Our website aims to inform potential customers and stakeholders about the services offered by Hiili S.L. as well as illustrate the impact that digital marketing may have on direct and indirect carbon emissions out of its activity.

Although we neither collect nor process any personal data our website uses Google Analytics for functionality purposes and to analyze our traffic. Following GDPR requirements we offer the user the possibility of configuring their cookies policies by being able to select: necessary, preferences, statistics, and marketing cookies. We implement an opt-in approach, the most privacy-preserving option, and by default, only necessary cookies are selected. This process allows us to collect the informed consent of the user in case they choose to select the use of another type of cookie beyond the necessary ones.

The purpose of this third-party pixel is to collect data from the performance API of JavaScript with the aim of building a model that estimates the amount of CO2 generated in online ads.
Our solution measures the carbon emission and energy consumed by ad impressions.
To this end, we use a script which can be embedded directly inside a regular ad tag.
Upon the rendering process of the ad, the ad from our client calls our domain carbontag.hiili.org to download the ad tag using a specific URL where different parameters are included (e.g., campaign id, ad_id, etc).
These parameters are used for reporting purposes.
Our tag collects several attributes from the browser (none of them including personal data) and sends them to our backend server sitting at server.hiili.org.
Upon receiving these attributes in our backend, our solution uses them to compute the energy consumed by the ad as well as the carbon emissions associated with the ad using our proprietary technology.

Our tag collects the following data.

We use the following Domains to ensure Hiili can provide a reliable service to our clients and end-users.

We access the data by inspecting the HTML DOM of the ad, and analyze the requests and responses the ad performs to load the ad's content and track events with third-parties.

The collected information is stored in a secure backend server located at Amazon Web Servers (AWS).
Access to the server is limited to the team working on this project and is protected by user and password credentials.
We want to make it clear that our solution does not engage in any practices that compromise your data privacy.
Specifically, we do not handle any ad targeting, geo-targeting, or buy/sell any data.
We do not collect or use device IDs, employ any methods to track users, or gather information from users across multiple devices.
We also do not gather any personally identifiable information (PII) or utilize PII for any purpose.
Our commitment to your privacy extends to our advertising practices as well, as we do not conduct direct retargeting or contextual targeting.
Furthermore, we do not capture hyperlocal data upon serving the pixel, maintain user profiles or models, use cookies, or access the local storage of the user.
Your trust is important to us, and we take your privacy seriously.

Our Carbontag pixel does not uses cookies nor the local storage to write or read information.
Therefore, it does not manage any personal information linked to cookies or device storage.

The only personal data collected by our technology is the IP address. We use it for a legitimate purpose and are therefore compliant with GDPR. Specifically, we collect the IP address for the following purposes: 1) Identify the source of potential cybersecurity attacks; 2) Map the IP address to a specific geolocation. We currently map the IP address to the country.
Therefore the Carbontag is fully compliant with the GDPR regulation.

We are members of Interesseorganisasjonen for digital markedsføring og kommunikasjon (INMA), the official representative of IAB Europe in Norway.

We have undergone the IAB Europe's Transparency & Consent Framework verification, and we have been validated and assigned the following TCF Vendor ID: 1247