Performance Marketing is developing day by day all over the world. Merchants find it the most reasonable and frugal way to enhance their business. At present data security is a big concern. That’s why the General Data Protection Regulation (GDPR) comes into effect on 25th May 2018. The most important objective of GDPR is to enhance the data security of EU citizens.

What is GDPR ?

The object of the GDPR is to bring into line data privacy laws across Europe, to protect and empower all EU citizens’
Click here for details:

Our Commitment to GDPR :

We are completely GDPR compliant since the 25th of May 2018. As a solution provider, Adwalnut has always realized and accomplished procedures which make sure that client data is stored and processed in ways required only to dish up our clients in the finest possible way.

How does GDPR Affect Adwalnut ?

Any corporation that gathers or processes personal data of people in the EU falls under the scope of the GDPR, even if the organization has no substantial presence in the European Union. So global businesses especially who are dealing with online businesses are affected. Adwalnut conducts global business and their customers are from different countries across the globe including Europe. So Adwalnut customers are affected by this.

GDPR Compliance Is a Shared Responsibility between Data Controllers and Data Processors

Data Controllers:

( Adwalnut Clients) “Controller’ means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data”.

Data Processors:

(Adwalnut)“Processor’ means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller”.

How does Adwalnut Prepare for the GDPR ?

Personal Data Collection

We enable our users at the account level to opt-in for real-time IP obfuscation and unique Device ID blanking for all EU countries.

• IP obfuscation (conceal the last octet of the IP with 0) currently exists within the platform and will be expanded to include all EU countries.

• Device ID blanking will replace any incoming values from these macros.

  1. Ip
  2. Local Ip
  3. Curent Time
  4. Browser Name
  5. Browser Version
  6. OS Name
  7. OS Version
  8. Device Type
  9. Device Id
  10. Android Id
  11. Ref Android Id
  12. Ref Device Id
  13. Mac Address
  14. Ios Ifa
  15. User Id

Data Collection and Retention Policies:

• With data minimization principles in mind, we’ve made the following changes:

• IP addresses and Device IDs will have a 120-day rolling retention.

• All log-level reporting will have a 12-month rolling retention period.

Note: These retention window changes will only impact the Conversion Report and Click Logs. All Stats Report queries will still be available beyond these retention windows, though Affiliate Sub 1-8 or Source stats queries are available for 18 months.

Data Deletion Process:

The measures that are required by articles 17, 30 and art. 32 para. 4 GDPR. include:

• Physical access control – Our physical data centers are secure. Security measures include having security officers onsite, monitoring and alarm systems, video/CCTV monitors and much more. No person, not even a member of Adwalnut, has self-determined access to the servers.

• Data access, usage and transmission controls – Tools in place to protect unauthorized access, usage or transmission of data. The data cannot be changed or deleted by unauthorized persons during transmission.

• Separation rule – To keep data private and secure we ensure that any information collected for different purposes is separate during processing. This extends to test systems and production systems as well.

• Pseudonymization – Any data is hashed as early as possible. The processing of personal data happens in a way that the data can no longer be assigned to a specific data subject without additional information being provided.

• Availability control and rapid recoverability – Frequent backups protect all stored data against loss. Adwalnut creates continuous backups, which are also transferred to a remote site. With this, Adwalnut can restore data if lost.

• Incident response management – If data is lost we inform those affected immediately.

Deleting Affiliate, Advertiser, and Account Employee Personal Data

• You will have an option to permanently delete any personal data you store regarding your affiliates, advertisers, or employees.

• Note: When deleting end user, affiliate, advertiser, or employee data, we will not delete the entire user record; we will keep the id and company_name to ensure the accuracy of your aggregates.

Privacy by Design :

Adwalnut has executed appropriate technological and managerial measures into the software development life cycle (SDLC) for ensuring that personal data is processed firmly in accordance with our customers’ instructions and configurations.

• Private Data is collected only when assurance of consumer consent is obtained

• No selling of personal data

• Opt-out/opt-in options

• Honoring do-not-track privacy choices

For more on our GDPR compliance, get in contact with our privacy team —


This is for informational intentions only and should not rely on as legalized advice or to establish how GDPR might affect you and/or your organization. We persuade you to take expert advice, before taking any action on the base of the information provided here.

Try Our Demo Now. No Credit Card Required.