Background
The General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) is a regulation by which the European Parliament, the Council of the European Union, and the European Commission intend to strengthen and unify data protection for all individuals within the European Union (EU).
Table of Contents
GDPR FAQ
GDPR regulation dictates that when an ad request needs GDPR compliance, in order to process an end user’s PII (personal identifiable information) to serve personalized advertising you must have the end user’s consent. Without user consent, only non-personalized ads can be shown. Serving non-personalized ads over personalized ads will have a significant impact on revenue.
Under GDPR requirements, there are a few areas of ad serving that will be impacted.
- Personalized ads
- Personalized ads will only be shown when the request needs GDPR compliance if:
- You have agreed to AerServ’s GDPR Data Rider
- You have updated your integration
- You are collecting and transmitting valid user consent
- Personalized ads will only be shown when the request needs GDPR compliance if:
- Mediation
- Because of strict data transfer policies, requests needing GDPR compliance, AerServ will only be able to transmit personal information to our preferred connections.
- We will not be able to transmit personal information to custom ad sources.
-
Please note: Because of strict data transfer policies, requests needing GDPR compliance, AerServ will only be able to transmit personal information to our preferred connections. We will not be able to transmit personal information to custom ad sources.
- Virtual Currency
- A request needing GDPR compliance, that does not have user consent, will not be able to use the user ID to properly frequency cap the user to limit their reward amount. We recommend you only serve rewarded ads to user's who have given consent.
- User Frequency Capping
- A request needing GDPR compliance, that does not have user consent, will not be able to use the user ID to properly frequency cap the user at any level in the UI. Please be careful using user frequency caps if your users are not giving their consent to process PII.
- Publisher custom keys
- Because publisher custom keys are unstructured data AerServ will drop any custom keys on a request needing GDPR compliance that does not have user consent. Reporting on custom keys will not be available for these type of requests.
Steps to Continue to Serve Personalized Ads
You will be prompted to accept our new terms on login. These terms include our GDPR data rider addendum. In addition, you may have recently received offline communications from AerServ about a data rider addendum to our terms and conditions, with the request to sign the GDPR related addendum. If you have signed the offline paper work, please also accept the online terms by selecting "Agree" OR by navigating to your GDPR account settings and updating your preferences.
The GDPR Management Page can be found under the "Settings" section in the
upper righthand corner of the platform navigation. Here, you can opt in or
opt out of serving personalized ads to your EU users.
- SDK - Upgrade to Version 3.1.1 or Higher
- The new iOS and Android SDK will allow publishers to pass in user consent via a new method.
- Please visit the integration support documentation pages for more information:
- JS Tags
- There will be two new parameter additions to our JS tags that will allow you to pass in both compliance and consent.
- Please visit the JS Integration support documentation page for more information:
- VAST Tags
- There will be two new parameter additions to our Vast URL’s that will allow you to pass in both compliance and consent.
- Please visit the VAST Tag Integration support documentation page for more information:
- API Connection
- There will be two new parameter additions to our API call that will allow you to pass in both compliance and consent.
- Please visit the API Integration support documentation page for more information:
Parameter Names | Values | Description |
---|---|---|
gdpr | 1,0 |
Use this parameter to pass in whether compliance is needed for the ad request. Expected values are "1" (compliance needed) OR "0" no compliance needed. Omission indicates compliance is unknown. |
gdpr_consent |
1,0 |
Use this parameter to pass in user consent . Expected values are "1" (consent given) OR "0" consent not given. Omission indicates no consent. |
After updating your integration, ensure that you are collecting and passing your user’s consent into the necessary consent field. AerServ must receive valid user consent from an app’s end user in order to continue to serve personalized ads.
New AerServ Platform Features
- GDPR Management Tab
- Located under "Settings" in the upper-righthand corner of the navigation after you've signed into the AerServ platform.
- Use this tab to opt-in or opt-out of serving personalized ads to your EU users.
- GDPR “Age of Consent” Field
- This field is located in the "Edit App" page under "App Preferences."
- Be cautious when using this selection. It will treat the request as if the user has not given consent, stripping the request from any PII information.
- Age of consent defined by GDPR will be left to individual states. AerServ is asking to check the age of consent box IF your app is directed towards an audience that is younger than 16.
- GDPR macro’s
- To pass consent and compliance to your custom ad sources, AerServ has created two new macros:
Parameter Names | Macro | Description |
---|---|---|
gdpr |
$[gdpr] |
Use this parameter to pass in whether compliance is needed for the ad request. Expected values are "1" (compliance needed) OR "0" no compliance needed. Omission indicates compliance is unknown. |
gdpr_consent |
$[gdpr_consent] |
Use this parameter to pass in user consent . Expected values are "1" (consent given) OR "0" consent not given. Omission indicates no consent. |
Comments