• Skip to primary navigation
  • Skip to main content
  • Skip to footer
  • 020 3330 7010
  • marketing@allresponsemedia.com
  • E-mail
  • Facebook
  • Instagram
  • LinkedIn
  • Twitter
  • YouTube
ARM logo

All Response Media

  • Home
  • About ARM
    • About ARM
    • Meet the Team
  • Our Services
    • TV Advertising
    • Digital
      • PPC
      • SEO
      • CRO
      • Social Media
      • Programmatic
    • Offline Media
      • TV Advertising
      • Press
      • Radio
      • Inserts
      • Door to Door Advertising
      • Outdoor
    • Analytics
    • ARMalytics®
  • Success Stories
    • Client Success Stories
    • TV Star Competition UK
    • TV Star Competition NL
    • Our Work With Startups
  • Content Hub
  • Careers
  • Contact Us
You are here: Home / Data / Not another GDPR update…

Not another GDPR update…

7th December 2017 by Nick Cudahy

So there are only 169 days until the 25th May 2018, also known as the date the General Data Protection Regulation (GDPR) framework comes into effect.

There is still much we don’t know, and as a result, there is a lot of speculation on how this will impact us all. What we do know is that it cannot be ignored, as it will impact all ‘controllers’ and ‘processors’ of personal data, including online identifiers such as IPs, and sensitive personal data. Not even the UK’s decision to leave the EU will affect the commencement of the GDPR.

Therefore, rather than join the speculators, we thought we would update you on the approach and changes Google is making to be ready for GDPR, learned from the “Google Cloud and GDPR – Staying in the Know” event last month. It is an ongoing project for them to be ready, with many questions still to be answered. However, they are changes that will likely have an impact on most advertisers.

They kicked off the event by sharing a checklist for marketing departments: have you asked yourself these questions?

User Transparency and Controls

Providing transparency to end users: how do you currently let your customers opt out?

Consent

Getting consent from end users: have you read your recent consent permissions? Are they aligned to how you are using the data currently (internally and externally)?

Systems and Databases

These have to be secure: do you currently record consent at a record level?

Documentation

Documentation of your data processes: have you documented your process as the Data Protection Act (DPA) will want to see it if investigated?

Google also ran through how they are getting GDPR ready, and how that may impact their ad and measurement platforms. Prior to getting into that, one helpful definition is to understand the difference between ‘controllers’ and ‘processors’.

  • “Data controller” means a person who, either alone or jointly or in common with other persons, determines the purposes for which and the manner in which any personal data are, or are to be processed.
  • “Data processor”, in relation to personal data, means any person, other than an employee of the data controller, who processes the data on behalf of the data controller.

Therefore, you can see that some of the Google products are both controllers and processers, making this more complex.

What are some headlines on what Google is doing?

Increasing transparency:

  • Improving the ‘My Account’ page, and the ‘My Activity’ area
  • ‘Why This Ad’ link that you see in all Google ads (including search). This shows you the criteria you were targeted by for any given ad
  • google.com is a new site that explains how Google uses your data as a consumer

New product guidelines:

Both Google Analytics and DoubleClick are yet to publish the new guidelines at a product level.

However, in the Q&A, there could be changes in keeping data and data deletion.

Regarding DoubleClick, there were many questions surrounding what we can do with the data after 60 days when it expires in DoubleClick. The answer was that it will probably not be possible to target using that data, although it can be stored as long as it has been collected in a complicit way.

If data is stored on a Google ‘processer’ platform, it is not Google’s responsibility that it was collected with the right consent. For example, first party lists e.g. Customer Match, the point of collection of this data; the ‘controller’ would need to have documentation showing compliance. Article 46 of GDPR covers the use of moving data internationally, which should make this an easier process in and out of the EU.

You can visit privacy.google.com/businesses/ for queries you may have on your business data.

3rd party Audiences

Where 3rd party data is used for audiences, then the 3rd party will need to be compliant not the user. So if using Google Audiences (similar, in market), then Google will ensure compliance

Subscribe For More

Newsletter Signup

Footer

ARM logo

The Leading Performance Media Agency

Building businesses and brands by providing clients with an Unfair Competitive Advantage.
ARMalytics®

Get In Touch

London: Sutton Yard, 65 Goswell Road, EC1V 7EN
Phone: +44 (0) 20 3330 7000

Leeds: Marshalls Mill, Marshall Street, LS11 9YJ
Phone: +44 (0) 20 3330 8050

Amsterdam: Koivistokade 3, 1013 AC
Phone: +31 6 3761 9020

marketing@allresponsemedia.com

Privacy Policy | Cookie Policy | Modern Slavery Policy

  • E-mail
  • Facebook
  • Instagram
  • LinkedIn
  • Twitter
  • YouTube

Our Newsletter

Subscribe to receive exclusive media insights straight to your inbox. We respect your privacy.

Newsletter Signup

We are using cookies to give you the best experience on our website.

You can find out more about which cookies we are using or switch them off in settings.

ARM logo
Powered by  GDPR Cookie Compliance
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.

Strictly Necessary Cookies

These cookies are essential to provide you with services available through our website and to enable you to use certain features of our website.

If you disable this cookie, we cannot provide you certain services on our website and we will not be able to save your preferences. This means that every time you visit this website you will need to enable or disable cookies again.

Analytical and Performance Cookies

These cookies are used to collect information to analyse the traffic to our website and how visitors are using our website.

For example, these cookies may track things such as how long you spend on the website or the pages you visit which helps us to understand how we can improve our website for you.

The information collected through these tracking and performance cookies do not identify any individual visitor.

Please enable Strictly Necessary Cookies first so that we can save your preferences!

Advertising and Targeting Cookies

These cookies are used to show advertising that is likely to be of interest to you based on your browsing habits.

These cookies, as served by our content and/or advertising providers, may combine information they collected from our website with other information they have independently collected relating to your web browser's activities across their network of websites.

If you choose to remove or disable these targeting or advertising cookies, you will still see adverts but they may not be relevant to you.

Please enable Strictly Necessary Cookies first so that we can save your preferences!

Cookie Policy

More information about our Privacy Policy and Cookie Policy