The collection and treatment of user information has rightly dominated headlines and the minds of everyone involved in web development in 2018.
On the 25th of May 2018, the EU's General Data Protection Regulation (GDPR) takes a bold step into making the approach to data privacy much more transparent. All stakeholders in the ecosystem will have the responsibility to acquire a user's explicit consent for their information, and respect the user's decision on how, and whether they want their personal information processed.
This is how it affects Marfeel, our publishing partners, and what we're doing to ensure compliance.
Marfeel's commitment to GDPR compliance
Marfeel is committed to being fully GDPR compliant before the regulation comes into effect.
Marfeel processes data on behalf of our publisher partners under the Marfeel platform, following their instructions. We treat the information that flows to our publishers and their vendors with the utmost integrity. To ensure GDPR compliance and assist our publishing partners in this regard, we are implementing the necessary technical mechanisms demanded by new consent frameworks. For details, see the Data processing section.
Steps taken to ensure compliance
- Analyze how GDPR impacts Marfeel and our publishing partners, and initiate the action plans to secure compliance.
- Empower our partner-facing and product teams with the necessary knowledge of how GDPR impacts our publishing partners and what Marfeel is doing to not only be compliant, but also help our publishing partners in that regard.
- Implement the technical mechanisms for the Marfeel platform that explicitly complies with GDPR's regulations. This includes using a Consent Management Framework (CMP) that follows IAB Europe's framework and standards, listing the relevant vendors according to the IAB Global Vendor list.
- Implement the systems that allow our publishers to inform their users about the third-party vendors (analytics, ad networks, etc.) they employ and those parties' own privacy policies.
- Create a Data Processing Agreement for publishing partners.
The nature of Marfeel's product and platform means that we process data on behalf of for our publishers. We do this in accordance with the conditions defined in the Data Processing Agreement. Marfeel also has the robust technical measures in place to treat this data with the fierce responsibility it demands, and pass it to our publishing partners.
In our commitment to GDPR compliance, Marfeel has the technical mechanisms in place for all our publishing partners to obtain the final user's legitimate consent on mobile and transfer it to their vendors (ad exchanges, analtytics providers, etc.). The implemented consent mechanism is a Consent Management Platform (CMP) according to IAB Europe consent frameworks and standards. It is then our publishing partners' responsibility to comply with GDPR in their corresponding legal role.
Marfeel has also drafted a Data Processing Agreement. It's a policy that explicitly explains how we treat the data for our publishing partners and defines each party's responsibilities so that they align with GDPR compliance.