It is never used to identify or profile individual users, nor combined with any personal information.

Personal data, such as names or email addresses, is only collected when you actively provide it through website forms or newsletter sign-ups and always with your explicit consent. Such personal data is processed separately and never linked to the anonymized data used by LIIFT.

We do not engage in:

  • Cross-site tracking,
  • Use of cookies or persistent identifiers,
  • Collection of data from third-party data brokers.

Our data collection practices adhere to the principles of data minimization, privacy by design, and comply fully with GDPR and CCPA

 

Third Party Processors

Our carefully selected partners and service providers may process personal information about you on our behalf as described below:

Digital Marketing Service Providers

We periodically appoint digital marketing agents to conduct marketing activity on our behalf, such activity may result in the compliant processing of personal information.  Our appointed data processors include:

(i) Prospect Global Ltd (trading as Sopro) Reg. UK Co. 09648733. You can contact Sopro and view their privacy policy here: http://sopro.io.  Sopro is registered with the ICO Reg: ZA346877 their Data Protection Officer can be emailed at: dpo@sopro.io.”

Web Analysis

Like almost all website operators, we use analytical tools in the form of tracking software to ascertain the number of users using our website and how frequently they visit. To enable us to optimize our website and our service, we use Google Analytics, which is a web analysis service provided by Google Inc. (“Google”). Google Analytics uses what are known as “cookies”: these are text files stored on your computer and used to analyze your website usage. The information generated by the cookie about your use of this website (including your IP address) will be sent to a Google server in the USA and stored there.However, if IP anonymization is enabled on this website, within member states of the European Union, or in other states that are party to the agreement on the European Economic Area Google first abbreviates your IP address. The full IP address will only be transmitted in exceptional circumstances to one of Google’s servers in the USA, where it will then be abbreviated. Google will use this information on behalf of our website operator to analyze your use of the website in order to compile reports about website activities for the website operator and to perform other services connected with the use of the website and of the Internet. The IP address transmitted by your browser as part of Google Analytics will not be merged or combined with other data by Google.You can prevent cookies from being stored by applying the appropriate settings in your browser software; please note, however, that in this case you may not be able to use all of the functions of this website to their full extent. You may also prevent Google from collecting data generated by the cookie referring to your website usage (including your IP address), and from processing these data by downloading and installing the browser plug-in available from the following link tools.google.com/dlpage / gaoptout? hl = de. As an alternative to the browser add-on or within browsers on mobile devices, please click on this link to prevent Google Analytics from collecting data in this website in future (the opt-out only works in this browser, and only for this domain) .This stores an opt-out cookie on your device. If you delete your cookies in this browser, you need to click on this link again. Further information is available at tools.google.com/dlpage/gaoptout?hl=de or at www.google.com/intl/de/analytics/privacyoverview.

Usage-related advertising

From time to time we run ad campaigns for our own services. For these campaigns we use our own targeting technology (please see section 2.). The advertising displayed on certain partner websites is optimized for you through anonymously collected and processed data about how you use our services, so that you can see advertisements relevant to your interests. For this purpose, a cookie will be stored on your computer.

Nano’s commitment and adherence

Nano Interactive is fully committed to responsible data practices and industry standards in digital advertising.

We are a proud member of the IAB Transparency & Consent Framework (TCF), holding Vendor ID 72, which ensures transparency, user control, and compliance with privacy regulations like GDPR and CCPA.

Our participation in the IAB TCF guarantees that user consent and preferences are respected and integrated into our advertising technology.

Data protection

Protecting the data we process is a fundamental priority for Nano Interactive.

All data handled by Nano LIIFT is managed in compliance with applicable data protection laws, including GDPR and CCPA. We implement technical and organizational measures to ensure data confidentiality, integrity, and security.

Data processed by Nano LIIFT is anonymized and limited to contextual signals, with no personal data used for profiling or tracking.

Our infrastructure is hosted in secure facilities, including a dedicated data center in Ireland, and access is restricted to authorized personnel only.

Nano Interactive continuously reviews and updates its data protection policies and practices to align with evolving regulations and industry best practices.

Rights of the data subject

Right to access, rectification, right to object, to complaint, erasure and blockage.
  • You have the right to request information about whether and which personal data is processed by our company. You also have the right to demand that your personal data is rectified or amended.
  • Under certain circumstances, you have the right to request that your personal data should be deleted.
  • Under certain circumstances, you have the right to demand that the processing of your personal data should be restricted.
  • You can withdraw your consent to the processing and use of your data completely or partially at any time with future application.
  • You have the right to obtain your personal data in a common, structured and mechanically readable format.
  • If you have any questions, comments, complaints or requests in connection with our statement on data protection and the processing of your personal data, you can also contact our data protection officer in detail.
  • You also have the right to complain to the responsible supervisory authority if you believe that the processing of your personal data is in violation of the legislation.

Date of issue of this data privacy statement

16/07/2025