Privacy Policy

Privacy Policy

Effective Date: December 1st 2025

Last Updated: Version 1.0

1. Introduction

Foresiteads.com (referred to as "Foresite," "we," "us," or "our") operates an AI AdTech Platform designed to help e-commerce businesses optimize their return on ad spend (ROAS) and customer acquisition costs.

We respect your privacy and are committed to protecting it through our compliance with this policy. This policy describes the types of information we may collect from you or that you may provide when you visit our website, foresiteads.com (the "Site"), or when we process data on behalf of our clients through our AdTech Platform (the "Services").

This policy also explains our roles as both a Data Controller (for data we collect directly from our business clients) and a Data Processor (for data we process on behalf of our clients about their end-users/customers). By interacting with our Services or providing us with your information, you agree to the collection, use, and sharing of your information as described in this privacy policy.

2. Our Role: Data Controller vs. Data Processor A. Data Controller (Information about our Clients)

When you register for an account, subscribe to our newsletter, or contact us directly (i.e., you are a direct client or prospective client of Foresite), we are the Data Controller. We determine the purposes and means of processing your data, as described in Section 3A.

B. Data Processor (Information about End-Users)

When we provide our AdTech Services to our e-commerce clients, we process personal data about the end-users and customers of those clients (e.g., visitors to their online stores). In this scenario, our client is the Data Controller, and Foresite is the Data Processor. We process this data strictly under the instructions of our client and in accordance with our contractual agreements. If you are an end-user of one of our clients and have questions about how your data is processed, you should contact that client directly.

3. Information We Collect and How We Collect ItA. Information We Collect as a Data Controller (Client Data)

We collect personal information directly from you when you interact with our Site or Services for business purposes.

Category of Information

Examples of Data Collected

Purpose of Collection

Contact Information

Name, email address, phone number, company name.

To communicate, provide support, and manage your account.

Account Data

Login credentials, billing address, payment information (usually handled by a third-party processor).

To manage access to the platform and process payments for Services.

Communication Data

Records of correspondence, support tickets, survey responses.

To improve our Services and respond to inquiries.

B. Information We Collect as a Data Processor (End-User/Platform Data)

When our AdTech Platform is active on our clients' e-commerce stores, we collect information from end-users to provide targeted advertising, optimization, and analytics services.

Category of Information

Examples of Data Collected

How It Is Collected

Identifiers & Device Info

IP address, unique device identifiers, canvas identifiers, viewport identifiers, IP Geolocation, user agent, browser type, operating system.

Cookies, pixels, web beacons, and our proprietary AI tracking script. This may include both first-party and third-party cookies.

Usage & Behavioral Data

Pages visited, time spent on pages, referral sources, clicks, search terms, conversion events (e.g., product views, cart abandonment, purchases).

Cookies and pixel technology on our clients' websites. This may include both first-party cookies and third-party cookies.

Inferred Data

Inferences drawn from the data above to create a profile reflecting a consumer's preferences and characteristics (e.g., "high-intent purchaser").

Our proprietary AI AdTech platform.

If we combine or connect non-personal statistical or technical data with personal data so that it directly or indirectly identifies an individual, we treat the combined information as personal information.

Cookies and Similar Technologies

When you visit our Site or when our technology runs on our clients' sites, we and our partners may use cookies, pixels, and similar technologies to operate the Services, understand usage, and measure and improve advertising performance. Where required by law (for example, for visitors from the EEA or UK), we will obtain your consent before using cookies or similar technologies for advertising or analytics. You can withdraw your consent at any time through our cookie banner or by adjusting your browser settings.

4. How We Use the InformationA. As a Data Controller (Client Data)

We use the information we collect directly from our business clients to:

  • Provide, maintain, and improve the Foresite platform and services.

  • Process transactions and send related information, including invoices and confirmations.

  • Send technical notices, updates, security alerts, and support and administrative messages.

  • Monitor and analyze trends, usage, and activities in connection with our Site.

B. As a Data Processor (End-User Data)

We use end-user data strictly on behalf of and under the instructions of our clients to:

  • Deliver, target, and optimize our clients' digital advertisements.

  • Measure the effectiveness and ROAS of advertising campaigns.

  • Identify high-intent customers and create lookalike audiences for targeting.

  • Provide unified customer view and analytics to our clients.

C. Legal Bases (EEA/UK Only)

Where the GDPR applies, we process personal data on the following legal bases:

  • Performance of a contract: to create and manage accounts, provide the Services, and respond to requests.

  • Legitimate interests: to operate, secure, and improve the Services, communicate with business contacts, and measure and improve advertising performance, where our interests are not overridden by your rights.

  • Consent: where required by law, for example for certain marketing communications or the use of non-essential cookies and similar technologies.

When we process personal data as a processor on behalf of our clients, they are responsible for choosing an appropriate legal basis and providing any required notices to their end users.

5. Disclosure and Sharing of InformationA. Sharing Client Data

We may share the personal information of our clients with:

  • Vendors and Service Providers: Third parties who perform services on our behalf, such as payment processing, hosting, data analysis, and email delivery.

  • Legal Compliance: If required to do so by law or in response to valid requests by public authorities.

  • Business Transfers: In connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business.

B. Sharing End-User/Platform Data

We share or disclose end-user data with:

  • Our Clients: The data controller (our client) receives reports, analytics, and segment data derived from our platform about their own customers.

  • Third-Party Advertising Platforms: We may integrate with or share data with ad exchanges and platforms (e.g., Google Ads, Meta/Facebook Ads) to facilitate the actual serving of ads on our client's behalf.

Note on "Selling" Personal Information: While we do not receive monetary payment from a third party in exchange for consumer data, some US state laws (like the CCPA/CPRA) may define the transfer of personal information for cross-context behavioral advertising (which is central to an AdTech platform) as a "Sale" or "Sharing" of data. We do engage in such transfers of data to facilitate our clients' advertising campaigns.

6. Your Privacy Rights and Choices

Depending on your location (e.g., EU, California), you may have the following rights regarding the personal information we hold about you.

A. General Rights

  • Opt-Out of Communications: You can opt out of receiving promotional emails from us by following the unsubscribe link in those emails.

  • Access/Correction: You may request access to or correction of the business information we hold about you as a Data Controller.

B. Rights for Residents of the European Economic Area (EEA) and the UK (GDPR)

If we are acting as a Data Controller for your information, you have the right to:

  1. Access: Request copies of your personal data.

  2. Rectification: Request that we correct any information you believe is inaccurate.

  3. Erasure (Right to be Forgotten): Request that we erase your personal data, under certain conditions.

  4. Restriction of Processing: Request that we restrict the processing of your personal data, under certain conditions.

  5. Data Portability: Request that we transfer the data we have collected to another organization or directly to you, under certain conditions.

C. Rights for California Residents (CCPA/CPRA)

If you are a California resident, you have the right to:

  1. Right to Know: Request that we disclose the categories and specific pieces of personal information we have collected about you.

  2. Right to Delete: Request the deletion of your personal information, subject to certain exceptions.

  3. Right to Opt-Out: You have the right to direct us not to "sell" or "share" your personal information for the purpose of cross-context behavioral advertising.

To exercise your rights or opt-out, please contact us using the information below. We also honor browser-based opt-out signals, such as the Global Privacy Control (GPC).

7. Data Security and Retention

We implement commercially reasonable security measures designed to protect your information from unauthorized access, disclosure, use, and loss. However, no data transmission over the Internet or electronic storage is 100% secure. Therefore, we cannot guarantee its absolute security.

We will retain your personal information only for as long as is necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

8. International Data Transfers (EEA/UK)

Foresite is based in the United States and may transfer personal data to countries outside of the European Economic Area (EEA) and the United Kingdom. Where we transfer personal data from the EEA or UK to a country that has not been found to provide an adequate level of protection, we use appropriate safeguards, such as the European Commission's Standard Contractual Clauses and the UK International Data Transfer Addendum or other lawful transfer mechanisms. You can contact us using the details in the "Contact Us" section for more information.

9. Third-Party Websites

Our Site or our Services may contain links to third-party websites or services that are not owned or controlled by Foresite. This Privacy Policy does not apply to those third-party sites, and we are not responsible for their content or privacy practices.

10. Children's Privacy

Our Site and Services are not directed to children under 16 years of age. We do not knowingly collect personal information from children under 16. If we learn we have collected or received personal information from a child under 16, we will delete that information.

11. Changes to Our Privacy Policy

We may update our Privacy Policy from time to time. We will post the new Privacy Policy on this page and update the "Last Updated" date at the top of this policy. We encourage you to review this policy periodically for any changes. Your continued use of the Services after we make changes as described here is deemed to be acceptance of those changes, so please check the policy periodically for updates.

12. Contact Us

If you have any questions or comments about this Privacy Policy, our privacy practices, or your rights, please contact our Privacy Officer at:

Foresiteads.com

Email: privacy@foresiteads.com