Site-Centric Privacy

This Privacy Notice explains who we are, the personal data we collect, how we use it, who we share it with, and what your legal rights are.

About Ipsos and DotMetrics

  • Ipsos Pty Ltd is a specialist research agency, commonly known as “Ipsos”. Ipsos is part of the Ipsos worldwide group of companies, and a member of The Research Society (formerly AMSRS). As such we abide by the AMSRS of Conduct and associated regulations and guidelines. Ipsos MORI is also an approved vendor in the IAB TCF Global Vendor List which helps to ensure that we work closely with publishers under UK and EU GDPR rules.
  • Fistnet d.o.o. is a solution provider of the DotMetrics audience measurement network tool which provides tailored analytics for online publishers commonly known as “DotMetrics” and an approved vendor in the IAB TCF Global Vendor List.

When we refer to “we”, “our” or “us” in this privacy notice, it means Ipsos and DotMetrics, who are joint controllers of the personal/pseudonymised data collected for this aspect of the project.

Ipsos partners for this project:

  • Online publisher is a term used for publishers creating and uploading websites and/or apps, updating web-pages, and posting blogs online or is a company that processes and provides publishing on the internet. The published content may include text, images, videos, and other types of media.
  • Ipsos MORI Limited provide the Data Science for building the audience data for the Ipsos iris measurement system.
  • RealityMine Limited, provide the passive metering technology (via an app/VPN) we use to measure the behaviour of Ipsos iris panellists on multiple devices, across all major platforms; this only applies if you are a member of the Ipsos iris panel which you will have signed up to separately. For queries
    regarding panel membership, please contact

About this Online Measurement study

IAB Australia (Internet Advertising Bureau Australia), the industry body which sets and endorses the standard for Australian audience measurement, has appointed Ipsos to carry out this online measurement study, “Ipsos iris” as preffered supplier from April 2022.

The Ipsos iris study aims to cover the audience measurement of the number of individuals using websites, applications, search, social and advertising networks across multiple platforms (PC/laptop, smartphones and tablets) for Australian home, workplace and other location audiences. Activity is measured via a script/cookie placed on an online publisher’s site and all collected data is anonymised and fused with other sources of data to create a synthetic dataset before being shared with the online publisher or forming part of the overall industry statistics. The results of the study will help online publishers and the industry better understand the profile and behaviour of their audiences and to optimise content and/or plan their online strategies.

A web intercept survey may be introduced through the same tag if approved by the online publisher. The purpose of the web intercept survey is to better calibrate demographic profile representation of the website/application and its sections in the delivered data. There is a separate privacy notice for this aspect of the study which will be made available to you, should you be asked to take part.

What is our legal basis for processing your data including personal data?

In order to process your personal data for this online audience measurement study, the online publisher, Ipsos and DotMetrics require a legal basis:


  • The online publisher’s legal basis for the placement of the cookies is entirely separate to Ipsos and DotMetrics’ legal basis and will form part of your visit to their tagged site. Please refer to the specific site privacy notice for more details on the online publisher’s legal basis.
  • Ipsos  and DotMetric’s legal basis for processing your personal/pseudonymised data for this research study is one of legitimate interests meaning Ipsos  legitimate interests to carry out this Australian online measurement study for the industry. When we collect and process your personal data for our legitimate interests, we will consider and balance any potential impact on you and your rights under data protection and any other relevant law. Our legitimate business interests do not automatically override your interests – we will not use your personal data for activities where interests are overridden by the impact on you. If you wish to object to processing at any time, please see the section below covering ‘Your Rights’.

What types of data including personal data do we collect for this study?

When you visit tagged site(s), we will only collect and process what is necessary for this study. We serve internet cookies for your web searches, which are detailed in the ‘Cookies’ section below.

  • We collect your IP address from which you access the tagged site for the following purposes:
    • To establish if you are located in Australia and the region within Australia.
    • The speed of your internet connection and type of IP provider.

This information will only be used for research and analysis purposes and will not be used to carry out profiling and/or automated decision-making. We will retain your IP address for a maximum of 90 days.


  • We collect web browser type index and computer type index to help us understand the user interface displayed to data subjects who visit the site(s).
  • Incoming webpage of the data subject.
  • You can request to be disconnected from the measurement of the device you are using – please see contact section below.

Digital Fingerprinting

We also use digital fingerprint technology, also known as “Machine Identification”, to gather certain information about your computer, hardware and software, for example, your IP address, the display settings of your monitor, the type of browser used, the type of operating system, etc. This information is sent to our trusted provider who converts it into a unique serial number (the digital “fingerprint”) and determines if it matches previous fingerprints. The data collected in this process and the digital fingerprint created are stored on secured servers, and not only used for quality control and fraud prevention purposes, but to help us to determine, with the fingerprint of the device, the type of interface through which you use the tagged site(s). For example, if it is a desktop, tv, app or mobile user interface.


  • Cookies will be installed on your device so that we can identify the number of visits you make to the tagged site(s) and the type of device used; we will only use the cookies for the purposes of the Ipsos iris online measurement study. On your first visit to the tagged site, it will be used to identify your connected device. Your browser’s default settings are usually set to automatically receive cookies. The setting can be changed in accordance with the web browsers application in the “do not track” category. In the case of a cancellation of a cookie, your visit will be identified as a new visit each time thus reducing our analytical precision for this study.
  • For more information on setting, editing, and deleting cookies please use the following links: or
  • For specific instructions on how to install cookies which prevent measurement for this study please visit the DotMetrics Privacy Centre – contact details are below.


The types of cookies used on the tagged site(s) are:

Site/domain/host Cookie name Purpose of cookie Device Key Cookie This cookie is an identifier of the device as seen by our system. Its purpose is to store information about the device to allow measurement of website traffic. Session Temp Internet Cookie This cookie collects information about a general site visit to the tagged site. Session Temp Timed Cookie This cookie collects information about the current tagged site that you have accessed. Unique User Identity Cookie Collects information about the current user (your unique ID, creation time, current tracking mode and version). Site ID Cookie Indicates which site or what site category is in question.


How will we ensure your data, including personal data, is secure?

We take our information security responsibilities seriously and apply various precautions to ensure your information is protected from loss, theft or misuse. Security precautions include appropriate physical security of offices and controlled and limited access to computer systems and dividing the overall storage of the data into two layered and pseudonymised databases.

The purposes of using your data:

  • Collecting demographic information for research purposes.
  • General abstracted audience analytics of web traffic for online publishers’ sites and applications.
  • Diagnostics problems related to our hardware and software solutions.

Your rights

  • You have the right to access your data including personal data within the limited period that we hold it.
  • You have the right to object to Ipsos, Ipsos MORI and DotMetrics processing your data.
  • You also have the right to rectify any incorrect or out-of-date data about you which we may hold.
  • You have the right to request that we delete your data.
  • If you want to exercise your rights, please contact us using the details in the section below.
  • If you have any complaints, we will appreciate if you give us an opportunity to resolve any issue first, by contacting us as set out below. You are, however, always entitled to contact our regulatory body, the Australia’s Information Commissioner Office – details can be found at or to make a complaint at:

Please note that when you access a tagged site without disclosing your identity or disclosing information through which someone can identify you as a specific identifiable data subject, and you wish to exercise your rights, you will need to provide us with some personal information or “personal data” (for example, your first and last name together with your e-mail address). By providing this you are consenting to us processing your personal data; evidence of consent will be recorded in the Data Privacy Centre.

How long will we keep your personal data?

We will only retain your data in a way that can identify you for as long as is necessary to support the Ipsos iris research study and its findings. In practice, this means that once we have satisfactorily reported the anonymous research findings to the online publishers and carried out quality control checks, we will securely remove your personal, identifying data from our systems.

Where will my personal data be processed and stored and who will have access to it?

  • DotMetrics will collect, process and store your data in data centers and servers within the European Union.
  • Ipsos and Ipsos MORI staff involved in this research project, or who need access in order to directly support the systems used. This may include staff in:
    • Other Ipsos Group companies involved in this research, some of which may be located in other countries. The data will always be moved safely and securely and where possible will be pseudonymised.
    • Our sub-contractors who may carry out some of the processing on Ipsos’s behalf, and under Ipsos’s control; for example: the service providers who host or provide technical support for our systems.
    • Where required by law or regulation, we may be required to disclose some of your information to relevant authorities; for example, if you are being investigated by the police for criminal activity.

This may also involve transferring your personal information to other countries, including the USA, EEA and India. However, we can reassure you we take great care to ensure any transfers are carried out securely and in compliance with all applicable data protection and data privacy legal requirements through GDPR standard contractual clauses, which are in place for every intra-group data transfer and this forms part of the Intra-Group Master Services Agreement (MSA). We can assure you that any transfer of data outside of Australia complies with the Privacy Act 1988 (Cth). We can also assure you that any sub-contractors involved are also required to abide by the same data privacy and security requirements as Ipsos and Ipsos MORI.


We understand the importance of protecting the privacy of minors, especially in the online environment. Whilst the Ipsos iris study will focus predominantly on those over the age of 16, the Ipsos iris panel now includes some members that are under the age of 16 (with the consent of their parent or guardian); their data will be matched with any tagged data that is collected and this will be made clear to the members and their parent/guardian in the panel privacy notice and panel terms. Please be assured that we will always gain the consent of anyone aged younger than 16 from their parent or guardian although for this study, unless a web intercept survey (as mentioned previously) is completed, it will be difficult to identify minors. If we become aware that personal information relating to a minor has been collected without consent, we will take the necessary steps to delete it.

Use of your work devices as part of the project

If you wish to use your work device for this project, you must first check with your employer that you are not in breach of company policies by using any work device(s) for this measurement study.

How to contact us

Contact Fistnet d.o.o./DotMetrics Data Protection Officer:



Aleja Lipa 1b
10 000 Zagreb

To access the Privacy Centre:

Contact Ipsos:



Ipsos iris Study
Data Protection Officer, Compliance Department
Ipsos Pty Ltd
Level 2, 51 Berry Street
North Sydney, NSW, 2060

We keep our privacy policy under regular review, and we let you know of any updates. Our privacy policy was last updated on 1st October 2021.

Get in touch to learn more about Ipsos iris

Contact us