Data collection has become an essential part of the operations of most organisations, especially those operating online. While it is effective, it has also given rise to a number of concerns surrounding how that data can both be misused, and become the target of theft.
This GDPR is a new legislative agenda that aims to improve the safety of individuals’ data, as well as regulate how that data is collected, processed and used.
As of the 25th of May, businesses of all shapes and sizes, will need to ensure that they are fully compliant with this new legislation if they serve customers (have traffic) originating from the EU – and affiliates are no exception.
The purpose of affiliate sites is to drive traffic to merchants and operators in order to earn a commission. The more savvy of affiliates, will collect data in numerous ways in order to be able to remarket to their users, if not only to understand their users better, improve customer journey, and in turn, conversion rates.
The data collected on those users most likely falls under the realms of GDPR, and with some heavy penalties of up to €20,000,000, or 4% of annual turnover, it isn’t just another ‘inconvenience’ that should be ignored.
How to Ensure Compliance
Understand what Personal Information is
Personal information includes obvious data such as name, email address and phone number. Many affiliates won’t collect this kind of data, unless they at least have a newsletter subscription form on their website. However, it’s likely that all affiliates have some kind of website tracking/analytics software installed on their website.
Under GDPR’s definition of personal data, it includes “any information relating to an identified or identifiable natural person”.
It then continues to explain that “an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person”.
Note the use of the terms “identification number”, “location data” and “online identifier”. Under GDPR, collection of IP addresses and the storing of cookies could be deemed to be deserving of consent from the individual prior to collection, if that data could be used to identify them. Note also, that it doesn’t necessarily mean personally identifying them – if cookies are being used to create a ‘profile’ on an individual, which is being processed on subsequent visits or across websites, then that is deemed as identifying them.
The key to the GDPR’s vision is the role of consent. Consent must be obtained from all individuals prior to collecting data on them that could be used to identify them “directly, or indirectly”, as well as an explanation as to the purpose for processing that data.
Consent must be “clear and distinguishable from other matters” and “provided in an intelligible and easily accessible form”. This means that it can no longer be hidden away in the midst of a website’s T&Cs, and in fact it must be entirely separate and written in clear and plain language.
All affiliates should review their privacy policies (or create one if they don’t already have one), and ensure it complies with GDPR. The request for consent must explain what data is being collected, why it’s being collected, how it will be used, and how long it will be kept for.
If affiliates’ privacy policies and “opt-in” practices don’t satisfy the condition of GDPR, then reconfirmation or re-permission must be obtained.
Users should also have the ability to easily opt-out or close their account with immediate effect if they no longer wish to be subscribed or for their data to be used. It must be “as easy to withdraw consent as it is to give it”.
What does this mean for cookies, and website analytics software?
If the cookies set by your analytics software are collecting data that will be used across websites (i.e. for advertising), then you must obtain consent from users before using it. The standard Google Analytics code doesn’t have Advertising Features turned on, and so technically it doesn’t even fall under the ‘Cookie Law’.
Affiliates should limit the features and data they collect to an absolute minimum. E.g. if they don’t need or use demographic reports in Google Analytics, then they should disable Advertising Features. Relying on consent should be avoided at all times where possible.
Provide Access to Data
Individuals will have the right to request a copy of the data held on them under GDPR. Requests must be fulfilled within 1 month, and the data supplied free of charge, in an easily accessible, understandable, and electronic format. They also have the right to correct or amend any information they see as inaccurate.
Affiliates should therefore prepare for the eventuality that one of their users exercises such a request.
Right To Be Forgotten
Individuals will also have the power to request that any information held on them be deleted. This will most certainly include personally identifiable data held in affiliates’ databases and 3rd party tools, but will also include any data which is ‘linked’ to from affiliates’ systems. For example, Google Analytics has a feature allowing the linking of User IDs and tracking cookies. The purpose is to track users across devices, and count them as the same user, rather than 2 or more unique users. Google have announced a tool which allows deletion of any data linked to such User IDs.
Security should be a top priority anyway, even a before GDPR was on the horizon. Nevertheless, affiliates should review their website security and ask themselves what they are doing to prevent a breach, as well as the ways in which data could be stolen/abused in the event of a breach. Historically only passwords were encrypted, however there is now more of a case than ever to encrypt other data too.
If an affiliate is unfortunate enough to suffer a breach, they will need to make the appropriate Data Protection Authority (DPA) aware of it. All organisations have 72 hours to report the breach, and organisations acting as data processors will be required to notify their customers (data controllers).
Appoint a Data Protection Officer
A DPO will only be required if your organisation handles a large volume of data, or is involved in monitoring this data on a large scale. In most cases this doesn’t apply to affiliates, however, they will still need to act responsibly, review their internal record keeping, and ensure that consent and data collected is auditable.
Be Paranoid about Privacy
Under the GDPR, failure to implement adequate precautions when it comes to data protection and privacy will result in the most serious penalties they have to offer. And this doesn’t only relate to online privacy.
Affiliates should review the existing safeguards they have in place to prevent data getting into the wrong hands, both online and offline i.e. in their home office or work premises. Staff should be restricted to accessing information that is absolutely critical to their role and thought should be given to what physical data would be at risk in the event of a physical break-in.
This article contains general information for affiliates to make their own informed decisions about the upcoming GDPR. You must not rely on the information in this article as an alternative to professional legal advice. The article has been contributed by Pavlos Sideris of Cashbacker – the leading gambling cashback community.
BuzzBingo.com teams up with Rightlander to boost affiliate compliance measures
Tier one operator becomes the latest to leverage Rightlander’s innovative compliance platform
Buzz Bingo has become the latest tier one operator to partner with leading compliance experts, Rightlander.com, to boost their responsible gambling capabilities.
The Rightlander compliance platform consists of several affiliate compliance tools that are tailored to cover market specific legislation and advertising standards. These include the Automated Compliance Monitor, PPC Monitor and Affiliate Mapping Tools all of which assist operators manage and monitor their affiliate traffic on-demand.
The Automated Compliance Monitor detects non-compliant content across multiple territories and flags violations such as missing terms and conditions, outdated offers, and incorrect marketing assets. This helps ensure that affiliates are aligned with the brand and marketing message, further strengthening Buzz Bingo’s compliance strategy.
The PPC Monitor identifies harmful ads to stop them from appearing on an operator’s branded keywords while the Affiliate Mapping Tool helps operators map previously undeclared affiliate sites to known affiliates.
Commenting on the partnership, Nicole Mitton, Head of Customer Success at Rightlander.com, said: “Operators understand the importance of ensuring that affiliates sending traffic to their sites are acting responsibly, but monitoring and managing all of this can be daunting.”
“The Rightlander platform takes the hassle out of ensuring affiliate compliance, and we are delighted to be working with Buzz Bingo to help them improve their processes and better manage their affiliate partners.”
David Abrams, Senior Online Media Manager at Buzz Bingo, said: “Responsible gambling measures are one of the highest priorities to us as an operator and partnering with Rightlander means we can ensure we’re running an even more robust and compliant affiliate strategy. Working with multiple affiliates, we need to ensure they are completely aligned with our responsible gambling positioning at all times, and this requires careful monitoring of all traffic coming our way. The Rightlander platform does exactly that so we’re very happy to be working with them”.
BonusFinder granted affiliate licence for Virginia
Top affiliate site BonusFinder.com has been given a licence to operate in the US state of Virginia, complementing its suite of licences for the country’s other regulated states which includes New Jersey, West Virginia, and Illinois.
BonusFinder.com Managing Director Fintan Costello celebrated the new approval, saying: “This increases BonusFinder.com’s reach into regulated US markets and we cannot wait to bring the best deals and bonuses for sports betting to players in Virginia.”
Presently there are five sports betting providers licensed in the state: Betfair, Draft Kings, BetMGM, Rivers Casino Portsmouth, and Caesars Virginia. Twelve licences are ultimately available, so the market is anticipated to grow, plus a further five to be allocated to the state’s newly-approved bricks-and-mortar casinos.
Despite the state enjoying a population of over 8.5m people, land-based casino gambling has arrived quite late, with the first of five casinos scheduled to open in 2022.
Virginia’s Sports Betting Vendor licence is the first of its kind to be done entirely by online application.
King Billy Casino. King of Malta!
When it comes to competitive advantages in the world of online gaming, few things can compare to the big license from the small country. We are talking of course about the Malta Gaming Authority (MGA) license, which, believe it or not, has even its own slogan “Brings the odds to your favour”.
The Malta Gaming Authority has become the world’s preferred global remote gaming regulator by offering a stable legal framework for online players, operators and service providers. Companies wishing to obtain a gambling license from MGA must meet a number of strict criteria in terms of credibility, ownership structure, integrity and competence.
Criteria, which, more or less, are innate qualities of a King, aren’t they? So, it comes as no surprise that King Billy Casino, owner of so many impressive industry distinctions, awards and trophies in less than 3 years of existence is now also a proud holder of the MGA license.
King Billy Casino Chief Business Development Officer Julia Bereza says: “For all of us who have been with the King since his earliest days, this is stunning news! However, obtaining the license was only the first step. The team working on the project is committed 200% to explore an all the new opportunities the MGA license gives. Being part of King Billy always makes us remember that we are making history here!”
But is the new license going to make history for King Billy Casino’s players too? Bereza smiles and points out “You bet it is! The crystal clear Malta regulations and terms combined with the “always transparent” policy of King Billy will make the relationship with our players even more trustworthy, reliable and secure.
In addition, acquiring a wide range of EU accepted payment systems will make every King Billy Casino player especially comfortable with depositing and withdrawing. We can’t wait to see where this will take us!”
To another award perhaps for the new King of Malta?
The Malta Gaming Authority (MGA) is a Malta-based Gaming Control Board. Its mission, since its inception in 2001, has revolved around the principle of having a fair and transparent gaming sector in Malta to safeguard against crime and corruption, and to offer protection to minors and vulnerable players.
King Billy Casino is a new generation online casino, available in 6 languages (English, German, Russian, Finnish, Norwegian and Japanese) with an impressive record in awards and an amazing variety of games and features. King Billy has prioritized the creation of a superb user experience focusing on the myth of King Billy and his Kingdom and treats all players with the specialness they deserve.
1xBet to share vision for betting’s future at iGB Live!/iGB Affiliate Amsterdam
‘A glimpse into the future and a chance to see what the industry will be like tomorrow’ is how...
Soft2bet – celebrating 5-years of success at iGB Live!/iGB Affiliate Amsterdam
Soft2bet, the casino and sportsbook platform, will be in celebratory mood when the industry gathers at the forthcoming iGB...
Rightlander partners with BetBull
Supplier to help tier one operator improve affiliate compliance Rightlander.com, the ground-breaking compliance platform has signed a deal with...
Acroud launches The Festival Series in Bratislava
Acroud returns to the live events scene with the launch of the first edition of The Festival Series. By...
Paysafe expands Betfred USA Sports partnership through Income Access deal
U.S. sportsbook will leverage Paysafe’s Income Access to launch affiliate marketing program across multiple states Paysafe, a leading specialized...
1xBet Partners: An affiliate program that stands out from the crowd
Nominated for the Affiliate Program of the year at the Global Gaming Awards, the 1xBet Team reveals how the...
Over 2/3 of Gambling Experts Believe in Global Self-exclusion, Casino Guru Survey Reveals
A survey by the world’s biggest casino database, online gambling authority, and activist for sustainable gambling measures, Casino Guru,...
What are the Biggest New Slot Games of 2021 So Far?
There are a wide variety of slot games that are released each year. Every single game has been designed...
Svenskaonlinecasino.info: A Review of Sweden’s Right to Gamble Online
For many players online that wish to gamble, often the goal-posts are shifted with new laws and ruling that...
Does the iGaming industry struggle with integrity when it comes to reviews?
In this day and age building a successful iGaming affiliate site requires so much more than just an attractive...
News4 years ago
Paddy Power departs the Italian market
News5 years ago
Use of Social Media for Online Gambling Affiliates
Affiliate Announcements2 years ago
How to Stand Out on Georgia’s Profitable Gambling Market? Leading Experts to Discuss Best Practices at Georgia iGaming Affiliate Conference
Affiliate Success4 years ago
Affiliate Interviews: CasinoDaddy (Mathias, Anton, and Erik Joelsson)
News3 years ago
Casino Games for Real Money – Choosing One to Play
Affiliate Success2 months ago
Blexr has been crowned Best Casino Affiliate at this year’s IGB Affiliate Awards
Affiliate Success5 years ago
Exclusive Interview with Christoph C. Cemper Founder & CEO of LinkResearchTools and Link Detox
News3 years ago
Henrik Persson Ekdahl announces sale of stake in Catena Media