On May 25, 2018, The European Union will carry out its data protection reform and begin to enforce a new law called GDPR (General Data Protection Regulation). This new law aims to strengthen and unify data protection for users within the European Economic Area (EEA). GlassView has created this GDPR information page to provide our customers & users with information regarding GlassView’s GDPR readiness.
At GlassView, we invest great efforts in ensuring that our products and services adequately address legislative and regulatory requirements. Data protection and overall client trust in GlassView’s services continues to be of the highest importance to us.
The data that GlassView processes may include potentially identifiable information which may relate to users in the EEA. Consequently, we have addressed the requirements under EU data protection laws, and specifically those of the forthcoming GDPR.
As part of this effort GlassView implemented changes to its processes, documentation, policies, and contractual framework with its customers and publishers in which campaigns will deliver on.
GlassView’s compliance with GDPR
Some of the GlassView publishers on which our campaigns are delivered collect personal data to provide our EEA users with targeted and relevant advertising.
Because GlassView does not directly collect data, we ask that our publishers obtain a separate GDPR consent from end users to collect and process end-users’ personal information for the purpose of serving targeted ads, i.e., these publishers obtain consent from their users for ad targeting. This reflects GlassView’s position as a platform that facilitates the serving of ads as an intermediary between supply and demand.
What personal data does GlassView process?
While GlassView does not directly collect personal data from our users, we do work with publishers that process information such as the following:
- Internet Protocol (IP) addresses
- Advertising ID
- Internet Service Providers (ISP)
- Precise (GPS) location data
- Registration information
Is any of the processed data transferred outside of the EU?
Yes, GlassView works with publishers that transfer data outside of the EU but we have implemented certain contractual safeguards with publishers requiring them to process personal data in compliance with the GDPR.
GlassView has also implemented internal processes to anonymize user data in a way that makes it useful for advertisers, while ensuring that user identity is protected. For example, whenever the updated GlassView SDK receives an indication that a user declined consent, it automatically anonymizes the GPS coordinate data and/or IP addresses before passing the ad request to publishers for ad delivery, for the purpose of ensuring that no personal information is processed. In addition, GlassView will flag to publishers that the user did not provide the consent required under GDPR and does not wish to be served with targeted ads on the app. In such cases, only contextual ads will be shown to that user. Contextual ads are ads that are served based on the content of the page, app or site the user is viewing, and not based on personal data of a user.
What happens if the user does not provide consent?
The above procedures are designed to ensure that each publisher will serve contextual ads to all users who declined consent.
How does a user withdraw consent?
A user can request to withdraw consent by contacting the publishers in which campaigns are delivered on via their consent management mechanism, available on their website or app or they can send a request to withdraw consent to GlassView by email at “email@example.com”.
What happens if a user withdraws his/her consent?
We ask that all our publishers provide the user with an option to withdraw consent. If a user withdraws consent, the user will be treated as if the consent has been declined. In such cases, the publisher anonymizes any collected data before passing the ad request for ad delivery, to ensure that no personal information is processed. In addition, GlassView will notify all publishers that will deliver the campaign that the user did not provide the consent required under GDPR and does not wish to be served with targeted ads in the app. This user will receive contextual ads only.
What are contextual ads?
Contextual ads are ads that are based on the context of site or app rather than on the behavioral preferences, or personal data of a particular user.
What is GlassView’s data retention policy?
GlassView does not collect user data from EEA residents, but has asked its publishers (a) not to store user data for any purpose other than for internal reporting and analysis and for providing its services and (b) to store such data only so long as the user uses the app or website plus 30 days thereafter, except for purposes of invoicing, reporting, discrepancies or fraud prevention, and in any case for no longer than 90 days thereafter.
If you have any questions or comments about GlassView and our compliance with GDPR, you can drop us an email at "firstname.lastname@example.org" or you can send us mail to our HQ address:
224 East 83rd Street
New York, NY 10028
Att: Data Protection Officer