How GDPR Will Impact Your Programmatic Process

by Mike Tyler | February 22, 2018

GDPR – An Overview:

Every few years, the ad tech landscape experiences a level of disruption from technological innovation or policy changes.

Editor’s Note: The general data protection regulation (GDPR) has been years in the making and will transform the relationship between publishers and advertisers within the ad tech space. It’s coming into force on May 25th, 2018: is your company compliant?
May 25th, 2018 marks that change with the newest iteration of the General Data Protection Regulation (GDPR) being enforced by IAB Europe.

Working with our clients in an open and transparent way with programmatic advertising has never been more important, especially with GDPR looming in the near future.

Source: IT Governance

Programmatic advertising involves automating, buying, and placing the right ads, in the right context, for the right customers to drive ROI for businesses and brands alike.

It not only allows us to serve the best ads that convert at the lowest possible cost (and adjust campaigns on-the-fly to keep it that way) but to ensure this transparency and give end-users control of their data shared.


Call It Cookie-Cutter

The GDPR is a data protection directive which aims to end the use of unrestricted cookies (or any device identifiers for that matter) while allowing programmatic advertisers to maintain their standards and performance across the digital advertising landscape.

Failure to comply with GDPR will result in fines up to 4% of annual global turnover.

Essentially, the GDPR ensures that programmatic advertisers are transparent and honest with their creative and ad placement to better align audiences, advertisers, and publishers.

Why Now?

Considering the recent changes to Facebook’s content ranking system to promote more relevant material for viewers, as well as native advertising’s continuous rise in 2018, you could say trust is the new normal.

IAB Europe is reinforcing this trend by enforcing a high level of data protection through the GDPR: the goal is promoting transparency and honesty within programmatic.

Traditionally, audience data for programmatic is derived through device tracking (cookie tracking and other methods), coming either from publishers, data brokers, or advertisers.

As of May, publishers will be unable to use third-party data from data brokers, advertisers or clients, to help promote transparency within the programmatic field.

Additionally, GDPR suppresses the overexposure of inventory pricing information (ie. cost per impression, buyer budgets, etc.) by a third party. All the targeting information shared from here-on-out is consensual and considered first-party data; gone are the days of the “spray and pray” approach of ad placement.

Questions to Ask Yourself

Are you and your company GDPR compliant?

To ensure your GDPR compliance, you must first establish if you are a data controller or a data processor, then delegate your roles and responsibilities accordingly. To achieve compliance, here are a few questions to consider in the context of your business and role within the ad tech ecosystem:


  • Do you have explicit end-user consent? Under GDPR, end-users need information about their data collection and a clearly defined way of opting out.
  • Are you outside the EU? As far as GDPR is concerned, it doesn’t matter – the regulation applies to data processors globally.
  • Are you a data controller or data processor? The prior determines how personal data is processed (as a person or business), while the latter processes the data on behalf of the controller. Controllers are subject to the EU laws and legislation, while processors aren’t directly accountable.

Photo by Mike Tyler on War Room Inc


How War Room Addresses GDPR

Luckily, we’re already in a strong position to adhere to the GDPR’s new legal framework since we’ve always operated with a customer-centric approach.

War Room complies with the latest programmatic standards, like OpenRTB 2.4, and format standards like HTML5, VPAID 2.0, and Native Ads API 1.1, to ensure our clients have their brand safety protected, and that our programmatic advertising maintains full-transparency.

Are you seeking an update privacy policy? While we’re happy to provide advise, please note that this is not language from our lawyer and is based on research to ensure our clients comply with GDPR compliance. If you want to use this language, we recommend you have your Legal Council review it first.

1. Information We Collect:

(a) When you visit our site:
You can visit our website without giving away your personal information. We use Analytics and cookies in order to improve our service, user experience and analyze how the website is used. Aside from the approximate location (IP Address), the information collected through our Analytics software is mostly anonymous traffic data including browser information, device information, the frequency of use, and language. Through cookies, we also collect additional information such as your age, gender, and interests. The collected information is used to provide an overview of how people are accessing and using our website, as well as providing marketing services to you.
(b) Our Service:
We may collect personally identifiable information about you, such as your full name, phone number and email address, when you register for an account. If you choose to purchase a product from us, we or our third-party payment processors will collect your payment information. We also collect data through our partners, by embedding code on our website or mobile applications. When you use our websites or mobile applications, we may receive certain information about you as described above. With this information, we may target you with marketing materials such as service-related ads or emails. If you no longer wish to receive these emails, you may opt out of them by cancelling your account.

2. How We Use Your Information:

We use the information that we collect to operate and maintain our website, send you marketing communications, respond to your questions and concerns and to help our partners improve their online offerings.

Hope this helps with your new privacy policy.

At War Room, we ensure full GDPR compliance for our clients and ensure ads are delivered with the appropriate consent, tracking, and deliverability for maximum success. To find out more about how we can service your programmatic needs and/or establish your GDPR compliance, contact us today.

Introducing Our Charity Program: Kedet Kares

Introducing Our Charity Program: Kedet Kares

Giving back to our community has always been a big part of War Room’s company ethos.Our agency’s core values are Passion and Service. We are passionate about making a difference and believe that relationships are the key to business success and longevity. As a small...

How iOS 14’s Update Will Impact Your Facebook Ads

How iOS 14’s Update Will Impact Your Facebook Ads

Significant changes are coming in 2021, and marketers are biting their nails in anticipation. One of the events that might affect brands and their Facebook Ad strategy is Apple’s iOS 14 update, so we’re here to give you the lo-down. Here are the categories we will...

Great Examples of Mother’s Day Ads

Great Examples of Mother’s Day Ads

We’re sharing our favorite Mother’s Day ads of all time!With the special day coming up soon, we’re gearing up and planning for gifts and ways we can celebrate mom! According to the National Retail Federation (NRF), consumers spend an average of $205 on Mother’s Day...

Share This