Data Collaboration Platform Playbook On-Demand Get Yours Now



Applications are software application that executes on a Device (for example, a web browser on any Device or an app running on a mobile phone, tablet, CTV, or OTT Box).


Application ID

An Application Identifier is a unique identifier that is linked to a particular Application. A common Application Identifier is an ID stored in a browser cookie.



An Audience is a grouping of Behaviors created for use in Targeting via an Activation Partner and other uses. An Audience includes the Behaviors and all the Pseudonymous IDs= that are associated with the Behaviors.



Behaviors are the attributes, preferences, interests and other characteristics of an individual or inferred about an individual based on that individual’s location, intent data, socio-demographic data, purchase data, browsing data, and other data that corresponds to a particular use of or visit to a Digital Property by that individual, survey data submitted by individuals, or CRM Data provided by our business clients or Data Partners. Individual Behaviors are the building blocks of an Audience.


Business Customer

A Business Customer is an entity that has signed an agreement with Lotame to utilize the Lotame’s services or an entity to which we license Audiences that are part of the Lotame Data Exchange.



Cookies are text files with small pieces of data – like account information for the site, your shopping cart, or even just what pages you’ve visited on the site – that are placed on a browser and used to pseudonymously recognize an individual as a website user or to provide personalized content to improve your web browsing experience.

Data stored in a cookie is created by the server when you first visit a web site and generally includes a Cookie ID unique to your browser.

If you visit that website again, the Cookie is read and the Cookie ID can be exchanged between your browser and the network server, the server reads the Cookie ID and knows what information to specifically serve to you.

There are two main kinds, First-Party Cookies and Third-Party Cookies. The main difference? First-Party Cookies live on the website you are currently visiting. Third-Party Cookies are created by websites other than the one you are currently visiting.

For example, a user visits a website called news.com. Cookies placed on this domain by news.com are First-Party Cookies. A cookie placed by any other site, for example, if you visit example.com and the domain of the cookie placed on your computer is eloqua.com, then this is a Third-Party Cookies.

Third-Party Cookies are domain specific – for example, Lotame’s Third-Party Cookies are delivered from the crwdcntrl.net domain, while the Third-Party Cookies Google uses for ad serving belong to the doubleclick.net domain. Only Lotame can read the contents of its Third-Party Cookies.

Cookies in general also may be referred to as HTTP cookies, web cookies and browser cookies. Third-Party Cookies also may be referred to as trackers.


Cookie ID

The unique identifier associated with a specific Cookie.


Cookie Sync Partners

Because Cookies are domain specific – for example, Lotame’s Cookies are delivered from the crwdcntrl.net domain, while the Cookies Google uses for ad serving belong to the doubleclick.net domain, in order to recognize users across different platforms, Lotame syncs its Cookie IDs with demand side platforms (DSPs), supply side platforms (SSPs), other data management platforms (DMPs) and other third parties. The result is a table matching Pseudonymous IDs (e.g Cookie IDs).


Cross ID/Device Linking

Cross ID/Device Linking is a technique used to predict or determine an association or relationship between two or more Devices such as smartphones, tablets, desktop computers, etc. or Pseudonymous IDs.


CRM Data

Customer Relationship Management (CRM) Data is the data and information associated with a company’s relationship with customers throughout the customer lifecycle, and may include Directly Identifiable Data or Pseudonymous IDs, along with Attribute Data, about their customers and prospects. CRM Data may reflect a consumer’s online or offline interactions with a particular advertiser, publisher, or retailer. This information belongs to our customers or data providers, and its use is governed by our their privacy policy, not Lotame’s, and our contracts with that customer or data provider. When CRM Data includes Directly Identifiable Data it is pseudonymized for use in connection with Lotame’s services, meaning additional data would be needed to identify the individual to which the CRM Data was originally linked to. When we have such additional data, we use technical and organization measures to segregate the additional data and prevent unauthorized identification of individuals. We do not share our customer’s personally identifiable CRM Data with anyone other than that customer or, at the customer’s direction, another service provider.



CTV or “connected television” is a television that is connected to the internet for the streaming of digital content to display on the television.



A CTV ID is a Pseudonymous ID used with CTVs and OTT Boxes.


Data Partner

Other reputable providers of licensed aggregated data, which may be derived from public and non-public sources and from individuals, such as survey respondents who affirmatively agree to the data uses.


Data Protection and Privacy Laws

Any laws and regulations relating to (1) data privacy, data protection, or data retention, (2) regulatory statements, regulatory guidance, or enforcement action decisions that convey guidance related to the foregoing, and (3) governmental frameworks adopted for extra-territorial transfers of personal data or personal information.


Declared ID

A Declared ID is an alphanumeric code that can by itself directly identify a specific natural person (rather than identifying a Device that the person may use). Declared IDs include telephone numbers, email addresses, government issued identification numbers, account numbers, and biometric identifiers.

Currently, Lotame only collects, uses, and discloses e-mail addresses when provided by our business clients or data licensees. When Lotame does receive e-mail addresses, to protect privacy, we tokenize e-mail addresses, segregate e-mail addresses from Pseudonymous IDs, and use technical and organizational measures and controls to maintain that separation and prevent unauthorized identification of individuals using e-mail addresses.



A Device is an electronic device connected to or capable of being connected to the internet by any means. Devices include personal computers, mobile phones, tablets, CTVs, and OTT Boxes.


Device ID

A Device ID is a type of Pseudonymous ID that is linked to a particular Device to pseudonymously identify the Device provided the identifier is not used, or intended to be used, to identify a particular individual. Device IDs include, but are not limited to, IP addresses and a mobile device advertising IDs (for example, IDFA or AAID).


Digital Property

A Digital Property is a website, app, or other content or service delivery mechanism where digital ads are displayed, or information is collected or used by our business customers or Data Partners.


Direct Identifying Data

Direct Identifying Data means any data or information that can by itself directly identify a person. A person is directly identifiable if it’s possible to identify them using nothing but data or information at hand, without introducing additional data. Direct Identifying Data includes Direct Identifying IDs, home address, phone numbers, account numbers, etc.

Data or information that may not by itself identify a person, such a Pseudonymous ID, could become Direct Identifying Data when combined with other information that make it possible to identify the person to whom the pseudonymous information applies.


Event Data

Event Data includes data about ads an individual sees (advertiser ID, campaign ID), where and when the individual sees the ad (date/time stamp, URL), and how the individual reacts to the ads (click, hover, convert, etc.).


First-Party Cookie

First-Party Cookies are directly stored on a browser by the website (or domain) you visit. First-Party Cookies allow website owners to collect analytics data, remember language settings, and perform other useful functions that provide a good user experience. An example of a First-Party Cookie is when a user signs into an ecommerce website, like Amazon. The web browser will send a request in a process that provides the highest level of trust that the user is directly interacting with Amazon. The web browser saves this data file to the user’s computer, under the “amazon.com” domain. If First-Party Cookies were blocked, a user would have to sign-in every time they visited, and they wouldn’t be able to purchase multiple items while shopping online because the cart would reset after every item that was added.


First-Party Data

First-party data is data about a company’s customers that is collected and owned by that company. Information about customers is compiled through Digital Properties and systems that the company itself owns or operates.


Hashed ID

A Hashed ID is an alpha-numeric identifiers that is created by hashing a Direct Identifying ID in order to Pseudonymize that Direct Identifying ID. Hashing is the process of converting a given key into another value.


IAB Transparency and Consent Framework

The IAB Transparency and Consent Framework (TCF) helps publishers, technology vendors and advertisers who partner with third parties to process Personal Data in compliance with the GDPR and the ePrivacy Directive in GDPR Countries and the Personal Information Protection and Electronic Documents Act (PIPEDA) in Canada. It provides a standardized mechanism for requesting, storing and sharing along the supply chain the legal bases required under the GDPR, ePrivacy Directive, and PIPEDA.


Interest-Based Advertising

Interest-Based Advertising is the practice of delivering relevant content and advertising to people based on their known or inferred interests, activities, and behaviors.


Internet Log Data

Internet Log Data includes data that is automatically sent by an individual’s browser or Device in order to communicate with servers, such as the URL of the page requested, IP Address, browser or device type, language, operating system information, mobile service provider, date, and time stamps.


IP Address

means the unique numeric address that identifies a Device on the internet. IP Addresses are assigned and reassigned by internet service providers and mobile service operators regularly.


Match Partner

A Match Partner is an online partner that gives Lotame access to their proprietary Pseudonymous ID so that it can be associated with a Lotame Cookie ID. Lotame uses this linkage to associate other data sources that have an existing match to the Match Partner’s identifier with Lotame’s Cookie ID.


Mobile Advertising IDs (MAID)

A Mobile Advertising ID is a type of Device ID that is tied to a mobile Device, such as an Apple iPhone or iPad, or Devices based on Google’s Android OS. Apple assigns an “ID for Advertising” (IDFA) to each iOS device, and Google assigns an “Advertising ID” to all Android devices. These Pseudonymous IDs can be used to deliver ads and for advertising analytics in mobile applications. You can learn more about how MAIDs are used for advertising and receive instruction for how to opt out of mobile advertising here: NAI Opt-Out.


Non-Precise Geolocation Data

Non-precise Geolocation Data is data that approximates location, such as postal code/zip code.



An OTT Box is a Device that uses the internet to stream digital content and display it on a video screen, such as a television. Some common OTT Boxes are Roku, Apple TV, Chromecast, and Playstation. OTT is an abbreviation for “over-the-top”.


Personal Data

Means any information that qualifies as “personal information” or “personal data” as those terms are defined under any Data Protection and Privacy Laws.


Pixel Tags

Pixel Tags are placed on a website or within the body of an email for the purpose of tracking activity on websites, or when emails are opened or accessed, and are often used in combination with Cookies.


Privacy by Design

Privacy by Design is an approach to protecting privacy developed by Ontario’s Information and Privacy Commissioner, Dr. Ann Cavoukian. Using this approach, privacy is embedded into the design specifications of technologies, business practices, and physical infrastructures. That means building in privacy up front – right into the design specifications and architecture of new systems and processes.


Privacy by Default

Privacy by Default means that the Privacy by Design principle are incorporated by default into any system or business – so that personal data is automatically protected without any action from an individual.


Pseudonymization and Pseudonymize

When Directly Identifiable Data is pseudonymized, Stable IDs that can point to the identity of an individual is replaced by a Pseudonymous ID. This prevents the pseudonymized data from specifically pinpointing an individual. This allows Lotame to process Personal Data and continue providing services to our customers, while protecting individuals’ privacy. The only way pseudonymized data can be linked to a unique individual is by combining it with other pieces of data. When Lotame , which are stored and protected separately.


Pseudonymous ID

A Pseudonymous ID is a unique numeric or alpha-numeric string that is created to pseudonymously identify an Application or Device. Pseudonymous IDs include Application IDs (for example, Cookie IDs), Device IDs (for example, Mobile Advertising IDs, CTV IDs, and IP Addresses), and Hashed IDs.

Pseudonymous IDs are not “anonymous” or “de-identified” because with additional information they can be used to identify an individual personally. To protect privacy, we segregate Directly Identifiable Data that we may have access to from Pseudonymous IDs, and we use technical and organizational measures to maintain that separation and to prevent identification of individuals.


Sensitive Data

Sensitive Data includes: Social Security Numbers or other Government-issued identifiers; insurance plan numbers; financial account numbers (including credit card data); information that describes the precise real-time geographic-location of an individual derived through location-based services such as through GPS-enabled devices; precise information about past, present, or potential future health or medical conditions or treatments, including genetic, genomic, and family medical history including genetic and biometric data; data concerning a person’s sex life or sexual orientation, and religious beliefs. In the European Economic Area and Brazil, Sensitive Personal Information also includes information regarding political philosophy/opinion and trade-union participation, religion, citizenship, racial and ethnic information.


Third-Party Cookies

Third-Party Cookies are created by domains that are not the website (or domain) that you are visiting. These are usually used for online-advertising purposes and placed on a website through a script or tag. A Third-Party Cookie is accessible on any website that loads the third-party server’s code.

Similar to the previous example, Third-Party Cookies work when a user shops on Amazon. They might browse a couple of items and spend some time on the product pages. When the user decides to only purchase one item, the brown hat over the brown shoes, they may later receive emails and other ads for the brown shoes they looked at but never purchased. Even if the user closes their browser and ends the session, that data will still be on their computer in the Third-Party Cookie.


Transparency and Consent Framework

See IAB Transparency and Consent Framework.