Last Updated on

July 15, 2022


Chartboost takes the privacy of our developers and their end-users seriously. We know that user data is important to our developers' values and operations. That is why we are taking measures to support our partners compliance with EU data protection requirements, including those set forth in the General Data Protection Regulation (GDPR).

For more information, we encourage our customers to read through the resources provided below.

What is GDPR?

The General Data Protection Regulation (GDPR) is a new European privacy law that is set to replace the current EU Data Protection Directive (Directive 95/46/EC). The GDPR is intended to strengthen the security and protection of personal data in the EU.

To whom does the GDPR apply?

The GDPR applies to all organizations operating in the EU and processing personally identifiable data of EU residents. Personal data is any information relating to an identified or identifiable natural person.

Is Chartboost a controller or processor?

Chartboost is a "Controller" with regard to the personal data that we process of European data subjects. Chartboost relies on its publishers to have the appropriate legal grounds or consent for Chartboost to process such data.

What data does Chartboost collect through its advertising service?

Chartboost collects data (including device ids and IP addresses) to optimize our in-app advertising network and to enhance performance and targeting. Also, Chartboost may collect post-install events associated to its customers users.

What are Chartboost's data transfer practices for data transferred outside of the EU?

Chartboost is certified for the EU-US and Switzerland-US Privacy Shield Frameworks.

How does Chartboost plan to handle requests from EU users (data subjects) of partners under the GDPR?

We value our partners and intend to help them in their obligations to their users under GDPR. Additionally, our privacy policy describes options consumers have for managing their data and opt-out choices.

Does Chartboost have a record of processing activities and is this record of processing activities regularly recorded and updated?

Yes. Chartboost maintains an internal record of processing activities that is updated regularly by a dedicated, cross-functional team.

What technical and organizational measures does Chartboost have in place to secure user data?

Chartboost has developed security measures and protocols. An overview of Chartboost's security policies and measures may be obtained under a Non-Disclosure Agreement (NDA) in specific cases.

How does the Chartboost SDK register user consent for the use of personal data?

Publishers should call the setPIDataUseConsent API from the Chartboost SDK and pass in the appropriate value for whether consent exists, does not exist, or is unknown. Publishers are required as part of the Terms of Service to obtain consent from their users before Chartboost will process any personal data and pass it to the Chartboost SDK via the above method.

Where can I see your Terms & Conditions and Privacy Policy?