← Back to Blog

5 Reasons Why All Publishers Need To Take GDPR Seriously

Publishers
3
minutes
Technical Level
March 19, 2018
3
minutes
March 19, 2018
Technical Level
Sharethrough
Contributing Authors & Industry Leaders

This affects every publisher, not just EU-based ones

While GDPR rules directly impact publishers across the UK and EU, the rules clearly stipulate that any organization controlling or processing data about individuals while in the context of selling goods to citizens in the EU, whether on not they’re based there, has to follow the rules.

Put in to plain English: international publishers with even one EU visitor have to follow the same rules.

It covers a wide amount of data and puts a range of new conditions in place

GDPR data regulations cover everything from personally identifiable information, any online identifiers (IP address, location, cookies and RFID tags), to automated data fields, anonymized data and any sensitive personal data.

Under these new rules companies must follow a series of steps:

  1. Use decipherable terms and make consent as easy to withdraw as it is to give.
  2. Notify affected parties of any data breach in 72 hours.
  3. Give consumers the right to access their personal data.
  4. Comply with any request to erase irrelevant consumer data and cease its dissemination.
  5. Allow consumers to obtain and reuse their data.
  6. Publishers should build data protections when they design an IT system
  7. Publishers with more than 250 employees are obligated to designate a data protection officer.

Got all that? Maybe not. It’s a lot to take in.

The complicated flows of information in the ad-tech ecosystem will make compliance even harder

Take a look at this diagram and you’ll see that compliance isn’t exactly a straight line.

Certain tech can only be fired up at the right time, after consent is given. Consent information needs to be shared with SSPs. There’s a run of bureaucratic dominoes that need to be set correctly to make sure this doesn’t fall in on itself.

GDPR affects vendors (like Sharethrough), as well as publishers

Some vendors and publishers may be considered as processors of data and other's may be considered as controllers of data. At Sharethrough, We’ve added additional terms to our publisher and DSP contracts and put new systems in place to make sure consent info is passed along from publishers to DSPs and data management platforms. We’ve worked to ensure that only information that has been consented to be shared will be shared and that publishers who are integrated with SFP pass consent information along with the impression request.

The penalty for non-compliance is considerable

If a company is found to be non-compliant, they can be fined up to 20 million euros, or 4 percent of their global turnover, whichever figure is greater. No joke.

To view the free infographic, fill the form below.

This affects every publisher, not just EU-based ones

While GDPR rules directly impact publishers across the UK and EU, the rules clearly stipulate that any organization controlling or processing data about individuals while in the context of selling goods to citizens in the EU, whether on not they’re based there, has to follow the rules.

Put in to plain English: international publishers with even one EU visitor have to follow the same rules.

It covers a wide amount of data and puts a range of new conditions in place

GDPR data regulations cover everything from personally identifiable information, any online identifiers (IP address, location, cookies and RFID tags), to automated data fields, anonymized data and any sensitive personal data.

Under these new rules companies must follow a series of steps:

  1. Use decipherable terms and make consent as easy to withdraw as it is to give.
  2. Notify affected parties of any data breach in 72 hours.
  3. Give consumers the right to access their personal data.
  4. Comply with any request to erase irrelevant consumer data and cease its dissemination.
  5. Allow consumers to obtain and reuse their data.
  6. Publishers should build data protections when they design an IT system
  7. Publishers with more than 250 employees are obligated to designate a data protection officer.

Got all that? Maybe not. It’s a lot to take in.

The complicated flows of information in the ad-tech ecosystem will make compliance even harder

Take a look at this diagram and you’ll see that compliance isn’t exactly a straight line.

Certain tech can only be fired up at the right time, after consent is given. Consent information needs to be shared with SSPs. There’s a run of bureaucratic dominoes that need to be set correctly to make sure this doesn’t fall in on itself.

GDPR affects vendors (like Sharethrough), as well as publishers

Some vendors and publishers may be considered as processors of data and other's may be considered as controllers of data. At Sharethrough, We’ve added additional terms to our publisher and DSP contracts and put new systems in place to make sure consent info is passed along from publishers to DSPs and data management platforms. We’ve worked to ensure that only information that has been consented to be shared will be shared and that publishers who are integrated with SFP pass consent information along with the impression request.

The penalty for non-compliance is considerable

If a company is found to be non-compliant, they can be fined up to 20 million euros, or 4 percent of their global turnover, whichever figure is greater. No joke.

No items found.
About Behind Headlines: 180 Seconds in Ad Tech—

Behind Headlines: 180 Seconds in Ad Tech is a short 3-minute podcast exploring the news in the digital advertising industry. Ad tech is a fast-growing industry with many updates happening daily. As it can be hard for most to keep up with the latest news, the Sharethrough team wanted to create an audio series compiling notable mentions each week.

This affects every publisher, not just EU-based ones

While GDPR rules directly impact publishers across the UK and EU, the rules clearly stipulate that any organization controlling or processing data about individuals while in the context of selling goods to citizens in the EU, whether on not they’re based there, has to follow the rules.

Put in to plain English: international publishers with even one EU visitor have to follow the same rules.

It covers a wide amount of data and puts a range of new conditions in place

GDPR data regulations cover everything from personally identifiable information, any online identifiers (IP address, location, cookies and RFID tags), to automated data fields, anonymized data and any sensitive personal data.

Under these new rules companies must follow a series of steps:

  1. Use decipherable terms and make consent as easy to withdraw as it is to give.
  2. Notify affected parties of any data breach in 72 hours.
  3. Give consumers the right to access their personal data.
  4. Comply with any request to erase irrelevant consumer data and cease its dissemination.
  5. Allow consumers to obtain and reuse their data.
  6. Publishers should build data protections when they design an IT system
  7. Publishers with more than 250 employees are obligated to designate a data protection officer.

Got all that? Maybe not. It’s a lot to take in.

The complicated flows of information in the ad-tech ecosystem will make compliance even harder

Take a look at this diagram and you’ll see that compliance isn’t exactly a straight line.

Certain tech can only be fired up at the right time, after consent is given. Consent information needs to be shared with SSPs. There’s a run of bureaucratic dominoes that need to be set correctly to make sure this doesn’t fall in on itself.

GDPR affects vendors (like Sharethrough), as well as publishers

Some vendors and publishers may be considered as processors of data and other's may be considered as controllers of data. At Sharethrough, We’ve added additional terms to our publisher and DSP contracts and put new systems in place to make sure consent info is passed along from publishers to DSPs and data management platforms. We’ve worked to ensure that only information that has been consented to be shared will be shared and that publishers who are integrated with SFP pass consent information along with the impression request.

The penalty for non-compliance is considerable

If a company is found to be non-compliant, they can be fined up to 20 million euros, or 4 percent of their global turnover, whichever figure is greater. No joke.

About Calibrate—

Founded in 2015, Calibrate is a yearly conference for new engineering managers hosted by seasoned engineering managers. The experience level of the speakers ranges from newcomers all the way through senior engineering leaders with over twenty years of experience in the field. Each speaker is greatly concerned about the craft of engineering management. Organized and hosted by Sharethrough, it was conducted yearly in September, from 2015-2019 in San Francisco, California.

Stay Up-to-Date—

Subscribe to our newsletter and receive cutting-edge digital advertising insights, including our weekly Behind Headlines episodes, delivered right to your inbox.

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Listen to Next—
3:00
November 19, 2021
Behind Headlines: 180 Seconds in Ad Tech — Secrecy & Augmented Reality
This week in Behind Headlines: 180 Seconds in Ad Tech we’re chatting about secret ad buyers, a new partnership, and augmented reality.
3:00
November 12, 2021
Behind Headlines: 180 Seconds in Ad Tech — Connected TVs & Digital Publishers
This week in Behind Headlines: 180 Seconds in Ad Tech we’re talking about Connected TV ads and print publishers going digital.
3:00
November 5, 2021
Behind Headlines: 180 Seconds in Ad Tech — Metaverses & Social TV
This week in Behind Headlines: 180 Seconds in Ad Tech we’re chatting about a new metaverse entry, social platforms on TV, and ad experiences.
Watch Next—
3:00
July 2, 2021
Behind Headlines: 180 Seconds in Ad Tech — Delayed Cookies & Investments
This week in Behind Headlines: 180 Seconds in Ad Tech we’re talking about the delay in the depreciation of third-party cookies & news on IPOs.
3:00
June 25, 2021
Behind Headlines: 180 Seconds in Ad Tech — Power Plays & Privacy
This week in Behind Headlines: 180 Seconds in Ad Tech we’re taking a look at the role of competition and key player’s growing dominance.
3:00
June 18 2021
Behind Headlines: 180 Seconds in Ad Tech — Lawsuits & Set Backs In Addressability
This week in Behind Headlines: 180 Seconds in Ad Tech we’re talking about the rise in privacy and addressability, from lawsuits to setbacks.
Sharethrough
Contributing Authors & Industry Leaders

About the Author

Sharethrough is made up of inspired forward-thinkers with first hand knowledge of the industry, who support the business & help the company flourish.

More from this author
Sharethrough & Equativ are Merging! Learn More →