This Friday is the deadline for compliance with the European Union’s new General Data Protection Regulation (GDPR). This regulation is far-reaching and requires any website that services traffic from citizens of the EU, as well website owners operating out of the EU, acquire explicit consent from the user before tracking them or sharing their Personally Identifiable Information (PII) with a third party.
GDPR Roadmap for MANTIS
We’ve built a slew of tools and instructions to help enable easier compliance with GDPR. On this page, we’ll walk you through them.
As an advertiser or publisher, you are obligated to ask for consent from a user before you embed any third-party scripts that may track them through cookies or their IP address. We recognize that not every one of our network members will have a chance to implement such interfaces by the deadline so we are going to make it a little easier for you.
Failure to implement a consent management platform on your website, with proof of consent sent to us, means you will have no ability to track conversions through our system for visitors within the EU. However, you may still be able to rely on first-party click-through tracking (i.e., UTM codes) even if we aren’t able to track them on your behalf.
Failure to implement a consent management platform on your website, with proof of consent sent to us, means we will be unable to attribute traffic from your website to the conversions on an advertiser’s platform using our in-house conversion tracking software. While this may not have an immediate impact on revenue, the lack of transparency may cause advertisers to exclude your property from their campaigns due to the lack of data insights available.
Data Protection Officer
In addition, we’ve appointed a Data Protection Officer, who can be reached at email@example.com.
Network Member Data
Personally Identifiable Information (PII)
As a member of the MANTIS network, we have captured various pieces of your PII including such things as: First Name, Last Name, E-Mail Address, Phone Number, Mailing Address, and other user-submitted data. In addition, it is necessary to share some of this information with third party vendors for things like billing and invoicing, sending product announcements, and other such services required to operate the network. We will provide a full disclosure of all systems we use to collect data, why we use them, and what data we store in each system by the end of Q2.
As the owner of your PII, you have the right to ask for an export of all of your user data we have on record. Additionally, you can request its removal where appropriate, if desired. We will provide an online interface for capturing such requests, and we will work with all vendors to ensure they are in compliance with requests to remove personal data by the end of Q2.