Updated April 24th, 2018.
This article does not constitute legal advice, nor is this information intended to create or rise to the level of an attorney-client relationship. You should seek professional legal advice where appropriate.
From the Criteo Privacy Team
The GDPR aims to bring consistency around privacy and data protection and we are committed to being GDPR compliant. At Criteo, we see the regulations as a win-win for businesses and the consumers they serve. Since our 2005 beginning in Europe, our technology has operated with high standards of data privacy and security. We have a strong legacy of adhering to several industry standards, regulations, and best practices that include but are not limited to the GDPR main rules.
We expect limited impact on our clients’ and publisher partners’ ability to work with us, precisely because we have been anticipating the main rules of the GDPR. In particular, for many years, we’ve acknowledged that the data we collect to carry out our services is personal. We have been adhering to EU data minimization principles for many years by collecting only non-directly identifying information (or pseudonymous data as defined under the GDPR) that offers more warranties to the users in terms of confidentiality.
Moreover, we implemented a Privacy by Design approach to all our services and technologies several years ago. Now, we’d like to explain how the GDPR applies to Criteo’s solutions and products.
6 Legal Bases for Data Collection and Processing
The GDPR provides six legal bases for data collection and processing in Europe and each basis is self-sufficient and exclusive from one another. We explained the 6 legal bases in a previous blogpost here: GDPR Compliance: The Legal Bases for Collecting Personal Data.
At Criteo, we see unambiguous consent as the most applicable basis for our clients and publisher partners who collect personal data, including technical identifiers. And under GDPR, Criteo acts as a co-data controller, sharing responsibility with our clients and publisher partners on data privacy regulation compliance.
Because Criteo has no control of the websites of our clients and publisher partners it is their responsibility to offer the right level of transparency and choice mechanisms to their users as we remind it in all our standard contractual terms.
On the other side, our clients and publisher partners have limited control on the way our technologies are built, the security measures we implement or the way our recommendation algorithms operates. For all these aspects, we acknowledge that Criteo is directly and solely liable and shall in all cases respect users’ privacy rights.
Criteo Shopper Graph: Putting the shopper at the core of our Solutions
At the core of our technology is the Criteo Shopper Graph which gathers the shopping behavioral data collected from our network and fuels every product and capability in the Criteo Commerce Marketing Ecosystem, from Criteo Dynamic Retargeting to Criteo Customer Acquisition.
Criteo Shopper Graph is broken down into three trusted data collectives that combine three key types of data on shoppers:
- “Pseudonymous” technical identifiers
- Interests for the product and services of our customers
- Measurement statistics on the performance of our services.
We continuously ensure that this data is limited to what is strictly necessary for our services in order to deliver relevant information to shoppers on the products they want at the right place, at the right moment and with the right messages.
To understand how Criteo adheres to the GDPR principles, it helps to understand how and what types of data we collect for Criteo Shopper Graph.
The data collected for the purpose of Criteo’s services is personal data, but only pseudonymous data that guarantees confidentiality linked to browsing events.
- cookie ID
- Mobile advertising ID
- hashed CRM ID
- hashed email address
Criteo uses state-of-the-art data hashing algorithms to ensure that no directly identifying information of shoppers is stored on our systems.
Data Privacy at Work
For example, with Criteo Audience MatchBETA, advertisers can accurately target and re-engage high-valued shoppers back to their website during a sales period, a seasonal campaign or a specific promotion. Criteo re-engages this customer base with dynamic paid display ads across web, mobile browsers, and apps.
Retailers create target audiences by sharing their CRM data over our secure web application that automatically pseudonymizes the data before storage, and instantly matches them against the Criteo Shopper Graph.
If an advertiser is using only Criteo Audience MatchBETA, their audience is targeted only by a Criteo Audience MatchBETA display campaign, which is distinct from a Criteo Dynamic Retargeting campaign. Criteo only targets the shoppers in a matched audience that are active across our network.
The emails uploaded into the web application audience.criteo.com are used solely for the Criteo Audience MatchBETA campaign. We do not store any original files containing emails and after we match the files with our own pseudonymous data, any other data that hasn’t been matched is instantly deleted. That data is never used to enhance any other Criteo service.
Security for clients, publisher partners, and above all users
Our products are aligned with high industry standards for privacy, data protection and security notably because we continuously make sure to:
- Only collect the data strictly required to deliver our personalized advertising service and no other purpose – We never willingly record directly identifying personal data or sensitive information, as defined under GDPR.
- Apply best-in-class hashing mechanisms to ensure strong pseudonymization practices and make them evolve with the evolution of technologies and risks.
- Limit data retention – We do not store any data for longer than strictly necessary for the purpose of our services and respect the recommendations of EU Data Protection Authorities on cookies and digital advertising.
- Respect data ownership – your data always remains your data.
Consumers can easily opt-out of Criteo’s service by clicking on the Ad Choices link on the ad, and learn about why they are seeing the ad. Once a user opts-out of Criteo services, all collected information will be deleted or made irretrievable, including any user data that you have on-boarded as part of a Criteo product campaign.
Privacy by Design
At Criteo privacy is our guiding principle. The examples above are only a small part of our privacy practices. We go to great lengths to protect and process data in compliance with applicable Privacy and Data Protection Laws. This includes the GDPR.
Our product teams develop every feature with privacy in mind; it’s the cornerstone of Privacy by Design, a sophisticated approach that ensures an industry-leading level of safety for marketers and consumers alike. You can learn more about our Privacy By Design approach here, at Privacy by Design: A Fundamental and Innovative Approach to Privacy.
Criteo believes protecting consumers’ privacy and being clear and transparent about business practices is of primary importance to all. When customers understand exactly how their information is being used and are given control over their personal browsing data, it strengthens their trust in and loyalty to a company.
We’re well-aware and prepared for the implications of the GDPR, and look forward to helping our clients and publisher partners understand our products and services. By working together to understand and prepare for the regulations, we can all look forward to business as usual.