What is the GDPR?
GDPR stands for the General Data Protection Regulation, and it is the European Union’s (EU) regulation aimed at substantially increasing the protection of the personal data of EU residents. The GDPR also requires people and companies that collect or process personal data of EU residents to follow extensive obligations regarding safeguarding personal data, and responding to data subject requests concerning their personal data.
Who must comply with GDPR?
The GDPR applies to any person or company that collects or processes personal data of data subjects residing in the EU. This includes persons and companies that are not located within the EU, as long as that person or company offers goods or services to EU residents and collects or processes EU residents’ personal data.
What constitutes personal data?
The GDPR applies to "personal data" or any information relating to an identifiable person who can be directly (or indirectly) identified, especially by reference to an identifier. To take into account advances in technology and the way companies collect data about individual, a personal identifier can include: name; identification number; location data; online identifier.
AdPush’s Commitment to GDPR compliance
With its growing presence in the EU and amongst EU customers, AdPush is steadfast in its efforts to be and remain GDPR compliant. The core of GDPR is central to AdPush’s foundational values and mission of safeguarding consumer data and protecting the right to one’s data.
What we’ve done to get ready for compliance with the GDPR
AdPush features in response to the GDPR
Our team has updates some features in our products to be in compliance with the GDPR. These include:
- Anonymize IP address: AdPush does not store complete IP addresses of those who visit its website in order to maintain anonymity. We provide several options to AdPush Customers regarding IP address anonymization, including: removing the last octet, last 2 octets, last 3 octets, or not storing IP address at all.
- Consent: AdPush’s website push notifications have always asked visitors of the site to provide their explicit consent by turning on the browser-level permission.
- AdPush Customer data: After consenting to receive notifications, AdPush’s push notification service creates a randomized identification for each AdPush Customer, such that this randomized identification cannot be tracked to a particular individual.
- Deleting and Retaining Data: AdPush is set such that its technology deletes data of expired accounts and also gives full control to AdPush Customers over their data. AdPush Customers can unsubscribe from their browser at any time, at which point, their account will be inactive, and ultimately, after 90 days of inactivity, their information will be deleted from AdPush’s system. AdPush Customers can also use the account features to remove or update their data. We have also decreased our data retention time of deleted data to 72 hours.
- Privacy settings: AdPush has added a new privacy settings page to your AdPush account that enables AdPush Customers to have full control over their account.
Data Controller and Data Processor
Under the GDPR, AdPush is considered a "data controller" when you provide your data and register for our Service, as an AdPush Customer. AdPush is considered a "data processor" when you or your company provides AdPush with access to personal data originating from your company as was provided by an End-User (i.e. a consumer residing in the EU).