Privacy Center

You must provide clear, easily accessible, and comprehensive information about the collection and use of user personal data on your websites and apps.

• Identifying the controller. Disclose the name of the company that 
acts as a controller of users’ personal data and its contact details. 
Typically it is the operator of the website or app.

• Identifying a privacy contact point. For example, inform users how 
they can contact the Data Protection Officer if such a function is 
designated in your organisation.

• Identifying RTB House. Name the RTB House company with which you signed a contract as a recipient of users’ personal data (RTB House acts as the Advertiser’s processor and as a separate controller of the Publisher). You will find a list of RTB House companies under the “Contact us” tab on our website (“Invoice data” section).


  For users to have a comprehensive first-hand description of the processing we conduct, provide a link to our privacy policy currently available under: https://www.rtbhouse.com/privacy-center.

• Identifying other companies you share personal data with. Besides RTB House, other companies that receive users’ personal data from your websites and apps should be identified.

• Informing about the purpose of processing.

  If you are an Advertiser, the processing allows you to display advertisements for your products or services to users on third-party websites and apps.

  If you are a Publisher, the processing allows brands, e-commerce retailers, and service providers to display advertisements for their products or services to users on your website or app.

• Informing of the legal basis of processing of users’ personal data.

  If you are an Advertiser, it is your responsibility as a controller to choose an appropriate legal basis. Typically, Advertisers choose consent as a legal basis for processing users’ personal data. 

  If you are a Publisher, please mind that in the scope of users’ personal data obtained from you and other Publishers, RTB House describes its legal basis for processing users’ personal data in this Services Privacy Policy.

• Informing about users’ rights. For example, about their right to access or delete their personal data.

• Informing about the tracking technologies used and their duration. For Advertisers, if requested, we can provide a list of tracking technologies 
used in our campaigns during the integration of our services. Advertisers can also use a tool like a consent management platform to identify, name, and categorize tracking technologies and their owners in your notices or contact RTB House for further support. The scope of tracking technologies relates to those of RTB House and its partners. In relation to the latter, remember to identify, in particular:

  (1) “Google Advertising Products” and provide a link to Google’s Business Data Responsibility Site: https://business.safety.google/privacy/;

  (2) Xandr Inc. and provide a link to Xandr’s Privacy Notice: about.ads.microsoft.com/en-us/solutions/xandr/platform-privacy-policy;

  (3) Microsoft Advertising and provide a link to Microsoft’s Privacy Notice: https://privacy.microsoft.com/privacystatement.

• Informing how to give consent or refuse it. This can be made by operating a cookie banner.

• Disclosing information about a retention period. By default RTB House deletes data obtained from the Advertiser’s website once the data is more than 500 days old — this can be reasonably adjusted in line with the Advertiser’s instructions.

• Informing about other matters as required by Privacy Laws. For example, about restricted transfers of user data where the law requires such a disclosure, about the right to lodge a complaint to the supervisory authority, etc.

To deliver the information, update privacy notices on your website and/or in your app. Depending on how you currently provide information to users, update the:

• Consent management platform (so-called “cookie banner”);

• “Website Privacy Policy” or “Website Privacy Notice”;

• and/or your “Cookie Policy”.

The information should:

• be provided to users before they are offered a choice to give (or refuse to give) consent in a visible and obvious manner; and,

• be available at all times at a permanent location, for example in a “Cookie Policy” easily accessible on the website or app.

Regardless of whether GDPR or ePrivacy applies to your activities, RTB House emphasizes that transparency with users is essential to building trust in your services. Transparency involves providing clear, user-friendly explanations of how their data is collected, used, and by whom. For this reason, RTB House strongly recommends that Advertisers and Publishers include detailed information about data processing for online advertising on their websites and apps.

Advertisers and Publishers must obtain user consent before sharing users’ personal data with RTB House or triggering our tracking technologies.

According to European data protection laws, consent is considered valid provided that it is freely given, specific, informed and unambiguous.

Consent should be “freely given” and “specific”

You should obtain consent for each separate purpose of processing (or category of tracking technologies). In Europe, Advertisers and Publishers typically use the categories of purposes described by IAB Europe as part of the Transparency and Consent Framework or use categories such as: (a) Necessary; (b) Functionality; (c) Analytics; and (d) Advertising. Cookie banner design should offer a balanced choice between accepting and rejecting the use of cookies or other tracking technologies.

Consent should be “informed”

See section “Information Obligation: inform users of your website/app about processing”.

Consent should be “unambiguous”

Consent should be expressed as an active action by the user. For example, the user can tick a box or click a button. Avoid pre-checked consent boxes and consent expressed by scrolling through a website. A lack of action from a user cannot be interpreted as valid consent.

Allow users to refuse consent

Users should be allowed to refuse the processing for advertising purposes as simply as they could consent to it.

Allow users to withdraw consent

Users should be able to withdraw consent for any reason, at any time. The means to withdraw consent should be made easily accessible to users. Withdrawing consent should be as easy as giving it.

Users' preferences should be retained for at least the duration of their active browsing or use of the website or app. The maximum retention period should be appropriate to the nature of the website or app and its audience.

Users’ consent preferences should be recorded and presented upon RTB House’s request. Advertisers often achieve this by using dedicated consent management platforms that allow for the storage of proofs of consent.