The company TRACKAD ensures compliance with the applicable regulations and is particularly concerned about respecting the privacy of individuals. In order to take into account the European Union Regulation n°2016/679 on the protection of personal data (known as «GDPR»), TRACKAD explains below its position on the protection of personal data.
TRACKAD offers its advertising customers the «TRACKAD» software, which is a tool for analysing and monitoring the performance of a website’s marketing campaigns and for protecting against fraudulent abuse by affiliates participating in these campaigns.
As part of this activity, TRACKAD and its advertiser customers jointly process the personal data of visitors and customers to advertisers’ websites.
- What is the joint responsibility of TRACKAD and its customers?
A controller is the person (natural or legal) who determines the purposes and means of processing personal data. It may happen that several persons jointly determine the purposes and means of the processing, even if they have different degrees of influence on the processing.
As part of its TRACKAD activity, provides its customers with the TRACKAD SaaS software.
With this software, TRACKAD customers can analyse the return on investment of their marketing campaigns and protect themselves against abuse by affiliates taking part in CPA campaigns.
Only this processing of personal data is carried out jointly by TRACKAD and its customers. TRACKAD’s customers may carry out other types of processing on the data of visitors to websites operated by TRACKAD’s customers, for which they are solely responsible.
- Who are the persons and data concerned by this joint processing operation?
This joint processing involves the processing of the identification number and product order number of visitors to websites operated by TRACKAD customers.
- What is the legal basis for the data processing of TRACKAD and its customers?
The GDPR requires personal data to be processed on a legal basis (e.g. execution of a contract with the person, safeguarding the vital interest of the person, consent of the person, legitimate interest of the controller, etc.).
Within the framework of the use of the «TRACKAD» software, the joint processing by TRACKAD and its customers of the personal data of visitors to websites operated by TRACKAD’s customers is based on the legitimate interest of TRACKAD and its customers. This legitimate interest is the analysis of the return on investment of marketing campaigns and the fight against affiliate abuse.
Insofar as the personal data concerned by the joint processing are the identification number and product order number of visitors to the websites operated by TRACKAD’s customers, we consider that it is possible to rely legally on our joint legitimate interest as long as it does not affect the interests or fundamental rights and freedoms of visitors to these websites.
Naturally, visitors to TRACKAD customers’ websites will be informed of the collection of their data and their processing by TRACKAD and its customers, within the framework of the information provided by the customer and will be able to exercise all the rights at their disposal under the applicable legislation and regulations.
- What are the impacts of this joint responsibility of TRACKAD and its customers?
The GDPR provides that when several persons are responsible for processing, they are both equally responsible for compliance with the applicable regulations and must contractually define their respective obligations.
For this reason, the contract concluded between TRACKAD and its customers provides for the role of each of the parties in the processing of personal data of visitors to websites operated by TRACKAD’s customers.
- What does the contract between TRACKAD and its customers provide for?
This contract provides in particular that:
— The joint processing of personal data of visitors to TRACKAD customers’ websites is based on the legitimate interest of TRACKAD and its customers. This legitimate interest is the analysis of the return on investment of marketing campaigns and the fight against abuses by affiliates of these marketing campaigns;
— The customer undertakes to provide visitors to his website with all the information required by the law of 6 January 1978 and by the GDPR;
— Visitors to TRACKAD’s customers’ websites may contact both TRACKAD and the customer to exercise their rights under the regulations on the protection of their personal data (right of access to data, right of rectification, right of limitation, right to object to processing, right of portability, right to define directives on the fate of their data after their death, etc.);
— TRACKAD and its customers are committed to implementing technical and organizational measures to ensure the highest security and confidentiality of personal data of visitors to TRACKAD’s customers’ websites;
— If TRACKAD or one of its customers notices that the personal data of visitors to the TRACKAD customer’s website has been violated, a notice of violation will be sent to the CNIL by TRACKAD and its concerned customer. TRACKAD and its customer will then take all necessary measures to limit the consequences of this violation for the visitors of the website concerned;
TRACKAD and its customers undertake not to transfer the personal data of visitors to TRACKAD customers’ websites outside the European Union.
If you have any questions about the joint processing of personal data, you can contact firstname.lastname@example.org.