In doing so we utilise Converge’s proprietary advertising technology platform to help ensure that advertising inventory is transacted in real time across Websites, Internet-powered applications, mobile, smart phone, tablet, video, Connected TV and other Internet-accessible material or content.
Generally, an internet user’s cookie ID comes into contact with Converge’s technology when a user views an advertisement which connects to our technology platform.
In order to deliver Digital advertising to browsers and devices around the globe, the Converge-Digital Platform is designed to receive and transmit certain types of data. Collectively, we call this “Platform Data” i.e. data generated through use of the Converge platform.
This data includes information about browsers and devices, for example:
The data the Platform collects from browsers and devices may also be referred to as “HTTP header data”. Data contained in the HTTP header, (such as IP Address) is required in order to deliver an ad to a device or browser.
The Converge platform does NOT allow any data to be passed that has the potential to identify a natural person, such as name, address, phone number, or email address. We also contractually prohibit our clients from passing data of this nature in connection with their use of our Platform.
The GDPR now includes “unique identifiers” within the scope of personal data when combined with certain types of information (including the information that Converge and other AdTech companies typically collect).
This unique identifier is a sequence of numbers or numbers and letters used as a label that identifies a particular device or browser. Converge-Digital assigns a unique identifier (e.g., UUID1234) to every device or browser that interacts with the Platform.
While Converge cannot identify which individual (or individuals) are using the device or browser in the real world, this unique identifier, combined with the IP Address, is now defined as “personal data”.
This type of personal data that we collect, represented by unique identifiers, is referred to in the GDPR as “pseudonymized data”. The GDPR explicitly recognizes “pseudonymization” as good practice in protecting the interests of individuals, precisely because this practice obscures users who are “in the real world”.
Converge-Digital is a “Joint Controller” with respect to any personal data, i.e. that which is collected or received through the Platform when receiving an ad call to supply inventory to a publisher’s web page. This is because data related to ad requests is tied to our Platform’s unique ID for the device or browser.
Those unique IDs are used by our Platform for frequency capping and day-parting across browsers and apps of our publisher partners. This ensures that advertisers using the Converge Platform are not showing the same ad repeatedly to the same device or browser on the same day, or at times when the advertiser does not want to show its ad to that device or browser.
Converge defines itself as a joint controller in relation to this data because we need to honour these frequency caps on behalf of our Advertiser clients. Pursuant to the text of the GDPR and the existing EU guidance, this makes us a controller of the data with respect to that purpose.
In order to collect, use, store, pass on, etc. (known as “process”) personal data, a data controller must have a legal right (known as a “legal basis”) to use the data.
Where Converge-Digital operates as a data controller, we rely on legitimate interests to process personal data on our Platform for security purposes, to decide which buyer (and which creative) wins an auction to purchase advertising inventory, and to optimize the real-time sale of inventory.
To clarify again, ALL personal data used by Converge-Digital is pseudonymous data.