The following document applies to users who use multimedia content hosting services with Onnetwork’s Player software.

If you are a registered user of platform you should read the following Privacy Policy

If you would like to review the privacy policy of ad creative hosting services you should review the Privacy Policy of ad creative hosting.

Onnetwork Sp. z o.o.

I. General Information.

The following information illustrates what happens to the User's data when using the services offered by the Data Administrator - Onnetwork Sp. z o.o., based in Warsaw, 17 Ciołka St., lok. 320 01-445 Warsaw, consisting of the hosting of multimedia materials with the Onnetwork’s Player software.

Basic purpose of the technology used:
Onnetwork’s Player, through its platform, enables the playback of multimedia materials uploaded by publishers, to the users visiting publisher’s websites. In this regard, it is incumbent on the publisher, as the controller, to comply with the information obligations of the GDPR and to obtain the necessary consents from the user for the processing of the data provided within Onnetwork’s Player. Onnetwork, within the framework of the consents received from the user, transfers data to its subcontractors (detailed in this Policy), who may process their personal data based on the consents given by the user.

II. Personal Data Administrator.

1. Onnetwork Sp. z o.o. (hereinafter referred to as: "Onnetwork", "Administrator") based in Warsaw (postal code: 01-445), registered in the National Court Register kept by the District Court for the Capital City of Warsaw, XII Economic Department of the National Court Register: 0000514215, NIP: 527271595, with share capital of 100 000 PLN, e-mail address:, is the Administrator of the personal data and processes personal data concerning the Users obtained in the course of providing services of hosting multimedia materials together with the Onnetwork’s Player software.
2. Onnetwork is at the same time a service provider, as referred to in Article 2(6) of the Act of July 18, 2002 on the provision of electronic services (Journal of Laws 2013 No. 0 item 1422, as amended).
3. Onnetwork shall apply technical and organizational measures to ensure the protection of the processed personal data appropriate to the risks and categories of data under protection, and in particular shall protect the data against unauthorized access, processing in violation of the Act, and alteration, loss, damage or destruction.
4. Onnetwork shall comply with the obligations under the Regulation of the European Parliament and of the Council (EU) 2016/679 of April 27, 2016 and the Act of July 18, 2002 on the provision of electronic services. (Journal of Laws 2013 No. 0 item 1422 as amended).

III. What information do we collect and for what purpose ?

1. Basis of processed data
In order to operate the service of hosting multimedia materials with Onnetwork’s Player software, the Administrator uses the Transparency & Consent Framework software standard developed by the Interactive Advertising Bureau (hereinafter IAB TCF) and on the basis of the so-called legitimate interest of the publisher. The user can give consent to the processing of personal data, choose individual settings for the processing of his/her personal data. Consents are given through the IAB TCF standard compliant software on the publisher's website and then transferred to the Administrator's software.

2. Types of cookies processed
Onnetwork collects and stores user-related data on the user's terminal device. This data is collected and processed in order to provide the content delivery services of Onnetwork’s Player. This data is stored on the user's device as cookies. There are two main types of cookies used in the operation of Onnetwork’s Player (due to their storage period):
  a) session cookies (temporary) - stored on the user's device only during the use of the site, that is, until the user logs out, shuts down the website or shuts down the browser used by the user, these cookies are processed regardless of the user's consent, as they are necessary for the proper operation of the services. Blocking the use of these cookies can only be done by changing the privacy settings of the user's browser, which may make it difficult or impossible for the user to use the service. For a description of blocking this type of cookies, see later in this Privacy Policy;
  b) permanent cookies - are stored on the user's device until the end of their life (i.e., the duration of operation parameterized for the cookie) or until the user deletes them. Consent to the use of such cookies is granted and can be revoked using IAB TCF-compliant software found on any website that uses Player Onnetwork technology.

The administrator uses the user's consent to store a cookie. This cookie is used for the purpose of determining the order in which materials are broadcasted in the Onnetwork’s Player playlist. In connection with this functionality, one cookie named "exsvl" is set (with a lifetime of 50 days - containing data on content already viewed by the user). In addition, the Administrator creates two types of short-term cookies (with a lifespan of 5 minutes and 10 minutes of lifespan) for optimizing the performance of Onnetwork’s Player. Additionally, trusted Onnetwork partners (such as Google, Gemius) may create other cookies in the service area. These cookies are always in accordance with the consents currently given by the user or to the extent necessary for the operation of specific services.

3. Data processed within the framework of the Onnetwork’s Player
The Administrator processes users' personal data necessary for the service:
1) IP address, data about the user's web browser;
2) session cookies,
- legal basis Art. 6 (1) (b) RODO

In addition, the Administrator uses one cookie named "exsvl" on the basis of the user's consent given within the websites or applications belonging to publishers
- legal basis Art. 6 (1) (a) RODO.

4. Other purposes of data processing
The data mentioned above are also processed for:
a)   measuring the volume of network traffic in order to improve the quality of the services provided,
b)   detecting situations that may pose a threat to network security, such as online fraud
- legal basis Art. 6(1)(b) RODO.

5. Data Recipients.
We may transfer your data to our subcontractors who process̨ data on the basis of a contract with us and only in accordance with our guidelines related to the performance of the service. In accordance with applicable law, we may transfer the collected data to entities that cooperate with us, e.g. subcontractors of services, and upon request to any authorities authorized to get access to such a data under separate legislation, e.g. the police or the court.
The sources of the data received by Onnetwork are publishers using Onnetwork's Player technology as well as trusted Onnetwork’s partners.

Data may be transferred to and processed by the following trusted partners of Onnetwork:
- Google Inc. Google's Privacy Policy can be read here,
- TVN S.A. You can read TVN S.A.'s Privacy Policy here,
- Smart AdServer. You can read Smart AdServer's Privacy Policyhere,
- AdForm A/S. You can read the Privacy Policy of AdForm A/S here,
- AppNexus. You can read the AppNexus Privacy Policy here,
- Gemius S.A. You can read the Privacy Policy of Gemius S.A. here.
- Adrino. You can read Adrino's Privacy Policy here,
- Clickonometrics. You can read Clickonometrics' Privacy Policy here,
- Criteo. You can read Criteo's Privacy Policy here,
- DoubleClick. You can read DoubleClick's Privacy Policy here,
- iBILLBOARD. You can read iBILLBOARD's Privacy Policy here,
- Oath. You can read Oath's Privacy Policy here,
- PubMatic. PubMatic's Privacy Policy can be read here,
- Teads.TV. Teads.TV's Privacy Policy can be read here,
- The Trade Desk. You can read The Trade Desk's Privacy Policy here,
- Xaxis. You can read Xaxis' Privacy Policy here,

6. Processing time
Onnetwork stores logs for a period of 2 years (based on separately applicable laws).

7. Profiling
Onnetwork does not profile users in any way, which does not preclude Onnetwork subcontractors (trusted partners) from doing so.

8. User Rights.
The user has the right:
a) the right to withdraw consent to processing at any time, which shall not affect the lawfulness of processing prior to withdrawal of consent;
b) the right to object to the processing of personal data for direct marketing purposes or, for reasons related to the user's particular situation, in any case where the legal basis for the processing of personal data is the legitimate interest of the data controllers;
c) the right to access your personal data;
d) the right to restrict the processing of data by the controller,;
e) the right to request rectification of personal data if it proves to be inaccurate or outdated;
f) the right to request erasure of personal data if the storage of such data is no longer necessary;
g) the right to request restriction of further processing in the event of a dispute over the accuracy or processing of personal data,
h) the right to request that we transfer user’s personal data to the user and, where appropriate, transfer the data directly to another data controller. User has the right to request a copy of its personal data that we process,
i) have the right to lodge a complaint with the supervisory authority - the President of the Office for Personal Data Protection, 2 Stawki Street, 00-193 Warsaw.

IV. Information Security.

We take the security of the data we process with due seriousness. Therefore, we control the methods of collecting, storing and processing information. We use firewalls, server security devices, encryption devices and physical security measures, among others. We grant access to data only to authorized entities that must have access to it for processing only for the purposes described in this Privacy Policy and under separately applicable laws.

V. Cancellation of Services.

Cancellation of consent by the user is done using software that complies with the IAB TCF standard.
We use cookies when providing our services. If you do not consent to our use of cookies, or if you wish to limit the scope of our use of cookies, you can opt-out of our website or change your browser settings.
Cookie settings are individual for each web browser (including their versions for mobile devices). In many cases, the default option is to allow cookies. However, each user can completely disable this option or to some extent limit the acceptance of cookies on their device. The browser you use may also inform you of your privacy settings, including requiring you to agree to the settings before installing or updating it for further use. Please be advised that disabling the acceptance of cookies may adversely affect the convenience of using the sites, or prevent you from using some of the services.
Information on the settings or complete deactivation of cookies in individual browsers is available on the websites of browser manufacturers or in the "Help" section of the browser menu.

Below are links to websites of manufacturers of popular browsers describing cookie settings and options for viewing and deleting cookies:
Opera browser
Firefox browser
Chrome browser
Microsoft EDGE browser
Safari browser

VI. Changes to the Privacy Policy.

Onnetwork may deem it appropriate or necessary to update this Privacy Policy. We reserve the right to make changes at any time. We will notify you of significant changes to the Privacy Policy by posting an appropriate notice on our website.

VII. Contacting Onnetwork.

If you have questions or concerns about the Privacy Policy, please contact us:
Onnetwork Sp. z o.o.
Ciołka street 17, lok. 320 01-445 Warszawa
NIP: 5272715951. REGON: 147296541. KRS: 0000514215