Tradedoubler Compliance with GDPR
The EU General Data Protection Regulation (GDPR) will come into effect on 25 May 2018. All EU member states will then have the same legal wording regarding the protection of personal data. The intention of this regulation is to grant individuals more control over their personal information and make sure organisations have appropriate processes and systems in place when collecting personal data. High penalties may be imposed to organisations not adhering to the data protection regulations.
Some of the basic data protection principles
- Organisations need to prove that the GDPR is being adhered to.
Limitation of purpose
- Personal data may not be used in a way that isn’t compliant with the purpose for which they have been collected.
- Information of the purpose should be understandable and easily accessible.
- Only those who need access to the personal data to perform their duties should have access to them.
- Privacy by design and Privacy by default.
How Tradedoubler makes sure to be GDPR compliant
With the help of external GDPR experts we are updating our Personal Data Documentation including Privacy Impact Assessments and all functional policies. We are currently reviewing and negotiating Data Processing Agreements with our Data Processors and our aim is to have them all reviewed and signed by 25 May 2018. Tradedoubler´s publishers are our sub-processors and we have adjusted our Publisher agreement to GDPR. Our policies, GDPR documentation, accesses to personal data, retention periods and request handling from individuals (data subjects, advertisers, publishers, Tradedoubler employees and job candidates) have been reviewed and adjusted to be GDPR compliant. All staff has had GDPR training and a standard DPA Appendix for our Advertisers has been developed and can be found below.
Our updated and GDPR adjusted Publisher agreement
If you don’t accept the amended terms, you must immediately cease to use our service