33ACROSS AND

The GDPR

33Across is committed to GDPR compliance.

The General Data Protection Regulation (GDPR) is a European law designed to reform the areas of data protection and data privacy effective May 25, 2018. 33Across is committed to complying with GDPR and working with its publishers to ensure users' data rights are protected.

GDPR: Frequently Asked Questions
Is 33Across compliant with the GDPR?
Yes, 33Across is fully compliant with the GDPR.
How exactly does 33Across comply?

Given the large degree of lingering uncertainty within the industry around both the correct interpretation and implementation of the GDPR, 33Across has proactively decided to take an ultra-conservative approach with regard to user privacy. Beginning May 25th, 2018, 33Across will cease to pass, transact on, and collect all user data considered to be personally identifiable under the GDPR coming from EEA countries. This policy is unconditional and applies to all areas of the 33Across technology.

What types of data does 33Across technology collect?

33Across provides products that enable clients to gain insights into how their content is being consumed and shared by end-users. Using browser cookie technology, end-user data is collected across multiple websites to provide these insights and consists of behavioral information regarding the web pages they visit and/or the actions they take on websites, such as copying or sharing content, clicking on hyperlinks or advertising on the page, or signing up for products or services offered by our clients. We use the collected information to target and display advertisements that may be of interest to users. Some of our products insert advertising from our partners on our client websites. We record information that an ad was requested or shown, and any user interactions with the ad or the page where the ad appears. This information is used for analysis, reporting and troubleshooting.

Is 33Across an approved vendor on IAB’s approved Global Vendor List?

Yes. The full list of vendors can be found here.

What steps can publishers take toward GDPR compliance?

1. Researching and implementing a mechanism for capturing user consent is first and foremost. This will most likely entail using a Consent Management Platform (CMP). There are many CMPs currently available on the market and surely more to come.

2. Once a consent management mechanism is put in place, publishers should be sure to designate 33Across as a preferred vendor for receiving consent on their behalf.

Is 33Across a Data Processor or a Data Controller?

33Across considers itself a Data Controller. When 33Across serves personalized ads or collects cookie information from publishers within its network, it effectively becomes a controller of the data it receives in those instances.

Does 33Across collect, analyze, and/or share personal data on EEA subjects in any way?

No, 33Across does not collect, analyze, and/or share personal data on EEA subjects.

Is 33Across able to respond to and fulfill requests made by EEA subjects with regard to their personal data?

As of May 25, 2018, the General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) gives data subjects who are in the European Economic Area (EEA) the right to review, rectify, or delete their personal information. However, 33Across’ Products and Technology do not collect personal data from data subjects in the EEA as of May 25, 2018 and until further notice, at which time we will proactively seek your prior consent to such collection. Therefore, at this time (and until further notice), 33Across has no personal data of data subjects in the EEA for which the GDPR right to review, rectify, or delete can be exercised.

What steps do publishers and vendors need to take in order to work with 33Across?

By default, 33Across will not collect any personal data on European Economic Area (EEA) users until proper consent mechanisms and protocols are put into place. 33Across will work closely with publishers and providers in the coming weeks to aid in implementing proper consent mechanisms and passing consent via the IAB Framework.

How can users outside of the EEA opt out of data collection from 33Across?

You may visit http://optout.33across.com to opt-out of data collection from 33Across. The 33Across Opt-out Tool is cookie-based. In order for the Tool to work on your computer, your browser must be set to accept cookies. Be advised that if you use multiple computers or browsers, you will need to repeat this process for each computer and each browser. If you buy a new computer, change web browsers or clear your 33Across cookies, you will need to perform the opt-out task again. Opting out does not mean you will no longer receive online advertising. It does mean that 33Across will no longer collect any data associated with your activities on any of our clients’ websites.