Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Info
titleGuidelines and Updates for TCF 2.0 Readiness

The IAB Europe Transparency & Consent Framework (TCF) gives the publishing and advertising industries a common structure to communicate consumer consent, for the delivery of online advertising and content in compliance with the EU’s GDPR and ePrivacy Directive. On August 21, 2019, IAB Europe launched the second iteration of TCF.

Important milestone dates:

  • IAB Europe wants the industry to transition to TCF 2.0 by the end of Q2 2020.
  • PubMatic will be ready to support TCF 2.0 from April 30, 2020.
  • PubMatic will continue to support both v1.1 and v2 signals until all major DSPs support TCF 2.0. 

What do you need to do?

  1. Define your legal basis for each of the purposes and make sure that you are listed into the IAB TCF v2 vendor list with a proper ID. 
  2. Work with your CMPs to update your TCF version from 1.1 to 2.0.

To learn more:

If you have questions or need more assistant, contact your Customer Success representative.

Introduction

This document explains how the RTB platform implements the General Data Protection Regulation (GDPR) and how to enable the GDPR compliance for different partners.

So far, few Personal Identifiable Information (PII) fields such as user location, IP, age, etc. are being used to deliver targeted ads to users. GDPR regulates the use of such PII fields when the user does not give consent to Ad vendors.

GDPR Impact in the RTB Platform

When the request from a page is a GDPR-regulated impression and the user does not give consent to PubMatic, then all such PII fields are cleared before performing deals and RTB requests. The GDPR-regulated impressions without user consent to PubMatic impact the following areas:

  • Real Time Bidding
    PubMatic does not send any PII fields through bid requests to a demand partner.
  • PMP Deals
    PubMatic does not evaluate any deals that are targeted on such PII fields.
  • User matching
    Cookies will not be shared with demand partners for matching with the user id.
  • Audience Matching
    Audience data will not be collected from data providers for any users that do not give consent to PubMatic. PubMatic does not use any PII fields that are already collected if the user does not give consent to PubMatic. Additionally, those fields will be deleted after 30 days automatically if the user continues to opt out of PubMatic.

GDPR Compliance for

...

Publishers

By default, the GDPR compliance is applied to all requests coming from EU-region publishers. Publishers should get the consent from the user to PubMatic along with other vendors.

...

A Publisher level control is provided to specify the Publisher’s choice.

GDPR Compliance for

...

DSPs

By default, the GDPR compliance is applied to all requests coming from the EU region. A DSP can opt for checking their consent and send the RTB requests only when they have the consent. They can also opt to receive all GDPR-regulated impressions if they are already compliant and can handle such requests on their side.

...