Tradedoubler compliance with GDPR
The EU General Data Protection Regulation (GDPR) has come into effect on 25 May 2018. All EU member states now have the same legal wording regarding the protection of personal data. The intention of this regulation is to grant individuals more control over their personal information and make sure organisations have appropriate processes and systems in place when collecting personal data. High penalties may be imposed to organisations not adhering to the data protection regulations.
Some of the basic data protection principles
Organisations need to prove that the GDPR is being adhered to.
Limitation of purpose
Personal data may not be used in a way that isn’t compliant with the purpose for which they have been collected. Information of the purpose should be understandable and easily accessible.
Only those who need access to the personal data to perform their duties should have access to them. Privacy by design and Privacy by default.
How Tradedoubler makes sure to be GDPR compliant
With the help of external GDPR experts we have updated our Personal Data Documentation including Privacy Impact Assessments and all functional policies. We have signed Data Processing Agreements with our Data Processors. Tradedoubler´s publishers are our sub-processors and we have adjusted our Publisher agreement to GDPR. Our policies, GDPR documentation, accesses to personal data, retention periods and request handling from individuals (data subjects, advertisers, publishers, Tradedoubler employees and job candidates) have been reviewed and adjusted to be GDPR compliant. All staff has had GDPR training and a standard DPA Appendix for our Advertisers has been developed and can be found below.
If you don’t accept the amended terms, you must immediately cease to use our service
Appointed DPO for the Tradedoubler Group