About GDPR

The General Data Protection Regulation protects EU users by outlining how their data must be handled by anyone owning an online property that uses or collects their data. 

Who does it affect?*

Where the GDPR or PECR applies, downstream partners such as DSPs, SSPs, or DMPs will rely on ‘publishers’ (which includes advertisers if you have your own sites, apps, etc.) to provide transparency and gain individuals’ consent.

  • If you process personal data from one of your sites or mobile apps (or other entities) you need a way of making sure you disclose this to people and, where necessary, get their consent.
  • You also need to give people the opportunity to opt out of data processing.
  • If you want to store or access any information on a person’s device you need to get their consent first. *This section was sourced from the IAB UK

Why Does It Matter?

Increasingly, demand sources are limiting their inventory to only websites that are compliant with GDPR. 

 

What Do I Need To Do?

Google and many other major demand sources require each publisher to comply with GDPR. One big step forward in compliance is adding a reputable consent widget/framework to your site.

 

How Do I Do That?

A free & easy solution is Quantcast's GDPR self-serve Consent Management Platform called "Quantcast Choice" Below are the steps to create your custom widget to add to your site to be in compliance with GDPR.

  1. Go to the Quantcast website & choose where you will be implementing the widget. 
  2. Add your information - (select the option to only request consent from users in the EU)
  3. Customize the look and feel of your widget
  4. Download the custom code
  5. Implement across your website - (ensure it is placed before the Proper script on the page)

IMPORTANT:  The Quantcast code needs to be placed in the <head> of the page before any 3rd party code, including the Proper script.

 

Tutorials on how to use the Quantcast Consent Management platform. 

There are default self-serve settings (screenshots below) 

  • You can only ask for consent from users in the EU 
  • If you do not collect & use first-party data, leave all of the boxes in the "How will you use customer data?" section unchecked. 

More resources related to GDPR compliance:

The IAB released a "framework" on GitHub to help publishers comply with GDPR. This widely adopted solution is the: IAB Transparency & Consent Framework 

Google Tools:

 

Google Policy Requirements
The EU User Consent Policy outlines your responsibility as a user of Google ad technology to:

 

Obtain EEA end users’ consent to: 

  • the use of cookies or other local storage where legally required; and 
    the collection, sharing, and use of personal data for personalization of ads. 
  • Identify each party that may collect, receives or uses end-users’ personal data as a consequence of your use of a Google product. 
  • Provide end users with prominent and easily accessible information about those parties’ use of personal data 
     
    Find Out More
    You can refer to cookiechoices.org and Google's Policy help page for more information on complying with their Policy. We also recommend that you consult with your legal department regarding your compliance with the GDPR and Google's policies.
     
    Google's EU User Consent Policy:  
    https://www.google.com/about/ company/user-consent-policy. html

 

Here is where the full GDPR document can be found.

 

Other Articles You May Be Interested In

Redirects & Malicious Ads

Ads.txt

Interest Based Advertising Opt Out