PRIVACY POLICY

Craftsman Plus, Inc. (“Craftsman,” “we,” “our,” and/or “us”) values the privacy of individuals who use our application, websites, and related services (collectively, our “Services”) to produce best-in-class marketing assets. This privacy policy (the “Privacy Policy”) explains how we collect, use, and share information from users of our Services (“Users”), including visitors to our website. If you are located in the European Union or the United Kingdom, additional disclosures and rights apply as described in our GDPR & IAB TCF Privacy Addendum. By using our Services, you agree to the collection, use, disclosure, and procedures this Privacy Policy describes. Beyond the Privacy Policy, your use of our Services is also subject to our Terms of Service.

INFORMATION WE COLLECT

We may collect a variety of information from or about you or your devices from various sources, as described below.

 

A. Information You Provide to Us.

Registration Information. When you register to use  our Services, we ask you for your name, job title, company, phone  number, email address, country, industry, and where you heard about us.


Communications. If you contact us directly, we may  receive additional information about you. For example, when you contact  our customer support team, we may receive your name, email address,  phone number, the contents of a message or attachments that you may send to us, and other information you choose to provide.

B. Information We Collect When You Use Our Services.

Device Information.


We may receive limited device and network information, such as IP address, web browser type, and operating system version, on a transient basis and where technically necessary to support service functionality.

Usage Information. To help us understand how you  use our Services and to help us improve them, we automatically receive  information about your interactions with our Services, like the pages or other content you view, the features you use, and the dates and times  of your visits.


Disclaimer. Craftsman Plus does not directly interact with end users and does not operate as a publisher. Tracking technologies are deployed within environments controlled by customers or partners, and Craftsman Plus processes resulting data as a processor or independent controller depending on the integration context.


On ad analytics: We and third party partners collect information using cookies, pixel tags or similar technologies on networks where client-side or server-to-server data calls are enabled. The information collected includes pseudonymized and/or aggregated data across your creative assets, tap level analytics into user journeys, and performance data such as CTR and impressions. This data is used solely to provide your team with your exclusive performance analytics dashboard and for the purposes outlined below, and is subject to our data retention and sharing policies. Certain analytics data processed by Craftsman Plus may include pseudonymous identifiers (such as randomly generated user or device identifiers) that enable the measurement of interactions with advertising creatives. These identifiers do not directly identify individuals but may be considered personal data under applicable law.

In connection with our ad analytics and measurement services, we utilize the following local storage or cookie identifiers:


  • We retain pseudonymous identifiers (such as analyticsUserId) for a maximum of 12 months, unless earlier deletion or rotation is required.


Raw event-level data may be temporarily processed and stored for a short duration (e.g., up to 48 hours) for aggregation and system processing purposes, after which it is deleted or irreversibly aggregated.


Aggregated and de-identified datasets may be retained for longer periods where they no longer permit identification of individuals.

HOW WE USE THE INFORMATION WE COLLECT

We use the information we collect:


To provide, maintain, improve, and enhance our Services;

To understand and analyze how you use our Services and develop new products, services, features, and functionality;


to support analytics and AI-assisted features in a manner consistent with this Privacy Policy and applicable law;


To communicate with you, provide you with updates and other  information relating to our Services, provide information that you  request, respond to comments and questions, and otherwise provide  customer support;


For marketing and advertising purposes, such as developing and  providing promotional and advertising materials that may be relevant,  valuable or otherwise of interest to you. Where required by applicable law, individuals may object to or opt out of certain marketing-related processing;


To find and prevent fraud, and respond to trust and safety issues that may arise;

For compliance purposes, including enforcing our Terms of Service or other legal rights, or as may be required by applicable laws and  regulations or requested by any judicial process or governmental agency; 


Where applicable, we process limited advertising, measurement, and attribution data in accordance with applicable consent signals (including standardized industry consent frameworks where supported)  and contractual restrictions; and

Where applicable, we may process limited device or network information, such as IP addresses, on a transient basis to support ad delivery, measurement, fraud prevention, or related service functionality, subject to applicable consent signals and contractual restrictions. Where IP addresses or similar technical identifiers are processed, such data is handled on a transient basis, retained only for the duration necessary to fulfill the relevant request or security purpose, and not stored for long-term analytics use.

For other purposes for which we provide specific notice at the time the information is collected. We may create aggregated or anonymized datasets that do not reasonably identify individuals for internal analytics, service improvement purposes, and to develop, train, and improve our AI strategists and analysis tools across the ecosystem. In these cases, no specific customer-related data is ever revealed outside of your organization. Craftsman Plus does not sell personal information as defined under applicable data protection laws.


Where possible, identifiers are periodically rotated, hashed, or otherwise minimized to reduce the ability to associate data with a specific device or user over time. We implement data minimization practices, including limiting the persistence of identifiers and using aggregation techniques wherever feasible.


Craftsman Plus processes consent signals received at the time of data collection. If consent is withdrawn, future data collection ceases; however, historical data may be retained in accordance with retention policies.

HOW WE SHARE THE INFORMATION WE COLLECT

Affiliates. We may share information with our affiliates where necessary to provide the Services, ensure security, comply with legal obligations, or for internal administrative purposes.


Vendors and Service Providers. We may share any  information we receive with vendors and service providers retained in  connection with the provision of our Services.

Depending on the context in which our Services are used, Craftsman Plus may act as a data controller or as a processor on behalf of its customers, as further described in applicable agreements.


As required by Law and similar disclosures. We may  access, preserve, and disclose your information if we believe doing so  is required or appropriate to: (a) comply with law enforcement requests  and legal process, such as a court order or subpoena; (b) respond to  your requests; or (c) protect your, our, or others’ rights, property, or safety. Where a user withdraws consent, no further data will be collected. Previously collected data may be retained where necessary for analytics integrity, fraud prevention, or legal compliance, but will not be used for further tracking or profiling.


Merger, Sale, or other Asset Transfers. We may  transfer your information to service providers, advisors, potential  transactional partners, or other third parties in connection with the  consideration, negotiation, or completion of a corporate transaction in  which we are acquired by or merged with another company or we sell,  liquidate, or transfer all or a portion of our assets. The use of your  information following any of these events will be governed by the  provisions of this Privacy Policy in effect at the time the applicable  information was collected.


Consent. We may also disclose your information with your permission.

Third Parties

Our Services may contain links to other websites, products, or services  that we do not own or operate. We are not responsible for the privacy  practices of these third parties. Please be aware that this Privacy  Policy does not apply to your activities on these third party services  or any information you disclose to these third parties. We encourage you to read their privacy policies before providing any information to  them. We may use third-party service providers (such as analytics and data infrastructure providers) that process pseudonymous event-level data on our behalf for limited durations necessary to provide the Services.

Service Providers and Subprocessors

We engage trusted third-party service providers (“subprocessors”) to support the operation, delivery, and improvement of our Services. These subprocessors process personal data on our behalf under contractual obligations, including confidentiality, security, and data protection requirements consistent with applicable law.

Depending on the context in which our Services are used, these subprocessors may process limited pseudonymous identifiers, usage data, and technical information strictly for the purposes described in this Privacy Policy.


Our current subprocessors include:


  • Tinybird – used for short-term processing and aggregation of event-level analytics data. Raw event data is retained for a limited duration (typically up to 48 hours) before being aggregated or deleted.


  • Amplitude – used to analyze usage of our platform by customers (e.g., feature interactions, navigation patterns) to improve service functionality and user experience.


These subprocessors do not use the data for their own independent purposes.

Where personal data is transferred outside the European Economic Area or the United Kingdom, we rely on appropriate safeguards, such as Standard Contractual Clauses (SCCs) or equivalent mechanisms.


Subprocessors engaged for infrastructure and analytics purposes (such as those listed above) operate as service providers under GDPR and are not independent advertising vendors within the IAB Transparency and Consent Framework unless explicitly stated.

We maintain a current list of subprocessors and will update this list from time to time to reflect changes in our service providers.

Security

We make reasonable efforts to protect your information by using  physical and electronic safeguards designed to improve the security of  the information we maintain. However, as no electronic transmission or  storage of information can be entirely secure, we can make no guarantees as to the security or privacy of your information. We retain personal information for as long as reasonably necessary to provide the Services, comply with legal obligations, resolve disputes, and enforce our agreements, after which it is deleted or anonymized in accordance with our data retention practices.

Children's Privacy

We do not knowingly collect, maintain, or use personal information from  children under 13 years of age, and no part of our Services are directed to children. If you learn that a child has provided us with personal  information in violation of this Privacy Policy, then you may alert us at info@craftsmanplus.com

International Vistors

Our Services are hosted primarily in the United States. If you access the Services from outside the United States, your information may be transferred, stored, and processed in the United States or other jurisdictions where we or our service providers operate, in accordance with applicable data protection laws and appropriate safeguards. Where personal information is transferred internationally, we rely on appropriate safeguards recognized under applicable data protection laws, including Standard Contractual Clauses or equivalent mechanisms.

Changes to this Privacy Policy

We will post any adjustments to the Privacy Policy on this page, and  the revised version will be effective when it is posted. If we  materially change the ways in which we use or share personal information previously collected from you through the Services, we will notify you  through the Services, by email, or other communication.

Contact Information

If you have any questions, comments, or concerns about our processing activities, please email us at security@craftsmanplus.com or write to us at 447 Broadway 2nd Floor #1112 New York, New York 10013.

GDPR + IAB TCF Privacy Addendum

GDPR & IAB TCF Privacy Addendum (EU/UK Users)

This GDPR & IAB Transparency and Consent Framework (“TCF”) Privacy Addendum (“Addendum”) supplements the Craftsman Plus Privacy Policy and applies solely to the processing of Personal Data of individuals located in the European Union, the United Kingdom, and the European Economic Area (“EU/UK Data Subjects”).

In the event of a conflict between this Addendum and the main Privacy Policy, this Addendum shall prevail for EU/UK Data Subjects.

1. Controller Status

For purposes of the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and the UK GDPR, Craftsman Plus, Inc. acts as a data controller with respect to Personal Data processed in connection with its Services, unless otherwise agreed in writing.


In certain AdTech or analytics contexts, Craftsman Plus may act as a processor on behalf of customers. Where applicable, such processing is governed by a separate Data Processing Agreement (“DPA”).

2. Categories of Personal Data

Depending on usage and integration context, Craftsman Plus may process the following categories of Personal Data:

  • Online identifiers (e.g. IP address, device identifiers)

  • Usage and interaction data

  • Technical and diagnostic information

  • Business contact information

  • Advertising, measurement, and attribution-related data where applicable


Craftsman Plus does not knowingly collect sensitive personal data as defined under GDPR Article 9.

3. Purposes of Processing & Lawful Bases

Personal Data is processed for the following purposes and lawful bases under GDPR Article 6:

Purpose

Providing and operating the Services. This includes limited contextual processing used to enable correct ad rendering or creative functionality, such as determining regional or time-based variations.

Analytics, measurement, and service improvement. This includes limited contextual processing used to enable correct ad rendering or creative functionality, such as determining regional or time-based variations

Advertising measurement and attribution (where applicable)

Compliance with legal obligations

Fraud prevention and security

Lawful Basis

Performance of a contract

Legitimate interests

Consent or legitimate interests, as applicable

Legal obligation

Legitimate interests

Where required, consent is collected and honored via applicable consent mechanisms, including IAB TCF signals provided by partners or Consent Management Platforms (CMPs).

4. IAB Transparency & Consent Framework (TCF)

Craftsman Plus supports the IAB Europe Transparency & Consent Framework (TCF) and, where applicable, processes Personal Data in reliance on TCF consent strings or legitimate interest signals passed by partners, publishers, or platforms.


TCF Purposes and Special Purposes Utilized

Craftsman Plus may process Personal Data in reliance on the following IAB TCF Purposes and Special Purposes, as indicated by the consent signal received from the platform or publisher:


  • Purpose 1: Store and/or access information on a device

  • Purpose 7: Measure ad performance

  • Purpose 8: Measure content performance

  • Purpose 9: Apply market research to generate audience insights

  • Purpose 10: Develop and improve products

  • Special Purpose 1: Ensure security, prevent fraud, and debug


Information about vendors participating in the IAB Transparency & Consent Framework is made available through the IAB Europe Global Vendor List and accessible via participating Consent Management Platforms.


As a vendor, Craftsman Plus does not directly collect consent from end users. Consent is obtained by publishers, platforms, or partners through their respective Consent Management Platforms (CMPs). Craftsman Plus relies on the applicable consent and/or legitimate interest signals passed to it in accordance with supported consent frameworks, including the IAB Transparency & Consent Framework (TCF), and processes data strictly within the scope of such signals.


Craftsman Plus processes such data strictly in accordance with the purposes, restrictions, and legal bases indicated by the applicable TCF signal.

5. AI-Related Processing

Craftsman Plus may use data to support analytics, optimization, and AI-assisted functionalities, including improving performance and system reliability.


  • AI-related processing is conducted on aggregated or de-identified datasets wherever technically feasible. Personal data is not used to train models that are shared across customers, and any model training involving customer-specific data is isolated to that customer environment.

  • Craftsman Plus does not use customer-specific data to train models shared across customers

Personal Data is not sold or used for independent profiling unrelated to the Services

6. International Data Transfers

Personal Data may be transferred outside the EU/UK, including to the United States. Such transfers are safeguarded using approved transfer mechanisms, including:

  • Standard Contractual Clauses (SCCs)

  • UK International Data Transfer Addendum or IDTA

  • Other lawful safeguards recognized under GDPR

7. Data Subject Rights

EU/UK Data Subjects have the following rights under GDPR:

  • Right of access

  • Right to rectification

  • Right to erasure

  • Right to restriction of processing

  • Right to data portability

  • Right to object to processing

  • Right to withdraw consent at any time

  • Right to lodge a complaint with a supervisory authority

Requests may be submitted to: security@craftsmanplus.com

8. EU / UK Representative

For purposes of GDPR Article 27, Craftsman Plus has appointed an EU and UK representative. Contact details will be provided upon request or made available via the Services.

9. Data Retention

Personal Data is retained only for as long as necessary to fulfill the purposes described, comply with legal obligations, or resolve disputes.

10. Contact

Where Craftsman Plus acts as a processor or vendor, requests may be fulfilled in coordination with the relevant customer, publisher, or platform, as required by applicable data protection law. Questions regarding this Addendum or GDPR rights may be directed to:

Craftsman Plus, Inc.
447 Broadway, 2nd Floor #1112
New York, NY 10013
📧 security@craftsmanplus.com 

LAST UPDATED: 03/30/2026

Follow us on:

© 2026 CRAFTSMAN+, All Rights Reserved

© 2026 CRAFTSMAN+, All Rights Reserved

Privacy Policy

Terms of Use

Legitament Interest Claim

Follow us on:

© 2026 CRAFTSMAN+, All Rights Reserved

Privacy Policy

Terms of Use

Legitament Interest Claim