GDPR Policy

Updated October 22, 2022

AdsPostX’s business relies on the trust of their business partners. As a processor of our customer’s personal data, AdsPostX complies with its legal obligations in all the markets in which it operates, including the European Union, and specifically complies with the General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) (“GDPR“).

AdsPostX’s GDPR compliance efforts include:

• Educating staff on privacy and security issues and generally elevating awareness;
• Allowing our partners to determine what data variables they share with us to process and use for ad personalization and relevancy;
• Improving our privacy governance frameworks and practices, including updating and globalizing our Data Breach Response Plans;
• Re-assessing and confirming the basis on which AdsPostX processes personal data;
  
• Have external counsel conduct a Legitimate Interest Assessment to confirm that where we rely on this as the basis for processing, we do so lawfully.
• Conducting data privacy impact assessments to identify and reduce the data protection risk within projects and systems;
• Implementing model clause based data transfer arrangements with Brands, Partners and Suppliers to ensure necessary protections apply to data exported from the EU;
• Partnering with a leading third-party security services provider to have our applications, network, infrastructure and information security program regularly audited including quarterly penetration tests and vulnerability scans;
• Ensuring that applicable data subject rights are provided for in our products and systems;
• Updating our Ad Policies to ensure disclosures are suitable and transparent;
• Closely monitoring GDPR developments and guidance, to support our clients’ compliance efforts.
  

Additionally, we updated our Privacy Policy to address matters set out in GDPR and laws in other markets in which we operate. The new policy covers the operation of AdsPostX’s platform.

We also updated our contractual commitments with Partners and Brands, to ensure they have the necessary terms in place going forward in respect of transferred data.

If you are a AdsPostX partner, please reach out to legal@adspostx.com if you have questions or if you deal with EU data subjects, or process personal data in the context of the activities of an establishment in Europe, via the AdsPostX platform.

Future Steps

AdsPostX sees compliance as an ongoing process, not an endpoint that can be ‘achieved’ with a single stamp or certification. As such, AdsPostX will continue to take further steps on a daily basis to improve data protection outcomes for their customers. Trust in our approach to privacy and data security is paramount to our client relationships. As GDPR continues to evolve, we will update this page accordingly. If you have any questions in the meantime, don’t hesitate to reach out to legal@adspostx.com