GDPR Disclaimer




Last edited on

Mar 22, 2022

Please note this disclaimer is solely for information purposes and does not constitute a fair processing notice in respect of particular data controllers using the ADLOOX Solution. 

To review the full details regarding ADLOOX’s processing of personal data, please refer to the privacy notice here: 

ADLOOX SAS (“ADLOOX”) provides ad verification services via (THE “ADLOOX Solution”), which enables ADLOOX clients to control the efficiency of online targeted marketing campaigns. ADLOOX software runs analysis for example to check whether the advertisements have been broadcasted on broadcasters’ websites, in what country the advertisements have been broadcasted and whether they have been displayed in front of a real web user and not activated by a bot. 

In respect of the personal data processed in connection with the ADLOOX Solution:

  • ADLOOX acts as a “data processor” on behalf of its clients; and 

  • ADLOOX clients, (together with the broadcasting websites), act as the data controllers, 

in each case for the purposes of the GDPR.

As data processor, ADLOOX processes personal data in connection with the ADLOOX Solution on the basis of its clients' instructions and for the lawful purposes our clients identify. More particularly, personal data are processed in the ADLOOX Solution in order to produce aggregated statistics as instructed by our clients. Such statistics are aggregated, hashed and anonymized following a robust process preventing any and all identification of web users before any storage in ADLOOX servers. ADLOOX shall not keep personal data (such as the IP address) and shall only provide its clients with statistical data relating to the country in which the advertisements have been broadcasted, the overall frequency and other statistical data relating to the broadcasting of clients’ campaigns. 

How does the ADLOOX Solution process data? 

The ADLOOX Solution involves embedding a script into an ADLOOX client’s advertisement before such advertisements are broadcasted on a website. The script starts running when the advertisement is displayed on the web browser of the web user. As per ADLOOX client’s instructions, this script may collect the following information, some of which constitutes personal data:

  • URL of the broadcasting website; 

  • Timestamp;

  • IP address of the web user;

  • Remote address;

  • Impression ID; and

  • User agent (web browser, OS, device, to be completed).

As instructed by the ADLOOX client, the ADLOOX Solution will then generate a fingerprint from the collected data. Such fingerprint is used to produce aggregated efficiency statistics on advertising campaigns which are communicated to the ADLOOX client. The IP address and other personal data linked with a web user are immediately encrypted upon collection and remain so until they are either anonymized or erased in compliance with the rules mentioned below.

Does the ADLOOX Solution involve any other processing?

ADLOOX clients, in their capacity as data controllers tend to conclude that the ADLOOX Solution involves:

  • no automated decision-making, 

  • no processing necessary for the actual delivery of a client advertising campaign;

  • only the limited processing necessary to generate the statistical, aggregated client reports which do not contain personal data; and 

  • ADLOOX collection and processing servers which are exclusively located on European territory and which are subject to appropriate technical and organizational measures to ensure the security and the control of data access.

However, every ADLOOX client must make their own assessment of the ADLOOX Solution in their capacity as data controller.