General Data Protection Regulation Compliance
The General Data Protection Regulation (GDPR) governs the way that data on individuals is collected and processed online. It contains specific guidelines designed to strengthen sensitive data protection and make transparent all elements of data collection, storage and processing. The legislation will come into effect on May 25, 2018.
Who does the GDPR affect?
All businesses established in the European Economic Area (EEA) and Switzerland must comply with the GDPR when it comes to handling data of EEA citizens. Companies from countries outside the EEA that collect data of EEA citizens must also comply or face stringent fines. There are steps that companies themselves can take to become compliant, but compliance with the GDPR significantly depends on how your resources operate.
Does Yandex RTB Auction fall under the scope of the GDPR?
Yes, to the extent our Demand Partners target their advertisement at the EEA/Swiss users or in case the Demand Partner is established in the EEA or Switzerland.
What I can do to comply with the requirements of the GDPR?
GDPR implies that both Yandex and Demand Partner shall take proactive actions to meet the high standards of protecting the rights of EEA/Swiss users. Therefore we are open for cooperation with each Demand Partner to make your use of our RTB Auction compliant with GDPR requirements.In order to do that we kindly ask you to review the following information:
To enhance protection of our users’ data we need to enter into a Data Processing Agreement with you. You may find it here. We will do our best to make this agreement also available in the Partner interface so you can easily access it. Please review our Data Processing Agreement and let us know if you have questions. We are ready to help.
If you are unsure what steps your company has to take about participating in the Yandex Advertising Network in compliance with GDPR, you can contact us to learn more.