SlideShare ist ein Scribd-Unternehmen logo

Interact 2018 - GDPR for digital publishers, digital agencies and advertisers

IAB Europe
IAB Europe

Held in Milan on 23-24 May, IAB Europe’s annual 2-day conference Interact 2018 featured a training by Matthias Matthiesen, Director Public Policy & Privacy and Chris Hartsuiker, Public Policy Officer, IAB Europe. Which provisions in the General Data Protection Regulation are the most relevant to digital publishers and advertisers? What is the guidance of the European Data Protection Board (former Article 29 Working party) on these topics? This training session, provided by IAB Europe will provide insight into applying the GDPR to the digital advertising supply chain.

Marketing
1 von 30
Downloaden Sie, um offline zu lesen
GDPR for Digital Publishers, Digital Agencies, and Advertisers Matthias Matthiesen Director, Privacy & Public Policy Chris Hartsuiker Manager, Privacy & Public Policy May 23rd, INTERACT 2018 Milan
• You are a controller or processor in the EU: The GDPR applies to you. • You are a controller outside of the EU: GDPR applies if you if • you monitor the behavior of people in Europe, or • you offer goods and services to people in Europe. Territorial Applicability
Even if the GDPR technically doesn’t apply to YOU… • Partners might be in scope; they will have to know if it’s safe for them to send data to your company. • Countries outside of the EU of the GDPR are ‘third countries’ – transferring data to those companies is an ‘international data transfer’, which is only allowed if there is a transfer mechanism.
Everywhere is Europe
Personal Data ANONYMOUS IDENTIFIABLE NATURAL PERSON IDENTIFIED NATURAL PERSON PERSONAL DATA NON-PERSONAL DATA PSEUDONYMOUS DATA PERSONALLY IDENTIFIABLE INFORMATION (“PII”)
Personal Data If an individual can be singled out by data, that data is personal data (unique cookie ID or AAID/IDFA)
Personal Data IP 94.225.47.200 Internet Service Provider Matthias Matthiesen on Friday, 22 April 2016, 9:15 AM IP 94.225.47.200 Online Service Legal Means (Court Order) Internet Service Provider Matthias Matthiesen on Friday, 22 April 2016, 9:15 AM If data can be re-identified by the controller, or another entity, that data is personal data.
Personal Data • Information related to an identified or identifiable natural person. • Identifiers, such as a name, number, location, online ID, or one or more factors specific to a natural person. • IP address, cookie ID, RFID tag, especially when combined with profiles.
When in doubt: It’s Personal Data
This far-reaching effect is completely intentional. • The GDPR is the latest and potentially greatest example of what is known as the “Brussels effect”. Illustration by Sara Gironi Carnevale for POLITICO Europe
R RESTRICTED PERSONAL DATA REQUIRES LEGAL GROUND FOR PROCESSING
ePrivacy Directive • Storing information, such as cookies, or accessing information stored on a user device generally requires consent. • Unless “strictly” technically necessary for provision of the service requested by a user, e.g. shopping cart cookies. NB: The ePrivacy Directive is a law from 2009, not to be confused with its proposed update, the ePrivacy Regulation.
ePrivacy rules before GDPR ePrivacy Consent Requirement GET CONSENT AS DEFINED BY
ePrivacy rules after GDPR ePrivacy Consent Requirement GET CONSENT AS DEFINED BY GDPR
Hierarchy ePrivacy and GDPR Processing personal data Storing/accessing Personaldataondevice Consent GDPR Legal Basis ePrivacy GDPR Consent • Collection of data over the internet generally requires consent because of ePrivacy • Processing of personal data requires a GDPR legal basis e.g. consent, or legitimate interest. • Where both apply at the same time the more specific consent rule of the ePrivacy prevails. Storing/accessing data on device
Consent • Consent is a statement or clear affirmative action signifying agreement to the processing of personal data. It must be • freely given, specific, informed • Controllers must be able to demonstrate that the data subject has consented to the processing of their personal data. • Consent must be revocable at any time. Revoking consent must be as easy as granting consent.
Consent • Consent ≠ silence/inactivity • Consent ≠ freely given if inappropriately bundled. • Consent ≠ freely given if inappropriately a condition • Consent ≠ freely given in situations of “power imbalance” • Which affirmative actions can convey consent? • Choosing technical settings (which)? • Further browsing? • Clicking a link? • Highlighting text? • Informed = purpose & controller disclosed
Consent
Consent
Stay Informed www.advertisingconsent.eu
Stay Informed
Quick Recap: • GDPR applies based on territory (everywhere is Europe). • Personal data covers a huge amount of types of data (when in doubt: it’s personal data). • Processing personal data is only lawful with a legal basis (consent, legitimate interest).
Transparency & Data Subject Rights Transparency & Data Subject Rights
Data Subject Rights Data subject rights • The right to access • The right to rectification • The right to erasure • The right to restrict processing • The right to data portability • The right to object • Rights related to automated decisions, including profiling, with legal or significant effects
Profiling & Automated Decision Making • Profiling is automated processing, analyzing, or predicting a person’s preferences, interests, behavior, etc. • It must be justified through one of the legal justifications, e.g. consent or the legitimate interests of the controller. • Where an automated decision, including profiling, has legal effects or similarly significantly affects a user, it is regulated more strictly. • It can only be justified through the explicit consent of the user.
Profiling & Automated Decision Making Automated review of credit applications Automated recruitment practices, e.g. candidate selection through algorithm
So what can I do if I’m not ready for GDPR day on Friday?
So what can I do if I’m not ready for GDPR day on Friday? 1.Determine whether GDPR applies. 2.Take stock of all data processing activities. 3.Conduct impact assessments. 4.Create a compliance roadmap. 5.Appoint a DPO. 6.Get help, engage with industry, stay informed. 7.Help others.
Thank you! Matthias Matthiesen matthiesen@iabeurope.eu Chris Hartsuiker hartsuiker@iabeurope.eu Or come find us during Interact!

Empfohlen

Preparing for GDPR: General Data Protection Regulation - Stakeholder Presenta...
Preparing for GDPR: General Data Protection Regulation - Stakeholder Presenta...Preparing for GDPR: General Data Protection Regulation - Stakeholder Presenta...
Preparing for GDPR: General Data Protection Regulation - Stakeholder Presenta...Qualsys Ltd
 
The GDPR for Techies
The GDPR for TechiesThe GDPR for Techies
The GDPR for TechiesLilian Edwards
 
2017 09 13_VOKA The Big Refresh - GDPR - IFORI
2017 09 13_VOKA The Big Refresh - GDPR - IFORI2017 09 13_VOKA The Big Refresh - GDPR - IFORI
2017 09 13_VOKA The Big Refresh - GDPR - IFORIKarel Holst
 
GDPR presentation BE-Com - IFORI
GDPR presentation BE-Com - IFORIGDPR presentation BE-Com - IFORI
GDPR presentation BE-Com - IFORIKarel Holst
 
Legal update
Legal updateLegal update
Legal updateRachel Aldighieri
 
Regulation (EU) 2016_679_GDPR_Overview_June 2016
Regulation (EU) 2016_679_GDPR_Overview_June 2016Regulation (EU) 2016_679_GDPR_Overview_June 2016
Regulation (EU) 2016_679_GDPR_Overview_June 2016John Greenwood
 
Using Social Business Software and being compliant with EU data protection la...
Using Social Business Software and being compliant with EU data protection la...Using Social Business Software and being compliant with EU data protection la...
Using Social Business Software and being compliant with EU data protection la...BCC - Solutions for IBM Collaboration Software
 
Privacy and Data Protection Act 2014 (VIC)
Privacy and Data Protection Act 2014 (VIC)Privacy and Data Protection Act 2014 (VIC)
Privacy and Data Protection Act 2014 (VIC)Russell_Kennedy
 

Empfohlen

Preparing for GDPR: General Data Protection Regulation - Stakeholder Presenta...
Preparing for GDPR: General Data Protection Regulation - Stakeholder Presenta...Preparing for GDPR: General Data Protection Regulation - Stakeholder Presenta...
Preparing for GDPR: General Data Protection Regulation - Stakeholder Presenta...Qualsys Ltd
 
The GDPR for Techies
The GDPR for TechiesThe GDPR for Techies
The GDPR for TechiesLilian Edwards
 
2017 09 13_VOKA The Big Refresh - GDPR - IFORI
2017 09 13_VOKA The Big Refresh - GDPR - IFORI2017 09 13_VOKA The Big Refresh - GDPR - IFORI
2017 09 13_VOKA The Big Refresh - GDPR - IFORIKarel Holst
 
GDPR presentation BE-Com - IFORI
GDPR presentation BE-Com - IFORIGDPR presentation BE-Com - IFORI
GDPR presentation BE-Com - IFORIKarel Holst
 
Legal update
Legal updateLegal update
Legal updateRachel Aldighieri
 
Regulation (EU) 2016_679_GDPR_Overview_June 2016
Regulation (EU) 2016_679_GDPR_Overview_June 2016Regulation (EU) 2016_679_GDPR_Overview_June 2016
Regulation (EU) 2016_679_GDPR_Overview_June 2016John Greenwood
 
Using Social Business Software and being compliant with EU data protection la...
Using Social Business Software and being compliant with EU data protection la...Using Social Business Software and being compliant with EU data protection la...
Using Social Business Software and being compliant with EU data protection la...BCC - Solutions for IBM Collaboration Software
 
Privacy and Data Protection Act 2014 (VIC)
Privacy and Data Protection Act 2014 (VIC)Privacy and Data Protection Act 2014 (VIC)
Privacy and Data Protection Act 2014 (VIC)Russell_Kennedy
 
The Essential Guide to GDPR
The Essential Guide to GDPRThe Essential Guide to GDPR
The Essential Guide to GDPRTim Hyman LLB
 
Data Protection and Privacy
Data Protection and PrivacyData Protection and Privacy
Data Protection and PrivacyVertex Holdings
 
GDPR Overview
GDPR OverviewGDPR Overview
GDPR OverviewTrish McGinity, CCSK
 
EU GDPR and you: requirements for marketing
EU GDPR and you: requirements for marketingEU GDPR and you: requirements for marketing
EU GDPR and you: requirements for marketingIT Governance Ltd
 
Sophie's Privacy - a story about GDPR
Sophie's Privacy - a story about GDPRSophie's Privacy - a story about GDPR
Sophie's Privacy - a story about GDPRHans Demeyer
 
GDPR: Key Article Overview
GDPR: Key Article OverviewGDPR: Key Article Overview
GDPR: Key Article OverviewCraig Clark ITIL, CIS LI,EU GDPR P
 
GDPR 11/1/2017
GDPR 11/1/2017GDPR 11/1/2017
GDPR 11/1/2017isc2-hellenic
 
Modelling the General Data Protection Regulation
Modelling the General Data Protection RegulationModelling the General Data Protection Regulation
Modelling the General Data Protection RegulationSabrina Kirrane
 
Data protection ppt
Data protection pptData protection ppt
Data protection pptgrahamwell
 
Data Protection and IDEA
Data Protection and IDEAData Protection and IDEA
Data Protection and IDEAAuditWare Systems Ltd.
 
GDPR security services - Areyou ready ?
GDPR security services - Areyou ready ?GDPR security services - Areyou ready ?
GDPR security services - Areyou ready ?Frederick Penaud
 
Data Protection Act
Data Protection ActData Protection Act
Data Protection Actmrmwood
 
ABM Display Advertising Success in the World of GDPR [PPT]
ABM Display Advertising Success in the World of GDPR [PPT]ABM Display Advertising Success in the World of GDPR [PPT]
ABM Display Advertising Success in the World of GDPR [PPT]Kwanzoo Inc
 
Privacy law-update-whitmeyer-tuffin
Privacy law-update-whitmeyer-tuffinPrivacy law-update-whitmeyer-tuffin
Privacy law-update-whitmeyer-tuffinWhitmeyerTuffin
 
Privacy and Data Security
Privacy and Data SecurityPrivacy and Data Security
Privacy and Data SecurityWilmerHale
 
GDPRR: The Key Changes
GDPRR: The Key ChangesGDPRR: The Key Changes
GDPRR: The Key ChangesCraig Clark ITIL, CIS LI,EU GDPR P
 
Legal update - Leeds
Legal update - LeedsLegal update - Leeds
Legal update - LeedsRachel Aldighieri
 
Data protection
Data protectionData protection
Data protectionLewis Silkin
 
3A – DATA PROTECTION: ADVICE
3A – DATA PROTECTION: ADVICE3A – DATA PROTECTION: ADVICE
3A – DATA PROTECTION: ADVICECFG
 
An introduction to data protection - 2/09/2015
An introduction to data protection - 2/09/2015An introduction to data protection - 2/09/2015
An introduction to data protection - 2/09/2015Rachel Aldighieri
 
Introduction to EU General Data Protection Regulation: Planning, Implementat...
Introduction to EU General Data Protection Regulation: Planning, Implementat... Introduction to EU General Data Protection Regulation: Planning, Implementat...
Introduction to EU General Data Protection Regulation: Planning, Implementat...Financial Poise
 
Data Protection Seminar 2_Marketing & GDPR_ISOLAS LLP_26-07-17
Data Protection Seminar 2_Marketing & GDPR_ISOLAS LLP_26-07-17Data Protection Seminar 2_Marketing & GDPR_ISOLAS LLP_26-07-17
Data Protection Seminar 2_Marketing & GDPR_ISOLAS LLP_26-07-17Michael Adamberry
 

Weitere ähnliche Inhalte

Was ist angesagt?

The Essential Guide to GDPR
The Essential Guide to GDPRThe Essential Guide to GDPR
The Essential Guide to GDPRTim Hyman LLB
 
Data Protection and Privacy
Data Protection and PrivacyData Protection and Privacy
Data Protection and PrivacyVertex Holdings
 
EU GDPR and you: requirements for marketing
EU GDPR and you: requirements for marketingEU GDPR and you: requirements for marketing
EU GDPR and you: requirements for marketingIT Governance Ltd
 
Sophie's Privacy - a story about GDPR
Sophie's Privacy - a story about GDPRSophie's Privacy - a story about GDPR
Sophie's Privacy - a story about GDPRHans Demeyer
 
Modelling the General Data Protection Regulation
Modelling the General Data Protection RegulationModelling the General Data Protection Regulation
Modelling the General Data Protection RegulationSabrina Kirrane
 
Data protection ppt
Data protection pptData protection ppt
Data protection pptgrahamwell
 
GDPR security services - Areyou ready ?
GDPR security services - Areyou ready ?GDPR security services - Areyou ready ?
GDPR security services - Areyou ready ?Frederick Penaud
 
Data Protection Act
Data Protection ActData Protection Act
Data Protection Actmrmwood
 
ABM Display Advertising Success in the World of GDPR [PPT]
ABM Display Advertising Success in the World of GDPR [PPT]ABM Display Advertising Success in the World of GDPR [PPT]
ABM Display Advertising Success in the World of GDPR [PPT]Kwanzoo Inc
 
Privacy law-update-whitmeyer-tuffin
Privacy law-update-whitmeyer-tuffinPrivacy law-update-whitmeyer-tuffin
Privacy law-update-whitmeyer-tuffinWhitmeyerTuffin
 
Privacy and Data Security
Privacy and Data SecurityPrivacy and Data Security
Privacy and Data SecurityWilmerHale
 
3A – DATA PROTECTION: ADVICE
3A – DATA PROTECTION: ADVICE3A – DATA PROTECTION: ADVICE
3A – DATA PROTECTION: ADVICECFG
 
An introduction to data protection - 2/09/2015
An introduction to data protection - 2/09/2015An introduction to data protection - 2/09/2015
An introduction to data protection - 2/09/2015Rachel Aldighieri
 

Was ist angesagt? (20)

The Essential Guide to GDPR
The Essential Guide to GDPRThe Essential Guide to GDPR
The Essential Guide to GDPR
 
Data Protection and Privacy
Data Protection and PrivacyData Protection and Privacy
Data Protection and Privacy
 
GDPR Overview
GDPR OverviewGDPR Overview
GDPR Overview
 
EU GDPR and you: requirements for marketing
EU GDPR and you: requirements for marketingEU GDPR and you: requirements for marketing
EU GDPR and you: requirements for marketing
 
Sophie's Privacy - a story about GDPR
Sophie's Privacy - a story about GDPRSophie's Privacy - a story about GDPR
Sophie's Privacy - a story about GDPR
 
GDPR: Key Article Overview
GDPR: Key Article OverviewGDPR: Key Article Overview
GDPR: Key Article Overview
 
GDPR 11/1/2017
GDPR 11/1/2017GDPR 11/1/2017
GDPR 11/1/2017
 
Modelling the General Data Protection Regulation
Modelling the General Data Protection RegulationModelling the General Data Protection Regulation
Modelling the General Data Protection Regulation
 
Data protection ppt
Data protection pptData protection ppt
Data protection ppt
 
Data Protection and IDEA
Data Protection and IDEAData Protection and IDEA
Data Protection and IDEA
 
GDPR security services - Areyou ready ?
GDPR security services - Areyou ready ?GDPR security services - Areyou ready ?
GDPR security services - Areyou ready ?
 
Data Protection Act
Data Protection ActData Protection Act
Data Protection Act
 
ABM Display Advertising Success in the World of GDPR [PPT]
ABM Display Advertising Success in the World of GDPR [PPT]ABM Display Advertising Success in the World of GDPR [PPT]
ABM Display Advertising Success in the World of GDPR [PPT]
 
Privacy law-update-whitmeyer-tuffin
Privacy law-update-whitmeyer-tuffinPrivacy law-update-whitmeyer-tuffin
Privacy law-update-whitmeyer-tuffin
 
Privacy and Data Security
Privacy and Data SecurityPrivacy and Data Security
Privacy and Data Security
 
GDPRR: The Key Changes
GDPRR: The Key ChangesGDPRR: The Key Changes
GDPRR: The Key Changes
 
Legal update - Leeds
Legal update - LeedsLegal update - Leeds
Legal update - Leeds
 
Data protection
Data protectionData protection
Data protection
 
3A – DATA PROTECTION: ADVICE
3A – DATA PROTECTION: ADVICE3A – DATA PROTECTION: ADVICE
3A – DATA PROTECTION: ADVICE
 
An introduction to data protection - 2/09/2015
An introduction to data protection - 2/09/2015An introduction to data protection - 2/09/2015
An introduction to data protection - 2/09/2015
 

Ähnlich wie Interact 2018 - GDPR for digital publishers, digital agencies and advertisers

Introduction to EU General Data Protection Regulation: Planning, Implementat...
Introduction to EU General Data Protection Regulation: Planning, Implementat... Introduction to EU General Data Protection Regulation: Planning, Implementat...
Introduction to EU General Data Protection Regulation: Planning, Implementat...Financial Poise
 
Data Protection Seminar 2_Marketing & GDPR_ISOLAS LLP_26-07-17
Data Protection Seminar 2_Marketing & GDPR_ISOLAS LLP_26-07-17Data Protection Seminar 2_Marketing & GDPR_ISOLAS LLP_26-07-17
Data Protection Seminar 2_Marketing & GDPR_ISOLAS LLP_26-07-17Michael Adamberry
 
What's Next - General Data Protection Regulation (GDPR) Changes
What's Next - General Data Protection Regulation (GDPR) ChangesWhat's Next - General Data Protection Regulation (GDPR) Changes
What's Next - General Data Protection Regulation (GDPR) ChangesOgilvy Consulting
 
Data Protection Seminar_GDPR_ISOLAS_26-06-17
Data Protection Seminar_GDPR_ISOLAS_26-06-17Data Protection Seminar_GDPR_ISOLAS_26-06-17
Data Protection Seminar_GDPR_ISOLAS_26-06-17Michael Adamberry
 
GDPR Is Coming – Are Search Marketers Ready?
GDPR Is Coming – Are Search Marketers Ready?GDPR Is Coming – Are Search Marketers Ready?
GDPR Is Coming – Are Search Marketers Ready?MediaPost
 
NetSquared London - GDPR for charities
NetSquared London - GDPR for charitiesNetSquared London - GDPR for charities
NetSquared London - GDPR for charitiesTech Trust
 
GDPR in the Healthcare Industry
GDPR in the Healthcare IndustryGDPR in the Healthcare Industry
GDPR in the Healthcare IndustryEMMAIntl
 
Introduction to EU General Data Protection Regulation: Planning, Implementati...
Introduction to EU General Data Protection Regulation: Planning, Implementati...Introduction to EU General Data Protection Regulation: Planning, Implementati...
Introduction to EU General Data Protection Regulation: Planning, Implementati...Financial Poise
 
GDPR Is Coming – Are Emailers Ready?
GDPR Is Coming – Are Emailers Ready?GDPR Is Coming – Are Emailers Ready?
GDPR Is Coming – Are Emailers Ready?MediaPost
 
The Countdown to the GDPR Regulations
The Countdown to the GDPR RegulationsThe Countdown to the GDPR Regulations
The Countdown to the GDPR RegulationsElliot Reeman
 
Impact of GDPR on Data Collection and Processing
Impact of GDPR on Data Collection and ProcessingImpact of GDPR on Data Collection and Processing
Impact of GDPR on Data Collection and ProcessingPromptCloud
 
Data Protection: Transitioning to the GDPR
Data Protection: Transitioning to the GDPRData Protection: Transitioning to the GDPR
Data Protection: Transitioning to the GDPRImogenRutherford
 
GDPR: Training Materials by Qualsys
GDPR: Training Materials by QualsysGDPR: Training Materials by Qualsys
GDPR: Training Materials by QualsysQualsys Ltd
 
GDPR: Are you EU Compliant?
GDPR: Are you EU Compliant? GDPR: Are you EU Compliant?
GDPR: Are you EU Compliant? GreenRope
 
GDPR: What It Is and How (and Which) US Companies Are Affected
GDPR: What It Is and How (and Which) US Companies Are AffectedGDPR: What It Is and How (and Which) US Companies Are Affected
GDPR: What It Is and How (and Which) US Companies Are AffectedJames C. Roberts III
 

Ähnlich wie Interact 2018 - GDPR for digital publishers, digital agencies and advertisers (20)

Introduction to EU General Data Protection Regulation: Planning, Implementat...
Introduction to EU General Data Protection Regulation: Planning, Implementat... Introduction to EU General Data Protection Regulation: Planning, Implementat...
Introduction to EU General Data Protection Regulation: Planning, Implementat...
 
Data Protection Seminar 2_Marketing & GDPR_ISOLAS LLP_26-07-17
Data Protection Seminar 2_Marketing & GDPR_ISOLAS LLP_26-07-17Data Protection Seminar 2_Marketing & GDPR_ISOLAS LLP_26-07-17
Data Protection Seminar 2_Marketing & GDPR_ISOLAS LLP_26-07-17
 
What's Next - General Data Protection Regulation (GDPR) Changes
What's Next - General Data Protection Regulation (GDPR) ChangesWhat's Next - General Data Protection Regulation (GDPR) Changes
What's Next - General Data Protection Regulation (GDPR) Changes
 
Data Protection Seminar_GDPR_ISOLAS_26-06-17
Data Protection Seminar_GDPR_ISOLAS_26-06-17Data Protection Seminar_GDPR_ISOLAS_26-06-17
Data Protection Seminar_GDPR_ISOLAS_26-06-17
 
GDPR for US Companies: A Primer
GDPR for US Companies: A PrimerGDPR for US Companies: A Primer
GDPR for US Companies: A Primer
 
GDPR Is Coming – Are Search Marketers Ready?
GDPR Is Coming – Are Search Marketers Ready?GDPR Is Coming – Are Search Marketers Ready?
GDPR Is Coming – Are Search Marketers Ready?
 
Gdpr action plan
Gdpr action plan Gdpr action plan
Gdpr action plan
 
NetSquared London - GDPR for charities
NetSquared London - GDPR for charitiesNetSquared London - GDPR for charities
NetSquared London - GDPR for charities
 
GDPR in the Healthcare Industry
GDPR in the Healthcare IndustryGDPR in the Healthcare Industry
GDPR in the Healthcare Industry
 
Introduction to GDPR
Introduction to GDPRIntroduction to GDPR
Introduction to GDPR
 
Introduction to EU General Data Protection Regulation: Planning, Implementati...
Introduction to EU General Data Protection Regulation: Planning, Implementati...Introduction to EU General Data Protection Regulation: Planning, Implementati...
Introduction to EU General Data Protection Regulation: Planning, Implementati...
 
GDPR Is Coming – Are Emailers Ready?
GDPR Is Coming – Are Emailers Ready?GDPR Is Coming – Are Emailers Ready?
GDPR Is Coming – Are Emailers Ready?
 
The Countdown to the GDPR Regulations
The Countdown to the GDPR RegulationsThe Countdown to the GDPR Regulations
The Countdown to the GDPR Regulations
 
Impact of GDPR on Data Collection and Processing
Impact of GDPR on Data Collection and ProcessingImpact of GDPR on Data Collection and Processing
Impact of GDPR on Data Collection and Processing
 
Data Protection: Transitioning to the GDPR
Data Protection: Transitioning to the GDPRData Protection: Transitioning to the GDPR
Data Protection: Transitioning to the GDPR
 
GDPR: Training Materials by Qualsys
GDPR: Training Materials by QualsysGDPR: Training Materials by Qualsys
GDPR: Training Materials by Qualsys
 
Gdpr presentation
Gdpr presentationGdpr presentation
Gdpr presentation
 
What does GDPR mean for your business?
What does GDPR mean for your business?What does GDPR mean for your business?
What does GDPR mean for your business?
 
GDPR: Are you EU Compliant?
GDPR: Are you EU Compliant? GDPR: Are you EU Compliant?
GDPR: Are you EU Compliant?
 
GDPR: What It Is and How (and Which) US Companies Are Affected
GDPR: What It Is and How (and Which) US Companies Are AffectedGDPR: What It Is and How (and Which) US Companies Are Affected
GDPR: What It Is and How (and Which) US Companies Are Affected
 

Mehr von IAB Europe

IAB Europe Membership Brochure 2019
IAB Europe Membership Brochure 2019IAB Europe Membership Brochure 2019
IAB Europe Membership Brochure 2019IAB Europe
 
FWCE Cracking the Programmatic Conundrum White Paper
FWCE Cracking the Programmatic Conundrum White PaperFWCE Cracking the Programmatic Conundrum White Paper
FWCE Cracking the Programmatic Conundrum White PaperIAB Europe
 
IAB Europe Virtual Programmatic Day H2 2018 Slides
IAB Europe Virtual Programmatic Day H2 2018 SlidesIAB Europe Virtual Programmatic Day H2 2018 Slides
IAB Europe Virtual Programmatic Day H2 2018 SlidesIAB Europe
 
IAB Spain Digital Ad Spend 2017 Report
IAB Spain Digital Ad Spend 2017 ReportIAB Spain Digital Ad Spend 2017 Report
IAB Spain Digital Ad Spend 2017 ReportIAB Europe
 
AppNexus + Tomorrow TTH Case Study
AppNexus + Tomorrow TTH Case StudyAppNexus + Tomorrow TTH Case Study
AppNexus + Tomorrow TTH Case StudyIAB Europe
 
AppNexus + MiQ Case Study
AppNexus + MiQ Case StudyAppNexus + MiQ Case Study
AppNexus + MiQ Case StudyIAB Europe
 
AppNexus + Axel Springer Case Study
AppNexus + Axel Springer Case Study AppNexus + Axel Springer Case Study
AppNexus + Axel Springer Case StudyIAB Europe
 
AppNexus + Schibsted Case study
AppNexus + Schibsted Case study AppNexus + Schibsted Case study
AppNexus + Schibsted Case studyIAB Europe
 
IAB Europe Webinar Deck: Research Awards Winners - Consumer Behaviour and Med...
IAB Europe Webinar Deck: Research Awards Winners - Consumer Behaviour and Med...IAB Europe Webinar Deck: Research Awards Winners - Consumer Behaviour and Med...
IAB Europe Webinar Deck: Research Awards Winners - Consumer Behaviour and Med...IAB Europe
 
IAB Netherlands - Deloitte Programmatic Advertising 2018 Report
IAB Netherlands - Deloitte Programmatic Advertising 2018 ReportIAB Netherlands - Deloitte Programmatic Advertising 2018 Report
IAB Netherlands - Deloitte Programmatic Advertising 2018 ReportIAB Europe
 
IAB Europe Webinar Deck: Digital Brand Advertising and Measurement
IAB Europe Webinar Deck: Digital Brand Advertising and MeasurementIAB Europe Webinar Deck: Digital Brand Advertising and Measurement
IAB Europe Webinar Deck: Digital Brand Advertising and MeasurementIAB Europe
 
DOOH Presentation by OMD for DOOH and DA Webinar
DOOH Presentation by OMD for DOOH and DA WebinarDOOH Presentation by OMD for DOOH and DA Webinar
DOOH Presentation by OMD for DOOH and DA WebinarIAB Europe
 
IAB Europe GIG: Working Paper on Controller - Processor Criteria (reupload)
IAB Europe GIG: Working Paper on Controller - Processor Criteria (reupload) IAB Europe GIG: Working Paper on Controller - Processor Criteria (reupload)
IAB Europe GIG: Working Paper on Controller - Processor Criteria (reupload)IAB Europe
 
Interact 2018 - Advertising that works for everyone
Interact 2018 - Advertising that works for everyoneInteract 2018 - Advertising that works for everyone
Interact 2018 - Advertising that works for everyoneIAB Europe
 
Interact 2018 - Embracing an ever-changing future for digital advertising
Interact 2018 - Embracing an ever-changing future for digital advertisingInteract 2018 - Embracing an ever-changing future for digital advertising
Interact 2018 - Embracing an ever-changing future for digital advertisingIAB Europe
 
Interact 2018 - IAB Europe’s GDPR Transparency & Consent Framework
Interact 2018 - IAB Europe’s GDPR Transparency & Consent FrameworkInteract 2018 - IAB Europe’s GDPR Transparency & Consent Framework
Interact 2018 - IAB Europe’s GDPR Transparency & Consent FrameworkIAB Europe
 
Interact 2018 - DOOH growth and barriers
Interact 2018 - DOOH growth and barriersInteract 2018 - DOOH growth and barriers
Interact 2018 - DOOH growth and barriersIAB Europe
 
Interact 2018 - Creativity & Interactivity: the perfect match to win user’s ...
Interact 2018 - Creativity & Interactivity: the perfect match to win user’s ...Interact 2018 - Creativity & Interactivity: the perfect match to win user’s ...
Interact 2018 - Creativity & Interactivity: the perfect match to win user’s ...IAB Europe
 
Interact 2018 - Quo vadis Italy? The concentration of online time spent and t...
Interact 2018 - Quo vadis Italy? The concentration of online time spent and t...Interact 2018 - Quo vadis Italy? The concentration of online time spent and t...
Interact 2018 - Quo vadis Italy? The concentration of online time spent and t...IAB Europe
 
Interact 2018 - What Builds Brand Love
Interact 2018 - What Builds Brand LoveInteract 2018 - What Builds Brand Love
Interact 2018 - What Builds Brand LoveIAB Europe
 

Mehr von IAB Europe (20)

IAB Europe Membership Brochure 2019
IAB Europe Membership Brochure 2019IAB Europe Membership Brochure 2019
IAB Europe Membership Brochure 2019
 
FWCE Cracking the Programmatic Conundrum White Paper
FWCE Cracking the Programmatic Conundrum White PaperFWCE Cracking the Programmatic Conundrum White Paper
FWCE Cracking the Programmatic Conundrum White Paper
 
IAB Europe Virtual Programmatic Day H2 2018 Slides
IAB Europe Virtual Programmatic Day H2 2018 SlidesIAB Europe Virtual Programmatic Day H2 2018 Slides
IAB Europe Virtual Programmatic Day H2 2018 Slides
 
IAB Spain Digital Ad Spend 2017 Report
IAB Spain Digital Ad Spend 2017 ReportIAB Spain Digital Ad Spend 2017 Report
IAB Spain Digital Ad Spend 2017 Report
 
AppNexus + Tomorrow TTH Case Study
AppNexus + Tomorrow TTH Case StudyAppNexus + Tomorrow TTH Case Study
AppNexus + Tomorrow TTH Case Study
 
AppNexus + MiQ Case Study
AppNexus + MiQ Case StudyAppNexus + MiQ Case Study
AppNexus + MiQ Case Study
 
AppNexus + Axel Springer Case Study
AppNexus + Axel Springer Case Study AppNexus + Axel Springer Case Study
AppNexus + Axel Springer Case Study
 
AppNexus + Schibsted Case study
AppNexus + Schibsted Case study AppNexus + Schibsted Case study
AppNexus + Schibsted Case study
 
IAB Europe Webinar Deck: Research Awards Winners - Consumer Behaviour and Med...
IAB Europe Webinar Deck: Research Awards Winners - Consumer Behaviour and Med...IAB Europe Webinar Deck: Research Awards Winners - Consumer Behaviour and Med...
IAB Europe Webinar Deck: Research Awards Winners - Consumer Behaviour and Med...
 
IAB Netherlands - Deloitte Programmatic Advertising 2018 Report
IAB Netherlands - Deloitte Programmatic Advertising 2018 ReportIAB Netherlands - Deloitte Programmatic Advertising 2018 Report
IAB Netherlands - Deloitte Programmatic Advertising 2018 Report
 
IAB Europe Webinar Deck: Digital Brand Advertising and Measurement
IAB Europe Webinar Deck: Digital Brand Advertising and MeasurementIAB Europe Webinar Deck: Digital Brand Advertising and Measurement
IAB Europe Webinar Deck: Digital Brand Advertising and Measurement
 
DOOH Presentation by OMD for DOOH and DA Webinar
DOOH Presentation by OMD for DOOH and DA WebinarDOOH Presentation by OMD for DOOH and DA Webinar
DOOH Presentation by OMD for DOOH and DA Webinar
 
IAB Europe GIG: Working Paper on Controller - Processor Criteria (reupload)
IAB Europe GIG: Working Paper on Controller - Processor Criteria (reupload) IAB Europe GIG: Working Paper on Controller - Processor Criteria (reupload)
IAB Europe GIG: Working Paper on Controller - Processor Criteria (reupload)
 
Interact 2018 - Advertising that works for everyone
Interact 2018 - Advertising that works for everyoneInteract 2018 - Advertising that works for everyone
Interact 2018 - Advertising that works for everyone
 
Interact 2018 - Embracing an ever-changing future for digital advertising
Interact 2018 - Embracing an ever-changing future for digital advertisingInteract 2018 - Embracing an ever-changing future for digital advertising
Interact 2018 - Embracing an ever-changing future for digital advertising
 
Interact 2018 - IAB Europe’s GDPR Transparency & Consent Framework
Interact 2018 - IAB Europe’s GDPR Transparency & Consent FrameworkInteract 2018 - IAB Europe’s GDPR Transparency & Consent Framework
Interact 2018 - IAB Europe’s GDPR Transparency & Consent Framework
 
Interact 2018 - DOOH growth and barriers
Interact 2018 - DOOH growth and barriersInteract 2018 - DOOH growth and barriers
Interact 2018 - DOOH growth and barriers
 
Interact 2018 - Creativity & Interactivity: the perfect match to win user’s ...
Interact 2018 - Creativity & Interactivity: the perfect match to win user’s ...Interact 2018 - Creativity & Interactivity: the perfect match to win user’s ...
Interact 2018 - Creativity & Interactivity: the perfect match to win user’s ...
 
Interact 2018 - Quo vadis Italy? The concentration of online time spent and t...
Interact 2018 - Quo vadis Italy? The concentration of online time spent and t...Interact 2018 - Quo vadis Italy? The concentration of online time spent and t...
Interact 2018 - Quo vadis Italy? The concentration of online time spent and t...
 
Interact 2018 - What Builds Brand Love
Interact 2018 - What Builds Brand LoveInteract 2018 - What Builds Brand Love
Interact 2018 - What Builds Brand Love
 

Kürzlich hochgeladen

Call Us ➥9654467111▻Call Girls In Delhi NCR
Call Us ➥9654467111▻Call Girls In Delhi NCRCall Us ➥9654467111▻Call Girls In Delhi NCR
Call Us ➥9654467111▻Call Girls In Delhi NCRSapana Sha
 
The+State+of+Careers+In+Retention+Marketing-2.pdf
The+State+of+Careers+In+Retention+Marketing-2.pdfThe+State+of+Careers+In+Retention+Marketing-2.pdf
The+State+of+Careers+In+Retention+Marketing-2.pdfSocial Samosa
 
Uncover Insightful User Journey Secrets Using GA4 Reports
Uncover Insightful User Journey Secrets Using GA4 ReportsUncover Insightful User Journey Secrets Using GA4 Reports
Uncover Insightful User Journey Secrets Using GA4 ReportsVWO
 
BDSM⚡Call Girls in Sector 128 Noida Escorts >༒8448380779 Escort Service
BDSM⚡Call Girls in Sector 128 Noida Escorts >༒8448380779 Escort ServiceBDSM⚡Call Girls in Sector 128 Noida Escorts >༒8448380779 Escort Service
BDSM⚡Call Girls in Sector 128 Noida Escorts >༒8448380779 Escort ServiceDelhi Call girls
 
Social Media Marketing PPT-Includes Paid media
Social Media Marketing PPT-Includes Paid mediaSocial Media Marketing PPT-Includes Paid media
Social Media Marketing PPT-Includes Paid mediaadityabelde2
 
How to Leverage Behavioral Science Insights for Direct Mail Success
How to Leverage Behavioral Science Insights for Direct Mail SuccessHow to Leverage Behavioral Science Insights for Direct Mail Success
How to Leverage Behavioral Science Insights for Direct Mail SuccessAggregage
 
BLOOM_April2024. Balmer Lawrie Online Monthly Bulletin
BLOOM_April2024. Balmer Lawrie Online Monthly BulletinBLOOM_April2024. Balmer Lawrie Online Monthly Bulletin
BLOOM_April2024. Balmer Lawrie Online Monthly BulletinBalmerLawrie
 
Branding strategies of new company .pptx
Branding strategies of new company .pptxBranding strategies of new company .pptx
Branding strategies of new company .pptxVikasTiwari846641
 
BDSM⚡Call Girls in Sector 144 Noida Escorts >༒8448380779 Escort Service
BDSM⚡Call Girls in Sector 144 Noida Escorts >༒8448380779 Escort ServiceBDSM⚡Call Girls in Sector 144 Noida Escorts >༒8448380779 Escort Service
BDSM⚡Call Girls in Sector 144 Noida Escorts >༒8448380779 Escort ServiceDelhi Call girls
 
Brighton SEO April 2024 - The Good, the Bad & the Ugly of SEO Success
Brighton SEO April 2024 - The Good, the Bad & the Ugly of SEO SuccessBrighton SEO April 2024 - The Good, the Bad & the Ugly of SEO Success
Brighton SEO April 2024 - The Good, the Bad & the Ugly of SEO SuccessVarn
 
Labour Day Celebrating Workers and Their Contributions.pptx
Labour Day Celebrating Workers and Their Contributions.pptxLabour Day Celebrating Workers and Their Contributions.pptx
Labour Day Celebrating Workers and Their Contributions.pptxelizabethella096
 
Brand experience Dream Center Peoria Presentation.pdf
Brand experience Dream Center Peoria Presentation.pdfBrand experience Dream Center Peoria Presentation.pdf
Brand experience Dream Center Peoria Presentation.pdftbatkhuu1
 
Cash payment girl 9257726604 Hand ✋ to Hand over girl
Cash payment girl 9257726604 Hand ✋ to Hand over girlCash payment girl 9257726604 Hand ✋ to Hand over girl
Cash payment girl 9257726604 Hand ✋ to Hand over girlCall girl Jaipur
 
BDSM⚡Call Girls in Sector 39 Noida Escorts Escorts >༒8448380779 Escort Service
BDSM⚡Call Girls in Sector 39 Noida Escorts Escorts >༒8448380779 Escort ServiceBDSM⚡Call Girls in Sector 39 Noida Escorts Escorts >༒8448380779 Escort Service
BDSM⚡Call Girls in Sector 39 Noida Escorts Escorts >༒8448380779 Escort ServiceDelhi Call girls
 
Social media, ppt. Features, characteristics
Social media, ppt. Features, characteristicsSocial media, ppt. Features, characteristics
Social media, ppt. Features, characteristicswasim792942
 
The Science of Landing Page Messaging.pdf
The Science of Landing Page Messaging.pdfThe Science of Landing Page Messaging.pdf
The Science of Landing Page Messaging.pdfVWO
 

Kürzlich hochgeladen (20)

Call Us ➥9654467111▻Call Girls In Delhi NCR
Call Us ➥9654467111▻Call Girls In Delhi NCRCall Us ➥9654467111▻Call Girls In Delhi NCR
Call Us ➥9654467111▻Call Girls In Delhi NCR
 
The+State+of+Careers+In+Retention+Marketing-2.pdf
The+State+of+Careers+In+Retention+Marketing-2.pdfThe+State+of+Careers+In+Retention+Marketing-2.pdf
The+State+of+Careers+In+Retention+Marketing-2.pdf
 
Uncover Insightful User Journey Secrets Using GA4 Reports
Uncover Insightful User Journey Secrets Using GA4 ReportsUncover Insightful User Journey Secrets Using GA4 Reports
Uncover Insightful User Journey Secrets Using GA4 Reports
 
BDSM⚡Call Girls in Sector 128 Noida Escorts >༒8448380779 Escort Service
BDSM⚡Call Girls in Sector 128 Noida Escorts >༒8448380779 Escort ServiceBDSM⚡Call Girls in Sector 128 Noida Escorts >༒8448380779 Escort Service
BDSM⚡Call Girls in Sector 128 Noida Escorts >༒8448380779 Escort Service
 
Social Media Marketing PPT-Includes Paid media
Social Media Marketing PPT-Includes Paid mediaSocial Media Marketing PPT-Includes Paid media
Social Media Marketing PPT-Includes Paid media
 
No Cookies No Problem - Steve Krull, Be Found Online
No Cookies No Problem - Steve Krull, Be Found OnlineNo Cookies No Problem - Steve Krull, Be Found Online
No Cookies No Problem - Steve Krull, Be Found Online
 
How to Leverage Behavioral Science Insights for Direct Mail Success
How to Leverage Behavioral Science Insights for Direct Mail SuccessHow to Leverage Behavioral Science Insights for Direct Mail Success
How to Leverage Behavioral Science Insights for Direct Mail Success
 
BLOOM_April2024. Balmer Lawrie Online Monthly Bulletin
BLOOM_April2024. Balmer Lawrie Online Monthly BulletinBLOOM_April2024. Balmer Lawrie Online Monthly Bulletin
BLOOM_April2024. Balmer Lawrie Online Monthly Bulletin
 
Branding strategies of new company .pptx
Branding strategies of new company .pptxBranding strategies of new company .pptx
Branding strategies of new company .pptx
 
SEO Master Class - Steve Wiideman, Wiideman Consulting Group
SEO Master Class - Steve Wiideman, Wiideman Consulting GroupSEO Master Class - Steve Wiideman, Wiideman Consulting Group
SEO Master Class - Steve Wiideman, Wiideman Consulting Group
 
BDSM⚡Call Girls in Sector 144 Noida Escorts >༒8448380779 Escort Service
BDSM⚡Call Girls in Sector 144 Noida Escorts >༒8448380779 Escort ServiceBDSM⚡Call Girls in Sector 144 Noida Escorts >༒8448380779 Escort Service
BDSM⚡Call Girls in Sector 144 Noida Escorts >༒8448380779 Escort Service
 
Brighton SEO April 2024 - The Good, the Bad & the Ugly of SEO Success
Brighton SEO April 2024 - The Good, the Bad & the Ugly of SEO SuccessBrighton SEO April 2024 - The Good, the Bad & the Ugly of SEO Success
Brighton SEO April 2024 - The Good, the Bad & the Ugly of SEO Success
 
Labour Day Celebrating Workers and Their Contributions.pptx
Labour Day Celebrating Workers and Their Contributions.pptxLabour Day Celebrating Workers and Their Contributions.pptx
Labour Day Celebrating Workers and Their Contributions.pptx
 
Brand experience Dream Center Peoria Presentation.pdf
Brand experience Dream Center Peoria Presentation.pdfBrand experience Dream Center Peoria Presentation.pdf
Brand experience Dream Center Peoria Presentation.pdf
 
Cash payment girl 9257726604 Hand ✋ to Hand over girl
Cash payment girl 9257726604 Hand ✋ to Hand over girlCash payment girl 9257726604 Hand ✋ to Hand over girl
Cash payment girl 9257726604 Hand ✋ to Hand over girl
 
BDSM⚡Call Girls in Sector 39 Noida Escorts Escorts >༒8448380779 Escort Service
BDSM⚡Call Girls in Sector 39 Noida Escorts Escorts >༒8448380779 Escort ServiceBDSM⚡Call Girls in Sector 39 Noida Escorts Escorts >༒8448380779 Escort Service
BDSM⚡Call Girls in Sector 39 Noida Escorts Escorts >༒8448380779 Escort Service
 
The Future of Brands on LinkedIn - Alison Kaltman
The Future of Brands on LinkedIn - Alison KaltmanThe Future of Brands on LinkedIn - Alison Kaltman
The Future of Brands on LinkedIn - Alison Kaltman
 
Social media, ppt. Features, characteristics
Social media, ppt. Features, characteristicsSocial media, ppt. Features, characteristics
Social media, ppt. Features, characteristics
 
Foundation First - Why Your Website and Content Matters - David Pisarek
Foundation First - Why Your Website and Content Matters - David PisarekFoundation First - Why Your Website and Content Matters - David Pisarek
Foundation First - Why Your Website and Content Matters - David Pisarek
 
The Science of Landing Page Messaging.pdf
The Science of Landing Page Messaging.pdfThe Science of Landing Page Messaging.pdf
The Science of Landing Page Messaging.pdf
 

Interact 2018 - GDPR for digital publishers, digital agencies and advertisers

  • 1. GDPR for Digital Publishers, Digital Agencies, and Advertisers Matthias Matthiesen Director, Privacy & Public Policy Chris Hartsuiker Manager, Privacy & Public Policy May 23rd, INTERACT 2018 Milan
  • 2. • You are a controller or processor in the EU: The GDPR applies to you. • You are a controller outside of the EU: GDPR applies if you if • you monitor the behavior of people in Europe, or • you offer goods and services to people in Europe. Territorial Applicability
  • 3. Even if the GDPR technically doesn’t apply to YOU… • Partners might be in scope; they will have to know if it’s safe for them to send data to your company. • Countries outside of the EU of the GDPR are ‘third countries’ – transferring data to those companies is an ‘international data transfer’, which is only allowed if there is a transfer mechanism.
  • 5. Personal Data ANONYMOUS IDENTIFIABLE NATURAL PERSON IDENTIFIED NATURAL PERSON PERSONAL DATA NON-PERSONAL DATA PSEUDONYMOUS DATA PERSONALLY IDENTIFIABLE INFORMATION (“PII”)
  • 6. Personal Data If an individual can be singled out by data, that data is personal data (unique cookie ID or AAID/IDFA)
  • 7. Personal Data IP 94.225.47.200 Internet Service Provider Matthias Matthiesen on Friday, 22 April 2016, 9:15 AM IP 94.225.47.200 Online Service Legal Means (Court Order) Internet Service Provider Matthias Matthiesen on Friday, 22 April 2016, 9:15 AM If data can be re-identified by the controller, or another entity, that data is personal data.
  • 8. Personal Data • Information related to an identified or identifiable natural person. • Identifiers, such as a name, number, location, online ID, or one or more factors specific to a natural person. • IP address, cookie ID, RFID tag, especially when combined with profiles.
  • 9. When in doubt: It’s Personal Data
  • 10. This far-reaching effect is completely intentional. • The GDPR is the latest and potentially greatest example of what is known as the “Brussels effect”. Illustration by Sara Gironi Carnevale for POLITICO Europe
  • 12. ePrivacy Directive • Storing information, such as cookies, or accessing information stored on a user device generally requires consent. • Unless “strictly” technically necessary for provision of the service requested by a user, e.g. shopping cart cookies. NB: The ePrivacy Directive is a law from 2009, not to be confused with its proposed update, the ePrivacy Regulation.
  • 13. ePrivacy rules before GDPR ePrivacy Consent Requirement GET CONSENT AS DEFINED BY
  • 14. ePrivacy rules after GDPR ePrivacy Consent Requirement GET CONSENT AS DEFINED BY GDPR
  • 15. Hierarchy ePrivacy and GDPR Processing personal data Storing/accessing Personaldataondevice Consent GDPR Legal Basis ePrivacy GDPR Consent • Collection of data over the internet generally requires consent because of ePrivacy • Processing of personal data requires a GDPR legal basis e.g. consent, or legitimate interest. • Where both apply at the same time the more specific consent rule of the ePrivacy prevails. Storing/accessing data on device
  • 16. Consent • Consent is a statement or clear affirmative action signifying agreement to the processing of personal data. It must be • freely given, specific, informed • Controllers must be able to demonstrate that the data subject has consented to the processing of their personal data. • Consent must be revocable at any time. Revoking consent must be as easy as granting consent.
  • 17. Consent • Consent ≠ silence/inactivity • Consent ≠ freely given if inappropriately bundled. • Consent ≠ freely given if inappropriately a condition • Consent ≠ freely given in situations of “power imbalance” • Which affirmative actions can convey consent? • Choosing technical settings (which)? • Further browsing? • Clicking a link? • Highlighting text? • Informed = purpose & controller disclosed
  • 22. Quick Recap: • GDPR applies based on territory (everywhere is Europe). • Personal data covers a huge amount of types of data (when in doubt: it’s personal data). • Processing personal data is only lawful with a legal basis (consent, legitimate interest).
  • 24. Data Subject Rights Data subject rights • The right to access • The right to rectification • The right to erasure • The right to restrict processing • The right to data portability • The right to object • Rights related to automated decisions, including profiling, with legal or significant effects
  • 25. Profiling & Automated Decision Making • Profiling is automated processing, analyzing, or predicting a person’s preferences, interests, behavior, etc. • It must be justified through one of the legal justifications, e.g. consent or the legitimate interests of the controller. • Where an automated decision, including profiling, has legal effects or similarly significantly affects a user, it is regulated more strictly. • It can only be justified through the explicit consent of the user.
  • 26. Profiling & Automated Decision Making Automated review of credit applications Automated recruitment practices, e.g. candidate selection through algorithm
  • 27. So what can I do if I’m not ready for GDPR day on Friday?
  • 28. So what can I do if I’m not ready for GDPR day on Friday? 1.Determine whether GDPR applies. 2.Take stock of all data processing activities. 3.Conduct impact assessments. 4.Create a compliance roadmap. 5.Appoint a DPO. 6.Get help, engage with industry, stay informed. 7.Help others.
  • 29.
  • 30. Thank you! Matthias Matthiesen matthiesen@iabeurope.eu Chris Hartsuiker hartsuiker@iabeurope.eu Or come find us during Interact!