Publishers have significant responsibility for the compliance of the vendors they use and receive ongoing requests for information from data protection authorities in Germany and other EU member states.

These relate to the processing of personal data under the GDPR, including:

• lawfulness of processing (art. 6(1) GDPR)
• information requirements (art. 13 GDPR)
• data protection by design and by default (art. 25(2) GDPR)
• responsibility and ability to demonstrate compliance (art. 5(2) GDPR)

All website operators, especially publishers and marketers, require compliance checks to ensure that vendors adhere to the TCF and GDPR regulations before vendors are used, as well as ongoing audits.

As a neutral service provider, ePrivacy can create these checks very reliably and efficiently for all industry participants.

The seal confirms to technical service providers (vendors) compliance with the following:

• IAB Europe Transparency and Consent Framework 2.0 (soon to be TCF 2.2)
• Relevant aspects of the European General Data Protection Regulation (GDPR)
• ePrivacy Directive - Telecommunications and Telemedia Data Protection Act (TTDSG) of 2021

In total, 7 areas from the IAB TCF, GDPR, and ePrivacy Directive (TTDSG) are examined and evaluated based on 38 criteria. The criteria are based on the public criteria catalog:

1. Legal basis
2. Transparency and data subject rights
3. Data security
4. Documentation requirements
5. International data transfers
6. Use and processing of TCF signals
7. TCF registration and processes

The seal offers competitive advantages and can be used for external communication with consumers, customers, and publishers.

Certification Process

ePrivacy conducts the certification process - which is completed by the award of the ePrivacy Vendor Compliance Seal - as follows:

1. audit of vendor product documentation
2. evaluation of vendor privacy policy
3. data security check
4. audit of further documents and plausibility checks
5. review of international data transfers (SCCs and TIAs)
6. compliance with of TCF 2.0 Policies and further requirements

The ePrivacy Vendor Compliance Seal enables the vendor exclusive access to a database in which the information is stored.

The detailed criteria catalogue for the Vendor Compliance Seal can be downloaded over the ePrivacy website (or will be provided separately).

The seal enables competitive advantages for vendors in the online marketing industry.