Publishers are now working with technology partners that have access to their consumer data. Under the new General Data Protection Regulation (GDPR), publishers are being held responsible for ensuring regulatory compliance for data security for every single partner whom they grant access to the data. If they fail to comply they could face a significant fine.
OpenX, the advertising tech provider, has just announced compliance with publisher obligations under the GDPR ahead of the May deadline.
In addition, the company is launching a GDPR data processing agreement which has been drafted together with US and EU privacy counsel. It acts as a resource for publishers to expedite their compliance process with other tech partners processing EU personal data.
The company is also providing other GDPR-linked resources on its website, including a guide that shows how to become certified under the Privacy Shield – a legal means of validating the transfer of EU personal data out of the EU to the US.
“GDPR is the single most significant regulation in the history of digital advertising,” said Doug McPherson, chief administrative officer and general counsel at OpenX. “It replaces a patchwork of EU national rules with a single regulatory framework with global reach and strict penalties for those who fail to comply. GDPR applies to every company, wherever they are located, that offers goods or services to EU citizens or receives, stores or sends personal data from any EU citizen.”
To ensure compliance, OpenX worked with Venable LLP. Shannon Yavorsky, Partner at Venable LLP adds:
“Very few companies recognize the magnitude of the effect GDPR will have on their business, especially companies in the advertising technology space. OpenX has worked directly with the Venable team over the last year to understand the complexities of how this new regulation applies to OpenX and its partners. The resources they have made available to the industry will benefit any adtech company committed to compliance with GDPR.”