Processor Agreement Publishers - Version 1.0 per 25-05-2018
This is an additional agreement between Daisycon B.V. and its Publishers and between Publishers and the Advertisers who promote Publishers via Daisycon (version 1.0 per 05-25-2018).
Taking into account that:
- Publisher has entered into an Agreement with Daisycon by accepting the General Publisher conditions when registering his Publisher account with Daisycon (Publisher Agreement).
- Publisher enters into an Agreement with the Advertiser at the moment that it registers to the Advertiser Campaign, accepts the specific program conditions and in turn is accepted by the Advertiser within the Campaign. (Affiliate agreement).
This agreement contains provisions regarding the processing of data, to be qualified as a Processor Agreement as referred to in the General Data Protection Regulation (hereinafter: GDPR). This page can be consulted at any time.
- In the context of the execution of the Agreement between Publishers and Advertisers, an Advertiser can share data of transactions (no personal data, hereinafter: Transaction data) with Publishers. The parties agree that, in so far as Publisher and / or Daisycon processes data from the Advertiser, Publisher and / or Daisycon can be regarded as the Processor in the sense of the GDPR and the Advertisers as Controller. Publisher and Daisycon will therefore only process data in the context of the execution of the Agreement with the Advertiser.
- In the context of the execution of the Agreement between Publisher and Advertiser, the Advertiser can store and process data (in particular data via the so-called ‘Prefilling’ on the Advertiser’s website). The parties agree that insofar as the Advertiser processes data on behalf of Publisher, Advertiser and Daisycon can be regarded as the Processor within the meaning of the GDPR and Publisher as the Controller. Advertiser and Daisycon will therefore only process data within the framework of the execution of the Agreement with Publisher and only if prior consent has been made between Publisher and Advertiser, which data are concerned and how the permission for the obtaining and sharing of data by Publisher is guaranteed. Purpose of Prefillen -and the processing of data to make Preffillen possible- is to improve user experience on the website of the Advertiser.
- In the context of the implementation of the Agreement between Publisher and Daisycon, Daisycon can save and process Publisher data (in particular data in the so-called sub-IDs, or in specific cases in case of ‘Issue resolving’, regarding quality checks, testing or malfunctioning). The parties agree that, in so far as Daisycon processes data on behalf of Publisher, Daisycon – and if the data is also shared with the Advertiser, Advertiser can also be regarded as the Processor in the sense of the GDPR and Publisher as the Controller . Daisycon and Advertiser will therefore only process data in the context of executing the Agreement with Publisher. Publisher endeavors to pass on Daisycon as little as possible to Daisycon / store it at Daisycon. If Publisher passes on personal data to Daisycon, Publisher must as much as possible anonymize or pseudonymize the data. Daisycon declares that data from Publisher from Sub-IDs are not shared with Advertisers. Purpose of Sub ID’s -and the processing of data to make Sub ID’s possible- is to give feedback to the Publisher via which Link a Transaction is generated. Purpose of Issue handing -and the processing of data to make Issue handling possible- is quality control, testing the functioning of the technique, of to detect and solve malfunctioning.
- Publisher is aware of the Advertiser Program Terms. Advertiser has the possibility to include additional conditions regarding Data Processing in the Program Terms. By default, the agreements in this Processor Agreement apply.
- Advertisers who receive data from Publisher must adhere to the agreements as laid down in the Standard Processor Agreement for Advertisers.
- Publisher protects his passwords and takes full responsibility for his own Account at Daisycon (hereinafter: Account) as well as the use by third parties of his Accounts. Publisher is responsible for all activities that take place under his Account, with the exception of the activities of support staff of Daisycon as mentioned in this article. Publisher immediately informs Daisycon, after it has become known to Publisher, of unauthorized use of the Publisher’s Account or any other breach of the security of which Publisher is aware. Daisycon’s support staff may log in to the Service from time to time (password is never shown) to maintain or improve the Service, including helping Publisher with problems or support.
- Publisher and Daisycon guarantee that they fully comply with all applicable legal obligations, including but not limited to the obligations under the GDPR, with regard to the data and in particular personal data.
- Publisher guarantees to Daisycon and Advertiser that these data are not unlawful and do not infringe the rights of third parties, (ii) that they are entitled to provide the data to Daisycon or Advertiser, and (iii) that they are entitled Daisycon or Advertiser as the processor of the relevant data. Publisher grants Daisycon and Advertiser the right to use (sub) processor (s) themselves, provided that (sub) processor (s) meet the agreements as laid down in this Processor Agreement.
- Publisher fully indemnifies Daisycon and Advertiser against all third-party claims, including the Sub-processors, which derive in any way from and / or are related to the processing of data by Publisher and / or which are the result of the violation of these Processor agreement mentioned guarantees by Publisher.
- In the case of a data leak at Daisycon involving data from Publisher, Daisycon undertakes to report this to Publisher within 24 hours.
- In the case of a data leak at Publisher that involves data from Daisycon or from a Advertisers of Daisycon, Publisher agrees to report this to Daisycon within 24 hours.
- Daisycon states that data from Publisher is only stored on servers within the EU or otherwise only in countries that guarantee an adequate level of protection.
- Publisher declares that Personal Data, combined with data from Advertisers obtained through the services of Daisycon will not be stored in countries that do not guarantee an adequate level of protection.
- Daisycon makes every reasonable effort to secure its systems and the data transfer between Publisher and Daisycon against loss and / or against any form of unlawful use. Daisycon implements appropriate technical and organizational measures for this, taking into account, among other things, the state of the technology. Publisher declares to have taken note of the measures taken by Daisycon and to have established that these measures guarantee an appropriate level of security with regard to the data being processed.
- Publisher makes all reasonable efforts to secure its systems and the data transfer between Publisher and Advertiser against loss and / or against any form of unlawful use. For this, Publisher implements appropriate technical and organizational measures, taking into account, among other things, the state of the technology. Daisycon has the right to take note of the measures taken by Publisher and to establish that these measures guarantee an appropriate level of security with regard to the data being processed.
- Publisher and Daisycon declare that they do not store more data than strictly necessary for the performance of their services (privacy by design).
- Publisher and Daisycon declare they won’t store –personal- data for no longer than is strictly necessary for the performance of its service or after termination of the Agreement, unless this is based on a legal obligation.
- Both Daisycon and Publisher are bound to secrecy of all data and information that it processes as a result of this Processing Agreement, except to the extent that such data or information is apparently not secret or confidential, or are already generally known.
- Daisycon is at all times entitled to change this Processor Agreement. The Publisher will receive a digital notice. If Publisher does not object within 14 days after the notice, the Publisher is considered to have accepted the changed Processor Agreement.
- This Processor Agreement will be in effect during the term of the Agreement between Publisher, Daisycon and the Advertisers. If the Agreement ends, this Processor Agreement shall end by operation of law, except when the nature of the processing and / or the nature of the provision require the continuation of the specific provisions of this Processor Agreement.
- The leading supervisor is the Dutch Data Protection Authority (DPA).
Standard text privacy statement publishers
You may use this standard text as a publisher to include in your privacy statement for the visitors of your website. Publishers and advertiser are obliged to inform its visitors about the services that Daisycon performs for them. You may, but are not obliged to use this text for this.
For the cookie and the data processing with regard to the services provided by Daisycon, you do not need to request explicit permission from the consumer in advance. The privacy impact for the visitors is very limited and within the GDPR, Daisycon relies on the lawful bases for processing of Legitimate Interest. For more information, read the Daisycon Cookie- and Privacy Statement.
Read here extensive information about what you as a publisher at Daisycon must do to comply with the GDPR. Keep in mind that if you personally process personal data and combine them with data from advertisers at Daisycon you should extend this standard text with information about what information you process and what the purpose of the processing is. Of course you must comply with the agreements in the standard processor agreement.
Start standard text:
Additional texts (optional)
Sub ID with account information
If, as a publisher, you provide data from your visitors in the sub ID, you must have permission to use the data and clearly inform the visitor about this. This can be done, for example, by adding the text below to your privacy statement. Read more about using sub IDs and the GDPR here.
If you as a publisher prefill data on the website of the Advertiser, then you need to coordinate this in advance with Daisycon and the advertiser. You must have permission to use the data and clearly inform the visitor about this. This can be done, for example, by adding the text below to your privacy statement. Read more about prefilling and the GDPR here.