Revised: April 4, 2026
Publisher and supply partner guidelines
These Terms and Conditions (the “Terms and Conditions”) govern the access to and use of illumin’s Platform by an Advertiser. By accessing or using the Platform, Advertiser agrees to be bound by these Terms and Conditions and understands that its use of the Platform constitutes a legal agreement between illumin and Advertiser in accordance with the terms outlined herein. Advertiser is not permitted to access or use the Platform unless and until it has reviewed the Terms and Conditions carefully. Advertiser further agrees that it will review this Agreement periodically. Advertiser may decide whether or not to accept a modified version of the Agreement, but accepting the Agreement, as modified, is required for Advertiser to continue using the services. If the Advertiser does not agree to the terms of the Agreement or any modified version of the Agreement, its sole recourse is to terminate its use of the Platform, in which case it will no longer have access to the Platform. Advertiser may also be required to execute specific order documentation for certain services, which may be in the form of an order form, or a document that specifies the terms and parameters of an Ad Campaign (an “Order Form”).
The Data Processing Addendum (defined below) is explicitly incorporated by reference into, and forms part of, the Agreement.
As used herein the following terms shall have the respective meanings indicated below:
“Ad” means any advertisement (including, without limitation, all logos, trademarks, creative materials, graphic images and copy therein) provided to illumin, directly or indirectly, by Advertiser, including without limitation banner advertisements, text advertisements and video advertisements (as such terms are understood in the online advertising industry) and advertisements received from Contracted Clients.
“Ad Exchange” shall mean any a buying and clearing engine that is integrated with the Platform and that purchases display space for Ads and handles the Auction logistics.
“Ad Inventory” shall mean any digital advertising inventory made available for sale through an Ad Exchange, including, but not limited to, web display, mobile, application and/or widget-based advertising inventory.
“Advertiser” shall mean i) a Platform user as identified through its registered account on the Platform, or ii) the licensee or client set forth in an applicable Order Form or Insertion Order, and shall, for purposes of an Advertiser’s obligations under these Terms and Conditions, include any Contracted Client.
“Agreement” means collectively these Terms and Conditions, an Order Form (if applicable), the Data Processing Addendum, all exhibits and addendums hereto, all plans and specifications prepared, and all documents incorporated herein by reference, as amended, modified or supplemented.
“Applicable Laws” means all laws and regulations that apply to each party in connection with this Agreement, the provision and use of the Platform, and the processing of customer data, to include without limitation Data Protection Laws (as defined in the Data Processing Addendum).
“Auction” means the real-time bidding process for Ad Inventory offered through Ad Exchanges.
“Business Day” means any day other than a Saturday, a Sunday or a day observed as a statutory or civic holiday in the Province of Ontario.
“Campaign” means the advertisement campaign operated by Advertiser through the Platform.
“Contracted Client” shall have the meaning ascribed to it in Article 3.
“Confidential Information” shall have the meaning ascribed in Article 11;
“Data Processing Addendum” means the data processing addendum found in Appendix A below.
“Data Protection Laws” means all privacy, data protection and security laws privacy or security law and/or self-regulatory code that are in effect during the term of this Agreement, and which apply to Personal Data processed pursuant to the Agreement, including: the Privacy and Electronic Communications Directive 2002/58/EC as implemented in the EEA and UK; the Regulation (EU) 2016/679 (General Data Protection Regulation or “GDPR”), the GDPR as it forms part of United Kingdom law pursuant to Section 3 of the European Union (Withdrawal) Act 2018 and the Data Protection Act 2018 (“UK GDPR”), California Consumer Privacy Act of 2018 (“CCPA”), California Privacy Rights Act of 2020 (“CPRA”), Connecticut Data Privacy Act (“CTDPA”), Virginia Consumer Data Protection Act (“VCDPA”), the Colorado Privacy Act (“CPA”), the Canadian Personal Information Protection and Electronic Documents Act, SC 2000, c 5, and Canada’s Anti-Spam Legislation (“CASL”), the Brazilian Law No. 13709/18, as well as Brazilian Law No. 12,965/14, the Argentinian Personal Data Protection Law No. 25,326, together with the Decree No. 1558/2001 and its related regulations, and the Mexican “Ley Federal de Protección de Datos Personales en Posesión de los Particulares” (DOF: 5 de Julio de 2010).
“Effective Date” means the date in which Advertiser first creates its account on the Platform.
“Fee” means the fee charged by illumin for the Platform services.
“Personal Data” or “Personal Information” shall mean: (1) any information relating to an identified or identifiable natural person or household; and (2) any information defined as “personally identifiable information,” “personal information,” “personal data” or similar terms as such terms are defined under Data Protection Laws.
“Platform” means the machine learning advertising platform developed and owned by illumin.
“Prohibited Information” means: (i) any information revealing race or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership; (ii) genetic data; (iii) biometric data for the purposes of uniquely identifying a natural person; (iv) data concerning health, which includes all individually identifiable health information that is subject to the Health Insurance Portability and Accountability Act; (v) data concerning a natural person’s sex life or sexual orientation; (vi) any personal data regarding a minor under the age of 16, or if Applicable Laws of any jurisdiction otherwise define a child or a minor as another age, then personal data regarding a minor as thereby defined by the Applicable Laws; (vii) any financial account numbers or insurance plan numbers that can be used to identify an individual; (viii) any government-issued identifiers or identification; or (ix) any other “Sensitive Personal Data”, or substantially similar categories of Personal Data, as defined under Data Protection Laws.
“Security Incident” means a breach of security measures leading to accidental or unlawful destruction, loss, alteration, or unauthorized access to or disclosure of customer data or illumin data.
“Third-Party Products” means technology features or functionality that integrates, interoperates with or is accessible through the Platform, but are not provided by illumin.
In the event of a conflict between the terms and conditions of an applicable Order Form and these Terms and Conditions, the Order Form prevails.
Unless the context requires otherwise, words importing the singular include the plural and vice versa and words importing gender include all genders. The term “including” means “including without limitation”.
If any payment is required to be made or other action is required to be taken pursuant to this Agreement on a day which is not a Business Day, then such payment or action shall be made or taken on the next Business Day.
The headings of any Article, Section or part thereof are inserted for purposes of convenience only and do not form part hereof.
illumin hereby grants to Advertiser a non-exclusive, worldwide, non-transferable, non-sublicensable right to use the Platform for purposes of conducting Campaigns during the term in accordance with this Agreement. As between Advertiser and illumin, Advertiser acknowledges that illumin is the owner of all intellectual property rights in and to the Platform including all content thereon (other than the Ads) and, except as otherwise expressly permitted by this Agreement, Advertiser shall not at any time do or suffer to be done any act or thing that will in any way impair the rights of illumin in and to the Platform. Nothing in this Agreement grants, nor shall Advertiser acquire hereby, any right, title or interest in or to the Platform or any goodwill associated with the Platform, other than those rights expressly granted hereunder. Upon the termination of this Agreement for any reason, all rights in the Platform granted to Advertiser hereunder shall automatically revert to illumin, and Advertiser shall have no further rights in and to the Platform. Advertiser is responsible for maintaining the confidentiality of any login credentials, and for using commercially reasonable efforts and appropriate technological and organizational measures to prevent unauthorized access to the Platform. Advertiser remains responsible for all acts and omissions of all individuals who use its login credentials and shall maintain current records of all individuals to whom it allows access to the Platform.
Advertiser’s use of the Platform shall at all times comply with all Applicable Laws, rules, regulations and ordinances as well as any written policies or procedures that illumin may provide to Advertiser from time to time in connection with Advertiser’s use of the Platform. Illumin reserves the right, but is under no obligation, to i) monitor the Platform and Advertiser’s use of the Platform, ii) review any Ads used by Advertiser through the Platform prior to use, and/or (iii) reject or refuse to serve any Ad that is, in its sole and absolute discretion, objectionable or which, in illumin’s sole and absolute opinion, may expose illumin, any Publisher, or any of its suppliers and each of their affiliates, or its other clients to any harm or liability of any type.
Subject to the terms and conditions of this Agreement, illumin hereby grants Advertiser a limited, non-transferrable right (the “Selling Rights”) to act as a sales representative for the Platform (the “Sales Agency Services”) and to provide advertising services to third parties through the Platform (“Advertiser Services”). Exercise of these rights entitle Advertiser:
Exercise of the Selling Rights shall be at Advertiser’s sole cost and expense and shall require Advertiser to provide to illumin such content and information about the Contracted Client and the Advertiser Services to be provided to such Contracted Client, as illumin may request. For the avoidance of doubt, Advertiser shall not permit any Contracted Client to directly use or access the Platform without the written consent of illumin. Rather, Advertiser shall only have the right to use the Platform on behalf of, and for the Contracted Client’s benefit.
Advertiser shall submit to illumin all advertisements and marketing materials (collectively, “Marketing Materials”) to be used in connection with the Sales Agency Services and Advertiser Services, as though submitted directly by Advertiser. Illumin may approve or reject any Marketing Materials in its sole discretion.
Advertiser shall not make any representations, warranties, statements or claims about the Platform, except as approved by illumin in its sole discretion.
Additionally, illumin may require the Advertiser to enforce certain third-party terms and conditions on Contracted Clients from time to time in connection with the provision of the Advertiser Services.
The obligations of Advertiser and a Contracted Client under this Agreement shall be joint and several.
Advertiser represents and warrants to illumin that each Ad (and any and all content therein) and the distribution thereof:
Advertiser further represents and warrants that:
illumin represents that in providing the services, it shall:
Advertiser acknowledges that fees for use of the Platform are based on the digital media inventory, data products, and other products, services, or features selected by Advertiser (collectively, the “Fees”). Fees may include usage-based charges, third-party costs, and illumin service fees. Advertiser authorizes illumin to invoice the aggregate amount of all purchases made through the Platform without additional written or signed approval. Unless otherwise agreed in writing, Advertiser will be invoiced monthly in arrears for Fees incurred during the preceding month. Illumin may require Advertiser to prepay Fees or maintain a prepaid balance as a condition of accessing the Platform or certain features. Any unused prepaid balance may be refunded upon written request, subject to reconciliation of all outstanding Fees and any applicable minimum commitments. ILLUMIN MAY REQUIRE ADVERTISER TO EXECUTE AN ORDER FORM IN CONNECTION WITH ITS INITIAL ADVERTISING CAMPAIGN, WHICH MAY BE SUBJECT TO A MINIMUM CAMPAIGN VALUE.
All invoices shall be deemed accepted unless Advertiser provides written notice of a dispute within fifteen (15) days of receipt.
Where approved credit terms have been granted:
illumin accepts payment by electronic funds transfer (EFT), automated clearing house (ACH), wire transfer, cheque, and credit card. Where Advertiser elects to pay by credit card, Advertiser shall provide and maintain accurate, current, and complete credit card information, and promptly update such information as necessary to ensure it remains valid. Any non-standard payment terms are subject to the prior approval of illumin’s finance department.
Any overdue amounts shall accrue interest at a rate of 1% per month, or the maximum rate permitted by law, whichever is less. Advertiser remains solely liable for all Fees incurred under this Agreement, regardless of whether Advertiser receives payment from any third party, including where Advertiser acts as an agency or intermediary. In the event of non-payment or default, illumin may, without liability, suspend or terminate access to the Platform and/or services until all outstanding amounts are paid in full. Illumin may also suspend access to the Platform where a Payment Method fails or is declined, as further described in Section 5.5. Advertiser shall reimburse illumin for all reasonable costs incurred in collecting overdue amounts, including collection agency fees and legal expenses.
Advertiser shall be responsible for all taxes, duties, and similar governmental charges arising from or relating to this Agreement or the transactions contemplated herein (collectively, “Taxes”), including sales, use, value-added, goods and services, and similar taxes, excluding taxes based on illumin’s net income. Fees are exclusive of Taxes. Where applicable, Taxes will be added to invoices and payable by Advertiser unless a valid exemption certificate is provided.
If Advertiser or a Contracted Client accesses or uses any third-party data functionality (including without limitation third party provider lists, servers, dynamic creative plugins, and ad verification tags) that are made accessible in the Platform, Advertiser and Contracted Clients shall only use such functionality in accordance with the applicable third-party terms and conditions. You can locate those third-party terms and conditions by visiting the website of the third-party provider or by clicking the link to the applicable third-party terms at the illumin third party data list available at https://illumin.com/legal/thirdparty.
The term of this Agreement commences on the Effective Date and shall continue until terminated in accordance with this Article 7, or as otherwise stated in an Order Form (where applicable). This Agreement may be terminated immediately by either party if any of the following events occur:
Upon termination of this Agreement, Advertiser shall immediately discontinue use of the Platform, and all rights granted by illumin to Advertiser under this Agreement shall cease; (ii) Advertiser shall promptly pay to illumin all amounts properly due and owing to illumin hereunder. If at any time illumin for any reason decides to cease licensing the Platform to third parties for any reason, illumin may cancel this Agreement by providing not less than thirty (30) days’ notice to Advertiser. If Advertiser has pre-paid any Fee, illumin shall, without further liability to Advertiser, refund to Advertiser unspent portion of such Fee, less any Fees properly due and owing to illumin.
THE PLATFORM, ANY SERVICES PROVIDED BY ILLUMIN HEREUNDER (“SERVICES”), AND ANY AD EXCHANGE WITH WHICH THE PLATFORM MAY EXCHANGE INFORMATION, ANY PUBLISHERS PROPERTIES OR ANY COMBINATION OF ANY OF THE FOREGOING ARE PROVIDED “AS IS” AND ILLUMIN HEREBY EXPRESSLY DISCLAIMS ALL WARRANTIES, EXPRESSED, STATUTORY OR IMPLIED, REGARDING THE SERVICES, THE PLATFORM OR ANY PORTIONS THEREOF, INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT OR OTHER IMPLIED WARRANTIES ARISING IN THE COURSE OF DEALING OR COURSE OF PERFORMANCE. WITHOUT LIMITING THE GENERALITY OF THE FOREGOING, ILLUMIN SPECIFICALLY DISCLAIMS, AND MAKES NO REPRESENTATIONS OR WARRANTIES REGARDING: (1) THE NUMBER OF PERSONS WHO WILL VIEW OR ACCESS THE ADS; (2) ANY BENEFIT ADVERTISER OR ANY CONTRACTED CLIENT MIGHT OBTAIN FROM THE PLATFORM, THE SERVICES OR A CAMPAIGN; (3) THAT THE PLATFORM OR THE SERVICES WILL INCREASE SALES, GOODWILL OR ACHIEVE A SPECIFIC RESULT; OR (4) THAT THE MEASURABLE GOALS WILL BE ACHIEVED OR ACHIEVED WITHIN THE BUDGET. ILLUMIN DOES NOT WARRANT: (A) THAT THE PLATFORM OR THE SERVICES WILL BE AVAILABLE AT ALL TIMES OR ANY GIVEN TIME, OR FROM ANY PARTICULAR LOCATION; (B) WILL BE SECURE OR ERROR-FREE; (C) THAT DEFECTS WILL BE CORRECTED; OR (D) THAT THE SERVICES AND/OR THE PLATFORM ARE FREE OF VIRUSES OR OTHER POTENTIALLY HARMFUL COMPONENTS. NO ADVICE OR INFORMATION, WHETHER ORAL OR WRITTEN, OBTAINED FROM ILLUMIN SHALL CREATE ANY WARRANTY NOT EXPRESSLY STATED IN THIS AGREEMENT.
ADVERTISER FURTHER ACKNOWLEDGES AND AGREES: (1) THAT THE USE OF THE PLATFORM AND PERFORMANCE OF THE SERVICES ARE CONTINGENT UPON SUCCESSFUL PERFORMANCE AND OPERATION OF THE INTERNET, AD EXCHANGES AND AUCTIONS AND, ACCORDINGLY, ILLUMIN SHALL NOT BE RESPONSIBLE FOR ANY FAILURES, DELAYS OR DAMAGES CAUSED BY THE MALFUNCTIONING OR DEFAULT OF SAME THAT ARE REASONABLY BEYOND THE CONTROL OF ILLUMIN; AND (2) ALL NUMBERS AND AMOUNTS CONTAINED IN THE ORDER FORM (IF APPLICABLE) RELATING TO IMPRESSIONS, ACTIONS, ACQUISITIONS OR APPLICATIONS ARE ESTIMATES ONLY AND ARE NOT GUARANTEED BY ILLUMIN. ILLUMIN SHALL FOLLOW A UNIFORM POLICY TO AVOID DISCRIMINATION IN ITS DEALINGS WITH ADVERTISERS AND AGENCIES. ALTHOUGH ILLUMIN MAKES EVERY EFFORT TO UPHOLD THE HIGHEST STANDARDS OF ONLINE MARKETING CONDUCT, IT WILL NOT BE LIABLE TO ADVERTISER FOR ANY LOSSES OR DAMAGES INCURRED BY ADVERTISER OR A CONTRACTED CLIENT AS A RESULT OF ADVERTISER’S OR A CONTRACTED CLIENT’S ACTIONS OR OMISSIONS.
NEITHER ILLUMIN NOR ITS AFFILIATES WILL BE LIABLE TO ADVERTISER OR ANY THIRD PARTY, UNDER ANY THEORY OF LAW, FOR ANY INDIRECT, INCIDENTAL, PUNITIVE, OR CONSEQUENTIAL DAMAGES, INCLUDING, BUT NOT LIMITED TO LOSS OF REVENUE, LOSS OF PROFITS, BUSINESS INTERRUPTION, AND/OR LOSS OF INFORMATION OR DATA, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. THE NEGATION AND LIMITATION OF DAMAGES SET FORTH IN THIS PARAGRAPH ARE FUNDAMENTAL ELEMENTS OF THE BASIS OF THE BARGAIN BETWEEN ADVERTISER AND ILLUMIN. THE RIGHTS AND LICENSES GRANTED BY ILLUMIN HEREUNDER WOULD NOT BE PROVIDED WITHOUT SUCH LIMITATIONS. NOTWITHSTANDING ANYTHING TO THE CONTRARY CONTAINED HEREIN, ILLUMIN’S MAXIMUM AGGREGATE LIABILITY TO ADVERTISER OR ITS CONTRACTED CLIENTS FOR ANY CAUSES OF ACTION WHATSOEVER, AND REGARDLESS OF THE FORM OR CAUSE OF ACTION, WILL BE THE TOTAL FEES PAID BY ADVERTISER TO ILLUMIN IN THE SIX (6) MONTH PERIOD IMMEDIATELY PRECEDING THE EVENT GIVING RISE TO A CLAIM OR CAUSE OF ACTION.
Advertiser agrees that, unless otherwise expressly agreed in writing by Advertiser, illumin, and the applicable data partner, the terms governing any exchange of Advertiser Data shall be solely between Advertiser and such data partner. Illumin shall have no responsibility or liability for (i) the data partner’s collection, use, disclosure, or other processing of Advertiser Data, or (ii) the data partner’s compliance with Applicable Laws in connection therewith.
Advertiser acknowledges and agrees that all software, technology, know-how, information, data, content, advertisements, creative assets, and other materials developed, created, provided, or licensed by illumin, including any materials developed and paid for by illumin (whether independently or on behalf of Advertiser) (collectively, “illumin Intellectual Property”), are and shall remain the confidential and proprietary property of illumin. Advertiser shall not, and shall not permit any third party to, directly or indirectly: (i) copy, modify, adapt, translate, decompile, disassemble, reverse engineer, or create derivative works from the illumin Intellectual Property; (ii) distribute, sell, lease, sublicense, transfer, or otherwise make the illumin Intellectual Property available to any third party; or (iii) use the illumin Intellectual Property in violation of applicable law or in a manner that infringes any third-party rights.
Advertiser hereby grants to illumin a non-exclusive, worldwide, royalty-free license during the Term to: (i) access, collect (including from Advertiser’s properties), use, reproduce, and process Advertiser Data, including in aggregated and pseudonymized form, in connection with the provision and improvement of the Platform and services; (ii) distribute, display, and transmit Advertiser’s advertisements and content in connection with Advertiser’s use of the Platform; and (iii) use and incorporate into the Platform any feedback, suggestions, or recommendations provided by Advertiser or its affiliates, without restriction or obligation (collectively, “Advertiser IP”).
For clarity, any advertisements or creative assets developed and paid for by illumin (whether independently or on behalf of Advertiser) shall constitute illumin Intellectual Property, and illumin may use such materials for its internal purposes, including product development, benchmarking, and marketing, provided that any such use of Advertiser-specific materials shall be in aggregated or anonymized form unless otherwise agreed in writing.
Except for the limited rights expressly granted herein, each party retains all right, title, and interest in and to its respective intellectual property. Nothing in this Agreement grants either party any rights, whether by implication, estoppel, or otherwise, except as expressly set forth herein.
Advertiser agrees that part of the consideration being provided to illumin pursuant to this Agreement is the right for illumin to cite Advertiser from time to time on the illumin website, in presentations, speeches, press release and other media as a client of illumin.
“Confidential Information” means any non-public, proprietary, or confidential information disclosed by or on behalf of either party (the “Disclosing Party”) to the other party (the “Receiving Party”), whether oral, written, electronic, or otherwise, including: (a) proprietary information; (b) information marked or identified as confidential; (c) suppression lists exchanged under this Agreement; (d) the terms of this Agreement, including pricing; and (e) any information that, given the nature of the information or the circumstances of disclosure, reasonably should be understood to be confidential. The Receiving Party shall: (i) use the Confidential Information solely for purposes of performing under this Agreement; (ii) not disclose such Confidential Information to any third party without the Disclosing Party’s prior written consent, except to its employees, agents, and contractors who have a need to know for such purpose and who are bound by confidentiality obligations no less protective than those set forth herein; and (iii) protect the Confidential Information using at least the same degree of care it uses to protect its own confidential information of a similar nature, and in no event less than a reasonable standard of care. All Confidential Information remains the property of the Disclosing Party. No rights or licenses are granted to the Receiving Party except as expressly set forth in this Agreement, and all use of Confidential Information is at the Receiving Party’s sole risk.
The obligations in this Section shall survive termination of this Agreement for a period of three (3) years. The Receiving Party acknowledges that unauthorized use or disclosure of Confidential Information may cause irreparable harm for which monetary damages may be inadequate, and the Disclosing Party shall be entitled to seek injunctive or equitable relief in addition to any other remedies available at law.
The obligations of confidentiality shall not apply to information that the Receiving Party can demonstrate: (a) was lawfully known to it prior to disclosure without obligation of confidentiality; (b) becomes publicly available through no breach of this Agreement; (c) is lawfully received from a third party without restriction; or (d) is required to be disclosed pursuant to applicable law, regulation, or court order, provided that (to the extent legally permitted) the Receiving Party gives prompt notice to the Disclosing Party and reasonably cooperates in seeking confidential treatment.
Advertiser represents and warrants that: (i) the individual executing this Agreement, including any applicable Order Forms, is duly authorized to bind Advertiser; (ii) the execution, delivery, and performance of this Agreement, and the transactions contemplated hereby, do not and will not violate any Applicable Laws or conflict with any contractual obligations or other arrangements binding on Advertiser; (iii) Advertiser’s use of the Platform will comply with all Applicable Laws; and (iv) Advertiser’s Ads do not and will not infringe, misappropriate, or otherwise violate any intellectual property or other rights of any third party.
Advertiser agrees to indemnify, defend and hold harmless illumin, and its parents, subsidiaries, agents, affiliates, employees, directors and officers, from any and all liability, claim, loss, damage, demand or expense (including reasonable attorneys’ fees) asserted by any third party due to, arising from, or in connection with: (i) any Ad supplied or used by Advertiser hereunder; (ii) any act or omission of any Contracted Client, (iii) any breach by Advertiser of the terms of this Agreement including, without limitation, any representation or warranty contained herein; or (iv) the negligence, willful misconduct or fraudulent activities of Advertiser. Notwithstanding the foregoing, the Advertiser shall not be liable for the defense or indemnification of illumin for claims, actions, complaints or suits arising out of the sole active gross negligence or willful misconduct of illumin.
During the Term of this Agreement and for a period of one (1) year following the termination of this Agreement, Advertiser shall not solicit, seek out or employ, either directly or indirectly (as a consultant, independent contractor or otherwise) any employee or consultant engaged by illumin who is or was associated with the performance of illumin’s obligations pursuant to this Agreement, except without the prior written consent of illumin. Notwithstanding the foregoing, the hiring of employees who respond to a generally advertised job opening shall not be considered a solicitation as contemplated by this clause.
All references in this Agreement to dollars, unless otherwise specifically indicated shall be in United States Dollars (USD). For purposes of calculating foreign currency rates for non-U.S dollar currencies, illumin utilizes a risk-adjusted daily exchange rate. Rates are provided via a daily feed from a reputable exchange rate service.
The Agreement shall be governed, construed and enforced in accordance with the laws of the Province of Ontario and exclusive jurisdiction and venue shall be in the courts located in Toronto, Ontario.
Any dispute regarding this Agreement, including the validity, existence, binding effect, interpretation, performance, breach or termination, and including tort claims, shall be referred to and finally determined, to the exclusion of the courts, by a single arbitrator. The arbitration shall take place in Toronto, Ontario, in English, and in accordance with the National Arbitration Rules of the National Arbitration Institute of Canada, Inc. In all other respects the arbitration shall be governed by and subject to the Ontario Arbitration Act.
UNLESS OTHERWISE REQUIRED BY LAW, ADVERTISER MUST NOTIFY ILLUMIN WITHIN ONE (1) YEAR OF THE DATE OF THE OCCURRENCE OF THE EVENT OR FACTS GIVING RISE TO A DISPUTE OR ADVERTISER WAIVES THE RIGHT TO PURSUE ANY CLAIM BASED ON SUCH EVENT, FACTS OR DISPUTE.
TO THE FULLEST EXTENT PERMITTED BY APPLICABLE LAW, ALL PARTIES TO ANY ACTION ARISING OUT OF OR IN CONNECTION WITH THE SERVICES OR THIS AGREEMENT MUST BE INDIVIDUALLY NAMED. ADVERTISER HEREBY WAIVES ANY RIGHT IT MAY HAVE FOR ANY DISPUTE PERTAINING TO THE SERVICES OR THIS AGREEMENT TO BE ARBITRATED OR LITIGATED ON A CLASS ACTION OR CONSOLIDATED BASIS, OR ON BASIS INVOLVING DISPUTES BROUGHT IN A PURPORTED REPRESENTATIVE CAPACITY ON BEHALF OF THE GENERAL PUBLIC.
Advertiser may not assign this Agreement without prior written consent from illumin, which consent shall not be unreasonably withheld or delayed. illumin may assign all or any portion of its duties and obligations hereunder to any affiliate, successor-in-interest and/or acquirer of all or substantially all of illumin’s assets. Subject to the foregoing, the terms of this Agreement will be fully binding upon, inure to the benefit of and be enforceable by, the parties’ respective successors, heirs, executors, administrators and permitted assigns.
Any term or provision of this Agreement that is invalid or unenforceable in any situation or in any jurisdiction shall not affect the validity or enforceability of the remaining terms and provisions hereof or the validity or enforceability of the offending term or provision in any other situation or in any other jurisdiction.
The failure of illumin to exercise or enforce any right or provision of this Agreement shall not constitute a waiver of such right or provision. If any provision of this Agreement is found to be unenforceable or invalid, that provision shall be limited or eliminated to the minimum extent necessary so that this Agreement shall otherwise remain in full force and effect and be enforceable.
The parties to this Agreement are independent contractors and no agency, partnership, joint venture or employer-employee relationship is intended or created hereby. Notwithstanding anything to the contrary outlined herein, if Advertiser is entering into this Agreement on behalf of a third party, such third party shall have not have any rights under this Agreement.
Neither illumin nor any of its suppliers shall be liable to Advertiser for any delay in performance or failure to perform caused directly or indirectly by fire, explosion, accident, pandemic or epidemic, flood, labor trouble, weather condition, any regulation, rule or act of any government or governmental agency, or the inability to obtain or shortage of suitable material, components, parts, equipment, machinery, fuel, power, communication facilities or transportation, act of God, armed conflicts, civil commotion or any other cause of like character beyond the reasonable control of illumin or any of its suppliers.
If illumin terminates this Agreement for any reason, all rights and obligations under this Agreement shall cease, save for Advertiser’s obligation to pay all fees property due and owing to illumin hereunder to the date of termination. In addition, the following Article 7– Article 15, , Article 17– 19 and such other provisions hereof of thereof which expressly, or by their nature are intended to, survive termination.
This Agreement sets forth the entire understanding and agreement of the parties and supersedes any and all prior oral or written agreements or understandings between the parties as to the subject matter of this Agreement. This Agreement is non-exclusive to illumin and illumin shall have the right to enter into similar agreements with other third parties.
Advertiser shall promptly notify illumin in the event it: (i) becomes subject to any bankruptcy or insolvency proceedings; (ii) has a dispute with illumin; or (iii) otherwise is required to provide notice to illumin hereunder. Advertiser shall deliver any and all notices required to be delivered to illumin hereunder by Mail Notification to csmsupport@illumin.com Advertiser hereby acknowledges and agrees that illumin may deliver any notice required to be delivered to Advertiser either by means of posting such notice to illumin’s website located at www.illumin.com (“Web Notification”) by email to the email address of Advertiser indicated in the Advertiser’s account on the Platform (“Email Notification”), or by registered or certified mail, postage prepaid, return receipt requested or by nationally-recognized overnight courier service to the address of Advertiser as provided in the Advertiser’s account on the Platform (“Mail Notification”). Any such notification shall be deemed effective: (i) in the event of Web Notification, on the earlier of the date the Advertiser next visits illumin’s website or thirty (30) days from the date such Web Notification is posted on illumin’s website; (ii) upon transmission when delivered by Email Notification; or (iii) when delivered by Mail Notification.
This illumin Data Processing Addendum (“DPA”) is incorporated by reference into any and all services agreements, media buying agreements, insertion orders and addendums currently in place between Buyer (defined below) and illumin (“Agreement”). This DPA is entered into as of the later of the dates beneath the parties’ signatures below. By entering into this DPA, Buyer represents and warrants that Buyer has the authority to legally bind both the Buyer and all of Buyer’s personnel, representatives and/or Affiliates operating pursuant to any such Agreement referenced herein.
The parties agree to comply with the following provisions with respect to the Processing of any Personal Data of one or more Data Subjects located in a place where Data Protection Laws apply. The purposes of the DPA is to ensure such Processing is conducted in accordance with Data Protection Laws, including but not limited to the GDPR and CCPA and with due respect for the rights and freedoms of individuals whose Personal Data are processed. References to the Agreement will be construed as including this DPA. To the extent that the terms of this DPA differ from those in the Agreement, the terms of this DPA shall govern.
“illumin Third Party Partner” means any entity, exclusive of any illumin Processors or Sub-processors, engaged by illumin for the provision of general services.
“Affiliates” means any entity which is controlled by, controls, or is in common control with one of the parties.
“Advertiser Provided Data” means any Personal Data provided by Advertiser including (as applicable): (a) pseudonymous Personal Data collected via pixels from Advertiser’s website or other digital properties; and (b) identifiable Personal Data (e.g., emails) of Advertiser’s customers that are rendered into pseudonymous Personal Data via one or more illumin Third Party Partner(s).
“Advertiser Third Party Partner” means any entity engaged by Advertiser, exclusive of any Advertiser Processors or Sub-processors, for the provision of general services.
“Data Protection Laws” means all privacy, data protection and security laws privacy or security law and/or self-regulatory code that are in effect during the Term, and which apply to Personal Data processed pursuant to the Agreement, including: the Privacy and Electronic Communications Directive 2002/58/EC as implemented in the EEA and UK; the Regulation (EU) 2016/679 (General Data Protection Regulation or “GDPR”), the GDPR as it forms part of United Kingdom law pursuant to Section 3 of the European Union (Withdrawal) Act 2018 and the Data Protection Act 2018 (“UK GDPR”), California Consumer Privacy Act of 2018 (“CCPA”), California Privacy Rights Act of 2020 (“CPRA”), Connecticut Data Privacy Act (“CTDPA”), Virginia Consumer Data Protection Act (“VCDPA”), the Colorado Privacy Act (“CPA”), the Canadian Personal Information Protection and Electronic Documents Act, SC 2000, c 5, and Canada’s Anti-Spam Legislation (“CASL”), the Brazilian Law No. 13709/18, as well as Brazilian Law No. 12,965/14, the Argentinian Personal Data Protection Law No. 25,326, together with the Decree No. 1558/2001 and its related regulations, and the Mexican “Ley Federal de Protección de Datos Personales en Posesión de los Particulares” (DOF: 5 de Julio de 2010).
“Data Subject” means the individual to whom Personal Data relates.
“Effective Date” shall have the meaning ascribed to such term in the applicable Advertiser Agreement.
“GDPR” means Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC.
“Personal Information” or “Personal Data” shall mean: (1) any information relating to an identified or identifiable natural person or household; and (2) any information defined as “personally identifiable information,” “personal information,” “personal data” or similar terms as such terms are defined under Data Protection Laws.
“Security Breach” has the meaning set forth in Section 7 of this DPA.
“Services” means the advertising services provided by illumin to Advertiser pursuant to the applicable Advertiser Agreement.
“Sub-processor” means any Processor or sub-processor engaged by either party for the Processing of Personal Data.
“Supervisory Authority” has the meaning set forth in Article 51 of the GDPR, or analogous regulatory agency or authority under the applicable Data Protection Laws.
“Term” means the period listed in an applicable Advertiser Agreement.
The terms “Controller,” “Processor,” “Processed” and “Processing,” have the meanings given to them in Data Protection Laws. If and to the extent that Data Protection Laws do not define such terms, then the definitions given in EU Data Protection Law will apply.
Data exporter: The data exporter is the illumin Inc.
Data importer: The data importer is Advertiser
Data subjects: The Personal Data concern the following categories of Data Subjects:
The users of the websites, mobile applications and other digital mediums owned and/or operated by illumin Third-Party Partners and any data received from such Third-Party Partners as described in the Agreement.
Personal Data pertaining to the personnel of both parties.
Categories of data: The Personal Data concern the following categories of data:
Data on user behavior collected through pixels placed on the data importer’s websites, mobile applications and/or digital mediums owned and/or operated by illumin’s Third-Party Partners, including cookie IDs, mobile advertising identifiers and other pseudonymous identifiers of the users of the data importer’s websites, mobile applications and/or digital mediums as outlined in the Agreement.
Data pertaining to the personnel of both parties necessary for the respective parties’ performance of the Agreement including email addresses, telephone numbers, name, title and billing information.
Special categories of data (if appropriate)
The personal data transferred concern the following special categories of data (please specify): None
Processing operations: The Personal Data transferred will be subject to the following processing activities:
The data exporter will access, reproduce, display and store the relevant personal data in order to provide the services as set out in the Agreement solely for the Permitted Purposes.
Description of the technical and organizational security measures implemented by the data exporter
Measures with which Personal Data can be processed while denying physical access to IT systems for unauthorized persons (access control):
All of the data exporter’s third-party data centers have strict policies for authorization of access into the facilities. Each data center vendor has appropriate policies required by external audits. All of the data exporter’s internal personnel are vetted prior to allowing access to data centers.
Measures to hinder unauthorized persons from using IT systems and procedures (access control):
All systems level access is based on directory services and role-based security. Additional measures are in place such as VPN and other security measures prior to system level access being available, as described below. All end user level access to illumin’s systems is based on role-based security. Shared accounts are not allowed.
The data exporter undertakes the following actions, among others, to ensure that persons authorized to use the illumin Platform or access data processing infrastructure can only access the data underlying their access authorization and that stored data or data undergoing processing cannot be read, copied, altered, or removed without authorization.
The data exporter’s employees access infrastructure components with unique accounts that require strong passwords. Remote administration is available only via public key cryptography and password-based authentication is not permitted. Access groups have been established to restrict access to only to specific areas that are required for employee responsibilities.
Customers of the data exporter may be granted access to the illumin console. Access to the illumin console is limited via a username and a password to the customer’s authorized persons and additionally to equivalently authorized employees of the data exporter. Logical infrastructure configuration prevents the access of one customer’s data by another customer.
Measures to enable persons authorized to use IT procedures to gain exclusive access to the Personal Data that are subject to their access authorization (access control):
The data exporter employs a centralized access management system to control personnel access to production servers, and only provides access to a limited number of authorized personnel. These mechanisms are designed to grant only approved access rights to site hosts, logs, data and configuration information. The data exporter requires the use of unique user IDs, strong passwords; and carefully monitored access lists to minimize the potential for unauthorized account use. The granting or modification of access rights is based on: the authorized personnel’s job responsibilities; job duty requirements necessary to perform authorized tasks; a need-to-know basis; and must be in accordance with the data exporter’s internal data access policies and training. Approvals are managed by workflow tools that maintain audit records of all changes. Access to systems is logged to create an audit trail for accountability. Where passwords are employed for authentication (e.g., login to workstations), password policies that follow at least industry standard practices are implemented. These standards include password expiry, restrictions on password reuse and sufficient password strength.
In addition, the data exporter has implemented several security related policies that govern the use of illumin technology and data including rules around acceptable use, data classification, information security, and passwords. The data exporter’s information security officer is Rachel Kapcan.
Measures to ensure that Personal Data cannot be read, copied, amended or removed by unauthorized persons when the data is transmitted electronically, or when it is being transported, or when it is being stored on data carriers, but which allow checks to be made of the destinations targeted when transferring Personal Data using data transmission equipment (routing controls):
Data is encrypted by measures such as SSL. Personal data shall not be transferred outside the scope as authorized under these Clauses, or as otherwise authorized by the data importer.
Measures that allow retrospective checks to be made on whether Personal Data has been entered into, amended or removed from IT systems, and by whom (input controls):
All data processed in illumin Platform by an end user of the platform (e.g., CL personnel) is done on a permissions-based model, all user accounts are enabled/disabled in accordance with the security policy. All accounts are individual. Shared accounts are not allowed. Audit Trail is kept for user actions and is logged.
Email and corporate systems access is granted based on directory services and role-based security.
Measures to ensure that Personal Data to be processed on CONTROLLER’s behalf is only processed in accordance with CONTROLLER’s directives (performance controls):
The data importer is a user of the illumin Platform, therefore setting up of data collection mechanisms, collection of data, verifying data integrity sit with the data importer. The personal data shall only be processed in the manner authorized under these Clauses and all sub processors shall only be employed in compliance with the provisions of these Clauses.
Measures to ensure that Personal Data is protected against incidental damage or loss (availability controls):
Data is kept in a storage framework with at least three copies natively made and stored. Additionally, the data exporter replicates data between data centers for disaster recovery with ability to restore if needed, although the data exporter will not replicate lat/long or other data points which might be considered sensitive in the EU.
Measures to ensure that the different purposes for processing data can be identified – especially for PROCESSOR’s different controllers – and that data to be processed is processed separately from each other (separation controls):
illumin stores data in a multi-tenant environment on servers owned by illumin. The Services database and file system architecture are replicated between multiple data centers. Illumin logically isolates data on a per end user basis at the application layer. Illumin logically separates Customer’s data, including data from different end users, from each other, and data for an authenticated end user will not be displayed to another end user (unless the former end user or administrator allows the data to be shared). A central authentication system is used across all Services to increase uniform security of data.
Measures to ensure availability and resiliency for data and technical operations:
illumin stores data and operates servers in datacenters with robust and redundant power and data storage mechanisms. All deployments are configured with repeatable operating templates, for rapid deployment to a DR region when necessary. All networks are protected by network firewalls, intrusion detection systems, and other industry best practice security measures.
Measures for regular testing, assessment and evaluation:
illumin regularly reviews system activity rated by security threat level by our intrusion detection platform. Illumin regularly runs external network scans to ensure operating systems, libraries, and all used software is patched against vulnerabilities. All platform configurations are catalogued within version control and issued via peer-reviewed pull requests to ensure multiple reviewers of each security related change.
Measures for pseudonymization of data:
illumin works with upstream data controllers to ensure no PII enters our system.
Review illumin’s authorized Sub-processors.
