Apr 2, 2018
Both CJ Affiliate and Conversant support the principle of GDPR—to strengthen and unify data protection for all individuals in the EU—and are already well-positioned to provide compliant services.
While the implementation of GDPR by the EU evolves, this is how CJ Affiliate and Conversant have prepared, and are continuing to prepare for its launch.
On May 25, 2018, the General Data Protection Regulation (GDPR) is going into enforcement. GDPR replaces the existing data protection law in the EU called the EU Data Protection Directive. It is a regulation that intends to strengthen and unify data protection for all individuals in the European Union.
GDPR will significantly affect organizations worldwide which collect and/or process personal data of individuals working, visiting or residing in the EU. Specifically, the regulation impacts how companies collect, process, retain and delete personal data. For instance, there are new, enumerated obligations around breach notification and “accountability.”
We have been working hard to prepare for GDPR, and will continue to do so as its implementation by the EU evolves. In particular, we have:
Along with Conversant, we have created teams of associates from cross functional business lines to manage our GDPR preparation. These include technologists, engineers, security professionals, and legal experts. These teams work together to review our services and technology platforms to help safeguard both CJ Affiliate, Conversant and our clients.
We continue to monitor and study the additional guidance documents released by local Data Protection Authorities and the Article 29 Working Party to better understand our obligations. We are also continuing to lead industry efforts around comprehending how GDPR applies to its businesses. Working closely with industry groups, such as the Interactive Advertising Bureau (IAB) in the EU and the UK, we are helping to shape and create guidance materials to present to the local Data Protection Authorities and Industry as a whole that will help address existing open questions around certain GDPR requirements.
Together with Conversant, we urge our clients, partners and vendors to review and understand their responsibilities under GDPR, as compliance is a collective responsibility. This includes changes around obtaining data subjects’ consent and enhanced data subject access rights.
Interactive Advertising Bureau (IAB)