Pedemy takes the privacy of our developers and their end-users seriously. We know that user data is important to our developers’ values and operations. That is why we are taking measures to support our partners’ compliance with EU data protection requirements, including those set forth in the General Data Protection Regulation (“GDPR”), effective May 25, 2018.
For more information, we encourage our customers to read through the resources provided below.
What is GDPR?
The General Data Protection Regulation (“GDPR”) is a new European privacy law that is set to replace the current EU Data Protection Directive (“Directive 95/46/EC”). The GDPR is intended to strengthen the security and protection of personal data in the EU.
To whom does the GDPR apply?
The GDPR applies to all organizations operating in the EU and processing “personal identifiable data” of EU residents. Personal data is any information relating to an identified or identifiable natural person.
Is Pedemy a controller or processor?
Pedemy is a “Controller” with regard to the personal data that we process of European data subjects. Pedemy relies on its publishers to have the appropriate legal grounds or consent for Pedemy to process such data.
We have a dedicated team working on GDPR compliance to implement appropriate measures by May 25th, 2018.
What data does Pedemy collect through its advertising service?
Pedemy collects data (including device ids and IP addresses) to optimize our in-app advertising network and to enhance performance and targeting. Also, Pedemy may collect post-install events associated to its customers’ users.
What are Pedemy’s data transfer practices for data transferred outside of the EU?
Pedemy is certified for the EU-US and Switzerland-US Privacy Shield Frameworks.
How does Pedemy plan to handle requests from EU users (data subjects) of partners under the GDPR?
Does Pedemy have a record of processing activities and is this record of processing activities regularly recorded and updated?
Yes. Pedemy maintains an internal record of processing activities that is updated regularly by a dedicated, cross-functional team.
What technical and organizational measures does Pedemy have in place to secure user data?
Pedemy has developed security measures and protocols. An overview of Pedemy’s security policies and measures may be obtained under a Non-Disclosure Agreement (“NDA”) in specific cases.
How can Pedemy publishers prepare for GDPR enforcement?
Pedemy encourages publishers to begin preparing for the GDPR by reviewing their privacy and data security processes and policies to ensure compliance by May 25, 2018.
How does the Pedemy SDK register user consent for the use of personal data?
Publishers should call the “setPIDataUseConsent” API from the Pedemy SDK and pass in the appropriate value for whether consent exists, does not exist, or is unknown. Publishers are required as part of Terms of Service to obtain the consent from their users before Pedemy will process any personal data and pass it to the Pedemy SDK via the above method.