General Data Processing Regulation (GDPR) applies to any company processing personal data of European citizens, regardless of where that company is based. It also applies to certain companies established outside of the European Union (EU) or European Economic Area (EEA) if they offer goods or services in the EU or if they monitor the behavior of natural persons in the EU or EEA.
GDPR expands the definition of personally identifiable information (PII) to now include IP addresses, which White Ops’ tracks for fraud detection purposes on behalf of our global client base.
White Ops’ internal standards meet or exceed GDPR requirements as it relates to general data security. Beyond GDPR, White Ops also aligns with certain industry organizations of which our clients are members:
- Privacy Shield: White Ops’ Privacy Shield certification went into effect May 2, 2018.
- IAB Consent Framework: White Ops joined the IAB Cross Industry Transparency Consent Framework registry, known as the Global Vendor List. This list is comprised of ad tech industry stakeholders that publishers may choose to share data with, for specific use cases (in White Ops’ case, fraud detection).