OpenX announces GDPR compliance, four months ahead of EU deadline

OpenX has revealed that its ad exchange is fully compliant with the upcoming GDPR legislation, set to come into effect on 25 May 2018. OpenX is one of the first US companies to meet the new guidelines, and the first ad exchange to announce it has met all the new data management requirements.

“GDPR is the single most significant regulation in the history of digital advertising,” said Doug McPherson, chief administrative officer and general counsel at OpenX. “It replaces a patchwork of EU national rules with a single regulatory framework with global reach and strict penalties for those who fail to comply. GDPR applies to every company, wherever they are located, that offers goods or services to EU citizens or receives, stores or sends personal data from any EU citizen.”

OpenX has also created a GDPR-ready data processing agreement (DPA) drafted in consultation with leading US and EU privacy counsel, which it has made available to the ad tech community at large. This open source DPA is designed to act as a resource for publishers, enabling them to expedite their compliance process with other technology partners. It is one of several GDPR-related resources which OpenX has made available, with others including a guide for obtaining certification under the Privacy Shield, a legal mechanism that validates the transfer of EU personal data out of EU countries into the US.

“At OpenX, we are committedto being the highest quality and most trusted partner to the thousands of leading publishers and top brands that rely upon our exchange,” said McPherson. “We committed early on to investing significantly in GDPR complaince and in educating the industry about its implications. We have taken  the extra step today to make available a data processing agreement and other resources in order to move the entire industry towards greater accountability and trust.”