Last updated: September 2025
Version 1.1
Dentsu is a global media, creative and customer experience management group. We help our clients to improve how they advertise and market, whether by print, post, email or in the digital world. We believe that the responsible use of data supports business growth and builds strong relationships between brand and consumer. As a business, we are committed to respecting and protecting the privacy of all individuals we interact with. We are committed to being always transparent in our handling and processing of Personal Data in accordance with applicable privacy and data protection laws.
Who is responsible for processing your Personal Data
Dentsu does business through its subsidiaries and affiliates worldwide. The privacy laws in some countries require a Controller (the legal entity who defines the purposes for which the processing of personal information takes place and how that information is processed) to be selected.
Where this is relevant for the privacy laws in your country, the Dentsu group company who acts as the Controller of your Personal Data, and who is responsible for processing your Personal Data, will be the Dentsu group company operating in your country or region unless Dentsu International or another Dentsu company identifies itself as the Controller for a specific interaction with you. The relevant Dentsu group company is referred to as "our", "us" and "we" in this notice.
If you have any questions or are unsure about who your Controller is, please review the additional information provided for your market or contact us and we will ensure your details reach the correct entity.
What this privacy notice covers
This Dentsu Connect privacy notice explains in detail the types of Personal Data we may process and collect about you when you interact with Dentsu Connect (the "Services"). This privacy notice applies to all users of Dentsu Connect, whether you are Dentsu personnel or Dentsu client personnel. It consists of a general part and local provisions that apply to users in specific countries. "Personal Data" means any information about the personal or material circumstances of an identified or identifiable individual. Your Personal Data therefore includes all data related to you that enables identification, such as your name, your address, your telephone number or your e-mail address.
For details on how Personal Data is processed when using other dentsu products connected with dentsu.connect, please refer to the following applicable privacy notices:
dentsu Identity Product Privacy Notice
Merkle Data Product Privacy Notice
1. How we obtain your Personal Data
We may process Personal Data that you provide directly to us or that is automatically collected or created by us in the course of your use of our Services. You are not required to provide any Personal Data, however, if you choose not to do so, we may not be able to provide you with our products or services or respond to your requests.
2. The types of Personal Data we collect for our purposes and the legal basis for our data processing
In the context of providing our Services, we collect, store and use Personal Data about you as set out in the "Personal Data" column below. You will also find below the purpose of the processing and the legal basis we rely on for each type of Personal Data that we process about you.
In Asia Pacific and Americas markets we usually rely on consent as our lawful basis in accordance with and as required by local laws. Where this is the case, we will have explicitly asked you to consent, and you will have the ability to withdraw your consent at any time. Alternatively, we may rely on other lawful basis such as legitimate interest, as listed below, or any other lawful basis permitted under applicable privacy laws in relation to the specific processing activity.
| Personal data | Purpose | Legal basis |
|---|---|---|
|
Profile Personal Data, including: · Full name; · Photo; · Organisation; · Brand; · Market; · Job title; · Work email address; · Work telephone number. |
Keep and maintain an accurate and adequate profile administration. Send regular product service and maintenance updates. |
Necessary for the purpose of our legitimate interests to maintain an adequate profile administration. |
| Profile Personal Data, as mentioned above. | Facilitate a transparent and full audit trail within our Services. | Necessary for the purpose of our legitimate interests to provide a transparent lifecycle within our Services. |
|
Log-in Data, which may include: · User access token. |
Maintain and ensure a secured online environment on our Services. | Necessary for the purpose of our legitimate interests to keep our website and your data secure. |
|
Communication Data, (dentsu personnel users only), such as: · Chat history. |
Facilitate the provision of a communication and collaboration tool for internal users. | Necessary for the purpose of our legitimate interests to facilitate the provision of an internal communication and collaboration tool. |
|
Communication data, which may include: - Support queries and correspondence, including emails, web form and chat history
|
Resolve technical queries and facilitate the provision of Services. | Necessary for fulfilling our contracts with clients. |
|
Analytical Personal Data, which may include: · your click behaviour; · user behaviour; · browser type; · language preferences; · time zone; · Okta ID; · IP-address; · referral source; · usage of the Services. |
Monitor and create analytical reports for the improvement of our Services. | Necessary for the purpose of our legitimate interests to maintain and improve the Services. |
|
Usage Reporting Data this may include: · Profile Personal Data; · Log-in Data; and · Analytical Personal Data |
We will utilise this information to create usage reports or other reports requested by your organization. | Necessary for the purpose of our legitimate interests to enable Dentsu to share usage reports with our clients (your organisation) to enable Dentsu and our clients to fully utilise the platform. |
|
Marketing Communiation · Full name; |
To send you our newsletters and information relating to our brands and services: The distribution of dentsu's own commercial content to potential customers, leads and prospects, and anyone else who has subscribed to receiving such collateral.
|
Opt in / Opt out or Soft Opt in Consent depending on the laws and regulations in your country. |
Note that you may not use our Services for any purpose other than:
- If you are an employee of a Dentsu client, the business purposes of your company in accordance with its agreement with Dentsu and Dentsu Connect Terms of Service; or
- If you are Dentsu personnel, in the course of your employment in accordance with Dentsu policies and Dentsu Connect Terms of Service.
You are not allowed to grant third parties access to your profile and the Services, or to upload any other Personal Data than that set out above.
Some of the tools we use to provide our services may involve the use of artificial intelligence (AI) technologies to process personal data. For example, when you interact with our chatbot, your name, email address, and the content of your conversation may be processed using AI. We do not use AI to make any decisions that produce legal or similarly significant effects about individuals. We have implemented internal safeguards to ensure that any personal data processed using AI is handled securely and in accordance with this privacy notice.
Please note that we do not intentionally collect Sensitive Personal Data as part of the processing activities carried out under this privacy notice.
3. How we secure your Personal Data
We maintain appropriate organisational and technological safeguards to help protect against unauthorised use, access to or accidental loss, alteration or destruction of Personal Data whether in physical or electronic form. We also seek to ensure our service providers and/or any approved external third-parties who store or process Personal Data on our behalf do the same. The safeguards we use, depending on the circumstances, may include firewalls, penetration testing, vulnerability scans, encryption and restricted access to our IT systems.
4. How long we will keep your Personal Data
We will keep your Personal Data for as long as is necessary for the relevant service, in accordance with our legal obligations. After this time, your Personal Data will either be securely deleted or anonymised so that it can be used for analytical purposes. You may request further information about our retention periods via the contact details given in this privacy notice or request that we delete your data in accordance with your rights as set out below.
If you or we deactivate your profile, we will delete your profile including all Personal Data from our servers. You can deactivate your profile by sending an email to dentsuconnect.help@dentsu.com.
If your Personal Data is subject to a statutory retention period, we will retain your Personal Data for the period specified by law. Notwithstanding the above, we may retain your Personal Data for the establishment, exercise or defence of legal claims. Likewise, we may retain your Personal Data to make it available to the supervisory authority, investigative authority, courts, or other governmental body for the period specified by the law.
5. With whom we share your Personal Data
Whenever we share Personal Data, access is controlled on a need-to-know basis, and is only provided where it is necessary to provide you with requested services or to allow us to perform any necessary functions.
We will only transfer your Personal Data outside the market in which you are located where we are satisfied that adequate levels of protection are in place to protect the integrity and security of any Personal Data being processed and in compliance with applicable privacy and data protection laws. This may be through a contract we have in place with the importing company, or because we know that where the importing company is based has even stricter data protection laws than the one you are based in/ it was received in.
We take internal data protection very seriously. Our employees and the service companies commissioned by us have been contractually bound to treat Personal Data with appropriate confidentiality and to act in compliance with data protection regulations.
To the extent applicable, we will disclose or share your Personal Data to / with the following third parties:
| Party | Location | Purpose |
|---|---|---|
| Your organisation | Location of your organisation | To provide usage reports and other analytical reports. |
| Our group companies, including Dentsu International Limited and/or the Dentsu subsidiary with which your organization signed Dentsu Connect Terms of Service, and/or any other Dentsu entity that provides its services related to our processing of your Personal Data | Location of relevant Dentsu subsidiary/entity | To provide the requested services or to allow us to perform any necessary or legitimate business functions |
| Campaign Monitor | United States | To provide email service communications and notifications |
| Google Inc. (Google Analytics) | United States | To create analytical reports |
| Hotjar | European Union | To create analytical reports |
| WalkMe | United States | To create analytical reports |
| Zendesk | United States | To provide AI-enhanced customer service solution, Help Center, and support chatbot |
| External service providers for authentication: · Okta |
Germany | To authenticate users of our Services |
| External service provider for collaboration and communication facilities: · Microsoft Teams |
United States | To provide a communication and collaboration tool to internal users of the Service |
Further, we may disclose or share your Personal Data if:
- We sell our company or part thereof (including separate assets), or if we merge with another company. In such event, we may share your Personal Data with the new owner or merging party respectively, but only to the extent necessary for the purpose for which your Personal Data are processed;
- We are subject to insolvency proceedings, as part of the sale of our assets by a liquidator (or similar); or
- We are legally obliged or allowed to do so. In such event we shall share your Personal Data with the relevant supervisory authority, investigative authority, courts, or other governmental body.
6. Where we store your Personal Data
Dentsu stores your Personal Data on servers located within the European Union, namely in the Netherlands. These servers can be made accessible for Dentsu’s group company(ies) in other parts of the world. Access will always be controlled on a need-to-know basis, and only provided where it is necessary to provide you with requested Services or to allow us to perform any necessary or legitimate functions, such as supporting, maintaining and improving our Services. Our processors may store your Personal Data in other locations. Please see the table above under paragraph 5.
If we share your Personal Data in accordance with this privacy notice with our group company(ies) or third parties, we take steps to ensure that we meet the relevant requirements under the applicable privacy and data protection laws (if any).
7. Our responsibility for third party links
Our Services may contain links to websites and services operated by third parties. If you follow a link to any of these websites, please note that these websites have their own privacy notices and terms and conditions. Further, we can have no responsibility for or control over the information collected by any third-party website and we cannot be responsible for the protection and privacy of any information which you may provide on such websites. You should read the privacy notices and terms and conditions of such third parties before using their websites or services.
8. Your rights
Depending on the applicable privacy law of the market you are in, you may have several rights in relation to your Personal Data, including:
- Objecting to our processing of your Personal Data. Where we rely on legitimate interest (or those of a third-party) and if you feel it impacts on your fundamental rights and freedoms, you can object to our processing. You also have a right to object where your Personal Data is used for direct marketing or profiling. You can object at any time, and we shall stop processing the data you have objected to, unless we can show legitimate grounds to continue.
- Accessing your Personal Data. We may be required to provide you with information we hold about you upon your request, including a description and copy of the Personal Data and why we are processing it, unless a lawful exception applies. We will require you to prove your identity before providing your Personal Data.
- Requesting the provision of your Personal Data to a third party. You may ask us to provide you or a third party you have chosen, your Personal Data in a structured, commonly used, machine-readable format. This right only applies to Personal Data you have provided to us; and if you have consented to our use or where we used the Personal Data to perform a contract with you.
- Requesting erasure (deletion) of your Personal Data. You may ask us to delete your data where you think we no longer require it. Note, we may be required to retain certain Personal Data by law and/or for our own legitimate business purpose. But when we do so, we will inform you.
- Requesting correction or updating of your Personal Data. This enables you to have any incomplete or inaccurate Personal Data we hold about you corrected.
- Requesting the restriction of our processing of your Personal Data. In some situations and only in some jurisdictions you can request a restriction to our processing. If you request this, we can continue to store your Personal Data but are restricted from processing it while the restriction is in place.
- Withdrawing your consent. Where you have consented to our processing of your Personal Data, you can withdraw your consent at any time. Withdrawal of consent will not affect the lawfulness of what we have done with your Personal Data before you withdrew consent or affect our right to continue with our collection, use or disclosure of your Personal Data where such collection, use or disclosure of Personal Data is permitted under applicable laws without consent. If you receive marketing communications from us, you can withdraw your consent to marketing by hitting the unsubscribe button contained within the email.
Making a Complaint: We will do our best to resolve any complaint. However, if you feel we have not resolved your complaint, you can complain to your local data protection authority. For example, in the UK, the local data protection authority is the UK Information Commissioner's Office. If you have any questions about who your local authority is, please contact us and we can provide the relevant information.If you exercise the rights above, the request should include your contact information and describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it. In addition, you should provide adequate information that we can reasonably verify that you are the person about whom we collected the personal information (including information that enables us to verify the identifying information we possibly maintain about you).
We will respond to requests within the required timeframes. If we need extra time to respond, we will let you know why, and how long we require, in writing. To protect your Personal Data, we will only honour requests if we have been able to verify your identity or authority to make the request and confirm the Personal Data relates to you. The method used to verify your identity will depend on the type, sensitivity and value of the information, including the risk of harm to you posed by any access or deletion. Verification will usually be performed by matching the identifying information provided by you to the personal information that we already have.
Note that if you are in a market where these rights do not exist, we reserve the right to deny your request.
9. Updates
Dentsu Connect privacy notice may be updated from time to time to reflect changes in law, best practice or a change in our practices regarding the treatment of Personal Data. The date of the most recent revision will appear at the top of this page. You should check this notice frequently for updates. If we make any important changes to this Dentsu Connect privacy notice (e.g. with regard to the Personal Data we collect or why we use it), we will notify you.
10. Contact Us
If you have any questions about this Dentsu Connect privacy notice, our approach to privacy or you would like to exercise any of the rights mentioned in this Dentsu Connect privacy notice, you can contact our Data Protection Officer in any of the following ways:
Global / EMEA Privacy Office
Dentsu International Limited
Regent's Place,
10 Triton Street,
London, NW1 3BF
Telephone: +44 (0) 207 070 7700
Email: dpo@dentsu.com
Americas Privacy Office
Dentsu International
150 E 42nd Street
New York, NY 10017
Telephone: (+1) (877) 570-5939 (U.S. toll-free)
Email: Americas.DPO@dentsu.com
LATAM Address
Data Protection Officer,
Dentsu Brasil,
949 Brigadeiro Faria Lima Avenue.
Pinheiros. 11º floor. São Paulo, SP. 05426-100.
Email: brasil.dpo@dentsu.com