Publishes open-source data processing agreement and resources for publisher partners to support compliance with GDPR
LONDON, UK — OpenX, the world’s leading independent advertising technology provider, announced that it is one of the first advertising exchanges globally now in compliance with its publisher obligations under the General Data Protection Regulation (GDPR) — a full four months before the May deadline.
As a free and open contribution to the ad tech community, OpenX is also making available a GDPR-ready data processing agreement (DPA) drafted in consultation with leading U.S. and EU privacy counsel. This “open source” DPA was published today to www.openx.com/GDPR as a resource for publishers to expedite their compliance process with other technology partners that may process the publisher’s EU personal data. OpenX is also making available other GDPR-related resources on its website, including a guide for obtaining certification under the Privacy Shield, which is an important legal mechanism for validating the transfer of EU personal data out of the EU to the U.S.
“GDPR is the single most significant regulation in the history of digital advertising,” said Doug McPherson, chief administrative officer and general counsel at OpenX. “It replaces a patchwork of EU national rules with a single regulatory framework with global reach and strict penalties for those who fail to comply. GDPR applies to every company, wherever they are located, that offers goods or services to EU citizens or receives, stores or sends personal data from any EU citizen. At OpenX, we are committed to being the highest quality and most trusted partner to the thousands of leading publishers and top brands that rely upon our exchange. We committed early on to investing significantly in GDPR compliance and in educating the industry about its implications. We have taken the extra step today to make available a data processing agreement and other resources in order to move the entire industry towards greater accountability and trust.”
According to one recent analysis, leading publishers today can have hundreds of technology partners with access to their consumer data via code on their page. Under GDPR, publishers will be responsible for ensuring regulatory compliance for data security for every single partner they allow to access their data. Failure to comply effectively could result in significant penalties — up to the greater of €20,000,000 or 4% of worldwide annual revenue.
“Very few companies recognise the magnitude of the effect GDPR will have on their business, especially companies in the advertising technology space. OpenX has worked directly with the Venable team over the last year to understand the complexities of how this new regulation applies to OpenX and its partners. The resources they have made available to the industry will benefit any adtech company committed to compliance with GDPR,” said Shannon Yavorsky, Partner at Venable LLP.
On 1st February, OpenX will co-host a webinar with counsel from Venable LLP to provide publishers and advertisers with another educational resource as they navigate GDPR compliance ahead of the deadline. The webcast will cover seven steps publishers can take now to become compliant. For more information about the webcast or to register for the online event please visit: www.openx.com/GDPR.
OpenX is focused on unleashing the full economic potential of digital media companies. We do this by making digital advertising markets and technologies that are designed to deliver optimal value to publishers and advertisers on every ad served across all screens.
At OpenX, we have built a team that is uniquely experienced in designing and operating high-scale ad marketplaces, and we are constantly on the lookout for thoughtful, creative executors who are as fascinated as we are about finding new ways to apply a blend of market design, technical innovation, operational excellence, and empathetic partner service to the frontiers of digital advertising.