Digital Advertising Guidance: data security, retention & storage

Posted on: Monday 28 November 2022 | IAB UK

IAB UK has produced this guidance as part of our commitment to the ICO in our response to its investigation of real-time bidding. The guidance aims to help facilitate legal compliance, responsible data use, and accountability.


The purpose of this guidance is to help educate the digital advertising industry about the legal requirements relating to personal data security, retention and storage - helping companies to understand their obligations and how to comply with them in practice. It is intended as a high-level overview for companies engaged in digital advertising in the UK, based on relevant UK law - namely the UK GDPR, Data Protection Act 2018 (DPA 2018) and the Privacy and Electronic Communications (EC Directive) Regulations 2003 (PECR).

Part one of the guidance provides an overview of organisational and technical security measures that can help enable companies in the digital advertising industry to comply with their personal data security obligations. Part two details specific examples of appropriate security measures in different industry contexts, including practical guidance on risk assessments and how to determine personal data retention periods.

Please note that nothing in this guidance, or any accompanying documentation or resources, constitutes legal advice. Following the guidance is no guarantee of compliance. Companies remain responsible for their own compliance with applicable laws and industry self-regulatory rules, so should take their own legal advice where necessary. 

Written by

IAB UK

Topics

Related content

Government publishes Gambling white paper

The white paper sets out the Government’s direction of travel for regulatory reform regarding gambling advertising, confirming that online gambling ads...

Learn more

DMCC Bill introduced to Parliament

The Digital Markets Competition and Consumers (DMCC) Bill has been introduced to Parliament, setting out competition provisions targeted at large firms...

Learn more
IAB UK member in conversation at an event

IAB UK’s response to Ofcom’s ‘Less Healthy Food & Drink’ consultation

Find out more about the consultation and download our full response

Learn more
IAB UK member in discussion at event

IAB UK’s response to ICO’s consultation on its draft impact assessment framework

Our consultation response addresses the Information Commissioners Office’s (ICO) approach to routinely conduct impact assessments when considering new...

Learn more

Why digital advertising works

Discover why digital advertising is effective for reaching your customers and building brands.