Legitimate Interest Assessment (LIA)

Company: Automatad Inc. (doing business as Mile Tech)
Date of Assessment: January 1, 2024
Assessment Version: 1.0
Website: https://mile.tech

Executive Summary

This Legitimate Interest Assessment (LIA) documents Automatad Inc.'s evaluation of legitimate interest as a legal basis for processing personal data in accordance with Article 6(1)(f) of the General Data Protection Regulation (GDPR). This assessment covers our advertising technology services, including header bidding, ad stack management, and dynamic flooring capabilities.

1. Purpose of Processing

1.1 Primary Purposes Using Legitimate Interest

Purpose 7: Measure Advertising Performance - Processing Activity: Analyzing advertisement performance metrics, viewability data, click-through rates, and revenue optimization - Business Need: Essential for providing effective ad tech services to publishers and optimizing ad revenue - Data Subjects: Website visitors whose data is processed for advertising performance measurement

Purpose 8: Measure Content Performance - Processing Activity: Analyzing content engagement, user interaction patterns, and page performance metrics - Business Need: Helping publishers understand content effectiveness and user engagement - Data Subjects: Website visitors whose interactions are measured for content performance analysis

Purpose 9: Understand Audiences Through Statistics - Processing Activity: Aggregating anonymized data to understand audience demographics, behavior patterns, and market trends - Business Need: Providing publishers with insights to optimize their content and advertising strategies - Data Subjects: Website visitors whose aggregated data contributes to audience understanding

Purpose 10: Develop and Improve Services - Processing Activity: Using technical and usage data to enhance our header bidding technology, ad stack management, and dynamic flooring algorithms - Business Need: Continuous improvement of our services to provide better value to publishers and advertisers - Data Subjects: Website visitors whose data contributes to service improvement

1.2 Special Purposes Using Legitimate Interest

Special Purpose 1: Ensure Security, Prevent and Detect Fraud, and Fix Errors: Processing Activity: Monitoring for suspicious activity, detecting fraudulent ad impressions, and identifying technical issues - Business Need: Maintaining service integrity, preventing fraud, and ensuring reliable ad delivery - Data Subjects: Website visitors whose data is monitored for security and fraud prevention

Special Purpose 2: Deliver and Present Advertising and Content: Processing Activity: Ensuring proper ad delivery, managing ad refresh, and optimizing ad placement - Business Need: Core functionality of our ad tech services and publisher revenue optimization - Data Subjects: Website visitors who receive advertisements through our technology

Special Purpose 3: Save and Communicate Privacy Choices: Processing Activity: Storing and managing user privacy preferences across our services - Business Need: Compliance with privacy regulations and respecting user choices - Data Subjects: Website visitors whose privacy preferences are managed

2. Legitimate Interest Assessment

2.1 Legitimate Interest Pursued

Primary Legitimate Interests: 1. Business Operations: Providing effective advertising technology services to publishers 2. Service Improvement: Enhancing our header bidding and ad stack management capabilities 3. Fraud Prevention: Protecting against invalid traffic and fraudulent activities 4. Performance Optimization: Maximizing publisher revenue through data-driven insights 5. Regulatory Compliance: Ensuring adherence to privacy regulations and user preferences

Secondary Legitimate Interests: - Market Research: Understanding industry trends and audience behavior - Technical Innovation: Developing new features and capabilities - Quality Assurance: Maintaining high service standards and reliability

2.2 Necessity Assessment

Is the processing necessary for the legitimate interest? Yes: The processing is essential for providing our core ad tech services - Justification: Without this processing, we cannot effectively provide header bidding, ad stack management, or dynamic flooring services - Alternative Approaches: We have considered alternatives but found them insufficient for our business needs

Is the processing proportionate? Yes: We only collect the minimum data necessary for our stated purposes - Data Minimization: We do not collect PII, precise location data, or user-provided information - Retention Limits: Data is retained for a maximum of 365 days - Anonymization: Data is aggregated and anonymized where possible

2.3 Balancing Test

Interests of the Data Controller (Automatad Inc.): Providing effective ad tech services to publishers - Maintaining competitive advantage in the market - Ensuring service reliability and security - Complying with contractual obligations to clients

Interests of Third Parties: Publishers: Maximizing advertising revenue and understanding audience behavior - Advertisers: Reaching relevant audiences and measuring campaign performance - Industry: Maintaining ecosystem integrity and preventing fraud

Rights and Freedoms of Data Subjects: Privacy Rights: We respect user privacy through transparency and choice mechanisms - Control: Users can opt out through various mechanisms - Minimal Impact: We do not process individually identifiable information - Transparency: Clear privacy policies and TCF compliance

Balancing Conclusion: The legitimate interests pursued outweigh the potential impact on data subjects’ rights and freedoms because: - We do not process individually identifiable information - Data is used for aggregated, non-personal purposes - Users have multiple opt-out mechanisms - Processing is essential for providing requested services - We implement strong privacy safeguards

3. Risk Assessment

Low Risk Factors: - No processing of PII or individually identifiable information - Data is aggregated and anonymized - Limited data retention (365 days maximum) - Multiple opt-out mechanisms available - Transparent privacy practices

Mitigation Measures: - Regular privacy impact assessments - Strong technical and organizational security measures - Regular data deletion and anonymization - User choice and control mechanisms - Compliance monitoring and audits

3.2 Risk Mitigation Strategies

  • Data Minimization: Only collect necessary technical data

  • Anonymization: Aggregate data to prevent individual identification

  • Retention Limits: Automatic deletion after 365 days

  • User Control: Multiple opt-out and choice mechanisms

  • Transparency: Clear privacy policies and TCF compliance

  • Security: Encryption and access controls

  • Monitoring: Regular compliance audits and assessments

4. Compliance Measures

4.1 Technical Safeguards

  • Encryption of data in transit and at rest

  • Access controls and authentication

  • Regular security assessments

  • Monitoring for suspicious activity

  • Data backup and recovery procedures

4.2 Organizational Safeguards

  • Privacy-by-design principles

  • Regular staff training on data protection

  • Clear data handling procedures

  • Incident response plans

  • Regular compliance audits

4.3 User Rights and Choices

  • Clear privacy policies and notices

  • Multiple opt-out mechanisms

  • User choice management

  • Data subject rights procedures

  • Complaint handling processes

5. Monitoring and Review

5.1 Regular Assessment

This LIA will be reviewed and updated: - Annually or when processing activities change - When new risks are identified - When regulatory requirements change - When business operations significantly change

5.2 Key Performance Indicators

  • User opt-out rates

  • Privacy complaint volumes

  • Data breach incidents

  • Regulatory compliance status

  • User choice mechanism effectiveness

6. Conclusion

After conducting this comprehensive Legitimate Interest Assessment, Automatad Inc. concludes that:

  • Legitimate Interest Exists: Our processing activities serve legitimate business interests

  • Processing is Necessary: The processing is essential for providing our services

  • Balancing Test Favors Processing: Our interests outweigh potential impacts on data subjects

  • Risks are Mitigated: Appropriate safeguards are in place

  • Compliance is Maintained: We meet GDPR requirements for legitimate interest processing

Assessment Approval:

  • Date: July 1, 2025

  • Approved By: Vijay Ramkumar M

  • Next Review: July 1, 2026

Contact Information:

Automatad Inc. (Mile Tech)
Email: privacy@mile.tech
Data Protection Officer: dpo@mile.tech
Website: https://mile.tech

This assessment is maintained in accordance with GDPR Article 6(1)(f) requirements and IAB TCF standards.

Get started
Ad ManagementIn HousingPlug and Play
Products
AI Dynamic FlooringRevenue Analytics
Resources
PodcastBlogs and Articles
Get in touch
About usContact
Locations
USA
26 Broadway, New York, NY 10004
UK
Manor House, Greater London, England W1D 3QP
India
175 & 176, Phase 4, J. P. Nagar, Bengaluru, Karnataka 560076
Resources
Web without WallsBlogsCase Studies
Get in touch
About UsContact
Locations
USA
26 Broadway, New York, NY 10004
UK
Manor House
Greater London,
England W1D 3QP
India
175 & 176, Phase 4,
J. P. Nagar, Bengaluru,
Karnataka 560076
© 2025 Mile.tech
Terms & ConditionsPrivacy
Check out our reviews on
G2