1. What is MoPub’s approach to the GDPR?
2. How does MoPub comply with the legal requirements for transferring data?
Our services are designed to connect publishers and advertisers around the world. As a global service, we have developed global data practices designed to ensure that our customers’ information is protected. Twitter International Company, an Irish commercial entity, is the controller of our data outside of the U.S., so if you are outside of the U.S. and you share data with MoPub, you share it with Twitter International Company. Today, Twitter International Company processes data in accordance with applicable Irish law and after 25 May 2018, it will do so in compliance with both the GDPR and Irish domestic law. Additionally, Twitter International Company has Data Transfer and Processing Agreements with Twitter, Inc., in the U.S., and its affiliates, which allow Twitter, Inc., to process personal data.
Twitter, Inc., is also certified under the Privacy Shield framework. For additional information, please review Twitter’s Global Operations and Data Transfer information.
3. Is MoPub a data controller or a data processor?
4. MoPub products after May 25, 2018
A. Will the MoPub Software Development Kit obtain consent for MoPub’s processing of personal data?
MoPub will release an updated Software Development Kit (SDK) before May 25, 2018. By default, the updated SDK will obtain consent from users located in the European Economic Area, the United Kingdom, and Switzerland for the processing of personal data by MoPub and our partners (including advertising demand partners, supported advertising mediation partners, data partners, and fraud and measurement partners) for personalized advertising purposes. Some publisher partners may be allowed to obtain consent on behalf of MoPub and our partners through their own consent solution if they agree to additional terms
B. I’m a publisher. What happens if I don’t update my apps to the new SDK?
To provide continuity of our services to our publisher partners and give your users sufficient time to update their apps to versions using our latest SDK, we will continue to support older versions of the SDK during a short transition period. During this time, older versions of the SDK will continue to collect personal data. However, in order to protect your users’ privacy, we will not store, use, or share such personal data, and we will only return contextual ads to your users in the European Economic Area, the United Kingdom, and Switzerland. After this transition period, we will no longer serve ad requests from older versions of the SDK in GDPR applicable regions.
C. What will the MoPub SDK’s consent solution look like, and when will the user see it?
We’ve designed the MoPub SDK consent solution to be a publisher-friendly and out-of-the-box compliance solution. As a publisher partner, you will be able to decide when to show the consent request to your users in your app. Here is what it will look like to your users: