CheckMyNews

PRIVACY POLICY

The Grenoble Informatics Laboratory (LIG) is very attentive and vigilant regarding personal data protection (DCP) issues. Univ. Grenoble Alpes has also appointed a Data Protection Officer (DPO) for ensuring that labs such as LIG comply with the European General Data Protection Regulation (GDPR). The GDPR requirements also meet what is required by the Brazilian General Data Protection Law (LGPD), Law nº 13.709/2018.

These data are as follows:

We collect information the user shared with ad platforms such as Facebook, as well as information that platform such as Facebook inferred about the user based on his actions. We collect this information from Ad Preferences Pages such as https://www.facebook.com/ads/preferences/ and the user’s Facebook timeline.
Specifically:

• We collect the ads a user receives while she browses Facebook, the ads the user clicked on and the accompanied explanations that Facebook provides as well as the posts that link to a news organizations and the posts that are public.
• We collect several ad and post engagement proxies. We collect the time the ad/post was present on the screen of the user. For comparison, we collect how much time each post in a user’s Facebook timeline was visible on the screen without collecting anything else regarding the post. When the user enters the area of an ad, we collect the (x,y) position of the mouse and the type of movement (scroll, move, click). We collect the actions of users on ads/posts: reactions (e.g., I Like, I love, Haha); comments (e.g., click on the comment button, writing a comment); click on share; actions on the content of the ad (e.g., click on the image of the ad, click on next image when there is a carrousel, access to the landing page); actions on the advertisers (e.g., verification of the advertiser when hovering over the name and the logo, access to the Facebook page of the advertiser); other actions (e.g., save the post, mask the post, signal the post, click on the “Why am I seeing this ad?”, click on Embed, activation of notifications).
• We monitor a precise set of news sites, and we collect the news articles a user is reading and the time the user spend on checking the news articles.
• We collect hashed versions of the email and the Facebook ID of a user, if the user shared this information with ad platforms such as Facebook. We use this information to target the user with ads and send surveys.
• We might collect the birth place and information about where the user lived, if the user shared this information with ad platforms such as Facebook or if the ad platform inferred this information indirectly.
• We might collect professional information about the user, if the user shared this information with ad platforms such as Facebook or if the ad platform inferred this information indirectly.
• We might collect financial and economic information about the user, if the user shared this information with ad platforms such as Facebook or if the ad platform inferred this information indirectly.
• We might collect localization information about the user, if the user shared this information with ad platforms such as Facebook or if the ad platform inferred this information indirectly.
• We collect information about the connection (such as IP address, browser type, operating system).
• We collect information related to the Internet.
• We collect information that helps us monitor the health of our application such as whether the user installed an ad blocker and when the users is connecting to Facebook.
• In addition, the participants in this study will be asked to fill out 5 surveys, we will store their answers in our database.

Ads, their explanations, posts and the attributes appearing in the Ad Preferences Pages that we collect, might reveal information relating to a user’s racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, health, criminal convictions, sex life or sexual orientation, or certain types of genetic or biometric data that is known as ‘special category’ data. This data is inferred by Facebook and similar platforms and it might not be accurate. In addition our surveys ask participants for their socio-economic profile and personality traits.

These data will be processed in the following manner:

The data collected will be stored on a dedicated secured server and provided to academic researchers upon justified request, who will be granted an access to the files via an authentication process (login/password) once their request is validated.

In accordance with Article 13 of the Regulation (EU) 2016/679 of the European Parliament and of the council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and the free movement of such data, please find below some information about this data collection:

• The representative of the data controller is the director of the LIG lab (Mr. Noel De Palma).
• It is understood that the personal data collected during the project are confidential and that only the members of the research team, listed below, will have access to these data:
  • Mrs. Oana Goga scientific manager of the Project (LIG, CNRS)
  • Researchers and students of the concerned teams
• Each processing of personal data within UGA must be reported to the UGA DPO;
• Your data will be kept for ten years;
• Transfer of your data: LIG's partners are liable to have access to the results of the project and therefore to some of your data. This access is based on signed contracts which mention the obligations which are incumbent upon them for protecting the security and confidentiality of the data.
  We keep your personal data within the European Union. However, your data may be transferred to UGA partners in other countries, some of which may have less protective legislation for protecting personal data than that which exists within the European Union. In the event of a transfer of this type, we will ensure that the processing is carried out in accordance with this privacy policy and that it is governed by the European Commission's standard contractual clauses which guarantee an adequate level of protection of people's privacy and fundamental rights.
• In accordance with the French “Data Protection Act” of 6 January 1978, as amended, you are entitled to access and correct information about you;
• You can access any data concerning you or request that it be erased during the aforementioned storage time;
• You also have a right of opposition, a right of rectification, a right to portability and a right to limit the processing of your data (see cnil.fr for more information about your rights) during the aforementioned storage time;
• If you wish to exercise these rights or should you have any questions about the processing of your data in this system, you can contact the UGA DPO:
  • You can contact the DPO by email: dpo@grenet.fr
• If you consider, after having contacted us, that your privacy and personal data rights have been infringed or that the study does not comply with data protection rules, you may send a complaint to the CNIL;
• This data collection is done on a voluntary basis. Under no circumstances are you required either by regulations, or contractually or by other means to provide your data;
• This processing does not entail any profiling or automated decision-making about you, based on your data and the processing of such data.

If you agree with this privacy policy by ticking the box below, your consent and its date will be stored for fifteen (15) years on our servers.
We might use the data we collect about the user to target the user with our ads. We perform these experiments to audit how ad platforms work and how to build better transparency mechanisms.

CONTACT PERSONS

Surname: Goga
First name: Oana
Title: Charge de recherche CNRS
Telephone no: +33 4 57 42 15 53
e-mail: oana.goga@cnrs.fr