GDPR: Data Controllers, Data Processors and Data Processing Agreements
Written by Kevin Edwards on
Before it is possible to understand your obligations under GDPR, it is important to understand whether you are a data controller or a data processor.
What does this mean for publishers?
The benefit of this is that Awin does not require publishers to enter data processing agreements.
However, we are adding new terms to our standard publisher agreement so that we are clear on which joint controller is responsible for what. These terms cover, for example, how Awin and publishers will handle enquiries from consumers about data, or how they will deal with a data breach should this happen.
By making these responsibilities clear, it helps to prevent publishers and Awin being liable for each other’s breaches of GDPR.
It also means that, as a controller, publishers will need to comply with more of the obligations of GDPR. However, publishers already need to do this when processing data for their own purposes. The consequence is that they will now also need to apply these obligations to the data processed to refer a consumer to an advertiser.
The main benefit is that on the Awin network, as long as it is done in accordance with GDPR and relevant agreements or terms, publishers are able to decide for themselves how to process data when driving traffic to advertisers.
Find more information on GDPR on our dedicated portal.
