LAST UPDATED JUNE 2018
Nielsen Catalina Solutions’ mission is helping advertisers and media companies measure and improve advertising performance by understanding the interactions between what consumers watch and what they buy. We equally are committed to protecting the privacy of individual consumers, our clients, retailers, partners and the vendors who help us deliver our solutions. To honor this commitment we have deployed a multi-faceted approach consisting of privacy-centric Data Input Requirements, Data Access Restrictions, Product Design Policies, & Code of Conduct. Safeguarding consumer privacy and advertiser data integrity have always been a core value and of paramount importance.
Data Input Requirements
- Most notably, we simply do not allow any personally identifiable information (PII) inside NC Solutions, period. Our Data Input Requirements are designed to protect the identity of the households contained within the “watch” and “buy” behavioral data provided by our data contributors including that provided by Nielsen.
- To accomplish this, we employ a trusted third-party matching agent to create all the watch and buy single source linkages that enable our solutions. Data contributors like Nielsen and retailers send our matching agent (and not NC Solutions) their internal ids, names and address information. Our matching agent subsequently creates a household cross-reference file linking all the participants’ watch and buy household ids. This cross-referenced file, along with an associated household id using an anonymous “key” created exclusively for NC Solutions, is then provided to NC Solutions. Once successfully processed, the matching agent subsequently destroys all PII unless otherwise notified by the PII data owner. Our methodologies ensure that NCS cannot re-identify individuals or households.
- NCS protects data with industry best practices, processes, and protocols. We evaluate legal, security and privacy issues on an on-going basis with dedicated teams.
- All retail data contributors must have legal warrants ensuring that their data rights are valid and consumer opt-out commitments have been met, consistent with the data contributor’s own privacy policies. Consumers who have opted out of having their information shared with third parties for market research or solicitation purposes are not included.
- Our matching agent is a global leader in consumer and business credit reporting, and adheres to the highest levels of security practices including Level 1 PCI compliance and ISO 27001 certification. In addition, NC Solutions developed its processes consistent with the concepts of “Privacy by Design” and data minimization. NC Solutions and our data contributors use a variety of security technologies and procedures to protect contributors’ and consumers’ information from unauthorized access, use, or disclosure.
- All contributors’ behavioral data input structures provided to NC Solutions are reviewed to minimize unintended receipt of identifiable data, or “sensitive” information. Where necessary, precautionary processes deemed are implemented to enforce our privacy commitment. For example, Catalina Marketing on the retailer’s behalf irreversibly encrypts all shopper ids found in the retailer transaction data that are not known to be retailer approved shopper ids (e.g., frequent shopper card number). This mechanism is designed to keep unintended shopper identifications from entering NC Solutions (e.g. phone number, masked credit card numbers, etc.)
Data Access Restrictions
- NC Solutions technologies and processes are designed to provide data access only where necessary and employs “data minimization” strategies with clients and data contributors whenever possible, including no “catch all” fields allowed. Multiple data access security layers are deployed to manage data access through specifically designed services and applications so that only the data authorized and required for the given task is provided.
- To further reduce the ability for modeled behavioral data to be subsequently re-linked to other potentially identifiable data sources, NC Solutions does not include any household identifiers in its respondent-level data exports. The only exception is when data is sent back to the originating owner of the HH id. NC Solutions can share shopper-specific insights identified with the individual retailer’s shopper card number to that given retailer, but not to any other retailer or client.
- While the security of data can never be guaranteed, all data are protected with industry-standard encryption technology, security protocols and other physical and procedural safeguards.
Product Design Policies
- NC Solutions’ offerings are designed with privacy in mind. All non-modeled insights are provided to clients in aggregate form and include policies, procedures and/or software verification to monitor the granularity each aggregate insight created. The minimum number of respondents in any given aggregate varies depending on the analysis, but in no cases do they contain fewer than 25 households. In addition, there is no geo-coding more granular than the block group level.
- Where NC Solutions distributes de-identified respondent-level data externally, a portion of the behavior data are always modeled and does not necessarily reflect actual consumer behavior. NC Solutions does not provide actual respondent-level behavior data to clients unless the data owner authorizes it.
Code of Conduct
- All clients, partners and employees working with NC Solutions must support our commitment to honor consumer privacy, partner confidentially and Nielsen panelist integrity.
- Data contributors that submit data to NC Solutions’ anonymous single source database must agree to honor consumer requests to be excluded from having their information shared with third parties for market research or solicitation purposes. This also includes any opt-out requests known to be made via industry associations, government agencies or data aggregators.
- All NC Solutions employees have been trained and have formally agreed to NC Solutions’ Code of Conduct and Confidentiality Agreements that, among other things, outline how to keep partner and consumer data respected and secure. Consultants and vendors used by NC Solutions must also agree to comply with NC Solutions’ confidentiality and privacy policies.
- All NC Solutions clients and partners must be members in good standing of a leading industry organization designed to respect the rights of consumers. For example, all NC Solutions internet organizations must be members of:
If you have any additional privacy questions, reach out for more information.