Grapeshot has a privacy policy for the web services it delivers to its business customers - web publishers, networks, media agencies or advertisers.

Grapeshot supplies a contextual targeting platform that uses the keywords it finds in web pages:

Grapeshot technology profiles the page URL by extracting keywords and calculating categories for the page
Grapeshot tries to calculate the most relevant content or advertising to place on the page, by using the keywords it sees on the page to find related media - this is called "contextual targeting"
Grapeshot sometimes stores page keywords against a Cookie ID, only when 'user context tracking' is switched on for a particular customer installation, on request of that customer
Grapeshot deploys 'user keyword tracking' to improve the context of content or advertising delivered to Home Pages and Section Heads, where there is no obvious text content on the page to drive relevance
Grapeshot is a technology provider and operates within the Terms & Conditions that Grapeshot customers use to deliver services to their own end customers
Grapeshot stores user keywords against a unique Cookie ID seperately for each customer service which Grapeshot supports
Grapeshot does not share any user keyword profiles between separate customer installations
If you opt-out of Grapeshot tracking then no user keywords, or derived categories, will be collected for your Cookie ID
Grapeshot Opt-In or Opt-Out tracking is universal across all the different installations supported by the Grapeshot domain
Where Grapeshot supplies Opt-In or Opt-Out tools to particular customers, the Opt-In and Opt-Out is specific to the customer's installation only and generally managed within the customer's own domain

Data Collection

Grapeshot receives most data that a typical ad server would normally receive:

HTTP protocol elements
Search terms
Query-string portion of URL
Request timestamp
Full IP address

Our website collects the usual data within the HTTP protocol, as do our web services, but the main Grapeshot application operated for and on behalf of customers most often uses just the URL of a page view. When we deliver contextual services, we do not use the Cookie ID. When our publishers deploy a personal "My Editorial" service or choose to retarget their own users on their own Home Page based on the keywords those users read on other pages operated by that publisher, Grapeshot captures a selection of keywords and assigns them to each Cookie ID - only for that one publisher under Terms & Conditions that publisher already has in place with end users. The majority of Grapeshot installations are predominantly contextual only - for example Advertorial recommendations.

Note that Grapeshot records data on its servers that we keep proprietary to each publisher customer we serve, and so we do not share data between publishers or across publishers. In that respect Grapeshot does not operate any behavioural network. Data is held in silos and kept proprietary to each customer we serve.

IP Address is not to be stored on Grapeshot software systems, instead being anonymised to a hash number.

Privacy Policy

This is a privacy policy for Grapeshot Ltd. Our homepage on the Web is located at The full text of our privacy policy is available on the Web at

We invite you to contact us if you have questions about this policy. You may contact us by mail at the following address:

Grapeshot Limited
9 Dukes Court
54-62 Newmarket Rd

You may contact us by e-mail at,
or telephone us at +44 1223 790 660.

Dispute Resolution and Privacy Seals

We have the following privacy seals and/or dispute resolution mechanisms. If you think we have not followed our privacy policy in some way, they can help you resolve your concern.

*Dispute resolution: Questions regarding this statement should be directed to Grapeshot Limited for clarification.

Additional Information

This policy is valid for 1 day from the time that it is loaded by a client.

Data Collection

P3P policies declare the data they collect in groups (also referred to as "statements"). This policy contains 2 data groups. The data practices of each group will be explained separately.

Group "Basic information"

We collect the following information:

HTTP protocol elements
Search terms
Query-string portion of URL
Request timestamp
Full IP address

This data will be used for the following purposes:

Completion and support of the current activity
Web site and system administration
Research and development
Anonymous user analysis
Anonymous user profiling and decision-making

This data will be used by ourselves and our agents.

The following explanation is provided for why this data is collected:

Data collected from all Web users: access logs, and search strings (if entered).

Group "Cookies"

We collect the following information:

HTTP cookies

This data will be used for the following purposes:

Research and development
One-time tailoring

This data will be used by ourselves and our agents.

The following explanation is provided for why this data is collected:

Cookies are used to track visitors to our site, so we can better understand what portions of our site best serve you. This includes saving passwords that access password protected areas of our website.


Cookies are a technology which can be used to provide you with tailored information from a Web site. A cookie is an element of data that a Web site can send to your browser, which may then store it on your system. You can set your browser to notify you when you receive a cookie, giving you the chance to decide whether to accept it.

Our site makes use of cookies. Cookies are used for the following purposes:

User targeting
Research and development

Compact Policy Summary

The compact policy which corresponds to this policy is:


The following table explains the meaning of each field in the compact policy.




This is the compact policy header; it indicates that what follows is a P3P compact policy.


No identifiable information is collected, so no access is possible.


The policy contains at least one dispute-resolution mechanism.


Privacy law specifies penalties for a violation of this policy.


The data is used for completion of the current activity.


The data is used for site administration.


The data is used for research and development.


The data is used for tailoring the site.


The data is used for pseudononymous analysis.


The data is used for pseudononymous decision-making.


The data is given to ourselves and our agents.


Our business practices specify how long the data will be kept.


The data will be kept indefinitely.


Unique identifiers are collected.


Computer information is collected.


Navigation and clickstream data is collected.


Interactive data is collected.


Content data is collected.

The compact policy is sent by the Web server along with the cookies it describes. For more information, see the P3P deployment guide at

Policy Evaluation

Microsoft Internet Explorer 6 will evaluate this policy's compact policy whenever it is used with a cookie. The actions IE will take depend on what privacy level the user has selected in their browser (Low, Medium, Medium High, or High; the default is Medium. In addition, IE will examine whether the cookie's policy is considered satisfactory or unsatisfactory, whether the cookie is a session cookie or a persistent cookie, and whether the cookie is used in a first-party or third-party context. This section will attempt to evaluate this policy's compact policy against Microsoft's stated behavior for IE6.

Note: this evaluation is currently experimental and should not be considered a substitute for testing with a real Web browser.

Satisfactory policy: this compact policy is considered satisfactory according to the rules defined by Internet Explorer 6. IE6 will accept cookies accompanied by this policy under the High, Medium High, Medium, Low, and Accept All Cookies settings.