function Page() {
  useReveal();

  return (
    <>
      <Header basePath="./" />
      <section className="section" style={{paddingTop: 40, paddingBottom: 60}}>
        <div className="container" style={{maxWidth: 1000}}>
          <h1 className="display-1" style={{marginBottom: 24}}>Privacy <span className="h-italic">Policy.</span></h1>
          <p className="lead" style={{maxWidth: "60ch"}}>
            Last Updated: April 2026. This comprehensive Privacy Policy outlines how Auctera handles data across our Demand Side Platform, Affiliate Network, and Corporate Website.
          </p>
        </div>
      </section>

      <section className="section" style={{paddingTop: 0}}>
        <div className="container" style={{maxWidth: 1000}}>
          <div className="legal-layout">
            <div className="legal-nav hide-md" style={{position: "sticky", top: 120, alignSelf: "start"}}>
              <div className="mono" style={{marginBottom: 16, color: "var(--muted)"}}>CONTENTS</div>
              <ul style={{listStyle: "none", padding: 0, margin: 0, display: "flex", flexDirection: "column", gap: 12}}>
                <li><a href="#introduction" style={{color: "var(--ink)", textDecoration: "none", fontSize: 15, fontWeight: 500}}>1. Introduction & Scope</a></li>
                <li><a href="#data-collection-dsp" style={{color: "var(--ink)", textDecoration: "none", fontSize: 15, fontWeight: 500}}>2. DSP Data Collection</a></li>
                <li><a href="#data-collection-affiliate" style={{color: "var(--ink)", textDecoration: "none", fontSize: 15, fontWeight: 500}}>3. Affiliate Network Data</a></li>
                <li><a href="#corporate-data" style={{color: "var(--ink)", textDecoration: "none", fontSize: 15, fontWeight: 500}}>4. Corporate & Site Data</a></li>
                <li><a href="#data-usage" style={{color: "var(--ink)", textDecoration: "none", fontSize: 15, fontWeight: 500}}>5. How We Use Data</a></li>
                <li><a href="#sharing" style={{color: "var(--ink)", textDecoration: "none", fontSize: 15, fontWeight: 500}}>6. Data Sharing & Disclosure</a></li>
                <li><a href="#cookies" style={{color: "var(--ink)", textDecoration: "none", fontSize: 15, fontWeight: 500}}>7. Cookies & Tracking</a></li>
                <li><a href="#security" style={{color: "var(--ink)", textDecoration: "none", fontSize: 15, fontWeight: 500}}>8. Data Security & Retention</a></li>
                <li><a href="#international" style={{color: "var(--ink)", textDecoration: "none", fontSize: 15, fontWeight: 500}}>9. International Transfers</a></li>
                <li><a href="#rights-eu" style={{color: "var(--ink)", textDecoration: "none", fontSize: 15, fontWeight: 500}}>10. EU/UK User Rights (GDPR)</a></li>
                <li><a href="#rights-us" style={{color: "var(--ink)", textDecoration: "none", fontSize: 15, fontWeight: 500}}>11. US State Privacy Rights</a></li>
                <li><a href="#children" style={{color: "var(--ink)", textDecoration: "none", fontSize: 15, fontWeight: 500}}>12. Children's Privacy</a></li>
                <li><a href="#changes" style={{color: "var(--ink)", textDecoration: "none", fontSize: 15, fontWeight: 500}}>13. Policy Updates</a></li>
                <li><a href="#contact" style={{color: "var(--ink)", textDecoration: "none", fontSize: 15, fontWeight: 500}}>14. Contact Information</a></li>
              </ul>
            </div>
            <div className="legal-text" style={{fontSize: 16, lineHeight: 1.8, color: "var(--ink)"}}>
              <h2 id="introduction" style={{marginTop: 0}}>1. Introduction & Scope</h2>
              <p>Welcome to Auctera. This Privacy Policy ("Policy") describes how Auctera, its affiliates, and subsidiaries (collectively, "Auctera", "we", "us", or "our") collect, use, process, share, and protect personal data. This Policy is designed to comply with global data protection regulations, including but not limited to the General Data Protection Regulation (GDPR), the California Privacy Rights Act (CPRA), the Virginia Consumer Data Protection Act (VCDPA), and other applicable frameworks.</p>
              <p>This Policy applies to our diverse suite of products and services, primarily categorized into three operational domains:</p>
              <ol>
                <li><strong>The Auctera Demand Side Platform (DSP):</strong> Our programmatic advertising platform, RTB infrastructure, and cross-channel frequency capping tools.</li>
                <li><strong>The Auctera Affiliate Network:</strong> Our performance marketing infrastructure connecting advertisers with publishers via tracked attribution links.</li>
                <li><strong>The Auctera Corporate Website:</strong> This website (auctera.io) and related subdomains used for corporate communications, sales, and general visitor interaction.</li>
              </ol>
              <p>Please read this Policy carefully. By using our services, accessing our platforms, or interacting with our digital properties, you acknowledge that you have read and understood the data practices described herein. If you do not agree with these practices, you must not use our services.</p>

              <h2 id="data-collection-dsp" style={{marginTop: 48}}>2. DSP & Programmatic Data Collection</h2>
              <p>Auctera operates an industry-leading Demand Side Platform (DSP) that facilitates real-time bidding (RTB) and programmatic media buying. In this capacity, we process vast amounts of digital advertising data to serve relevant ads, measure campaign performance, and prevent ad fraud. We do not generally collect "directly identifiable" information (like names or emails) through the DSP unless provided voluntarily via a lead generation ad format. Instead, we collect pseudonymous identifiers.</p>
              <h3>Types of DSP Data Collected:</h3>
              <ul>
                <li><strong>Bidstream Data:</strong> Data received from Supply Side Platforms (SSPs) and ad exchanges during the real-time bidding process. This includes device type, operating system, browser type, IP address (often truncated or hashed), and general location data (e.g., city, region, or zip code level).</li>
                <li><strong>Unique Identifiers:</strong> Mobile advertising IDs (e.g., Apple IDFA, Google AAID), cookie IDs, proprietary Auctera D-REVX IDs, and third-party deterministic or probabilistic identifiers used for cross-device graphing.</li>
                <li><strong>Contextual & Behavioral Data:</strong> Information about the website URL or mobile application where an ad is displayed, the content category of that property, and inferred user interests based on browsing history or app usage.</li>
                <li><strong>Interaction Data:</strong> Metrics regarding how an end-user interacts with an advertisement, including impressions served, clicks, video completion rates, hover times, and post-click conversion events.</li>
                <li><strong>Fraud Prevention Signals:</strong> Telemetry data used by our pre-bid IVT (Invalid Traffic) shield, including device orientation, touch events, connection speed, and bot-detection heuristics to ensure human interaction.</li>
              </ul>
              <p>We aggregate and analyze this pseudonymous data within our D-REVX Data Layer to optimize bidding algorithms, enforce frequency capping across channels, and provide transparent attribution reporting to our advertisers.</p>

              <h2 id="data-collection-affiliate" style={{marginTop: 48}}>3. Affiliate Network & Performance Data</h2>
              <p>The Auctera Affiliate Network connects premium advertisers with elite publishers to drive measurable actions (e.g., sales, leads, app installs) via a Cost-Per-Action (CPA) model. To facilitate accurate tracking, attribution, and payout calculations, we collect specific interaction data when end-users interact with publisher affiliate links.</p>
              <h3>Types of Affiliate Data Collected:</h3>
              <ul>
                <li><strong>Click and Referral Data:</strong> When an end-user clicks an Auctera tracking link, we log the referring URL, the destination URL, the time of the click, and a unique transaction ID.</li>
                <li><strong>Device Information:</strong> We log the end-user's IP address, User-Agent string (browser and OS details), and screen resolution to aid in probabilistic attribution and fraud detection.</li>
                <li><strong>Conversion Data:</strong> When an end-user completes a desired action on an advertiser's site (a "conversion"), the advertiser fires an Auctera postback pixel. This transmits the transaction ID, conversion amount, currency, and sometimes an anonymized order ID.</li>
                <li><strong>Publisher & Advertiser Account Data:</strong> For the businesses operating on our network, we collect corporate entity names, contact details, payment routing information (bank accounts, PayPal, wire details), and tax identification numbers (W-9/W-8BEN forms) to facilitate legal payouts.</li>
              </ul>

              <h2 id="corporate-data" style={{marginTop: 48}}>4. Corporate Website & Direct Interactions</h2>
              <p>When you visit auctera.io, request a demo, or contact our sales team, you are interacting directly with us as a B2B prospect or partner. In these scenarios, we act as a Data Controller and collect direct personal information.</p>
              <h3>Information You Provide:</h3>
              <ul>
                <li><strong>Contact Information:</strong> Name, business email address, corporate phone number, job title, and company name submitted via our "Contact Sales" or "Registration" forms.</li>
                <li><strong>Communications:</strong> The contents of emails, chat transcripts, or support tickets you send to our team.</li>
                <li><strong>Account Credentials:</strong> Usernames and passwords created to access the D-REVX terminal or the Affiliate dashboard.</li>
              </ul>
              <h3>Information Collected Automatically:</h3>
              <p>Like most enterprise websites, we use essential and analytical cookies to understand how visitors navigate our corporate site. This includes logging pages visited, time spent on site, referring domains, and general geographic locations based on IP addresses. For granular details on our cookie usage, please review our comprehensive <a href="company-cookies">Cookie Policy</a>.</p>

              <h2 id="data-usage" style={{marginTop: 48}}>5. How We Use Data</h2>
              <p>Auctera strictly limits the use of collected data to the purposes disclosed in this Policy. Our primary objective is to provide secure, transparent, and high-performance advertising technology infrastructure.</p>
              <h3>For Programmatic & Affiliate Operations:</h3>
              <ul>
                <li><strong>Ad Serving & Real-Time Bidding:</strong> To evaluate bid requests in milliseconds, determine ad relevance, and deliver creative assets to publisher properties.</li>
                <li><strong>Attribution & Measurement:</strong> To track which ad impressions or affiliate clicks led to a conversion, ensuring advertisers only pay for verified performance and publishers receive accurate commissions.</li>
                <li><strong>Cross-Device Graphing:</strong> Utilizing the D-REVX Data Layer to understand when multiple devices (e.g., a smartphone and a laptop) belong to the same household or individual, enabling cohesive frequency capping and retargeting sequences.</li>
                <li><strong>Fraud Detection:</strong> To deploy our Pre-Bid IVT Shield, identifying botnets, click farms, domain spoofing, and other fraudulent activities that harm the advertising ecosystem.</li>
                <li><strong>Billing & Settlement:</strong> To generate invoices for advertisers, calculate margins, and execute mass payouts to global publishers.</li>
              </ul>
              <h3>For Corporate & Business Operations:</h3>
              <ul>
                <li><strong>Service Provisioning:</strong> To create and manage your Auctera platform accounts and provide technical support.</li>
                <li><strong>Marketing & Sales:</strong> To send promotional materials, industry insights, or sales outreach to B2B prospects who have opted in or have a legitimate business interest. You may opt out of these communications at any time.</li>
                <li><strong>Legal Compliance:</strong> To comply with tax reporting obligations (e.g., IRS 1099 generation), respond to lawful subpoenas, and enforce our Master Service Agreements.</li>
              </ul>

              <h2 id="sharing" style={{marginTop: 48}}>6. Data Sharing & Disclosure</h2>
              <p>Auctera does not sell your personal data in the traditional sense (e.g., selling lists of names and emails to data brokers). However, the nature of programmatic advertising and affiliate networks inherently requires the sharing of pseudonymous data within the digital ecosystem.</p>
              <h3>We may share data with:</h3>
              <ul>
                <li><strong>Supply Side Platforms (SSPs) & Ad Exchanges:</strong> We share bid responses containing pricing, creative markup, and sometimes synchronized cookie IDs to participate in RTB auctions.</li>
                <li><strong>Advertisers & Agencies:</strong> We provide our clients with aggregated and granular reporting on campaign performance. This includes conversion logs, site-level performance, and attribution paths, but strictly excludes directly identifiable end-user data unless explicitly provided via a lead gen ad.</li>
                <li><strong>Publishers:</strong> We share aggregated performance data and postback URLs with affiliate publishers so they can optimize their traffic sources.</li>
                <li><strong>Infrastructure Providers:</strong> We utilize top-tier cloud providers (e.g., AWS, Google Cloud), Content Delivery Networks (CDNs), and database infrastructure partners to host the D-REVX Data Layer securely. These sub-processors are bound by strict Data Processing Agreements (DPAs).</li>
                <li><strong>Third-Party Measurement & Verification:</strong> We may integrate with third-party viewability and brand safety vendors (e.g., Integral Ad Science, DoubleVerify) to validate inventory quality.</li>
                <li><strong>Legal & Regulatory Authorities:</strong> We may disclose data if required to do so by law, or in the good faith belief that such action is necessary to comply with legal obligations, protect the rights of Auctera, or ensure the safety of the public.</li>
              </ul>

              <h2 id="cookies" style={{marginTop: 48}}>7. Cookies & Tracking Technologies</h2>
              <p>Auctera employs cookies, web beacons, mobile SDKs, and server-to-server tracking APIs to facilitate its operations. Within the DSP context, we use third-party cookies to sync user identities across exchanges and manage frequency capping. Within the Affiliate Network, we rely heavily on first-party cookies, postback URLs, and cookieless server-side tracking to ensure accurate attribution in an era of stringent browser privacy controls (like Safari ITP and Firefox ETP).</p>
              <p>Because the technical specifics of our tracking infrastructure are extensive, we have dedicated an entire document to this topic. Please read our detailed <a href="company-cookies">Cookie Policy</a> for a comprehensive breakdown of our tracking methodologies, cookie lifespans, and opt-out instructions.</p>

              <h2 id="security" style={{marginTop: 48}}>8. Data Security & Retention</h2>
              <h3>Security Measures</h3>
              <p>Auctera implements enterprise-grade technical and organizational measures designed to secure your data against accidental loss, unauthorized access, alteration, and disclosure. Our security posture includes:</p>
              <ul>
                <li><strong>Encryption:</strong> All data in transit is encrypted using TLS 1.3. Sensitive data at rest (such as billing details and passwords) is encrypted using AES-256 and one-way hashing algorithms (e.g., bcrypt).</li>
                <li><strong>Access Controls:</strong> Access to the D-REVX Data Layer and production databases is restricted via strict Role-Based Access Control (RBAC), multi-factor authentication (MFA), and zero-trust VPN architectures.</li>
                <li><strong>Audits & Monitoring:</strong> We conduct regular vulnerability scanning, penetration testing, and continuous monitoring of our infrastructure for anomalous activities indicating a potential breach.</li>
              </ul>
              <h3>Data Retention</h3>
              <p>We retain data only for as long as necessary to fulfill the purposes outlined in this Policy, unless a longer retention period is required by law. Our standard retention schedules are as follows:</p>
              <ul>
                <li><strong>Bidstream & Log Data:</strong> Raw bidstream data is typically aggregated or purged within 30 to 90 days.</li>
                <li><strong>Cookie & Identifier Data:</strong> DSP tracking cookies generally expire within 13 months from the last interaction.</li>
                <li><strong>Conversion & Affiliate Data:</strong> Transaction logs are retained for up to 7 years to comply with accounting, tax, and anti-fraud legal requirements.</li>
                <li><strong>Corporate Account Data:</strong> Retained for the duration of the active business relationship and for a period thereafter as necessary to resolve disputes and enforce agreements.</li>
              </ul>

              <h2 id="international" style={{marginTop: 48}}>9. International Data Transfers</h2>
              <p>Auctera is a global company. Data we collect may be transferred to, stored, and processed in the United States, the European Union, Singapore, and other regions where we or our sub-processors operate facilities.</p>
              <p>For individuals residing in the European Economic Area (EEA), the UK, or Switzerland, please note that your data may be transferred outside of these regions. When such transfers occur, Auctera ensures an adequate level of protection is applied by utilizing approved transfer mechanisms, including:</p>
              <ul>
                <li>Executing the European Commission's Standard Contractual Clauses (SCCs) with our sub-processors and data partners.</li>
                <li>Relying on adequacy decisions issued by relevant regulatory bodies.</li>
                <li>Implementing supplementary technical measures, such as data pseudonymization and localized edge computing where feasible.</li>
              </ul>

              <h2 id="rights-eu" style={{marginTop: 48}}>10. EU, UK, and Swiss User Rights (GDPR)</h2>
              <p>If you are located in the EEA, the UK, or Switzerland, the GDPR grants you specific rights regarding your personal data. Where Auctera acts as a Data Controller, you have the right to:</p>
              <ul>
                <li><strong>Access:</strong> Request a copy of the personal data we hold about you.</li>
                <li><strong>Rectification:</strong> Request correction of inaccurate or incomplete data.</li>
                <li><strong>Erasure ("Right to be Forgotten"):</strong> Request the deletion of your personal data, subject to certain legal exceptions.</li>
                <li><strong>Restriction:</strong> Request that we restrict the processing of your data under certain circumstances.</li>
                <li><strong>Data Portability:</strong> Request to receive your data in a structured, commonly used, and machine-readable format.</li>
                <li><strong>Objection:</strong> Object to our processing of your data based on legitimate interests or for direct marketing purposes.</li>
                <li><strong>Withdraw Consent:</strong> If processing is based on consent, withdraw it at any time (without affecting the lawfulness of processing prior to withdrawal).</li>
              </ul>
              <p>To exercise these rights regarding your corporate account, please email <strong>privacy@auctera.io</strong>. Regarding pseudonymous ad-tracking data, because we cannot tie an IP address or cookie ID to a named individual without additional context, we rely on industry-standard opt-out frameworks (like the IAB TCF or NAI opt-out tools) to honor data subject requests.</p>

              <h2 id="rights-us" style={{marginTop: 48}}>11. US State Privacy Rights (CCPA/CPRA, VCDPA, etc.)</h2>
              <p>Residents of California, Virginia, Colorado, Connecticut, Utah, and other applicable US states have specific rights regarding their personal information. Under the CCPA/CPRA, personal information is defined broadly and may include pseudonymous digital identifiers.</p>
              <h3>Your US State Rights:</h3>
              <ul>
                <li><strong>Right to Know:</strong> You may request details about the categories and specific pieces of personal information we have collected, the sources of that information, our business purposes, and the categories of third parties with whom we share it.</li>
                <li><strong>Right to Delete:</strong> You may request the deletion of your personal information.</li>
                <li><strong>Right to Correct:</strong> You may request correction of inaccurate personal information.</li>
                <li><strong>Right to Opt-Out of Sale or Sharing:</strong> Auctera does not "sell" data for monetary consideration. However, sharing pseudonymous identifiers for cross-context behavioral advertising may be considered "sharing" under the CPRA. You have the right to opt-out of this sharing.</li>
                <li><strong>Right to Non-Discrimination:</strong> We will not discriminate against you for exercising your privacy rights.</li>
              </ul>
              <p><strong>How to Opt-Out:</strong> If you are a consumer wishing to opt-out of cross-context behavioral advertising facilitated by the Auctera DSP, you may do so via the <a href="https://optout.networkadvertising.org/" target="_blank">NAI Consumer Opt-Out Page</a> or the <a href="https://optout.aboutads.info/" target="_blank">DAA WebChoices Tool</a>. You may also enable Global Privacy Control (GPC) signals in your browser, which our systems recognize and honor.</p>

              <h2 id="children" style={{marginTop: 48}}>12. Children's Privacy</h2>
              <p>Auctera's services are designed for businesses and adult consumers. We do not knowingly collect, process, or target advertising based on the personal data of children under the age of 16 (or higher age thresholds as defined by local laws like COPPA). If we discover that we have inadvertently collected data from a child under the applicable age threshold, we will take immediate steps to delete that information from our servers. If you believe we may have collected data from a child, please contact us immediately.</p>

              <h2 id="changes" style={{marginTop: 48}}>13. Policy Updates</h2>
              <p>We may update this Privacy Policy from time to time to reflect changes in our technology, business practices, or legal requirements. When we make material changes, we will revise the "Last Updated" date at the top of this document. If the changes significantly alter how we process your previously collected data, we will provide more prominent notice (e.g., via email notification to registered account holders or a prominent banner on our corporate website). We encourage you to review this Policy periodically to stay informed about our data protection practices.</p>

              <h2 id="contact" style={{marginTop: 48}}>14. Contact Information</h2>
              <p>If you have any questions, concerns, or requests regarding this Privacy Policy, our data practices, or your legal rights, please contact our Data Protection Officer (DPO) and privacy team.</p>
              <p>
                <strong>By Email:</strong><br/>
                privacy@auctera.io<br/><br/>
                <strong>By Mail:</strong><br/>
                Auctera LLC<br/>
                Attn: Privacy Department & Data Protection Officer<br/>
                New York, NY, United States
              </p>
              <p>If you reside in the EU/UK and feel that our processing of your personal data infringes data protection laws, you have the legal right to lodge a complaint with a supervisory authority responsible for data protection in your country of residence.</p>
            </div>
          </div>
        </div>
      </section>

      <Footer basePath="./" />
    </>
  );
}
ReactDOM.createRoot(document.getElementById("root")).render(<Page/>);