The General Data Protections Regulation (GDPR) is a ruling that aims to protect the personal data of citizens within the European Union. It came into effect on the 25th of May 2018. Due to this regulation any party involved in handling or processing of personal data needs to document the procedures for processing data, how the data is stored and used, facilitate deletion of personal data if requested and keeping agreements up to date with regard to handling personal data.
In connection with the introduction of the GDPR, it’s important that you are clear on your legal obligations as a publisher. Please note that you, as a company, are responsible for being compliant with the GDPR and make the appropriate changes in the way you handle consumers’ data and rights. Please also be aware of extraordinary focus on how you collect consent from the users and how you store user-data.
"The publisher is solely and fully responsible to ensure full compliance with national legislation and GDPR, and ensure active, positive and explicit permissions from the users when promoting campaigns through direct marketing activities, for example e-mail, SMS or other. Adservice cannot be held responsible for Publisher’s violation of national or international legislation, including the GDPR. Publisher is also solely responsible for any legal liability arising out of (or relating to) the content in the publisher’s media(s) or any material or content that the users can link to through publisher’s media(s), or GDPR violations."
Under most circumstances Adservice will act as the Data Processor and the Advertiser as the Data Controller. Here Adservice has created a Data Processing Agreement (DPA) with legal counsel from Hejm Advokater. This DPA specifically addresses exchange of data between Adservice and the given Advertiser.
All advertisers need to sign the DPA when they start conducting business with Adservice. Please contact firstname.lastname@example.org if you have any questions with regards to the DPA.