GDPR/ General Data Protection Regulation

GDPR stands for General Data Protection Regulation. It regulates how vendors (companies) can access, process and share personal data of users. Therefore we must ask users for their consent.

Important: Please not that we can not give legal advise; legal aspect of these FAQs may change over time and new restriction may come into place. Therefore you should always contact your lawyer for any legal advise!

What is it?

The General Data Protection Regulation (GDPR), is a regulation in the EU law on data protection and privacy for all individuals within the European Union and the European Economic Area. 

What is the ePrivacy directive?

In connection with the GDPR is the ePrivacy Directive. The ePrivacy Directive will help regulate the handling of personal data, in particular for electronic communications. The guideline has not yet been finalised and therefore can still be changed. 

How GDPR effects individuals?

GDPR became "active" on the 25th of May 2018 in the European Economic Area (EEA), meaning every company that is based in this area, which deals with EU citizens data, needs to comply with these rules as well as companies outside of the EEA dealing with customers from that particular area.

What is personal data?

Personal data is any information that has a direct or indirect reference to a person and that enables identification of the person concerned. Examples of direct personal data include name, address, telephone number, email address etc. All other data such as age, gender, hair colour are also considered to be of personal data.

How should personal data be handled?

Personal data requires a separate protection. Users needs to clearly give their consent before their data is processed, stored or shared. Unless a contract or legitimate interest make it necessary.

What does GDPR mean for my online marketing?

For online advertising, GDPR has meant:

1. The setting of cookies is no longer possible without consent. The tracking of actions based on cookies is no longer possible, unless the user has given their consent to do so.

2. The storage of personal data is no longer possible without consent. In the context of online marketing, this particularly concerns the IP address of visitors.

3. The transfer of personal data requires consent. As for example OpenRTB or in the form of placeholders, data from visitors such as their IP addresses can no longer be passed on.

What does this mean to me?

If you are a publisher/website owner, advertiser etc. Where personal data is being processed you will need to ensure that visitors give their consent in order for you to store their data.

ConsentCMP - GDPR

Not sure if you need a CMP?

If you are unsure if your company needs a CMP or not, please get in touch with us - we will help you find the right solution for your company!