Airbridge places the highest regard for users’ rights to data privacy and control by collecting and processing only what is strictly required for attribution analysis. Our strict adherence to user data privacy is evident across all our engineering - empowering data subjects with their full gamut of rights ranging from data control, deletion, retention, transfer, and more.
The GDPR (General Data Protection Regulation) is a regulation of the European Union (EU) on personal data protection, which came into full effect on May 25, 2018. It ensures the free movement of personal data within the EU member states and strengthens the data subject’s right to protect their personal data.
The GDPR sets out the rights and duties of three major roles: the data subject who owns and provides personal data, the controller who determines purposes and measures of processing personal data provided by the data subject, and the processor who performs processing on behalf of the controller.
In the case of Airbridge’s services, our clients receiving services of advertising campaign measurement and attribution, are data controllers. Customers of the clients' services, who in effect provide their personal data as members of the client company, are data subjects. Last, Airbridge, who receives the data subjects’ data through clients for data processing such as campaign measurement and attribution, acts as a data processor.
In order to keep client data secure and meet the security requirements of the GDPR, Airbridge has made the best effort to monitor and manage all kinds of tangible and intangible security threats at all times. We implement data security on various levels, including products, system infrastructure and network, data storage and transfer, access control, development, monitoring, business continuity and disaster recovery, internal and external audits, and physical and human resources security. For more information, check out Airbridge’s Information Security.
Airbridge has also consented to Standard Data Protection Clauses (SDPC, also known as Standard Contractual Clauses) in order to legally and safely receive data for data processing from clients based in the EU (controller) as well as citizens living in the EU (data subjects). SDPC, enacted and standardized by the European Commission, is the easiest way to transfer data to third countries or international organizations, guaranteed by the GDPR. As it includes the EU data protection principles, transfer of personal data to third countries or international organizations through SDPC is deemed to guarantee appropriate safeguards for the protection of personal data. For more information, check out Article 46 of GDPR.
Airbridge guarantees most of the data subjects’ rights included in the GDPR. These rights are based on the basic principle that data subjects themselves should be able to control their data. Data subjects can either directly exercise rights to Airbridge via electronic means such as Web UI (User Interface) listed at this link, or they can indirectly exercise rights through clients (Controller) affiliated with them. Clients can also send complaints to Airbridge conveniently by using Web UI. Airbridge, as a processor, guarantees the data subject the following rights:
Airbridge has designed and embodied data protection with the intention of keeping the data subject’s personal data secure and processing them and protecting the whole procedure ranging from collecting and processing data to providing data with respect to data security and personal data protection.
The GDPR requires a written designation of a representative in the EU by the controller or processor not based in the EU. Contact information and address of AB180 Inc., a service provider of Airbridge, in the EU are as follows:
Maetzler Rechtsanwalts GmbH & Co KG
Attorneys at Law
c/o AB180 Inc.
Schellinggasse 3/10, 1010 Vienna, Austria
Please add the following subject to all correspondence:
GDPR-REP ID: 12799064
The best practices listed below can help clients conform to the GDPR. Conforming to the GDPR can help you to build customer trust and minimize the risks of regulatory restrictions if you are operating services for citizens living in the EU.
To make a GDPR request to AB180 Inc.: https://gdpr-rep.eu/dsrtool/12799064
To know about GDPR: https://gdpr.eu
Airbridge's Information Security Page: https://airbridge.io/information-security
Airbridge's Terms of Service: https://airbridge.io/terms-of-service