Privacy & Data Processing Notice
Codigo audience & content measurement | Last updated: 3 June 2026
This notice explains how Codigo Sweden AB ("Codigo", "we") processes personal data when our measurement technology (the Codigo / StreamCount measurement script and SDKs) runs on websites and applications operated by the publishers participating in a market measurement. It is the reference privacy notice for Codigo's registration as a vendor under the IAB Europe Transparency & Consent Framework (TCF).
1. Who we are
| Vendor | Codigo Sweden AB (Aktiebolag, registered 27 December 2014) |
|---|---|
| Registered address | Kyrkogatan 15, 411 15 Göteborg, Sweden |
| Company registration no. | 556998-8537 |
| Privacy contact | |
| IAB Europe TCF Vendor ID | 1610 |
2. Our role under the GDPR
For its measurement processing Codigo acts as a data processor, processing personal data on the documented instructions of the controller. Depending on the market the controller is the body commissioning the measurement - for example a Joint Industry Committee such as Polskie Badania Internetu (PBI) in Poland, Fifty5Blue (Sifo) in Sweden - and/or the participating publisher, as identified in that party's own privacy notice. A Data Processing Agreement governs each engagement.
This notice supplements the controller's own privacy information; it does not replace it. Please consult the relevant controller's privacy notice for the controller's identity and full information under Articles 13-14 GDPR. The limited security and error-handling activity described in section 6 is the one area where Codigo acts on its own legitimate interest.
3. Where this notice applies
Codigo's measurement is deployed in more than one market under different configurations - currently Poland (the PBI site-centric census measurement) and Sweden (primarily panel-based measurement with Sifo). Because a TCF vendor registration is a single global entry, this notice and the accompanying device storage disclosure describe the full set of data and device storage we may use across those deployments. Which items apply depends on the configuration on a given site.
4. Data we process
- Online identifiers we set or read (the
__couidfirst-party identifier and related storage; see the cookie table below); - IP address (truncated/anonymised - the final octet is not stored) and non-precise location (e.g. country/region) derived from it
- Device and browser characteristics (aggregated user-agent information, screen size);
- Probabilistic identifiers used to assign a measurement identifier where cookies are unavailable;
- Authentication-derived identifiers (e.g. a publisher login signal), where a publisher provides them;
- Browsing and interaction data on measured surfaces (page views, audio/video playback, time spent, events);
- Audience-measurement attributes - probabilistic demographic segments derived from voluntary survey responses, used for aggregate statistics, not for individual advertising personalisation;
- User-provided data - answers to demographic surveys, where shown.
Codigo does not intentionally collect names, e-mail addresses or similar directly identifying fields for measurement; IP addresses are truncated and user-agent strings aggregated. Some pseudonymous identifiers and measurement attributes may nonetheless be personal data.
5. How we measure, and the legal bases
Codigo's measurement operates in distinct modes, and the legal basis depends on the mode:
- Anonymous, cookieless measurement - the default in most deployments. Events are counted and aggregated with no cookies or other device storage and no personal identifiers; IP addresses are truncated and user-agent strings aggregated at the point of collection. This produces non-personal, aggregate statistics, so it does not rely on consent and the TCF purposes below do not apply to it.
- Panel members. Where a person is a member of a measurement panel - for example the Swedish panel operated together with Sifo - they are measured on the basis of the specific, informed consent given in their panel agreement, which covers their devices and applications. That consent is managed in the panel system, not through the website CMP.
- Identified (cookie-based) measurement. Where measurement uses cookies or other device storage to recognise a browser or device, Codigo processes only where the controller's Consent Management Platform (CMP) signals that consent has been obtained for Codigo and the relevant purposes. This is the path the TCF purposes below describe, and it runs only after that signal is present.
Under the TCF, for the identified (cookie-based) path Codigo declares the purposes below. As processor, Codigo relies on the consent obtained and signalled by the controller's CMP; the exception is Special Purpose 1, for which Codigo relies on its own legitimate interest (see section 6):
| TCF purpose | Legal basis |
|---|---|
| Purpose 1 - Store and/or access information on a device | Consent |
| Purpose 7 - Measure advertising performance | Consent |
| Purpose 8 - Measure content performance | Consent |
| Purpose 9 - Understand audiences through statistics | Consent |
| Purpose 10 - Develop and improve services | Consent |
| Special Purpose 1 - Ensure security, prevent fraud, and fix errors | Legitimate interest (see section 6) |
| Special Purpose 3 - Save and communicate privacy choices | Legitimate interest (see section 6) |
We also rely on the TCF features "Match and combine data from other data sources", "Link different devices" and "Identify devices based on information transmitted automatically" in support of the purposes above. We do not use precise geolocation or active device-fingerprinting special features.
6. Our legitimate interests
For Special Purpose 1 (ensure security, prevent and detect fraud, and fix errors) we rely on legitimate interest. This covers detecting automated/bot traffic and invalid activity, identifying and excluding auto-refresh and other non-human events, and diagnosing and correcting measurement errors - each limited to maintaining the security, integrity and accuracy of the measurement.
For Special Purpose 3 (save and communicate privacy choices) we also rely on legitimate
interest. This covers storing and reading your privacy choice - in particular the __codnt
opt-out flag - so that, once set, your choice is remembered and respected on later visits and applied
consistently across our measurement. The data involved is a minimal preference flag and the processing
operates in your favour.
We have carried out a balancing assessment: the processing is limited to the pseudonymous technical signals needed to keep the measurement secure, exclude invalid traffic and correct errors; it is not used to build advertising or marketing profiles; and it is retained only as long as needed for those integrity checks. A user would reasonably expect a measurement provider to protect data quality, and we consider the processing does not override the interests, rights or freedoms of users. Special Purposes 1 and 3 are not switched off through a TCF consent toggle; you may object to this legitimate-interest processing under Article 21 GDPR by contacting the relevant controller or Codigo (section 11), and the controller will assess the objection.
7. Cookies and device storage
The complete machine-readable list is published at /tcf/device-storage.json. The principal items:
| Name | Party | Type | Purpose | Max. duration |
|---|---|---|---|---|
__couid | First-party | Cookie + localStorage | Unique measurement identifier (page-view / unique-user counting) | 300 days |
__codnt | First-party | Cookie | Codigo measurement opt-out flag (records and respects your opt-out choice) | 14 days |
__cosurvey | First-party | Cookie + localStorage | Survey frequency-capping / suppression (prevents the demographic pop-up survey re-showing too often) | up to 180 days |
__cosrv | Third-party | Cookie (set by our collector on research-int.se) | Cross-domain unique-user counting | 12 months |
Everything our measurement script stores is first-party - cookies set on the
domain of the website you are visiting, and localStorage local to that site. The only third-party
item is __cosrv, a cookie set by our measurement collector on its own domain
(research-int.se) to recognise the same browser across the network of measured sites; modern
browser anti-tracking measures (Safari ITP, Firefox ETP, Chrome) may block it. Where cookies are unavailable or
consent is absent, measurement falls back to anonymous, aggregate counting that does not set or read device
storage and does not single out an individual browser or device.
In mobile publisher apps the same measurement may be performed by our native iOS and Android
measurement SDKs (open source). In that environment the SDK stores an equivalent measurement
identifier on the device and sends data over the same protocol as the web tag; where a panel app is present
it can supply a panel identity, otherwise the SDK operates as a standalone measurement component. The SDKs
are listed in the sdks array of the
device-storage disclosure.
Storage used specifically for the Swedish measurement panel is governed by the panel agreement and the panel's own privacy information, and is outside the scope of this TCF disclosure.
8. Consent & the TCF
Our measurement script reads the consent signal from the publisher's IAB-registered CMP via the TCF API and processes data only for the purposes that both the site configuration and the user's CMP signal permit, and only where Codigo is consented as a vendor. Content census measurement normally requires Purposes 1, 8 and 9; Purposes 7 and 10 are used only where that processing is actually configured and consent has been signalled. If consent is absent, withdrawn or does not apply, measurement that relies on device storage does not run. Anonymous, cookieless measurement (section 5) neither sets nor reads device storage and therefore continues regardless of the consent signal. You can review or withdraw your choices at any time through the CMP on the publisher's site.
9. Retention
Raw, event-level data is retained for a short period (by default 14 days) and is then aggregated into statistics
that are no longer personal data. Measurement identifiers stored on the device persist for up to the durations
in section 7 (up to 12 months for the third-party __cosrv cookie). Aggregated, non-personal statistics may be retained longer
for trend reporting.
10. Data location
Codigo processes and stores measurement data within the European Union - currently in Microsoft Azure's North Europe region. Codigo's production processing is operated in the EU/EEA; any sub-processor access or international-transfer safeguards are governed by the applicable Data Processing Agreement.
11. Your rights
Because we act as a processor, please direct requests to exercise your rights (access, rectification, erasure, restriction, objection, portability) to the controller - the body commissioning the measurement or the publisher whose site you visited. You may also contact us and we will assist the controller, normally within 72 hours of a request. You have the right to lodge a complaint with your data protection supervisory authority.
12. Changes
We may update this notice to reflect changes in our processing or legal requirements. The "last updated" date above shows the current version.
13. Contact
Codigo Sweden AB - . For TCF framework matters: [email protected].