PROTECTION & SECURITY
Security That Goes Beyond Marketing
 
Semcasting's data architecture is built for the most regulated industries on earth — healthcare, financial services, and pharma. Every workflow is audited, certified, and continuously monitored.
 
 
Regulatory Compliance

Aligned With Every Major Privacy Framework

Semcasting compiles household and business data from publicly available sources and follows the privacy guidelines of every recognized regulatory body — federal, industry, and international.

 

Industry Standards

DMA, IAB & Trustwave

Adheres to online and offline privacy recommendations from the Direct Marketing Association, Interactive Advertising Bureau, and Trustwave for online data management.

 

Healthcare & Sensitive Data

HIPAA & HITRUST

Aligned with HIPAA recommendations and HITRUST CSF certified for management of sensitive data and physical security.

 

Financial Services

GLB Act Regulations

Aligned with Gramm-Leach-Bliley Act regulations for unsolicited credit offers and financial services marketing.

 

Federal Guidance

FTC & White House Privacy

Follows the White House "Privacy Bill of Rights," HR 4081 Consumer Privacy Protection Act, and FTC Privacy and Security Update of 2018.

How It Works

Smart Zones IP Targeting — Cookie-Free by Design

The Smart Zones IP targeting process converts an organization's CRM or prospect data into digital delivery points — without using cookies, and without ever exposing PII outside our ISO 27018 Safe Haven environment.

The 4-Step Privacy-First Process

1

Secure Upload

Organizations supply names, addresses, or website logs through a secure encrypted connection to our cloud-based server.

2

Safe Haven Match

In our ISO 27018 Safe Haven — inaccessible to outsiders and the organization itself — names match to household or business data.

3

Strip & Anonymize

Our proprietary process strips and discards matched records to maintain the anonymity of every user's digital ID.

4

DSP Activation

Depersonalized digital IDs are matched to the platform's impressions history — never resolvable back to a person.

🔒 Privacy Guarantee: At no point outside of the Safe Haven can a user's digital ID be resolved back to a person, household, or business.

Website Visitor Identification

Strict Rules for First-Party Lead Generation

When organizations provide website logs to identify visitors, we enforce strict use-case limitations. Our clients must demonstrate a permissible purpose, follow regulatory requirements, and disclose the practice to their users.

Required of All Clients Using Website Visitor Identification:

Demonstrate permissible purpose for use of names and addresses before any matching begins.

Limit data use to first-party lead generation and CRM population only.

Update privacy policy to inform users that their digital information is being collected.

Follow DMA and IAB requirements including providing users the ability to opt out.

Regulated Markets & International

Built for the Most Regulated Markets on Earth

Healthcare, finance, and EU markets each require unique privacy architectures. Semcasting was designed from day one to operate compliantly across all of them.

 

European Union

GDPR Compliance

In the EU, our solution is based exclusively on network infrastructure and Internet routing — with no personally identifiable IP addresses. PII cannot be tracked or revealed because the system is strictly based on telecommunications assignment.

 

Healthcare & Insurance

HIPAA Clustering

HIPAA recommendations require clustering of households at minimum levels to obscure personal and household identifiers and strip PII. We support this through 6, 5, and 3-digit zip code output options.

 

Financial Services

Gramm-Leach-Bliley

The GLB Act requires banking and financial offers providing unsolicited credit to be generalized to a minimum household clustering — averaging credit scores at zip+4 geographic level.

Geographic Clustering

Privacy Through Geographic Clustering

In specific industries where sensitive information may be associated with a digital ID, Semcasting requires clustering methodologies to ensure all personally identifiable information is protected. Smart Zones IP targeting supports this through configurable zip code precision levels.

6-Digit

Highest Precision

Most granular targeting where regulations permit individual-level matching.

5-Digit

Balanced

Standard zip-level targeting that balances reach with privacy protections.

3-Digit

Maximum Privacy

Broadest geographic clustering for the most sensitive use cases.

This geographic clustering technique is available for any organization we provide audiences for — not just regulated industries.

Consumer Choice

Your Right to Opt-Out — Always

Every individual should always have the option to opt out of being included in a digital targeted audience. We require that the organizations, ad servers, and demand-side platforms we build audiences for also provide robust opt-out capabilities.

What We Require From Every Client:

1

Include language in their privacy policy clearly stating that a user may be tracked.

2

Provide a clear, accessible mechanism for users to opt out.

3

Honor opt-out requests by removing the user from any further contact.

Our Commitment: Semcasting takes privacy seriously and extends full cooperation with the choice standard for all consumers to opt out of the use of their information for marketing purposes.

Have Questions About Privacy or Compliance?

Review our full Privacy Policy for additional detail, or reach out to our team directly with any questions.