What to do when you are a Processor and need identity resolution…

Kevin Mullen
Kevin Mullen

Chief Product Officer

Consent String Logic Roqad

We often hear the following question from customers and partners: 

 

What is the relationship between our data and Roq.ad’s data with respect to GDPR (as well as guidance provided by the United Kingdom’s Information Commission Office)? 

 

We made the above chart to help clarify the matter. Some of the keys to locating your organization on the chart – are you using Roq.ad’s Private or Public Graph? Are you passing Transparency & Consent Framework Strings to Roq.ad? 

 

Given that the UK ICO has told us you cannot be both a controller and a processor of: 

  • The same dataset 
  • For the same purpose 
  • At the same time 

This guidance means that if Roqad ingests customer data and combines that customer data with data from other sources, since it is a controller on the data from other sources, it is a controller on everything. That controller status triggers an Article 5 requirement to verify consent on the data coming from the customer. 

 

As an alternative, we can keep the datasets separate.  In this scenario, Roqad matches IDs with the customer per a customer pixel fire (customer is either a controller or a processor on behalf of an end client who is a controller; Roqad is a processor or a sub-processor).

 

Option A: a pre-post-cookie deprecation example: 

 

Dataset #1: cookie match table that matches Roq.ad cookies to Partner cookies (Partner is a processor and Roqad is a sub-processor)

Dataset #2: public graph with everything relevant in the Roqad cookie space (with most recent TC Strings) (Roqad and Partner are both Controllers) 

 

This allows us to provide the Roqad customer with the following: 

Dataset #1: Partner ID <> Roqad ID 

Dataset #2: Roqad ID <> Other Extended IDs 

 

Option B: a post-cookie deprecation example: 

 

Dataset #1: public graph with ONLY Partner cookies as an output.  (Roqad and Partner are both Processors)

Dataset #2: public graph with everything relevant EXCEPT Partner cookies (with TC Strings) (Roqad and Partner are both Controllers) 

 

This allows us to give a Roqad partner the following: 

Dataset #1: Partner ID <> Roqad person ID 

Dataset #2: Roqad person ID <> Other Extended IDs 

 

Option B may not see the conversion until a future graph build, because we may not have mapped the partner cookie until the conversion happens. But we should be able to generate a significant amount of conversion lift for the Partner over click through rates in a post 3rd- party cookie world.  

Give us a shout to chat with an identity resolution expert today: CONTACT US

Share on facebook
Facebook
Share on twitter
Twitter
Share on linkedin
LinkedIn

Recent posts