GDPR

display.io GDPR Compliance Overview

Display.io Ltd. (“Company”, “Display.io” or “we”) has implemented data security and data protection policies as part of our ongoing process to comply with applicable data protection legislation such as the General Data Protection Regulation (“GDPR”) and the upcoming California Consumer Privacy Act (“CCPA”) (collectively “Data Protection Regulations”).

Display.io is fully committed to comply with the Data Protection Regulations, thus, the Company has designated an internal team, which are accompanied by the Company’s legal consultants and other professional and expert consultants, for the sole purpose of ensuring all required actions are taken in order to achieve compliance.

Please see below a general overview which details the Company’s efforts in complying with the Data Protection Regulations:

Data Processing

Company only processes personal data to the extent necessary and in accordance with applicable Data Protection Regulations, Company has ensured there is an applicable lawful basis for any and all processing of Personal Data as defined under the Data Protection Regulations.

In addition, Company has ensured all documents such as agreements, privacy policies, online terms, employment agreements, etc. are compliant with the Data Protection Regulations.

Technological Organizational and Security Standards

The Company has completed an in-depth audit of mapping out all of its data sets and its technical and organizational security measures, all as stipulated in our Security Policy available here: https://display.io/en/publishers/security.

User Rights

In accordance with applicable Data Protection, data subjects may exercise the right to access, rectification, restrict processing, erasure, data portability, the right to complain to a supervisory authority and the right to not be subject to automated processing, all known as Data Subject Rights (“DSR”). In order to exercise any of the above rights please fill in our DSR form and contact our DPO at: dpo@display.io.

Transparency to Regulators

Company maintains accurate and accessible written records to the extent legally required to provide authorities, all in a timely manner.

Security Incident Responsiveness

Company has implemented a process, in the event of a persona data breach and will provide regulators and data subjects with an immediacy of notification to the extent required under applicable Data Protection Regulations. Further, we have implemented internal policies of handling such personal data breach and especially, we have implemented internal requirements, security frameworks, and technical measures, all to avoid any security incidents.

Display.io has also trained its personnel and employees to educate them with regards to the Data Protection Regulations, Company’s data practices and the importance of security as well as the process of handling any security incident occurs.

Data Protection Officer

Company has appointed a DPO in order to ensure ongoing compliance with the GDPR which can be contacted at: dpo@display.io.