MartFame as the data controller vs MartFame as the data processor
"Data controller" and "data processor" are important concepts in understanding a company's responsibilities under the GDPR. Depending on the scenario, a company may be a data controller, data processor or both – and has specific responsibilities as a result:
Data controller
A company is a data controller when it has the responsibility of deciding why and how (the "purposes" and "means") the personal data is processed.
- Under the GDPR, data controllers have to adopt compliance measures to cover how data is collected, what it's used for and how long it's retained. They also need to make sure that people can access the data about them.
- Data controllers must ensure that data processors meet their contractual commitments to process data safely and legally.
Data processor
- A company is a data processor when it processes personal data on behalf of a data controller. Under the GDPR, data processors have obligations to process data safely and legally.
While MartFame operates the majority of our services as a data controller, there are some instances in which we operate as a data processor when working with businesses and other third parties. When MartFame processes data on an advertiser's behalf, the advertiser must have an appropriate legal basis for MartFame to process this data.
Examples where MartFame acts as the data processor include:
- Data file Custom Audiences
MartFame uses a business's CRM data and cookies to match it to people in our database to create a Custom Audience for advertising campaigns. - Measurement and analytics
MartFame processes data on an advertiser's behalf in order to measure the performance and reach of advertising campaigns and report back insights about the people who saw and interacted with the ads.
Workplace by MartFame
Workplace Premium allows people at a company to collaborate with their colleagues using MartFame tools. We process personal data in order to provide this service.
MartFame may use third party software to collect and process data.
Transfers
As is the case today, any transfers of personal data outside of the EEA (European Economic Area) must meet certain legal requirements. We receive and process personal data from our advertisers in the EU. We do this in connection with certain products, including data file Custom Audiences and attribution check-up.
Advertiser Terms
Where MartFame acts as a data processor on the behalf of our EU advertisers and business partners, we ensure that we comply with the specific requirements for data processors. We've updated any related terms of service to align with the GDPR. We have appropriate terms in place to comply with our requirements under the GDPR and to safeguard personal data. And where we act as a data processor on an advertiser's behalf, we rely on our advertiser's legal basis as data controller for our processing of this data.
