Pneus Touchette Distribution inc., profile picture
Uploaded byPneus Touchette Distribution inc.
256 views

What is GDPR ? by M32

The document outlines the General Data Protection Regulation (GDPR), effective May 25, 2018, highlighting its importance for user privacy and data management for businesses operating within or interacting with EU citizens. It stresses the necessity for companies to adopt specific privacy practices, including clear communication about data collection, and suggests actionable steps for publishers to ensure compliance. It also provides resources and guidance for publishers, emphasizing the significance of transparency and user consent in data practices.

Embed presentation

Download to read offline
GENERAL DATA PROTECTION REGULATION (GDPR) A PROGRAMMATIC ADVERTISING PERSPECTIVE UPDATE ON OUR EFFORTS & SUGGESTIONS TO PUBLISHERS ** PLEASE REFER TO YOUR LAWYER FOR ANY LEGAL ADVICE ** MAY 2018
2 GENERAL DATA PROTECTION REGULATION & PRIVACY GUIDANCE INTRODUCTION M32.MEDIA firmly believes that, as an industry leader and influencer, we must embrace the privacy of our users and respect their right to be informed and have the ability to block or delete any tracking. We are taking this opportunity to inform and advise our publishers and partners on the best practices in terms of privacyand on all the efforts we are putting in place to be fullycompliant with GDPR. For any questions or concerns about our approach, please contact us @ https://m32.media/lets-talk . GDPR OVERVIEW The General Data Protection Regulation (GDPR) is a new set of regulations that will take effect on May 25, 2018, surrounding the privacy, control, and transfer of data for EU citizens. The goal of the GDPR is to ensure that all EU citizens are protected against privacy and data breaches in a world where data is increasingly important, creating an environment that is very different from 1995, when the previous directive was established. Although the key principles from the previous directive surrounding data privacy still remain true, several changes have been proposed to the regulatory policies. The key points of the GDPR are detailed below, along with more information about the impacts this will have on organisations. Increased Territorial Scope (extraterritorial applicability) The biggest change applied to the regulatory landscape of data privacy is probably the extended jurisdiction of the GDPR, as it will apply to all companies processing the personal data of data subjects residing in the European Union, regardless of the company’s location. In the previous directive, territorial applicability was a bit ambiguous and referred to data process “in context of an establishment”, which has arisen in several high-profile court cases. The territorial applicability of the GDPR is very clear: it applies to the processing of personal data by controllers and processors in the European Union, whether the processing takes place in the EU or not. It will also apply in cases where the controller or processor is not established in the EU, when the activities relate to: offering goods or services to EU citizens (regardless whether a payment is required or not) and monitoring behaviours that take place within the European Union. Non-EU companies processing the data of EU citizens will also have to appoint a representative in the EU. Ref: https://www.eugdpr.org/the-regulation.html
3 GENERAL DATA PROTECTION REGULATION & PRIVACY GUIDANCE ANSWERS TO COMMONLY ASKED QUESTIONS Q: WHO IS AFFECTED BY GDPR? Any company that controls or processes personal data or behavioural information from an individual in an EU country will be impacted by GDPR. In the digital and programmatic industry, this includes nearly every company with an online presence. We strongly advise our publishers to follow these principles even if their European traffic is low as it remains a good and relevant practice to protect users’ privacy. Q: WHAT SAFEGUARDS ARE IN PLACE WITH DATA EXCHANGE PARTNERS? All M32.MEDIA Technology Partners are GDPR compliant and we will potentially refuse in the near future any partner that is not compliant or not sensitive to users’ privacy. Feel free to communicate with us if you want to have access to all our partners confirmations (Google, AppNexus, etc.). We will inform our publishers when a partner is not compliant and will assist them in the process of becoming compliant for the advertising & programmatic elements. Q: IS GDPR EQUIVALENT TO ADCHOICES AND CASL IN CANADA? Not really as GDPR is broader. CASL is only focusing on the spamming aspect of privacy and AdChoices is a program helping the industry better manage privacy but is not a law. For more information about these three concepts please visit: • CASL (Canada’s Anti-Spam Legislation): https://crtc.gc.ca/eng/internet/anti.htm • AdChoices Canada: https://youradchoices.ca • GDPR: https://www.eugdpr.org Q: WHAT ARE THE 6 BASIC PRINCIPLES AROUND GDPR? 1. The Principles of Lawfulness, Fairness, and Transparency: Following these principles, companies must make it clear as to why data is being collected and how it will be used. 2. The Principle of Purpose Limitation: This means that companies must have a legitimate purpose for processing the information and can only use the data for the objectives they have clearly described and justified. 3. The Principle of Data Minimization: Organizations must ensure that they are only requesting the minimum necessary amount of data required for their purpose, and that it is relevant for this purpose. 4. The Principle of Trueness, Accuracy: This principle states that data controllers must make sure that information remains accurate and valid, otherwise that it should be rectified or removed. 5. The Principle of Storage Limitation: It limits how long the data is stored, for it should be kept in a way which allows identification of a person for no longer than is necessary for the described purposes. 6. The Principle of Integrity and Confidentiality: This principle protects the integrity and privacy of data as companies must take all required measures to make sure all the personal data is protected and secure. Ref: https://www.exin.com/en/article/6-basic-principles-gdpr?language_content_entity=en
4 GENERAL DATA PROTECTION REGULATION & PRIVACY GUIDANCE Q: WHEN WILL THE GDPR OFFICIALLY BE IN PLACE? May 25, 2018 is the date when the GDPR will officially be effective. Q: WHAT IS THE DURATION OF COOKIES THAT M32.MEDIA MANAGES FOR PUBLISHERS? Depending on the platform, M32.MEDIA uses the following rules: PLATFORM DURATION DMP SERVICES 6 MONTHS APPNEXUS COOKIES 30 DAYS Q: WHAT IS M32.MEDIA’S RESPONSIBILITY? M32.MEDIA is only responsible for the advertising and behavioural cookies that the publishers allow us to use - we are not responsible of the publisher’s privacy policy. Moreover, we do not manage or collect any users’ information that link to their identity or any of their transactional activities. We suggest our publishers to refer to their legal advisors or lawyers to update or review their privacy policy. Q: WHO IS RESPONSIBLE FOR M32.MEDIA’S DATA INTEGRITY? M32.MEDIA nominated Claude Cajolet as Chief Data Officer and James Tweedie as his backup in case Claude is not reachable or on vacation. You can reach them both via email at Claude@m32.media and James@m32.media.
5 GENERAL DATA PROTECTION REGULATION & PRIVACY GUIDANCE SUGGESTIONS TO OUR CANADIAN PUBLISHERS Please note that we are only making suggestions concerning the advertising side of the GDPR. You should also review the other aspects of your users’ privacy. Here are the five tactics we suggest putting in place to manage the advertising privacy: 1- Declare clearly that you are using cookies and collecting behavioural and analytical data 2- Update your privacy and cookie policy 3- Add a link in your website’s footer to your privacy and cookie policies and to a consent management platform or any opt-out cookie tool 4- Make sure there are no cookies associated with pages where users transact or subscribe to your newsletters or paid services 5- Move your site under the https protocol 1- DECLARE THE USE OF COOKIES BBC & France TV are good examples to follow in terms of messaging and UX execution. You can find more examples on the following pages: https://termsfeed.com/blog/4-ways-notify-users-cookies/ and https://www.communigator.co.uk/blog/5-best-wording-cookie-policies/ If needed, feel free to use the suggested message below: “This website uses cookies to deliver relevant content and advertisements according to your preferences as well as help us measure our site’s performance. Learn more about our cookie policy here. {link to your cookie policy}” In French: “En poursuivant votre navigation sur ce site, vous en acceptez les conditions générales d'utilisation et notamment l'utilisation des cookies afin de réaliser des statistiques d'audiences, de vous proposer des contenus éditoriaux et une offre publicitaire adaptés à vos centres d'intérêts. Pour en savoir plus: {link to your cookie policy}” The sites below represent some interesting examples to follow:
6 GENERAL DATA PROTECTION REGULATION & PRIVACY GUIDANCE 2- UPDATE YOUR PRIVACY AND COOKIE POLICIES We suggest that our publishers update and deploy a privacy policy on their website. You can also create a specific cookie policy to help users quickly see and understand what kind of information you are gathering and for what purpose. Please refer to the appendix section to view the complete privacy policy of M32.MEDIA as an example. -------------------------------- BELOW IS AN EXAMPLE OF A COOKIE POLICY -------------------------------- COOKIES A cookie is a small text file that a website saves on your computer or mobile device when you visit the site. It enables the website to remember your actions and preferences (such as login, language, font size and other display preferences) over a period of time, so you don’t have to keep re-entering them whenever you come back to the site or browse from one page to another. We use “cookies” to collect information. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Service. If you do not instruct your browser to refuse all cookies or to indicate when a cookie is being sent, your consent to our use of your Personal Information may be implied. HOW TO CONTROL COOKIES You can control and/or delete cookies as you wish – for details, see aboutcookies.org. You can delete all cookies that are already on your computer and you can set most browsers to prevent them from being placed. If you do this, however, you may have to manually adjust some preferences every time you visit a site and some services and functionalities may not work. You can also visit http://youradchoices.ca/choices/ to delete any advertising cookie gathered about you. BEHAVIORAL REMARKETING <Your Site-Company> uses remarketing services to advertise on third party websites to you after you visited our site. We, and our third-party vendors, use cookies to inform, optimize and serve ads based on your past visits to our Service. In certain circumstances, your implied consent to our accessing, using or disclosing may be provided if you do not instruct your web browser to refuse all cookies or to indicate when a cookie is sent, or if you do not opt-out of Google Analytics or other services, as indicated below. • Google AdWords remarketing service is provided by Google Inc. You can opt-out of Google Analytics for Display Advertising and customize the Google Display Network ads by visiting the Google Ads Settings page. Google also recommends installing the Google Analytics Opt-out Browser Add-on for your web browser. Google Analytics Opt-out Browser Add-on provides visitors with the ability to prevent their data from being collected and used by Google Analytics. For more information on the privacy practices of Google, please visit the Google Privacy & Terms web page. • AppNexus remarketing service is provided by AppNexus Inc. You can opt-out of AppNexus remarketing by visiting the Privacy & the AppNexus Platform web page. For more information on the privacy practices of AppNexus, please visit the AppNexus Platform Privacy Policy web page. AppNexus cookie duration is 30 days. • M32.MEDIA is acting as our advertising service partner. You can delete all cookies gathered and managed through their process at https://m32.media/opt-out . M32.MEDIA cookies are stored for a duration of 6 months.
7 GENERAL DATA PROTECTION REGULATION & PRIVACY GUIDANCE DELETING OR PROTECTING OPT-OUTS If you delete your cookies, you will need to opt out again. You can find and install browser extensions that will help you preserve your opt-out preferences. For more information, please visit http://www.aboutads.info/PMC or https://youradchoices.ca/choices/protect-my-choices/. ----------------------------------- END OF THE EXAMPLE ----------------------------------- You can find other best practice examples of cookie policies at the following links: • (UK) BBC: http://www.bbc.com/usingthebbc/cookies/ • (USA) NBC NEWS: https://www.nbcuniversal.com/privacy/cookies • (FRANCE) FRANCE TV: http://www.francetelevisions.fr/confidentialite#gestion-cookies • (CANADA) CBC: http://www.cbc.ca/aboutcbc/discover/privacy.html#cookies The list below will give you some examples of privacy policies: • (CANADA) TORSTAR: http://notices.torstar.com/privacy-policy/index.html • (UK) BBC: http://www.bbc.com/usingthebbc/privacy/ • (CANADA) GOOGLE: https://policies.google.com/privacy?hl=en&gl=ca 3- ADD A LINK IN THE FOOTER TO A CONSENT MANAGEMENT PLATFORM Users must be able to find, very easily and quickly, all necessary information about the cookie policy but also a quick access to some tools enabling them to view and delete any information that has been gathered. To do so, we suggest adding two links in your website footer: 1. A direct link to your cookie and privacy policy. 2. A direct link to a Consent Management Platform (CMP): a. The Industry suggests the following free tool: http://youradchoices.ca/choices/ b. Or you can decide to use more advanced options such as: • Evidon: https://www.evidon.com • TrustArc: https://www.trustarc.com • Cookiebot: https://www.cookiebot.com/ • Didomi: https://www.didomi.io/en/ • OneTrust: https://onetrust.com/fr/ • Cookie Consent: https://cookieconsent.insites.com Finally, here is a collection of useful GDPR resources: https://gdprindex.com/companies?tags=consent%2Cconsent-tracking%2Copt-out%2Cdigital- marketing&scope=any
8 GENERAL DATA PROTECTION REGULATION & PRIVACY GUIDANCE 4- WHICH PAGES USE COOKIES? Please validate with your advertising partners to ensure that there are no cookies associated with pages where users transact or subscribe to your newsletters or paid services - unless it’s aligned with your privacy policy. 5- HTTPS PROTOCOL We strongly suggest our publishers to convert their digital assets to https. This protocol protects the privacy and security of your users and will also enhance your ranking among some search engines as they consider https as a positive signal about your site and brand. To enable this, you can use Let’s Encrypt (https://letsencrypt.org) which offers free and open certificates. More interesting reads on the subject: • 5 Reasons Why HTTPS Should Be Enabled on Your Website (https://blog.hubspot.com/marketing/enable-https-on-your-website) • Why https matters (https://developers.google.com/web/fundamentals/security/encrypt-in- transit/why-https) M32.MEDIA PRIVACY ROADMAP M32 team is already working on a consent management platform, to help our publishers better manage cookies and users’ privacy. Contact us if you have any questions on our roadmap. REFERENCES & LINKS • For more information about GDPR visit https://www.eugdpr.org • General FAQs surrounding GDPR: https://www.eugdpr.org/gdpr-faqs.html • AdChoices Canada: https://youradchoices.ca • CASL: http://www.fightspam.gc.ca • Better Ads: https://www.betterads.org • All About Cookies: http://www.allaboutcookies.org/ ------------------------------------ ABOUT THIS DOCUMENT This document does not replace a legal advice and should be used as a tool to help our publishers enhance and better manage users’ privacy. Please, do not hesitate to contact us if you have any further questions.
9 GENERAL DATA PROTECTION REGULATION & PRIVACY GUIDANCE APPENDIX M32.MEDIA PRIVACY & COOKIE POLICY PRIVACY & COOKIE POLICY Effective date: April 13, 2018 M32.MEDIA Inc. ("us", "we", or "our") operates the https://m32.media website (the "Service"). This page informs you of our policies regarding the collection, use, and disclosure of personal data when you use our Service and the choices you have associated with that data. We use your data to provide and improve the Service. By using the Service, you agree to the collection and use of information in accordance with this policy. DEFINITIONS Personal Data Personal Data means data about a living individual who can be identified from those data (or from those and other information either in our possession or likely to come into our possession). Usage Data Usage Data is data collected automatically either generated by the use of the Service or from the Service infrastructure itself (for example, the duration of a page visit). Cookies Cookies are small pieces of data stored on a User’s device. Data Controller Data Controller means a person who (either alone or jointly or in common with other persons) determines the purposes for which and the manner in which any personal data are, or are to be, processed. For the purpose of this Privacy Policy, we are a Data Controller of your data. Data Processor (or Service Provider) Data Processor (or Service Provider) means any person (other than an employee of the Data Controller) who processes the data on behalf of the Data Controller. We may use the services of various Service Providers in order to process your data more effectively. Data Subject Data Subject is any living individual who is the subject of Personal Data. User The User is the individual using our Service. The User corresponds to the Data Subject, who is the subject of Personal Data. INFORMATION COLLECTION AND USE We collect different types of information for various purposes to provide and improve our Service to you.
10 GENERAL DATA PROTECTION REGULATION & PRIVACY GUIDANCE Types of Data Collected Personal Data While using our Service, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you ("Personal Data"). Personally, identifiable information may include, but is not limited to: • Email address • First name and last name • Cookies and Usage Data We may use your Personal Data to contact you with newsletters, marketing or promotional materials and other information that may be of interest to you. You may opt out of receiving any, or all, of these communications from us by following the unsubscribe link or instructions provided in any email we send. Usage Data We may also collect information on how the Service is accessed and used ("Usage Data"). This Usage Data may include information such as your computer's Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our Service that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers and other diagnostic data. Tracking Cookies Data We use cookies and similar tracking technologies to track the activity on our Service and hold certain information. Cookies are files with small amount of data which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your device. Other tracking technologies used include beacons, tags and scripts to collect and track information and to improve and analyze our Service. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Service. Examples of Cookies we use: • Session Cookies. We use Session Cookies to operate our Service. • Preference Cookies. We use Preference Cookies to remember your preferences and various settings. • Security Cookies. We use Security Cookies for security purposes. • Advertising Cookies. Advertising Cookies are used to serve you with advertisements that may be relevant to you and your interests. Use of Data M32.MEDIA Inc. uses the collected data for various purposes: • To provide and maintain our Service • To notify you about changes to our Service • To allow you to participate in interactive features of our Service when you choose to do so • To provide customer support • To gather analysis or valuable information so that we can improve our Service • To monitor the usage of our Service • To detect, prevent and address technical issues • To provide you with news, special offers and general information about other goods, services and events which we offer that are similar to those that you have already purchased or enquired about unless you have opted not to receive such information
11 GENERAL DATA PROTECTION REGULATION & PRIVACY GUIDANCE Retention of Data M32.MEDIA Inc. will retain your Personal Data only for as long as is necessary for the purposes set out in this Privacy Policy. We will retain and use your Personal Data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies. M32.MEDIA Inc. will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period of time, except when this data is used to strengthen the security or to improve the functionality of our Service, or we are legally obligated to retain this data for longer time periods. Transfer of Data Your information, including Personal Data, may be transferred to — and maintained on — computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ from those of your jurisdiction. If you are located outside Canada and choose to provide information to us, please note that we transfer the data, including Personal Data, to Canada and process it there. Your consent to this Privacy Policy followed by your submission of such information represents your agreement to that transfer. M32.MEDIA Inc. will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy and no transfer of your Personal Data will take place to an organization or a country unless there are adequate controls in place including the security of your data and other personal information. Disclosure of Data Business Transaction If M32.MEDIA Inc. is involved in a merger, acquisition or asset sale, your Personal Data may be transferred. We will provide notice before your Personal Data is transferred and becomes subject to a different Privacy Policy. Disclosure for Law Enforcement Under certain circumstances, M32.MEDIA Inc. may be required to disclose your Personal Data if required to do so by law or in response to valid requests by public authorities (e.g. a court or a government agency). Legal Requirements M32.MEDIA Inc. may disclose your Personal Data in the good faith belief that such action is necessary: • To comply with a legal obligation • To protect and defend the rights or property of M32.MEDIA Inc. • To prevent or investigate possible wrongdoing in connection with the Service • To protect the personal safety of users of the Service or the public • To protect against legal liability Security of Data The security of your data is important to us but remember that no method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security.
12 GENERAL DATA PROTECTION REGULATION & PRIVACY GUIDANCE Your Rights M32.MEDIA Inc. aims to take reasonable steps to allow you to correct, amend, delete, or limit the use of your Personal Data. Whenever made possible, you can update your Personal Data directly within your account settings section. If you are unable to change your Personal Data, please contact us to make the required changes. If you wish to be informed what Personal Data we hold about you and if you want it to be removed from our systems, please contact us. In certain circumstances, you have the right: • To access and receive a copy of the Personal Data we hold about you • To rectify any Personal Data held about you that is inaccurate • To request the deletion of Personal Data held about you You have the right to data portability for the information you provide to M32.MEDIA Inc. You can request to obtain a copy of your Personal Data in a commonly used electronic format so that you can manage and move it. Please note that we may ask you to verify your identity before responding to such requests. Service Providers We may employ third party companies and individuals to facilitate our Service ("Service Providers"), to provide the Service on our behalf, to perform Service-related services or to assist us in analyzing how our Service is used. These third parties have access to your Personal Data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose. Analytics We may use third-party Service Providers to monitor and analyze the use of our Service. Google Analytics Google Analytics is a web analytics service offered by Google that tracks and reports website traffic. Google uses the data collected to track and monitor the use of our Service. This data is shared with other Google services. Google may use the collected data to contextualize and personalize the ads of its own advertising network. You can opt out of having made your activity on the Service available to Google Analytics by installing the Google Analytics opt-out browser add-on. The add-on prevents the Google Analytics JavaScript (ga.js, analytics.js, and dc.js) from sharing information with Google Analytics about visits activity. For more information on the privacy practices of Google, please visit the Google Privacy Terms web page: http://www.google.com/intl/en/policies/privacy/ Advertising We may use third-party Service Providers to show advertisements to you to help support and maintain our Service. Google AdSense DoubleClick Cookie Google, as a third-party vendor, uses cookies to serve ads on our Service. Google's use of the DoubleClick cookie enables it and its partners to serve ads to our users based on their visit to our Service or other websites on the Internet. You may opt out of the use of the DoubleClick Cookie for interest-based advertising by visiting the Google Ads Settings web page: http://www.google.com/ads/preferences/
13 GENERAL DATA PROTECTION REGULATION & PRIVACY GUIDANCE Behavioral Remarketing M32.MEDIA Inc. uses remarketing services to advertise on third party websites to you after you visited our Service. We and our third-party vendors use cookies to inform, optimize and serve ads based on your past visits to our Service. Google AdWords Google AdWords remarketing service is provided by Google Inc. You can opt out of Google Analytics for Display Advertising and customize the Google Display Network ads by visiting the Google Ads Settings page: http://www.google.com/settings/ads Google also recommends installing the Google Analytics Opt-out Browser Add-on (https://tools.google.com/dlpage/gaoptout) for your web browser. Google Analytics Opt-out Browser Add-on provides visitors with the ability to prevent their data from being collected and used by Google Analytics. For more information on the privacy practices of Google, please visit the Google Privacy Terms web page: http://www.google.com/intl/en/policies/privacy/ Facebook Facebook remarketing service is provided by Facebook Inc. You can learn more about interest-based advertising from Facebook by visiting this page: https://www.facebook.com/help/164968693837950 To opt out from Facebook's interest-based ads follow these instructions from Facebook: https://www.facebook.com/help/568137493302217 Facebook adheres to the Self-Regulatory Principles for Online Behavioral Advertising established by the Digital Advertising Alliance. You can also opt out from Facebook and other participating companies through the Digital Advertising Alliance in the USA http://www.aboutads.info/choices/, the Digital Advertising Alliance of Canada in Canada http://youradchoices.ca/ or the European Interactive Digital Advertising Alliance in Europe http://www.youronlinechoices.eu/, or opt out using your mobile device settings. For more information on the privacy practices of Facebook, please visit Facebook's Data Policy: https://www.facebook.com/privacy/explanation AppNexus AppNexus remarketing service is provided by AppNexus Inc. You can opt out of AppNexus remarketing by visiting AppNexus’ Platform Privacy web page: https://www.appnexus.com/en/company/platform-privacy-policy#choices For more information on the privacy practices of AppNexus, please visit the AppNexus Platform Privacy Policy web page: https://www.appnexus.com/en/company/platform-privacy-policy. AppNexus cookie duration is 30 days. M32.MEDIA M32.MEDIA is acting as our advertising service partner. You can delete all cookies gathered and managed through their process at https://m32.media/opt-out . M32.MEDIA DMP cookies are stored for a duration of 6 months.
14 GENERAL DATA PROTECTION REGULATION & PRIVACY GUIDANCE Deleting or protecting opt-outs If you delete your cookies, you will need to opt out again. You can find and install browser extensions that will help you preserve your opt-out preferences. For more information, please visit http://www.aboutads.info/PMC or https://youradchoices.ca/choices/protect-my-choices/. Links to Other Sites Our Service may contain links to other sites that are not operated by us. If you click on a third-party link, you will be directed to that third party's site. We strongly advise you to review the Privacy Policy of every site you visit. We have no control over and assume no responsibility for the content, privacy policies or practices of any third-party sites or services. Children's Privacy Our Service does not address anyone under the age of 13 ("Children"). We do not knowingly collect personally identifiable information from anyone under the age of 13. If you are a parent or guardian and you are aware that your Children has provided us with Personal Data, please contact us. If we become aware that we have collected Personal Data from children without verification of parental consent, we will take action to remove that information from our servers. Changes to This Privacy Policy We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page. We will let you know via email and/or a prominent notice on our Service, prior to the change becoming effective and update the "effective date" at the top of this Privacy Policy. You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page. Contact Us If you have any questions about this Privacy Policy, please contact us @ https://m32.media/lets-talk ------------------------------------------ FOLLOW US @ Web https://m32.media Facebook https://m32.media/facebook Twitter https://m32.media/twitter LinkedIn https://m32.media/linkedin

More Related Content

PPTX
What is GDPR?
byFaidepro
 
PDF
GDPR infographic
byMarketing Team at Crown Worldwide Group
 
PDF
Employee Training is Key to GDPR Compliance: GDPR
byGDPR Course
 
PDF
20121016 letter google-article-29-final
byGreg Sterling
 
PDF
"If we're leaving the EU, does GDPR even matter?" And other FAQs
byTech Data
 
PDF
GDPR: Keep Your Website Out of Legal Trouble
byMickey Mellen
 
PPTX
A Brief Overview on GDPR
byNeha Patel
 
PDF
Understanding gdpr compliance gdpr analytics tools
byRominaMariaBaltariu
 
What is GDPR?
byFaidepro
 
GDPR infographic
byMarketing Team at Crown Worldwide Group
 
Employee Training is Key to GDPR Compliance: GDPR
byGDPR Course
 
20121016 letter google-article-29-final
byGreg Sterling
 
"If we're leaving the EU, does GDPR even matter?" And other FAQs
byTech Data
 
GDPR: Keep Your Website Out of Legal Trouble
byMickey Mellen
 
A Brief Overview on GDPR
byNeha Patel
 
Understanding gdpr compliance gdpr analytics tools
byRominaMariaBaltariu
 

What's hot

PDF
GDPR Is Coming - Get Over It Webinar
bySagittarius
 
PDF
IAB Europe's GDPR Compliance Primer
byIAB Europe
 
PPTX
The State of Marketing Technology Today The State of Marketing Technology Today
byGhostery, Inc.
 
PDF
ESET Quick Guide to the EU General Data Protection Regulation
byESET
 
PDF
INFOMAGAZINE 8 by REAL security
bySamo Zavašnik
 
PPTX
Gdpr presentation
bySudarsan Reddy
 
PDF
GIG Working Paper 02/2017 - The Definition of Personal Data
byIAB Europe
 
PDF
GAMABrief: When Education Meets Big Data
byChristina Gagnier
 
PPTX
GDPR
bySebastian Dramburg
 
PDF
GDPR Guide: The ICO's 12 Recommended Steps To Take Now
byHackerOne
 
PPTX
Data Protection Audit Checklist
byDigital Guardian
 
PPTX
How to get started with being GDPR compliant
bySiddharth Ram Dinesh
 
DOCX
General data protection regulation - European union
byRohana K Amarakoon
 
PPTX
GDPR
byGopi PD
 
PDF
Gdpr presentation with notes
byMassimo Carnevali
 
PPT
CEE CMS Data Protection webinar series - Part 1
byCMSLondon
 
PDF
GDPR - General Data Protection Regulation Preparation
byJoseph DeMicco
 
PPT
CEE CMS Data Protection webinar series - Part 2
byCMSLondon
 
GDPR Is Coming - Get Over It Webinar
bySagittarius
 
IAB Europe's GDPR Compliance Primer
byIAB Europe
 
The State of Marketing Technology Today The State of Marketing Technology Today
byGhostery, Inc.
 
ESET Quick Guide to the EU General Data Protection Regulation
byESET
 
INFOMAGAZINE 8 by REAL security
bySamo Zavašnik
 
Gdpr presentation
bySudarsan Reddy
 
GIG Working Paper 02/2017 - The Definition of Personal Data
byIAB Europe
 
GAMABrief: When Education Meets Big Data
byChristina Gagnier
 
GDPR
bySebastian Dramburg
 
GDPR Guide: The ICO's 12 Recommended Steps To Take Now
byHackerOne
 
Data Protection Audit Checklist
byDigital Guardian
 
How to get started with being GDPR compliant
bySiddharth Ram Dinesh
 
General data protection regulation - European union
byRohana K Amarakoon
 
GDPR
byGopi PD
 
Gdpr presentation with notes
byMassimo Carnevali
 
CEE CMS Data Protection webinar series - Part 1
byCMSLondon
 
GDPR - General Data Protection Regulation Preparation
byJoseph DeMicco
 
CEE CMS Data Protection webinar series - Part 2
byCMSLondon
 

Similar to What is GDPR ? by M32

PDF
Magento checklist AVG / GDPR - Algemene Verordering Gegevensbescherming
byErwin Otten
 
PPTX
GDPR_Skillcast Presentation Template.pptx
bysketvnadakit
 
PDF
Deck for Chardan conference call on ePrivacy and GDPR
byJohnny Ryan
 
PDF
Data Protection Seminar 2_Marketing & GDPR_ISOLAS LLP_26-07-17
byMichael Adamberry
 
PPTX
Global Data Privacy Regulation
byJatin Kochhar
 
PPT
Solved the european e privacy directive and performance marketing - Kevin E...
byauexpo Conference
 
PPTX
Gdpr zilla
byDavid Boswell
 
PDF
GDPR, ePrivacy Regulation, consent, and online media
byJohnny Ryan
 
PDF
Cookie Consent and Authorized Data Collection_Mar23.pdf
byAdzappier
 
PPTX
An Introduction to the General Data Protection Regulation (GDPR)
byBright
 
PPTX
GDPR_Skillcast Presentation Template (1).pptx
bykimonesinghunicomerc
 
PDF
Are You Prepared for the GDPR?
byPrivacyPolicies.com
 
PPTX
Why We Require GDPR?
byJatin Kochhar
 
PDF
Here comes the Cookie Monster
byBANNER
 
DOCX
The General data protection regulation : Salient clauses
bySyed Nazir Razik ACP, CSM, PMP
 
PDF
The GDPR Risk to Brands. Presentation at ISBA, the UK trade body that represe...
byJohnny Ryan
 
PPTX
GDPR, Data Privacy.
byLiviu Claudiu Cismaru
 
PPTX
Privacy and cookies crm inspiration days 2013
byBart Van Den Brande
 
PDF
What's Next - General Data Protection Regulation (GDPR) Changes
byOgilvy Consulting
 
PDF
Opportunity or burden
byIRIS
 
Magento checklist AVG / GDPR - Algemene Verordering Gegevensbescherming
byErwin Otten
 
GDPR_Skillcast Presentation Template.pptx
bysketvnadakit
 
Deck for Chardan conference call on ePrivacy and GDPR
byJohnny Ryan
 
Data Protection Seminar 2_Marketing & GDPR_ISOLAS LLP_26-07-17
byMichael Adamberry
 
Global Data Privacy Regulation
byJatin Kochhar
 
Solved the european e privacy directive and performance marketing - Kevin E...
byauexpo Conference
 
Gdpr zilla
byDavid Boswell
 
GDPR, ePrivacy Regulation, consent, and online media
byJohnny Ryan
 
Cookie Consent and Authorized Data Collection_Mar23.pdf
byAdzappier
 
An Introduction to the General Data Protection Regulation (GDPR)
byBright
 
GDPR_Skillcast Presentation Template (1).pptx
bykimonesinghunicomerc
 
Are You Prepared for the GDPR?
byPrivacyPolicies.com
 
Why We Require GDPR?
byJatin Kochhar
 
Here comes the Cookie Monster
byBANNER
 
The General data protection regulation : Salient clauses
bySyed Nazir Razik ACP, CSM, PMP
 
The GDPR Risk to Brands. Presentation at ISBA, the UK trade body that represe...
byJohnny Ryan
 
GDPR, Data Privacy.
byLiviu Claudiu Cismaru
 
Privacy and cookies crm inspiration days 2013
byBart Van Den Brande
 
What's Next - General Data Protection Regulation (GDPR) Changes
byOgilvy Consulting
 
Opportunity or burden
byIRIS
 

Recently uploaded

PDF
Buy Old Facebook Accounts Profiles for Your Social Media Strategy.pdf
byBuy Old Facebook Accounts
 
PPTX
4 Marinr Domestic Legal environment July 2013.pptx
byadnanoperation4
 
PDF
Performance Marketing Social Media Report | Campaign Insights & ROI Analysis
byalbertmarty58
 
PDF
BanoQabil Sahiwal Best for Students with No IT Background.pdf
byGhasif Saleem
 
PPTX
SEO & UI/UX Design Services in Chandigarh | Marketing Gears
bymarketinggearsind
 
PDF
Top Websites To ⭐Buy ⭐Old ⭐Gmail ⭐Accounts (PVA & Bulk) (5).pdf
byBuy Old Gmail Accounts
 
PDF
Coca-Cola Marketing Case Study – Final PPT.pdf
byHeba Adel
 
DOCX
Buy ⭐Old ⭐Facebook Accounts – Trusted & Aged Profiles for Sale.docx
byBuy Old Facebook Accounts
 
PDF
_ How to Find Reliable Sellers for Verified PayPal Accounts.pdf
byhttps://pvaallit.com/product/buy-wechat-accounts/
 
PDF
Google Ads: A Beginner’s Guide to Online Advertising
bytakepay23
 
PDF
Why SaaS Founders Need Niche-Relevant Backlinks
byalexseofx
 
PDF
KS MARKETING | PORTFOLIO #3 | CUSTOMER ORIENTATION
byKS Marketing
 
PDF
QsAns – A Smart Content Marketing Platform for Digital Marketers.pdf
byDigital Marketing Services India
 
PDF
Google AI Overviews Stealing Clicks? 5 Ways Businesses Win Anyway
byFunnelTide
 
DOCX
Why People Look to Buy Snapchat Accounts (And What to Know First).docx
byWilliam Nero
 
PDF
AI SEO: Optimizing Content with Intelligent Algorithms
byIndeedseo
 
PDF
Online Digital Marketing Training in Hyderabad.pdf
bysriyabojagari1
 
PPTX
Hashtags vs Keywords - Instagram Content Marketing for Busy Professionals (Co...
bySalma Noreen
 
PDF
2026 BookMovement Book Club Promotions.pdf
byBookMovement
 
DOCX
Best Platforms for Buying Old Facebook Accounts In 2025.docx
byBuy Old Facebook Accounts
 
Buy Old Facebook Accounts Profiles for Your Social Media Strategy.pdf
byBuy Old Facebook Accounts
 
4 Marinr Domestic Legal environment July 2013.pptx
byadnanoperation4
 
Performance Marketing Social Media Report | Campaign Insights & ROI Analysis
byalbertmarty58
 
BanoQabil Sahiwal Best for Students with No IT Background.pdf
byGhasif Saleem
 
SEO & UI/UX Design Services in Chandigarh | Marketing Gears
bymarketinggearsind
 
Top Websites To ⭐Buy ⭐Old ⭐Gmail ⭐Accounts (PVA & Bulk) (5).pdf
byBuy Old Gmail Accounts
 
Coca-Cola Marketing Case Study – Final PPT.pdf
byHeba Adel
 
Buy ⭐Old ⭐Facebook Accounts – Trusted & Aged Profiles for Sale.docx
byBuy Old Facebook Accounts
 
_ How to Find Reliable Sellers for Verified PayPal Accounts.pdf
byhttps://pvaallit.com/product/buy-wechat-accounts/
 
Google Ads: A Beginner’s Guide to Online Advertising
bytakepay23
 
Why SaaS Founders Need Niche-Relevant Backlinks
byalexseofx
 
KS MARKETING | PORTFOLIO #3 | CUSTOMER ORIENTATION
byKS Marketing
 
QsAns – A Smart Content Marketing Platform for Digital Marketers.pdf
byDigital Marketing Services India
 
Google AI Overviews Stealing Clicks? 5 Ways Businesses Win Anyway
byFunnelTide
 
Why People Look to Buy Snapchat Accounts (And What to Know First).docx
byWilliam Nero
 
AI SEO: Optimizing Content with Intelligent Algorithms
byIndeedseo
 
Online Digital Marketing Training in Hyderabad.pdf
bysriyabojagari1
 
Hashtags vs Keywords - Instagram Content Marketing for Busy Professionals (Co...
bySalma Noreen
 
2026 BookMovement Book Club Promotions.pdf
byBookMovement
 
Best Platforms for Buying Old Facebook Accounts In 2025.docx
byBuy Old Facebook Accounts
 

What is GDPR ? by M32

  • 1.
    GENERAL DATA PROTECTIONREGULATION (GDPR) A PROGRAMMATIC ADVERTISING PERSPECTIVE UPDATE ON OUR EFFORTS & SUGGESTIONS TO PUBLISHERS ** PLEASE REFER TO YOUR LAWYER FOR ANY LEGAL ADVICE ** MAY 2018
  • 2.
    2 GENERAL DATA PROTECTIONREGULATION & PRIVACY GUIDANCE INTRODUCTION M32.MEDIA firmly believes that, as an industry leader and influencer, we must embrace the privacy of our users and respect their right to be informed and have the ability to block or delete any tracking. We are taking this opportunity to inform and advise our publishers and partners on the best practices in terms of privacyand on all the efforts we are putting in place to be fullycompliant with GDPR. For any questions or concerns about our approach, please contact us @ https://m32.media/lets-talk . GDPR OVERVIEW The General Data Protection Regulation (GDPR) is a new set of regulations that will take effect on May 25, 2018, surrounding the privacy, control, and transfer of data for EU citizens. The goal of the GDPR is to ensure that all EU citizens are protected against privacy and data breaches in a world where data is increasingly important, creating an environment that is very different from 1995, when the previous directive was established. Although the key principles from the previous directive surrounding data privacy still remain true, several changes have been proposed to the regulatory policies. The key points of the GDPR are detailed below, along with more information about the impacts this will have on organisations. Increased Territorial Scope (extraterritorial applicability) The biggest change applied to the regulatory landscape of data privacy is probably the extended jurisdiction of the GDPR, as it will apply to all companies processing the personal data of data subjects residing in the European Union, regardless of the company’s location. In the previous directive, territorial applicability was a bit ambiguous and referred to data process “in context of an establishment”, which has arisen in several high-profile court cases. The territorial applicability of the GDPR is very clear: it applies to the processing of personal data by controllers and processors in the European Union, whether the processing takes place in the EU or not. It will also apply in cases where the controller or processor is not established in the EU, when the activities relate to: offering goods or services to EU citizens (regardless whether a payment is required or not) and monitoring behaviours that take place within the European Union. Non-EU companies processing the data of EU citizens will also have to appoint a representative in the EU. Ref: https://www.eugdpr.org/the-regulation.html
  • 3.
    3 GENERAL DATA PROTECTIONREGULATION & PRIVACY GUIDANCE ANSWERS TO COMMONLY ASKED QUESTIONS Q: WHO IS AFFECTED BY GDPR? Any company that controls or processes personal data or behavioural information from an individual in an EU country will be impacted by GDPR. In the digital and programmatic industry, this includes nearly every company with an online presence. We strongly advise our publishers to follow these principles even if their European traffic is low as it remains a good and relevant practice to protect users’ privacy. Q: WHAT SAFEGUARDS ARE IN PLACE WITH DATA EXCHANGE PARTNERS? All M32.MEDIA Technology Partners are GDPR compliant and we will potentially refuse in the near future any partner that is not compliant or not sensitive to users’ privacy. Feel free to communicate with us if you want to have access to all our partners confirmations (Google, AppNexus, etc.). We will inform our publishers when a partner is not compliant and will assist them in the process of becoming compliant for the advertising & programmatic elements. Q: IS GDPR EQUIVALENT TO ADCHOICES AND CASL IN CANADA? Not really as GDPR is broader. CASL is only focusing on the spamming aspect of privacy and AdChoices is a program helping the industry better manage privacy but is not a law. For more information about these three concepts please visit: • CASL (Canada’s Anti-Spam Legislation): https://crtc.gc.ca/eng/internet/anti.htm • AdChoices Canada: https://youradchoices.ca • GDPR: https://www.eugdpr.org Q: WHAT ARE THE 6 BASIC PRINCIPLES AROUND GDPR? 1. The Principles of Lawfulness, Fairness, and Transparency: Following these principles, companies must make it clear as to why data is being collected and how it will be used. 2. The Principle of Purpose Limitation: This means that companies must have a legitimate purpose for processing the information and can only use the data for the objectives they have clearly described and justified. 3. The Principle of Data Minimization: Organizations must ensure that they are only requesting the minimum necessary amount of data required for their purpose, and that it is relevant for this purpose. 4. The Principle of Trueness, Accuracy: This principle states that data controllers must make sure that information remains accurate and valid, otherwise that it should be rectified or removed. 5. The Principle of Storage Limitation: It limits how long the data is stored, for it should be kept in a way which allows identification of a person for no longer than is necessary for the described purposes. 6. The Principle of Integrity and Confidentiality: This principle protects the integrity and privacy of data as companies must take all required measures to make sure all the personal data is protected and secure. Ref: https://www.exin.com/en/article/6-basic-principles-gdpr?language_content_entity=en
  • 4.
    4 GENERAL DATA PROTECTIONREGULATION & PRIVACY GUIDANCE Q: WHEN WILL THE GDPR OFFICIALLY BE IN PLACE? May 25, 2018 is the date when the GDPR will officially be effective. Q: WHAT IS THE DURATION OF COOKIES THAT M32.MEDIA MANAGES FOR PUBLISHERS? Depending on the platform, M32.MEDIA uses the following rules: PLATFORM DURATION DMP SERVICES 6 MONTHS APPNEXUS COOKIES 30 DAYS Q: WHAT IS M32.MEDIA’S RESPONSIBILITY? M32.MEDIA is only responsible for the advertising and behavioural cookies that the publishers allow us to use - we are not responsible of the publisher’s privacy policy. Moreover, we do not manage or collect any users’ information that link to their identity or any of their transactional activities. We suggest our publishers to refer to their legal advisors or lawyers to update or review their privacy policy. Q: WHO IS RESPONSIBLE FOR M32.MEDIA’S DATA INTEGRITY? M32.MEDIA nominated Claude Cajolet as Chief Data Officer and James Tweedie as his backup in case Claude is not reachable or on vacation. You can reach them both via email at Claude@m32.media and James@m32.media.
  • 5.
    5 GENERAL DATA PROTECTIONREGULATION & PRIVACY GUIDANCE SUGGESTIONS TO OUR CANADIAN PUBLISHERS Please note that we are only making suggestions concerning the advertising side of the GDPR. You should also review the other aspects of your users’ privacy. Here are the five tactics we suggest putting in place to manage the advertising privacy: 1- Declare clearly that you are using cookies and collecting behavioural and analytical data 2- Update your privacy and cookie policy 3- Add a link in your website’s footer to your privacy and cookie policies and to a consent management platform or any opt-out cookie tool 4- Make sure there are no cookies associated with pages where users transact or subscribe to your newsletters or paid services 5- Move your site under the https protocol 1- DECLARE THE USE OF COOKIES BBC & France TV are good examples to follow in terms of messaging and UX execution. You can find more examples on the following pages: https://termsfeed.com/blog/4-ways-notify-users-cookies/ and https://www.communigator.co.uk/blog/5-best-wording-cookie-policies/ If needed, feel free to use the suggested message below: “This website uses cookies to deliver relevant content and advertisements according to your preferences as well as help us measure our site’s performance. Learn more about our cookie policy here. {link to your cookie policy}” In French: “En poursuivant votre navigation sur ce site, vous en acceptez les conditions générales d'utilisation et notamment l'utilisation des cookies afin de réaliser des statistiques d'audiences, de vous proposer des contenus éditoriaux et une offre publicitaire adaptés à vos centres d'intérêts. Pour en savoir plus: {link to your cookie policy}” The sites below represent some interesting examples to follow:
  • 6.
    6 GENERAL DATA PROTECTIONREGULATION & PRIVACY GUIDANCE 2- UPDATE YOUR PRIVACY AND COOKIE POLICIES We suggest that our publishers update and deploy a privacy policy on their website. You can also create a specific cookie policy to help users quickly see and understand what kind of information you are gathering and for what purpose. Please refer to the appendix section to view the complete privacy policy of M32.MEDIA as an example. -------------------------------- BELOW IS AN EXAMPLE OF A COOKIE POLICY -------------------------------- COOKIES A cookie is a small text file that a website saves on your computer or mobile device when you visit the site. It enables the website to remember your actions and preferences (such as login, language, font size and other display preferences) over a period of time, so you don’t have to keep re-entering them whenever you come back to the site or browse from one page to another. We use “cookies” to collect information. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Service. If you do not instruct your browser to refuse all cookies or to indicate when a cookie is being sent, your consent to our use of your Personal Information may be implied. HOW TO CONTROL COOKIES You can control and/or delete cookies as you wish – for details, see aboutcookies.org. You can delete all cookies that are already on your computer and you can set most browsers to prevent them from being placed. If you do this, however, you may have to manually adjust some preferences every time you visit a site and some services and functionalities may not work. You can also visit http://youradchoices.ca/choices/ to delete any advertising cookie gathered about you. BEHAVIORAL REMARKETING <Your Site-Company> uses remarketing services to advertise on third party websites to you after you visited our site. We, and our third-party vendors, use cookies to inform, optimize and serve ads based on your past visits to our Service. In certain circumstances, your implied consent to our accessing, using or disclosing may be provided if you do not instruct your web browser to refuse all cookies or to indicate when a cookie is sent, or if you do not opt-out of Google Analytics or other services, as indicated below. • Google AdWords remarketing service is provided by Google Inc. You can opt-out of Google Analytics for Display Advertising and customize the Google Display Network ads by visiting the Google Ads Settings page. Google also recommends installing the Google Analytics Opt-out Browser Add-on for your web browser. Google Analytics Opt-out Browser Add-on provides visitors with the ability to prevent their data from being collected and used by Google Analytics. For more information on the privacy practices of Google, please visit the Google Privacy & Terms web page. • AppNexus remarketing service is provided by AppNexus Inc. You can opt-out of AppNexus remarketing by visiting the Privacy & the AppNexus Platform web page. For more information on the privacy practices of AppNexus, please visit the AppNexus Platform Privacy Policy web page. AppNexus cookie duration is 30 days. • M32.MEDIA is acting as our advertising service partner. You can delete all cookies gathered and managed through their process at https://m32.media/opt-out . M32.MEDIA cookies are stored for a duration of 6 months.
  • 7.
    7 GENERAL DATA PROTECTIONREGULATION & PRIVACY GUIDANCE DELETING OR PROTECTING OPT-OUTS If you delete your cookies, you will need to opt out again. You can find and install browser extensions that will help you preserve your opt-out preferences. For more information, please visit http://www.aboutads.info/PMC or https://youradchoices.ca/choices/protect-my-choices/. ----------------------------------- END OF THE EXAMPLE ----------------------------------- You can find other best practice examples of cookie policies at the following links: • (UK) BBC: http://www.bbc.com/usingthebbc/cookies/ • (USA) NBC NEWS: https://www.nbcuniversal.com/privacy/cookies • (FRANCE) FRANCE TV: http://www.francetelevisions.fr/confidentialite#gestion-cookies • (CANADA) CBC: http://www.cbc.ca/aboutcbc/discover/privacy.html#cookies The list below will give you some examples of privacy policies: • (CANADA) TORSTAR: http://notices.torstar.com/privacy-policy/index.html • (UK) BBC: http://www.bbc.com/usingthebbc/privacy/ • (CANADA) GOOGLE: https://policies.google.com/privacy?hl=en&gl=ca 3- ADD A LINK IN THE FOOTER TO A CONSENT MANAGEMENT PLATFORM Users must be able to find, very easily and quickly, all necessary information about the cookie policy but also a quick access to some tools enabling them to view and delete any information that has been gathered. To do so, we suggest adding two links in your website footer: 1. A direct link to your cookie and privacy policy. 2. A direct link to a Consent Management Platform (CMP): a. The Industry suggests the following free tool: http://youradchoices.ca/choices/ b. Or you can decide to use more advanced options such as: • Evidon: https://www.evidon.com • TrustArc: https://www.trustarc.com • Cookiebot: https://www.cookiebot.com/ • Didomi: https://www.didomi.io/en/ • OneTrust: https://onetrust.com/fr/ • Cookie Consent: https://cookieconsent.insites.com Finally, here is a collection of useful GDPR resources: https://gdprindex.com/companies?tags=consent%2Cconsent-tracking%2Copt-out%2Cdigital- marketing&scope=any
  • 8.
    8 GENERAL DATA PROTECTIONREGULATION & PRIVACY GUIDANCE 4- WHICH PAGES USE COOKIES? Please validate with your advertising partners to ensure that there are no cookies associated with pages where users transact or subscribe to your newsletters or paid services - unless it’s aligned with your privacy policy. 5- HTTPS PROTOCOL We strongly suggest our publishers to convert their digital assets to https. This protocol protects the privacy and security of your users and will also enhance your ranking among some search engines as they consider https as a positive signal about your site and brand. To enable this, you can use Let’s Encrypt (https://letsencrypt.org) which offers free and open certificates. More interesting reads on the subject: • 5 Reasons Why HTTPS Should Be Enabled on Your Website (https://blog.hubspot.com/marketing/enable-https-on-your-website) • Why https matters (https://developers.google.com/web/fundamentals/security/encrypt-in- transit/why-https) M32.MEDIA PRIVACY ROADMAP M32 team is already working on a consent management platform, to help our publishers better manage cookies and users’ privacy. Contact us if you have any questions on our roadmap. REFERENCES & LINKS • For more information about GDPR visit https://www.eugdpr.org • General FAQs surrounding GDPR: https://www.eugdpr.org/gdpr-faqs.html • AdChoices Canada: https://youradchoices.ca • CASL: http://www.fightspam.gc.ca • Better Ads: https://www.betterads.org • All About Cookies: http://www.allaboutcookies.org/ ------------------------------------ ABOUT THIS DOCUMENT This document does not replace a legal advice and should be used as a tool to help our publishers enhance and better manage users’ privacy. Please, do not hesitate to contact us if you have any further questions.
  • 9.
    9 GENERAL DATA PROTECTIONREGULATION & PRIVACY GUIDANCE APPENDIX M32.MEDIA PRIVACY & COOKIE POLICY PRIVACY & COOKIE POLICY Effective date: April 13, 2018 M32.MEDIA Inc. ("us", "we", or "our") operates the https://m32.media website (the "Service"). This page informs you of our policies regarding the collection, use, and disclosure of personal data when you use our Service and the choices you have associated with that data. We use your data to provide and improve the Service. By using the Service, you agree to the collection and use of information in accordance with this policy. DEFINITIONS Personal Data Personal Data means data about a living individual who can be identified from those data (or from those and other information either in our possession or likely to come into our possession). Usage Data Usage Data is data collected automatically either generated by the use of the Service or from the Service infrastructure itself (for example, the duration of a page visit). Cookies Cookies are small pieces of data stored on a User’s device. Data Controller Data Controller means a person who (either alone or jointly or in common with other persons) determines the purposes for which and the manner in which any personal data are, or are to be, processed. For the purpose of this Privacy Policy, we are a Data Controller of your data. Data Processor (or Service Provider) Data Processor (or Service Provider) means any person (other than an employee of the Data Controller) who processes the data on behalf of the Data Controller. We may use the services of various Service Providers in order to process your data more effectively. Data Subject Data Subject is any living individual who is the subject of Personal Data. User The User is the individual using our Service. The User corresponds to the Data Subject, who is the subject of Personal Data. INFORMATION COLLECTION AND USE We collect different types of information for various purposes to provide and improve our Service to you.
  • 10.
    10 GENERAL DATA PROTECTIONREGULATION & PRIVACY GUIDANCE Types of Data Collected Personal Data While using our Service, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you ("Personal Data"). Personally, identifiable information may include, but is not limited to: • Email address • First name and last name • Cookies and Usage Data We may use your Personal Data to contact you with newsletters, marketing or promotional materials and other information that may be of interest to you. You may opt out of receiving any, or all, of these communications from us by following the unsubscribe link or instructions provided in any email we send. Usage Data We may also collect information on how the Service is accessed and used ("Usage Data"). This Usage Data may include information such as your computer's Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our Service that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers and other diagnostic data. Tracking Cookies Data We use cookies and similar tracking technologies to track the activity on our Service and hold certain information. Cookies are files with small amount of data which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your device. Other tracking technologies used include beacons, tags and scripts to collect and track information and to improve and analyze our Service. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Service. Examples of Cookies we use: • Session Cookies. We use Session Cookies to operate our Service. • Preference Cookies. We use Preference Cookies to remember your preferences and various settings. • Security Cookies. We use Security Cookies for security purposes. • Advertising Cookies. Advertising Cookies are used to serve you with advertisements that may be relevant to you and your interests. Use of Data M32.MEDIA Inc. uses the collected data for various purposes: • To provide and maintain our Service • To notify you about changes to our Service • To allow you to participate in interactive features of our Service when you choose to do so • To provide customer support • To gather analysis or valuable information so that we can improve our Service • To monitor the usage of our Service • To detect, prevent and address technical issues • To provide you with news, special offers and general information about other goods, services and events which we offer that are similar to those that you have already purchased or enquired about unless you have opted not to receive such information
  • 11.
    11 GENERAL DATA PROTECTIONREGULATION & PRIVACY GUIDANCE Retention of Data M32.MEDIA Inc. will retain your Personal Data only for as long as is necessary for the purposes set out in this Privacy Policy. We will retain and use your Personal Data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies. M32.MEDIA Inc. will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period of time, except when this data is used to strengthen the security or to improve the functionality of our Service, or we are legally obligated to retain this data for longer time periods. Transfer of Data Your information, including Personal Data, may be transferred to — and maintained on — computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ from those of your jurisdiction. If you are located outside Canada and choose to provide information to us, please note that we transfer the data, including Personal Data, to Canada and process it there. Your consent to this Privacy Policy followed by your submission of such information represents your agreement to that transfer. M32.MEDIA Inc. will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy and no transfer of your Personal Data will take place to an organization or a country unless there are adequate controls in place including the security of your data and other personal information. Disclosure of Data Business Transaction If M32.MEDIA Inc. is involved in a merger, acquisition or asset sale, your Personal Data may be transferred. We will provide notice before your Personal Data is transferred and becomes subject to a different Privacy Policy. Disclosure for Law Enforcement Under certain circumstances, M32.MEDIA Inc. may be required to disclose your Personal Data if required to do so by law or in response to valid requests by public authorities (e.g. a court or a government agency). Legal Requirements M32.MEDIA Inc. may disclose your Personal Data in the good faith belief that such action is necessary: • To comply with a legal obligation • To protect and defend the rights or property of M32.MEDIA Inc. • To prevent or investigate possible wrongdoing in connection with the Service • To protect the personal safety of users of the Service or the public • To protect against legal liability Security of Data The security of your data is important to us but remember that no method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security.
  • 12.
    12 GENERAL DATA PROTECTIONREGULATION & PRIVACY GUIDANCE Your Rights M32.MEDIA Inc. aims to take reasonable steps to allow you to correct, amend, delete, or limit the use of your Personal Data. Whenever made possible, you can update your Personal Data directly within your account settings section. If you are unable to change your Personal Data, please contact us to make the required changes. If you wish to be informed what Personal Data we hold about you and if you want it to be removed from our systems, please contact us. In certain circumstances, you have the right: • To access and receive a copy of the Personal Data we hold about you • To rectify any Personal Data held about you that is inaccurate • To request the deletion of Personal Data held about you You have the right to data portability for the information you provide to M32.MEDIA Inc. You can request to obtain a copy of your Personal Data in a commonly used electronic format so that you can manage and move it. Please note that we may ask you to verify your identity before responding to such requests. Service Providers We may employ third party companies and individuals to facilitate our Service ("Service Providers"), to provide the Service on our behalf, to perform Service-related services or to assist us in analyzing how our Service is used. These third parties have access to your Personal Data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose. Analytics We may use third-party Service Providers to monitor and analyze the use of our Service. Google Analytics Google Analytics is a web analytics service offered by Google that tracks and reports website traffic. Google uses the data collected to track and monitor the use of our Service. This data is shared with other Google services. Google may use the collected data to contextualize and personalize the ads of its own advertising network. You can opt out of having made your activity on the Service available to Google Analytics by installing the Google Analytics opt-out browser add-on. The add-on prevents the Google Analytics JavaScript (ga.js, analytics.js, and dc.js) from sharing information with Google Analytics about visits activity. For more information on the privacy practices of Google, please visit the Google Privacy Terms web page: http://www.google.com/intl/en/policies/privacy/ Advertising We may use third-party Service Providers to show advertisements to you to help support and maintain our Service. Google AdSense DoubleClick Cookie Google, as a third-party vendor, uses cookies to serve ads on our Service. Google's use of the DoubleClick cookie enables it and its partners to serve ads to our users based on their visit to our Service or other websites on the Internet. You may opt out of the use of the DoubleClick Cookie for interest-based advertising by visiting the Google Ads Settings web page: http://www.google.com/ads/preferences/
  • 13.
    13 GENERAL DATA PROTECTIONREGULATION & PRIVACY GUIDANCE Behavioral Remarketing M32.MEDIA Inc. uses remarketing services to advertise on third party websites to you after you visited our Service. We and our third-party vendors use cookies to inform, optimize and serve ads based on your past visits to our Service. Google AdWords Google AdWords remarketing service is provided by Google Inc. You can opt out of Google Analytics for Display Advertising and customize the Google Display Network ads by visiting the Google Ads Settings page: http://www.google.com/settings/ads Google also recommends installing the Google Analytics Opt-out Browser Add-on (https://tools.google.com/dlpage/gaoptout) for your web browser. Google Analytics Opt-out Browser Add-on provides visitors with the ability to prevent their data from being collected and used by Google Analytics. For more information on the privacy practices of Google, please visit the Google Privacy Terms web page: http://www.google.com/intl/en/policies/privacy/ Facebook Facebook remarketing service is provided by Facebook Inc. You can learn more about interest-based advertising from Facebook by visiting this page: https://www.facebook.com/help/164968693837950 To opt out from Facebook's interest-based ads follow these instructions from Facebook: https://www.facebook.com/help/568137493302217 Facebook adheres to the Self-Regulatory Principles for Online Behavioral Advertising established by the Digital Advertising Alliance. You can also opt out from Facebook and other participating companies through the Digital Advertising Alliance in the USA http://www.aboutads.info/choices/, the Digital Advertising Alliance of Canada in Canada http://youradchoices.ca/ or the European Interactive Digital Advertising Alliance in Europe http://www.youronlinechoices.eu/, or opt out using your mobile device settings. For more information on the privacy practices of Facebook, please visit Facebook's Data Policy: https://www.facebook.com/privacy/explanation AppNexus AppNexus remarketing service is provided by AppNexus Inc. You can opt out of AppNexus remarketing by visiting AppNexus’ Platform Privacy web page: https://www.appnexus.com/en/company/platform-privacy-policy#choices For more information on the privacy practices of AppNexus, please visit the AppNexus Platform Privacy Policy web page: https://www.appnexus.com/en/company/platform-privacy-policy. AppNexus cookie duration is 30 days. M32.MEDIA M32.MEDIA is acting as our advertising service partner. You can delete all cookies gathered and managed through their process at https://m32.media/opt-out . M32.MEDIA DMP cookies are stored for a duration of 6 months.
  • 14.
    14 GENERAL DATA PROTECTIONREGULATION & PRIVACY GUIDANCE Deleting or protecting opt-outs If you delete your cookies, you will need to opt out again. You can find and install browser extensions that will help you preserve your opt-out preferences. For more information, please visit http://www.aboutads.info/PMC or https://youradchoices.ca/choices/protect-my-choices/. Links to Other Sites Our Service may contain links to other sites that are not operated by us. If you click on a third-party link, you will be directed to that third party's site. We strongly advise you to review the Privacy Policy of every site you visit. We have no control over and assume no responsibility for the content, privacy policies or practices of any third-party sites or services. Children's Privacy Our Service does not address anyone under the age of 13 ("Children"). We do not knowingly collect personally identifiable information from anyone under the age of 13. If you are a parent or guardian and you are aware that your Children has provided us with Personal Data, please contact us. If we become aware that we have collected Personal Data from children without verification of parental consent, we will take action to remove that information from our servers. Changes to This Privacy Policy We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page. We will let you know via email and/or a prominent notice on our Service, prior to the change becoming effective and update the "effective date" at the top of this Privacy Policy. You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page. Contact Us If you have any questions about this Privacy Policy, please contact us @ https://m32.media/lets-talk ------------------------------------------ FOLLOW US @ Web https://m32.media Facebook https://m32.media/facebook Twitter https://m32.media/twitter LinkedIn https://m32.media/linkedin