The IAB Europe Transparency & Consent Framework (TCF) gives the publishing and advertising industries a common structure to communicate consumer consent, for the delivery of online advertising and content in compliance with the EU’s GDPR and ePrivacy Directive. On August 21, 2019, IAB Europe launched the second iteration of TCF.
Important milestone dates:
What do you need to do?
To learn more:
If you have questions or need more assistant, contact your Customer Success representative.
This document explains how the RTB platform implements the General Data Protection Regulation (GDPR) and how to enable the GDPR compliance for different partners.
So far, few Personal Identifiable Information (PII) fields such as user location, IP, age, etc. are being used to deliver targeted ads to users. GDPR regulates the use of such PII fields when the user does not give consent to Ad vendors.
GDPR Impact in the RTB Platform
When the request from a page is a GDPR-regulated impression and the user does not give consent to PubMatic, then all such PII fields are cleared before performing deals and RTB requests. The GDPR-regulated impressions without user consent to PubMatic impact the following areas:
- Real Time Bidding
PubMatic does not send any PII fields through bid requests to a demand partner.
- PMP Deals
PubMatic does not evaluate any deals that are targeted on such PII fields.
- User matching
Cookies will not be shared with demand partners for matching with the user id.
- Audience Matching
Audience data will not be collected from data providers for any users that do not give consent to PubMatic. PubMatic does not use any PII fields that are already collected if the user does not give consent to PubMatic. Additionally, those fields will be deleted after 30 days automatically if the user continues to opt out of PubMatic.
GDPR Compliance for
By default, the GDPR compliance is applied to all requests coming from EU-region publishers. Publishers should get the consent from the user to PubMatic along with other vendors.
A Publisher level control is provided to specify the Publisher’s choice.
GDPR Compliance for
By default, the GDPR compliance is applied to all requests coming from the EU region. A DSP can opt for checking their consent and send the RTB requests only when they have the consent. They can also opt to receive all GDPR-regulated impressions if they are already compliant and can handle such requests on their side.