BuySellAds Content Portal

Security And Privacy Policy

Last Updated on September 18, 2018

At BuySellAds we take security and data privacy seriously. We don’t partner with third party data companies. We don’t profit from the user data we collect. We don’t sell it to others either.

We go to great lengths to keep our partner’s data secure as well maintain the security of our systems to ensure that accounts, payment details, and other personal information is protected. You can find more information about our practices below.

A Quick Overview Of Our Security Practices

We provide multiple levels of backups and redundancy to ensure uptime and peace of mind.

This includes:

  • Fully redundant servers
  • Secure protocols (SSL / TLS) across the web, API, and payment processing apps using a Comodo signed SHA-256 certificate (with RSA encryption).
  • Separately hosted content system and help portal
  • All passwords are encrypted on servers and databases using BCrypt.
  • We run a dedicated environment behind redundant firewalls and switches.
  • Hardened, patched OS with frequent security updates.
  • Our entire infrastructure is proxied behind Cloudflare‘s security suite.

Data Privacy

What Information Do We Collect and How Do We Collect It?

If you are a publisher of ads, we need you to provide information about your website and payment method, such as bank or PayPal account information. You may review and update this personally identifiable information in your profile by logging in and editing such information in your dashboard. If you decide to delete all of your information, we may cancel your account. We may retain an archived copy of your records as required by law or for reasonable business purposes.

Log Storage

At BuySellAds, we keep some raw logs on our servers (where required) for 4 to 8 weeks, depending on the system. Long term, we store raw log information in an Amazon S3 bucket. Our S3 accounts have limited permissions, and access is limited (i.e. no server has access to all of the logs, just those that are needed by the system).

Apps may employ cookies to collect non-personally identifying information in the course of providing clients with ad-serving services and for the purpose of helping clients determine which advertisement is suitable to be delivered to a user. A cookie is a small text file that can be stored on a user’s computer when that computer’s browser views an advertisement or website of one of our clients. The cookie is associated with and unique to the specific computer. The cookie does not contain the user’s name, address, phone number, email address, or anything that personally identifies it. We collect into the cookie only non-personally identifying information such as the type of the computer’s operating system, type of internet browser software, what web pages were viewed and at what time, and geographic location of user’s internet service provider.


Technology & Security

Encryption

Account passwords are encrypted in the BuySellAds database (using BCrypt), preventing even our own staff from viewing them. Any data that’s encrypted in our databases makes use of an AES-256 encryption algorithm.

Our SSL configurations can be tested externally using the following links:

  • For Self-Serve Direct (link)
  • For The BuySellAds Marketplace (link)

Malware

We manually review all new orders. Customers relying on DFP will benefit from the companies internal malware checking tools. All malware is managed at the Ad Server level.

Data Transmission, Collection And Retention

We are PCI compliant.

Of course, we occasionally have to collect sensitive information in order to complete transactions. We pass this information to our payment company (Authorize.net) across an encrypted data tunnel. We do not, however, store credit card information data at BuySellAds. All credit card information is managed and stored by Authorize.net.

All access to the BuySellAds interface is secured using SSL (HTTPS) encryption, ensuring information transmitted between BuySellAds and its partners is encrypted.

All customer data resides behind a secure, redundant infrastructure, hosted at Amazon Inc. The servers are fully managed by BuySellAds.

Storage of Individual Information

The information we do store is encrypted using the industry-leading standards like BCrypt where appropriate (passwords, etc.).

Redundancy And Backup

Our system is backed up at regular intervals daily. We have failover procedures in place that allow us to “flip a switch” should there be any security issues. Our system is built to maintain data integrity, restore service as cleanly as possible, and minimize downtime as a result of service loss or security issues.


Transactional Emails

All of our transactional emails are handled by Postmark.