With rapid advances in technology, particularly in the ad-tech industry, data protection laws around the world have struggled to keep pace. The General Data Protection Regulation (GDPR), which came into force on 25 May 2018, aimed to strengthen these laws and create a unified system across the Member States of the European Union.
The GDPR applies to the processing of personal data by organisations based both within the EU and outside the EU if they offer goods and services to individuals in the EU, even if those goods or services are free.
Personal data is any information that allows a person to be directly or indirectly identified.
A data subject is an individual to whom the personal data relates; in our case, the end user of a device. Processing includes collecting, recording, storing, using, analysing, combining, disclosing or deleting personal data.
As a company operating within the EU with publishers, advertisers, and end-users across the globe, Ogury is subject to the GDPR. Ogury applies the same high standards of transparency to all end users, regardless of location.
As a controller of personal data, we make decisions about processing activities. Ogury exercises overall control of the personal data being processed, and is ultimately responsible for the processing of data.
In order to comply with GDPR, Ogury needs a lawful basis to process personal data, with six viable legal bases available. Ogury relies on consent and on legitimate interest (depending on the type or processing) as its lawful bases for processing personal data.
Among other things, the GDPR changed the rules relating to consent, which must be freely given, specific, informed and unambiguous and involve clear affirmative action. Ogury’s current user transparency and consent solution (Choice Manager, below) gives clear information and real choice to end-users:
Choice Manager is separate to publishers’ terms and conditions. If an end-user objects or does not consent, Ogury does not process their data. We give all users the ability to object to processing, to withdraw their consent at any time, or to ask that their data be deleted. Data deletion requests can be made either by using the opt-out form on our website ( https://consent.ogury.co/ which is linked to from all our ads) or by emailing the firstname.lastname@example.org . Once the user withdraws consent, they no longer receive any personalised ads from Ogury.
They can also opt out of personalised advertising in apps altogether by changing the settings on their mobile device.View our opt out guide
Combine all consent notices from every demand partner, tech solution, tracking or analytics provider in one convenient place.
Make giving or withdrawing consent clear, easy and non-disruptive.
Provide choice and build trust by giving users the option to opt-in and share their mobile journey signals to access free content, or the option to pay with money.
Are you a GDPR blackbelt? Or is your knowledge still a bit rough around the edges? Give us five minutes of your time and you’ll come out more informed.