Skip to main content

Eskimi and GDPR

GPDR requires companies to have applicable legal basis for:
1. Any kind of user data used
2. All ways of how is that data used

In online advertising, companies normally use non-personally identifiable data (such as cookies, device IDs) to target users and measure ad performance.
In order to trackperform these activities, an applicable legal basis is needed. It is Eskimi, as well as most of the market, understanding that 2 legal basis are appropriate here: consent and legitimate interest.

Consent
Consent is when user says 'yes' to the kinds of data and to the ways of data. User can agree or deny to companies processing user data.

Legitimate interest

Legitimate interest is when a company must use user data to survive and it can not hurt the user in any way. User can object to legitimate interest claims.

How to achieve all this for companies?

There can be multiple ways of asking users for consent and/or showing legitimate interest declarations.  The most used one, and the one we use in GDPREskimi, countriesis by using Transparency and Consent Framework (TCF).

What's TCF?
TCF is framework to pass if user consented and/or objected to legitimate interest to online advertising companies. It is not the law - it's how companies like Eskimi understand the law.

TCF consists of:
* CMP (consent management platform): actual popup where user sees and selects: data usage purposes, companies
* Preferences string: 
* Vendors: companies using user data

Here's a CMP example:
CMP example.png

 

When expanding on information, you can see what information might be used by the companies:
CMP example information.png

When expanding on purposes, you can see what will companies do with your websiteinformation. shouldExample havefrom ananother IAB approved cookie notice. Now why is that ?CMP:
CMP example purposes.png

ThisAnd is because in order for Eskimi DSP pixel'here's toyet trackanother usersexample andof userhow informationvendors inare apresented:

GDPR

CMP example vendors.png

country a consent string is required. To obtain the consent string user must press "Accept" on the Cookie Policy.

Eskimi DSP ( Aktyvus Sektorius vendor name ) is part of the IAB approved TCF vendors. 

Global TCF vendor list: https://iabeurope.eu/vendor-list/

To sum up, TCF allows:
* Showing purposes - how will companies use data

* Showing types  - what data will those companies use

* Allowing user accept/reject usage of this data

* Passing user preferences to the companies

What is TCF ? 

The IAB Europe Transparency and Consent Framework (TCF) is the only GDPR consent solution built by the industry for the industry, creating a true industry-standard approach. 

The TCF’s simple objective is to help all parties in the digital advertising chain ensure that they comply with the EU’s GDPR and ePrivacy Directive when processing personal data or accessing and/or storing information on a user’s device, such as cookies, advertising identifiers, device identifiers and other tracking technologies.


The TCF is a combination of key resources: 

  • TCF Policy 
  • TCF Terms & Conditions 
  • Transparency and Consent String with Global Vendor List Format 
  • The Consent Management Platform API 

What do youclients have to do ? 

Your landingClient page should either have a CMP ( Consent Manager Platform ) integrated on yourthe website and make sure that "Aktyvus Sektorius" is on the vendor list. CMP usually handles a lot of integration automatically and provides customisability in order to correctly generate the consent string.
Then, if user agrees with Eskimi data purposes and what data will be used, 

What if I don't use a TCF-based CMP ?

If you don't use a CMPTCF-based your cookie notice popupCMP, you canhave 2 choices:
* integrate the TCF framework by yourself however this requires knowledge of programming. one. More information on manual integration without CMP can be found here: https://iabeurope.eu/tcf-for-publishers/ 

But* IDiscuss have already have a cookie notice, and Eskimi Pixel doesn't collect audience users ? 

Most likelywith your Cookielegal Noticeif any other solution is not TCF ready. And unfortunately that hasapplicable to beyou update(some fromother yourconsent endmanagement usingway). theif officialyes, TCFplease documentationreach in orderout to obtain the users consent string. us.

What are the GDPR countries ? Where does this apply ? 


TCF and GDPR applies to these countries: Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, Channel Isles, England, Northern Ireland, Scotland, and Wales. 

Back to top