The GDPR and Bannerflow

Learn more about how the GDPR affects you, in your interaction with Bannerflow.

What is the GDPR?

The General Data Protection Regulation (GDPR) is a regulation put forth by the European Union Parliament focused on data protection for individuals in the EU. The regulation enforces stricter requirements for handling personal data and data subject rights. The GDPR creates consistent data protection rules across Europe and is designed to give control back to internet users, as to why, how and where their personal information is used.

What does the GDPR mean for online advertising?

Data forms the foundation of the online world.

For web users and consumers, personal data acts as currency – sharing it gives access to numerous services and content. For marketers, data is key to running successful campaigns; it helps us recognise site visitors, target the right people with the right content and much more. And, crucially, it is our responsibility to use and store the data we are given responsibly.

What this means is that in order to continue some forms of targeting that involves tracking, such as user journey targeting, publishers are now required to ask for consent from users before further targeting them with specific ads.

Online advertising is built on a network of companies supplying advertisers with tools for different task. All parts of the chain, Bannerflow being one part, has to account for how it is using personal information. In some instances, Bannerflow is just collecting data that we send on to other companies to process, which makes us a controller in those instances. In other instances, we process data, which makes us a processor in those instances.

These are some examples of common personal data in the adtech landscape

  • Cookie ID / Unique identifier
  • IP address
  • Name
  • Email address
  • Detailed geo location

If something is deemed to be personal data or not is not black or white but depends on the context and how someone can combine data in order to identify an actual physical person.

How is Bannerflow addressing the GDPR?

At Bannerflow we want to make sure that customers can trust us as a processor. We are changing our platform and pipeline in order to minimize the amount of data categories that contain personal data. Currently we are processing the following categories of data:

  • IP addresses
  • Contact information
  • Cookies

For more information on data that we collect as a controller, see our privacy policy.

The GDPR Resources and Updates

Don’t be a stranger to this page. We will continue to update this page as more information is made available. Should you have any questions regarding your personal information then please contact us at gdpr[at]

For more information regarding Bannerflow and GDPR please see the links below:

This website is neither a complete guide on EU data privacy nor legal advice for your company to use in complying with EU data privacy laws like the GDPR. The purpose is to provide background information to help you better understand how Bannerflow has addressed some important legal points. This information is not the same as legal advice, where an attorney applies the law to your specific circumstances, so we insist that you consult an attorney if you’d like advice on your interpretation of this information or its accuracy. To summarise, you may not rely on this paper as legal advice, nor as a recommendation of any particular legal understanding.