hurra.com™Privacy policy

Privacy policy of our technologyWhat is privacy policy about?

This Privacy Policy applies to the "OWAPro" technology created, used, and offered by Hurra Communications GmbH (“hurra.com”) and its affiliates. Our technology (including tracking, tag management, web analytics, and web controlling) is used as hurra.com's services on behalf of our clients or by our clients themselves.

When our technology is used for our own website and our own marketing campaigns, hurra.com is a controller in accordance with GDPR.

Hurra Communications GmbH
Lautenschlagerstraße 23a
70173 Stuttgart
Germany
CEO: René Schweier

When our technology is used by and on behalf of our clients, these clients are controllers. In this case, hurra.com is a processor in accordance with Article 28 GDPR.

Data in online marketingWhat data we process

The following personal data categories are processed using OWAPro technology:

  • Online identifiers
    • IP addresses*
    • User ID (cookie)
    • Session ID (cookie)
    • Cross-device user ID*
    • Mobile user ID*
  • Interests and activities
    • Information about the displayed and clicked creative ad
    • Information on the visited pages of a website
    • Information on all viewed products*
    • Information about products added to the shopping cart*
    • Time spent on a web page
    • Previously visited websites (referrers)
    • Actions taken on the website (conversions/events)*
  • Demographic information
    • Gender*
    • Age range*
    • Location information* (Approximated)
    • Region / city of website access
    • ZIP code*
    • Language
  • Device Information
    • Information on the device used during the visit
    • Information on the browser used during the visit
  • Transaction Information
    • Information on products purchased during the visit*
    • Payment method
    • Information on the order amount
    • Date and time of the purchase
    • Client status*
    • Cancellations*

* Processed data depends on the settings, commissioned agency services, or OWAPro services in use.

By default, IP addresses are automatically anonymized by OWAPro and processed only anonymously . Therefore, we erase the last octet (3 digits) of an IP address before we send it to our storage. As a result, a personal reference is no longer accessible. However, hurra.com clients can change this setting themselves in the OWAPro settings or ask hurra.com to do it on their behalf.

Email addresses are exclusively processed in an anonymized form in OWAPro, with the use of a hashing algorithm.

With cross-device tracking, our clients generate or send users pseudonyms to us. The pseudonym is usually generated on the base of a login (e.g., username or email address) by a cryptographic hash algorithm on the client's web server and by the client themselves. By definition, the generated pseudonyms cannot be decrypted so the process is irreversible.

All processed data is pseudonymizedWe do not recognize you personally

OWAPro collects only pseudonymized personal data, which hurra.com cannot use to identify any person.

Our data sourcesHow data is collected

hurra.com collects data in the following ways:

  • Tracking through:
    • Page tag – A tracking tag implemented on our clients' websites.
    • Ad click tag – A click-through URL connected to our clients' ads.
    • Banner view tag – A 1x1 pixel displayed along with a creative ad (banner).
  • File upload – Our client sends us a file with information on canceled (returned) products.
  • Advertising partner data – Our tool connects with ad services to fetch user data.
  • CRM data from our clients.

Web analytics, online marketing controlling, tag managementWhat we do with your data and why we process it

Our technology is used by and/or on behalf of our clients for the following purposes:

1. Performance and optimization

Our purpose is to prepare a cost-benefit analysis of our clients' online marketing campaigns through analyzing user traffic to and on our clients' websites. The kind of data we collect and process depends on the particular implementation of the conversion tracking – which is adjusted to the needs of our clients and their online marketing goals.

This section refers to the following situations described in the next section: 1, 2, 3, 4, 5, and 8.

2. Advertising using first-party data

We collect and process data concerned with user (i.e., your) behavior on our client's website, and we send only your profile ID to our advertising partners. Thanks to information on your experience on our client's website, advertising partners can show you ads which are better suited to your preferences. This section refers to the following situations described in the next section: 6, 7, and 8.

3. Advertising using third-party data

We collect data on user (i.e., your) behavior on our client's website, and send it directly to third-party advertising partners through their marketing tags. Third-party advertising partners use this data to create your user profile (containing basic information valuable for online marketing), which helps our clients to optimize their online marketing strategies.

This section refers to the last situation (9th) described in the next section.

Legal...What is the legal basis for data processing?

The Data Processing Agreement, which we enter with our client, is always our legal basis for data processing. The application of the justified legal basis for processing any data is the controller's (our client's) responsibility. Data processing performed by hurra.com and its affiliates is limited by the law. The possible legal bases include: the controller's legitimate interest, or user (i.e., your) consent, either explicit or implicit. Our recommendations to which situations those legal bases should be applied are listed below.

Our client's legitimate interest, if not outweighed by your interests or fundamental rights and freedoms, applies to:

  1. Ad performance (including TV ads) measuring, reporting, and optimizing ads with the aim to lower costs of communicating with a user (i.e., you) via ads.
  2. Sharing data with third-party advertising partners for ad performance measuring, reporting, and optimizing ads with the aim to lower costs of communicating with a user (i.e., you) via ads. *
  3. Measuring, reporting, and optimizing the inventory of products purchased by a user (i.e., you) and other visitors to our client's website.
  4. Website performance measuring, reporting, and optimizing to enhance user (i.e., your) experience on our client's website.
  5. Our client's customer lifetime value and customer profitability measurement based on data tracked by OWAPro and fetched from our client's CRM with an aim to assess proper decisions regarding marketing costs. *
  6. Creating user (i.e., your) high-level profile based solely on first-party data (e.g., including the information that a user (i.e., you) have added a product to the shopping cart) with an aim to show ads that are better suited to user (i.e., your) preferences (personalized advertising). *

Your consent applies to:

  1. Creating user (i.e., your) low-level profile (i.e., a profile that is more detailed than a high-level profile) based solely on first-party data (e.g., including the information that a user has added a product from a specific category, or within a specific price range to the shopping cart) with an aim to show ads that are better suited to user (i.e., your) preferences (personalized advertising) *
  2. Tracking user (i.e., your) online activity on our client's website or mobile application across multiple devices to better understand user (i.e., your) online behavior on our client's website or mobile application, to create better marketing strategies concerning bidding on ads, and to create better marketing messages and ads. *
  3. Sharing data collected about a user (i.e., you) during the visit on our client's website with third-party advertising partners, who combine data collected by us with data they have collected to be able to create a user (i.e., your) profile with an aim to show ads that are better suited to user (i.e., your) preferences *  

Processing in the European UnionWhere is your data processed by us?

For the EU users, data collection, processing, and storage takes place exclusively in our data centers in Frankfurt (Germany) and/or Kraków (Poland).
For the users from outside the EU, data collection and processing as well as temporary storage are possible if the data has been transmitted to one of our data centers in the EU. There is no permanent data storage outside the EU.

Transmission to third partiesWho may we share your data with?

Hurra Communications GmbH, based in Germany, processes data on behalf of their clients as a digital marketing agency in accordance with the Data Processing Agreement. For that purpose, GmbH cooperates closely with its sub-processor Hurra Communications Sp. z o.o., based in Poland, which is a marketing technology software house. The legal basis for processing personal data by Sp. z o.o. is the Data Processing Agreement between Hurra Communications GmbH and Hurra Communications Sp. z o.o.

If our clients use our OWAPro Tag Manager, data can be passed on to third parties such as Google, Criteo, or Facebook. It is possible that data will also be transmitted to the USA. You can find out which third-party services are used for a specific client in our client's privacy policy.

  • Ad Cash
  • Ad Up /Springer
  • Admeira
  • AppNexus
  • Atlas
  • BusinessAd
  • Channelpilot
  • Criteo
  • Facebook
  • Facelift Cloud
  • Flashtalking
  • GDM
  • Golfpost
  • Google AdWords
  • Google DoubleClick
  • Iconpeak
  • Kenshoo
  • Ligatus
  • LinkedIn
  • Microsoft Bing Ads
  • Mobupps
  • Outbrain
  • Plista
  • Rakuten/ Nextperf
  • Recreativ
  • Remerge
  • RocketX
  • RTB House
  • SEM Scout
  • Seznam
  • Smarter Ecommerce (Whoop)
  • Smartly
  • SnW
  • Soloway
  • Spiegel
  • Taboola
  • TargetMail / Mail RU
  • Tools4Ads
  • Trade Desk
  • Travel Audience
  • Tripadvisor
  • UIM
  • VKontakte
  • Webmedia
  • Webtrekk
  • Yandex

Our advertising partnersHow third parties process your data

If your data is shared with a third-party advertising partner, it is done for the purpose of ad performance optimization as well as for creation of user (i.e., your) profile, which aim is to show you ads that are better suited to your preferences on that third-party advertising partner's websites.

If your profile is created by a third-party advertising partner, it is created based on either data collected by us during your visits to our client's website, or a combined set of data on your visits to our client's website and data collected about you by third-party advertising partners.

Your profile, along with campaign targeting settings, determine which ads will be displayed to you on websites which belong to third-party advertising partners, or to their ad network.

Data retentionHow long we store your data?

Personal data is deleted or anonymized after 18 months. Anonymized data is stored over the duration of the contract concluded between us (hurra.com) and our clients, and after the contract has expired.

CookiesHow we find you

As hurra.com, we use "cookies" and similar technologies to assess the effectiveness of various advertising strategies of our advertising partners. These technologies allow us to measure the advertising reach and effectiveness of online advertising campaigns and websites. 

In some cases, we use cookies to create profiles of visitors to our clients' websites. These profiles are created solely based on data collected from these particular websites. Identifiers of such profiles (without any details about these profiles) are passed on to our advertising partners who then use these identifiers to show users well-matched marketing messages and ads.

We also use cookies to save your set of preferences in Consent Management Tool – a feature which is a part of our tag management solution.

Cookies are used to enable the recognition of an internet browser during a re-visit. These cookies may store unique online identifiers ("cookie ID") and other non-personal information on your device.

Cookies are stored by the web browser on your computer in the form of small text files and are limited to a size of 4 KB per domain. Cookies are plain text files that cannot be used to store or run malicious or executable programs.

We store information about the server that has set the cookie, a name of the cookie and its lifetime, and, depending on the purpose of the cookie, various other non-personal data.

By default, cookies can be read by the web servers that have prompted the web browser to save a cookie. At hurra.com, these are web servers of the hurra.com domain. With the use of a JavaScript code, it is possible to save and read cookies belonging to the domain of a first-party advertising service – the domain that you are visiting.

How long are cookies stored?

Cookies lifetime depends on each cookie's purpose. Exact information about the different types of cookies, their purpose, lifespan, and data they store can be found below.

hurra.com domains cookies

Client Cookie

Designation
Client Cookie
Name
<cid>
Domain
ssl.hurra.com
Lifetime
Default 30 days
Description
Client cookie stores info about click request ID, client ID, channel ID, and expiration date.
Sample
00=cKcEcH8AAAEAAAZZWDYAAABk:C00G3:1326233206

Unique User Cookie

Designation
Unique User Cookie
Name
__uu
Domain
.hurra.com
Lifetime
365 days
Description
Unique User Cookie is used to collect data on a specific user; i.e., their behavior on a website (e.g., bounce rate) and to match this user to specific ad clicks.
Sample
_uu=cKcEcH8AAAEAAAZZWDYAAABk

Post-View-Sale Cookie

Designation
Post-View-Sale Cookie
Name
pvs
Domain
ssl.hurra.com
Lifetime
** minutes
Description
Affiliate-Cookie is used to transfer an affiliated click ID.
Sample
pvs=cKcEcH8AAAEAAAZZWDYAAABk:C00G48:1323643602

Call Minimization Cookie

Designation
Call Minimization Cookie
Name
fr
Domain
ssl.hurra.com
Lifetime
session
Description
Call Minimization Cookie shows whether Local Storage and cookie matching checks were already executed (if applicable for a specific client).
Sample
fr=:::1480082567

Opt-Out Cookie

Designation
Opt-Out Cookie
Name
__coo
Domain
ssl.hurra.com
Lifetime
365 days
Description
Opt-Out Cookie is used to mark the users' lack of consent to data processing.
Sample
__coo=00

Forward Cookie Value

Designation
Forward Cookie Value
Name
fcv
Domain
ssl.hurra.com
Lifetime
12 hours
Description
Forward Cookie is used to transfer tracking parameters.
Sample
fcv=UuhSgQHJAtRTXvmB~dPC2Jn8AAAEAABpZL2YAAAAB

Visit State Cookie

Designation
Visit State Cookie
Name
v<cid>
Domain
ssl.hurra.com
Lifetime
30 minutes
Description
Visit State Cookie is used as a short-term storage of information about an active session.
Sample
v00=AARS58t_AAM~wNi092iTuo_omsDceL9p5g~http

A/B Testing Cookie

Designation
A/B Testing Cookie
Name
__lpo_u
Domain
.hurra.com
Lifetime
365 days
Description
A/B Testing Cookie is used to store variants in A/B and multivariant tests.

Consent Cookie

Designation
Consent Cookie
Name
p<cid>
Domain
.hurra.com
Description
Consent Cookie is used for storing consent information/settings.
Sample
p00=P8PUOB:AAE:AAg

Consent Session Cookie

Designation
Consent Session Cookie
Name
ps<cid>
Domain
.hurra.com
Description
Consent Cookie is used for measuring the interaction of both consented and unconsented users with the interface of the OWAPro Consent Management Tool.
Sample
ps00=ML-PHaM4RvF0uE-Czzzzzzzz

First-party cookies

Client Cookie

Designation
Client Cookie
Name
_HC_<cid>
Lifetime
Default 30 days
Description
Client cookie stores info about click request ID, client ID, channel ID, and expiration date.
Sample
_HC_00=cKcEcH8AAAEAAAZZWDYAAABk:C00G3:1326233206

Unique User Cookie

Designation
Unique User Cookie
Name
_HC_uu
Lifetime
365 days
Description
Unique User Cookie is used to collect data on a specific user; their behavior on a website (e.g., bounce rate) and to match this user to specific ad clicks.
Sample
_HC_uu=cKcEcH8AAAEAAAZZWDYAAABk

Visit State Cookie

Designation
Visit State Cookie
Name
_HC_v<cid>
Lifetime
30 minutes
Description
Visit State Cookie is used as a short-term storage of information about an active session.
Sample
_HC_v00=AARS58t_AAM~wNi092iTuo_omsDceL9p5g~http%253A%252F%252Fsome

Hurra Cookie Test

Designation
Hurra Cookie Test
Name
_HCT_
Lifetime
1 second
Description
Hurra Cookie Test is used to establish the highest possible level of a domain where cookie can be set via the JavaScript.
Sample
_HCT_=1

Affiliate-Cookie

Designation
Affiliate-Cookie
Name
_HC_ac<cid>
Lifetime
** minutes
Description
Affiliate-Cookie is used to transfer an affiliated click ID.
Sample
_HC_pvs=cKcEcH8AAAEAAAZZWDYAAABk:C00G48:1323643602

Call Minimization Cookie

Designation
Call Minimization Cookie
Name
_HC_fr
Lifetime
session
Description
Call Minimization Cookie shows whether Local Storage and cookie matching checks were already executed (if applicable for a specific client).
Sample
_HC_fr=:::1480082567

LocalStorage (HTML5) First-party cookies

Client ID

Designation
Client ID
Name
<cid>
Description
Client ID cookie stores info about click request ID, client ID, channel ID, and expiration date.
Sample
00=cKcEcH8AAAEAAAZZWDYAAABk:C00G3:132623320

Unique User ID

Designation
Unique User ID
Name
uu
Description
Unique User ID Cookie is used to collect data on a specific user; i.e., their behavior on a website (e.g., bounce rate) and to match this user to specific ad clicks.
Sample
uu=cKcEcH8AAAEAAAZZWDYAAABk

Third-party cookies

Third-party advertising partners, such as Google AdWords or DoubleClick, may also store cookies in your browser for remarketing and display advertising purposes. These cookies belong to third-party domains (i.e., a third-party advertising partner's tracking code can be embedded on a website you are visiting, thus making your browser save cookies from these third-party domains). These third-party cookies are accessible to advertising partners on different websites, hence they can be used to create a user (i.e., your) profile based on information collected about you from domains belonging to different advertisers and advertising partners. The goal is to learn more about your product preferences to show you better suited ads. Likewise, other third-party tracking technologies can be integrated with OWAPro Tag Manager on our client's request or implemented by our client themselves, and these technologies can also set cookies.

Your right to object (Opt-Out)What if I don’t want to be tracked?

In accordance with Art. 21 Para. 2 GDPR, you have the right to object to the processing of personal data for direct marketing.

That is why, we provide our clients with a client-specific opt-out mechanism which allows users (i.e., you) to object to future data processing on our client's website through hurra.com. The opt-out mechanism is client-specific and thus only applies to the website of a specific client.

You can opt-out of data collection and processing by hurra.com services on our client's website at any time. OWAPro may also already be configured to comply with the "Do Not Track" setting of your browser, which means that you have already objected to data collection and processing.

The opt-out mechanism is based on a cookie named "__coo". Please note, that we can apply our opt-out mechanism as long as this cookie is present. If you delete that cookie yourself, we have no possibility to stop our technology from tracking you. The opt-out mechanism is bound to the device and the browser used for deactivation; i.e., the ones that were used while setting the opt-out option. To stop our technology from processing of personal data shared on other browsers and devices, the opt-out option must be set on those browsers and devices as well.

Does OWAPro respect Do-Not-Track (DNT) option?

Yes, if DNT has been activated by our clients through OWAPro. Do-Not-Track (DNT) is a setting that becomes active in your browser. For some browsers this option is enabled by default. If this setting is activated through OWAPro by our client, we comply with DNT and treat is as an Opt-Out option, which means that you are no longer tracked by the hurra.com technology.

Your other rights as a data subject

  • Right of access - GDPR art. 15
  • Right of rectifications - GDPR art. 16
  • Right of erasure ("Right to be forgotten") - GDPR art. 17
  • Right to restriction of processing - GDPR art. 18
  • Right to lodge a complaint with a supervisory authority - GDPR art. 77

Please contact the owners of the website that directed you to this privacy policy. You may need to provide some additional or personal information to process your request or ensure identification.

Further modificationsChanges to our privacy policy

Technical progress, changes in the law or in our internal processes require adjustments to this privacy policy. We reserve the right to make changes to this privacy policy. Notifications depend on the data controller (our clients) so please follow information provided by them.

Date of this Privacy Policy: 02.05.2018
Updated: 25.05.2018
Updated: 20.10.2021