Updated September 27, 2018
ShareThis takes privacy seriously. This Privacy Notice governs the main privacy principles and details we apply to the data we collect and process through the ShareThis social sharing tools for publishers. ShareThis may change this Notice from time to time by updating this page. You should check this page from time to time to ensure that you are up to date with any changes. ShareThis does not collect any data that makes you contactable, such as names, addresses, payment or similar information.
ShareThis is a company operating in the field of data analytics and technology. We collect data through our sharing tools from our extensive publisher network, we apply data science to the data and we process it to our downstream partners for insights and targeting activities.
About ShareThis Social Sharing Tools
ShareThis provides a customizable social sharing tool, making sharing online content simple. You can easily share anything on the web with your friends on social sites, such as Facebook, Twitter, Email, Digg, Reddit and more through one tool (“ShareThis Icon”). In addition to the sharing service offered directly to you, our technology also allows us to gather information regarding the browsing and sharing from those websites that use our ShareThis Icon or our advertising technology (“Publishers”). This enables ShareThis, Publishers, advertisers, and data partners to facilitate the delivery of relevant, targeted advertising, analytics, and data modeling based on this social sharing (collectively “ShareThis Publisher Applications”).
You can recognize the websites which use the ShareThis Publisher Applications by the ShareThis Icon on the website.
Without identifying who you are by name, email or phone number we aim to display to you products and/or services that you might be interested in, based on your recent browsing and/or sharing behavior,. This is often called interest-based advertising (“IBA”) or online behavioral advertising (“OBA”). For more information on IBA/OBA, click here.
We collect information via technical cookies placed on your browser, pixel tags, HTTP headers (or other communication protocols), and browser identifiers. We do not use flash cookies or other locally stored objects (LSO) that may be used to circumvent user opt-out choices.
Web Environment: (desktop, tablet, and smartphone browsers)
ShareThis uses browser cookies to “tag” visitors on the websites that use ShareThis Publisher Applications. These users are given a technical identifier, such as C62414AY9324FB5671069928026P0067.
This browser cookie tracks the user’s browsing data. Pixel tags are then used to transfer this browsing data from visitors of Publishers’ websites to ShareThis and our data partners.
About the Technology:
Cookies: Small text files that contain a string of characters and uniquely identify a browser. Cookies are sent to a computer by website operators or third parties. Most browsers are initially set up to accept cookies. However, you may be able to change your browser settings to refuse third-party cookies. Check your browser’s “Help” files to learn more about handling cookies on your browser.
Pixel tags are small blocks of code on a webpage that allow websites to do things like read and place cookies. The resulting connection can include information such as the person’s IP address, the time the person viewed the pixel and the type of browser being used.
HTTP headers: Components of the header section that are transmitted whenever a webpage is viewed, and contain technical information required for communication between a client (your computer or device) and a server (the webpage you visit). This information may include information about the browser, the requested webpage, server and other information the third party knows about you, your computer or device.
Note: ShareThis does not use persistent identifiers like a carrier or device ID to revive a previously opt-out profile or deleted cookie.
Statistical IDs: IDs created via an algorithm using information about your computer or device. This information makes your computer or device distinct enough for our systems to determine within a reasonable probability that they are encountering the same computer or device. These statistical IDs are not 100% accurate. We may use statistical IDs for Publisher analytics and aggregate analytics. We collect this data to measure insights on the browsing and sharing activity from Publisher websites.
Please keep in mind that your web browser may not permit you to block the use of these statistical IDs, and those browser settings that block cookies may have no effect on such techniques.
Other Environments: (Mobile applications)
To serve ads in mobile applications identifiers may be used, such as Google Advertising ID or Apple IDFA, depending on the operating system of your mobile device. The advertiser identifier identifies your device but not you and can be reset by you. See your device manufacturer for more information.
Linking Environments: (browsers and mobile apps used)
To serve you personalized advertisements and provide a seamless online experience, third party data partners that we work with may link your identifiers on the different environments you use. We may enable the linking of our Usage Data through cookie syncing. We do not use plain text personal information such as your name or address to operate the linking. Our data partners may use exact linking methods by leveraging the technical data collected through our technology such as advertising partner identifiers.
Our data partners are members of the NAI or DAA and you can opt out of our tracking and theirs through NAI or DAA opt out mechanisms described in User Choices.
Data Collection and Use
We collect registration information and Usage Data (defined below). Your registration information is not connected to Usage Data.
Usage Data. Data that does not directly identify an individual. We collect and use technical data relating to some of your browsing to display personalized advertisements, provide analytics, and data modeling based on social sharing, by us or third parties.
In the EU/EEA, usage data would be considered as information relating to an identified or identifiable natural person, therefore it would be personal data (for example, cookies, device IDs, IP address).
We do not at any point collect contact information such as your name, address, phone number, address, credit card information, or anything else that can allow us or our clients to contact you directly.
How Data is Collected
Your name, email, and other registration information:
Many of our services can be used without registering with us. However, if you want to use some of our enhanced features you will need to register with us. If you choose to register with us, you affirm that you are 16 years of age or older. We do not sell or share registration information with third parties for marketing purposes.
Keep in mind, whenever you voluntarily post personal information in public areas, like blogs, social media, message boards, and forums, you should be aware that this information can be accessed by anyone with access to those places. Be careful how you share.
Emails from Users with ShareThis Icon:
When you share to email with the ShareThis Icon, you choose how to connect to email from your device. We do not verify your identity to that email account. We are not responsible for the information shared by users via the ShareThis Publisher Applications.
We collect data when your device visits our website, uses or interacts with our services (including sharing content with the ShareThis Icon), when your device visits Publishers’ websites that use ShareThis Publisher Applications, and when your device views or clicks advertisements that we serve or are served on our behalf.
In the EU/EEA, Publishers make the ShareThis Publisher Applications available on their site to facilitate browsing and sharing content from their website and are required to have a legal base to do so; if their legal base is consent, then they need to deploy consent mechanisms such as cookie banners or CMPs, as applicable by local law.
In order for ShareThis to process your data, you would have consented to data processing and accepting cookies or similar technologies from one of the publishers that participates in our program.
Usage Data may include, without limitation:
- Unique IDs of a cookie placed on a web browser (example: 37d387ca-f68a-11e5-b87d-0e58954c72b1)
- Webpages viewed (including the URL addresses of such pages)
- Search queries from which users are directed to a page
- Navigation from page to page through the ShareThis services
- Time spent on each page
- Items clicked or selected
- Content highlighted
- IP addresses
The information listed above does not directly identify an individual and is not considered to be personal information in many jurisdictions in which we operate.
Important notice for EU/EEA residents: part of this information is considered “personal data” in the EU/EEA, such as cookies, IP addresses, device IDs. Specific types of the information listed above, such as Internet Protocol (IP) address, may be considered personal information in some parts of the world or if combined with other information. In such cases, we treat this information as personal information.
ShareThis is aware of the sensitivity of certain types of data. We do not create interest segments that reflect sensitive personal data, based on local jurisdictions. While types of data considered sensitive may vary among users, we presently treat data as sensitive if it includes sensitive health information (such as a serious medical condition like cancer); certain aspects of a user’s personal life (such as sexual orientation) or financial situation (such as credit, insurance or employment eligibility); or “adult” products or services.
In the EU/EEA, we do not collect nor process any personal sensitive data, we do not create segments of EU consumers based on personal data considered to be sensitive (e.g data consisting of racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, genetic data, biometric data, data concerning health or data concerning a natural person’s sex life or sexual orientation).
Click here to view the list of health and wellness interest data segments available by ShareThis in such jurisdictions.
ShareThis does not intentionally collect data from, and does not tailor any segments to children under 16 years of age.
Business contacts data:
In the EU/EEA, we may hold your personal data if you are having business relations with us. You could be a client or a prospect. We may need that data in order to communicate, invoice, manage contracts, offer products and services. You could be a publisher, a data provider, a social media platform, an agency, an advertiser etc and we would require your personal data in order to maintain that relationship. The personal data we hold about you refers to your professional life (name, email address, billing address, office address, phone numbers, title, company you work for). We would have collected that information from exchanging emails or business cards, meeting at industry meetings or client sessions etc.
Under the GDPR (European regulation), we are not required to obtain your consent in order to hold and carry on processing that data held for business purposes. Still you can always exercise your data subjects’ rights and ask for removal or erasure or any of your rights of that personal data by writing to us at email@example.com.
We will delete your data two years after the last contact and six years after the end of the contractual relationship.
If you are an employee of ShareThis, in the US or in Europe, we advise you to refer to our HR policy and the clauses regarding data protection on your employment contract (available with our HR department).
How Data is Used
We use your Registration Information: a) to fulfill requests for our services; b) to communicate with you and respond to your inquiries; c) to conduct research about the use of our services; d) to enable you to create an account, store log-in credentials, and customize your ShareThis services; e) to contact you from time to time about ShareThis services; and f) for ShareThis to provide offers for products and services of ShareThis and our partners that may be of interest to you. If you decide to share your interests and your profile information with your friends on ShareThis, we will display your profile information as per the preferences you set in your account. You can control the types of certain emails you receive by clicking on links in the emails, although you agree that we may always contact you to provide you with important information or notices required by ShareThis.
ShareThis uses the usage data we collect and information collected from our third-party partners to create audience segments and to otherwise enable interest-based advertising (“Usage Data”).
Audience segments are groups of users and certain general interest categories that we have inferred based on the following:
a) demographic or interest data
b) a general geographic location derived from your IP address
c) the pages you view and links you click, and/or search terms you enter when using certain services.
These audience segments do not contain Personal Information; they are tied to a device, not a person. Audience segments are not tied to Registration Information.
We may also employ Usage Data for research and development purposes, for our internal operational purposes, and to create aggregate statistics for market research or analytics services. These aggregated statistics do not include information that directly identifies an individual (although certain kind of data we collect would be considered as identifiable in the EU/EEA). We offer some of the Usage Data to Our customers for their own internal analytics or data modeling. In such cases, we contractually prohibit the customers from re-identifying you without your opt in consent.
Browser environment: (desktop, tablet, and smartphone browsers)
When you opt out as instructed in this section, an opt-out cookie will be set on your browser. We must maintain the opt-out cookie on your browser in order to recognize you as having opted out from our service. The ShareThis opt-out cookie is like any other cookie; therefore, if you clear that cookie from your browser, use a different internet browser, or use a new computer to access the internet you must opt out again.
You can also opt out by visiting the following links.
The opt-out tools above are currently cookie-based, and prevent ShareThis from using Usage Data for interest-based advertising on the browser on which they are installed. As a result, the opt out will only function if your browser is set to accept third-party cookies, and may not function where cookies are sometimes automatically disabled or removed (potentially without your knowledge), like Safari. If you delete cookies, change your browser settings, switch browsers or computers, or use another operating system, you will need to opt out again.
While the opt-out methods described above often work for mobile web browsing, they are cookie-based and are therefore less reliable in mobile “app” environments that may not accept interest-based advertising cookies.
Instead, you can typically opt out at the mobile platform level by the limit ad tracking within the settings function, as described below. Though we do not collect data from mobile apps for interest-based advertising, we or third parties we work with may use such data collected by others in delivering interest-based ads.
Most Android Users:
To use the “opt-out of interest-based advertising” option, follow the instructions provided by Google here: Google Play Help.
Please note that this is a device setting and will disable interest-based ads from all providers, and not just for ShareThis.
iOS users: (version 6 and above)
To use the “Limit Ad-Tracking” option, follow the instructions provided by Apple here: Apple Support Center.
Please note that this is a device setting and will disable interest-based ads from all providers, and not just for ShareThis.
Do Not Track and Cookie Blocking:
ShareThis does not process do-not-track signals from browsers. If you block third-party cookies from being set on your browser, you may not be able to enjoy some features or functionality. Blocking cookies will also block the function of our opt-out, which is an opt-out cookie. Check your browser’s “Help” files to learn more about handling cookies on your browser.
The Ghostery browser extension is also a good tool to see a list of all third-party cookies on each website you visit and allows you to selectively opt out.
Corporate Website Collection and Use
You can browse the ShareThis corporate website (ShareThis.com) without providing any personal information. You may choose to provide this information to us voluntarily if you interact with ShareThis.com in certain ways, such as applying for employment with ShareThis, or using one of our contact forms. For EU/EEA residents, we have defined retention policies for keeping these forms. To facilitate your purpose in communicating with us, the registration data collected is your name and email address.
This information is used only for the reasons it was collected, such as responding to your communication, and is not shared with third parties other than to fulfill the purpose for which it was collected.
This Privacy Notice does not apply to the privacy practices of other websites or of third parties who collect information on ShareThis.com. We encourage you to visit the applicable policies of those third parties, or visit www.aboutads.info to learn more about interest-based advertising and to see your opt-out choices from other participating companies that may be collecting and using data on ShareThis.com.
Data Sharing or Disclosure
We share Usage Data, including audience segments, with advertisers, Publishers, and other data partners (all, “Our Customers”) for interest-based advertising, analytics and data modeling.
We share pseudonymized Usage Data, including audience segments, with advertisers, Publishers, and other data partners (all, “Our Customers”) for interest-based advertising, analytics and data modeling. In the European Union, we may transfer Usage Data to other data controllers or processors with whom we have business relationships and as long as the users have consented for their personal data to those business partners of ours.
We provide data to other companies inside and outside the EU and the US that require access to data in order to assist us in providing our services. In each case, we have safeguards in place which allow those transfers to happen in a way that ensures data is handled in accordance with the applicable law. Those categories of data partners would be: clients, advertisers, agencies, agency trading desks, DMPs, DSPs, data aggregators, technology providers etc.
Our Customers may use third-party service providers, acting on their behalf, to display advertising or other content that reflects users in an audience segment.
We also provide analytics to help Publishers to better understand the use and interactions on their website. We may offer aggregate browsing data so a Publisher may know the people most likely to share their content with their friends when they are, for example, soccer fans.
When we share Usage Data with Our Customers, we contractually prohibit them from re-identifying you (with your name, address, email, phone or other directly identifying information) without opt-in consent from you, unless the Usage Data is only from their website.
Please review some of our partner policies for more information:
We also share Usage Data with third-party service providers (e.g., data storage and processing facilitates or modeling vendors) in order for those service providers to perform business functions for ShareThis or on behalf of ShareThis customers. We require them to use it only for the purposes of providing services to us and to implement security controls and to maintain the confidentiality of that information.
ShareThis may use or disclose registration information and/or Usage Data as we believe to be necessary or appropriate: (a) under applicable law, including laws outside your country of residence; b) to comply with legal process; c) to respond to requests from public and government authorities, including public and government authorities outside your country of residence to meet national security and/or law enforcement requirements; d) to enforce our terms and conditions; e) to protect our operations or those of any of our affiliates, you or others; f) to allow us to pursue available remedies or limit the damage that we may sustain; and g) as part of a merger, acquisition, or sale of assets.
Data Security and Retention
The security of your information is a high priority to ShareThis. We do not process any information which could be used by ShareThis, directly or indirectly, with the help of any third party or otherwise, to determine the identity of users. We have implemented industry-standard security measures.
While no transmission of data over the Internet is guaranteed to be completely secure, we do strive to protect your data. It may be possible for third parties not under the control of ShareThis to unlawfully intercept or access transmissions of private communications. ShareThis cannot ensure or warrant the security of information you transmit to us.
We believe Usage Data is relevant for up to 13 months so we retain that data for up to 13 months from the date of collection. Our cookies expire 13 months after they are last updated.
Aggregated, de-identified data (which is not connected to an individual or device, neither identified nor identifiable, and cannot be re-identified, and would not be considered personal data anymore in the EU/EEA under the GDPR) for reporting may be retained for a longer period.
Outside of the EU/EEA, we may permit some of our customers to retain Usage Data for longer periods of time for limited purposes such as seasonal or cyclical interest-based advertising campaigns or internal analytics and model development. Such customer’s deletion of this Usage Data is done per their posted privacy policies or other retention periods they communicate publicly.
We will retain registration information as long as you have an active account with us. If you have not logged into any of our services with your username and password for a period of 14 consecutive months, we may deem your account as being inactive. Once we deem your account inactive, we may delete your registration information, including any data you may have saved, without any liability to you.
You always have the option to cancel your account with us at any time. Simply sign into the site and click on the My Account at the top of the page. Click on Edit Profile and then select Deactivate Account and follow the instructions. You may also request to have your registration information removed by submitting a request to firstname.lastname@example.org.
Commitments to Privacy Standards
ShareThis promotes transparency and control for users as members of various self-regulatory programs.
ShareThis also participates in and has certified its compliance with the EU-U.S. Privacy Shield Framework. For more information and to view our Privacy Shield policy, expand the section labeled “Additional Information” below.
ShareThis is a member of the following self-regulatory programs:
Network Advertising Initiative (NAI):
ShareThis adheres to the NAI Code of Conduct. NAI offers an online web opt-out platform to allow consumers to express their choices and provides general information related to privacy and Interest Based Advertising.
The Digital Advertising Alliance (DAA):
ShareThis adheres to the Digital Advertising Alliance Self-Regulatory Principles for Online Behavioral Advertising. The DAA opt-out platform offers the consumer a choice page to opt out from advertising services, and general information related to privacy.
ShareThis adheres to the European Interactive Digital Advertising Alliance’s (“EDAA”) principles. The EDAA opt-out platform offers consumers in the European Union a choice page to opt out from advertising services, and general information related to privacy.
For California Users:
California privacy law allows California residents to obtain specific disclosures about a business’s privacy practices if it shares information with other companies for direct marketing purposes. To make a request, please send an email to: email@example.com. Pursuant to California privacy law, registered users under 18 years of age may request to have content or information posted by the user removed from any of our online platforms by sending an email request to: firstname.lastname@example.org. The removal of content does not ensure complete or comprehensive removal of the content posted on any of our line platforms by the registered user. We do not advertise or market any products or services identified in Chapter 22.1 Sec.22580 to users we have actual knowledge are under 18 years of age.
GDPR and EU-US Privacy Shield:
ShareThis, Inc. is committed to protecting data and enabling individual privacy rights in every location we do business. Therefore, we comply with the General Data Protection Regulation and the EU-US Privacy Shield Framework.
Our compliance with the GDPR, which is designed to empower and protect the data privacy rights of EU individuals, is evident with the availability of user consent tools (ShareThis is a registered CMP with the IAB Transparency and Consent Framework) as well as user data access rights outlined throughout this policy and more specifically below.
The GDPR names the following rights:
- The right to be informed
- The right of access
- The right of rectification
- The right of erasure
- The right to restrict processing
- The right to data portability
- The right to object
- The right not to be subject to automated decision-making.
In order to exercise your data subjects’ rights, you can write to us at email@example.com.
For example, on the right to erasure, we would delete your personal data so that the data is permanently anonymized and cannot be de-anonymized. However, because we don’t ever collect your name, email address, address, zip code, we might struggle to identify the personal data you are asking us to erase. Still, please note that under the GDPR we would not attempt to collect more data about you for the sole purpose of responding to a request for erasure.
In compliance with the EU-US Privacy Shield Principles, ShareThis commits to resolve complaints about your privacy and our collecting or use of your personal information. European Union individuals with inquiries or complaints regarding this privacy notice should first contact ShareThis directly at firstname.lastname@example.org. We will respond to your complaint within 30 days of receipt.
We have further committed to refer unresolved privacy complaints under the EU-US Privacy Shield Principles to BBB EU PRIVACY SHIELD, a non-profit alternative dispute resolution provider located in the United States and operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgement of your complaint, or if your complaint is not satisfactorily addressed, please visit www.bbb.org/EU-privacy-shield/for-eu-consumers/ for more information and to file a complaint.
For residual disputes that cannot be resolved by the methods above, under limited circumstances, a binding arbitration option may be available before a Privacy Shield Panel. To find out more about the Privacy Shield’s binding arbitration scheme, please see: https://www.privacyshield.gov/article?id=ANNEX-I-introduction.
The Federal Trade Commission has investigation and enforcement authority over our compliance with the Privacy Shield. We acknowledge the right of EU individuals to access their personal data.
If you wish to access or amend any of your data that we may hold you may contact us as set forth below.
Please note that while any changes you request will be reflected within a reasonable period of time, we may retain information for backups, prevention of fraud and abuse, analytics, or satisfaction of legal obligations.
Vincent Potier (ShareThis DPO): email@example.com
4005 Miranda Avenue
Palo Alto, CA 94304-1227
Please note we may update or change this privacy notice. If we revise our privacy notice, we will post those changes to this privacy statement, and to other places we deem appropriate. If we make material changes, we will notify you by means of a notice on this site prior to the change becoming effective.
Updated September 27, 2018