Rokt and GDPR

Updated December 20, 2019

GDPR compliance is one of Rokt’s highest priorities. The GDPR aims to strengthen personal data protection and impacts the way organizations collect, use, and manage such data from within the European Union (EU).

What is the GDPR?

The GDPR, which came into effect on 25 May 2018, is a legal framework that sets guidelines for the collection and processing of personal data from individuals who live in the EU. It applies to all companies that process personal data about EU citizens, regardless of where the business is based. Processing is defined broadly and refers to anything related to personal data, including how a business handles and manages data, such as collecting, storing, using and deleting data.

Our commitment to the GDPR

Keeping your data safe, secure, and private is at the forefront of what we do at Rokt. Rokt sees compliance as an ongoing process, not an endpoint that can be ‘achieved’ with a single stamp or certification. We are committed to complying with the GDPR and our goal, as ever, is to meet our commitments and provide an industry-leading level of transparency and control.

Our GDPR compliance efforts

We’re always working hard to ensure we’re compliant in every market we operate in. Rokt began preparing for GDPR in 2016, and was directed in its efforts by a leading European data protection law firm and IAPP member advisors across multiple markets.

As GDPR develops and evolves, we’ll continue to take further steps on a daily basis in defending and protecting the privacy of Partners, Brands, and end customers. Some of our GDPR compliance efforts include:

  • Empowering customers with more control: We’ve enhanced our processes and procedures so that all customers can seamlessly request access, deletion, and restriction of their data, and opt-out of all marketing. Personal data is never shared until they provide their consent
  • Increased data transparency: Updating our Privacy Policies to be more transparent about what data we collect and how it’s used
  • Stronger security measures: Partnering with a leading third-party security services provider to have our applications, network, infrastructure and information security programs regularly audited including quarterly penetration tests and vulnerability scans
  • Robust safeguards: Our solutions are backed by advanced technical and organizational safeguards with dedicated security and privacy teams
  • Enhanced incident response processes: Improving our privacy governance frameworks and practices, including updating and globalizing our Data Breach Response Plans
  • Organizational readiness: Regular audits and reviews by external counsel to ensure we’re mitigating all risks and following industry standards and best practices
  • Product readiness: Conducting data privacy impact assessments to identify and reduce the data protection risk within products, projects, and systems

What’s next?

Rokt takes data protection and privacy very seriously and we remain committed to transparency, control, and accountability. As GDPR evolves, we will continue to work hard to take all the necessary steps to ensure we remain compliant with the market’s data protection laws and most importantly, we will continue to keep you and your customers at the forefront of everything that we do.

Additional information

If you have any questions or require further information, please don’t hesitate to reach out to your account manager or legal@rokt.com