Data Privacy

GDPR Compliance Center

Adbite is built for the privacy-first era of programmatic advertising. Learn how we handle data under the General Data Protection Regulation and how to exercise your rights.

What GDPR Means for Adbite

The General Data Protection Regulation (GDPR) is the European Union's comprehensive data protection framework, applying to any organization that processes the personal data of EU and EEA residents.

As an operator of a programmatic advertising platform, Adbite sits at the intersection of multiple data processing relationships. We process personal data both as a Data Controller, for our own business operations, platform accounts, and infrastructure, and as a Data Processor, when we process bid-stream, campaign, and audience data on behalf of our publisher and advertiser partners.

Adbite supports the IAB Transparency and Consent Framework (TCF) 2.2, which enables our publisher partners to collect, record, and signal user consent choices to downstream demand partners in a standardized way. We are a registered TCF vendor and enforce consent signals throughout our bid processing pipeline.

Controller
Data Controller Rights
When acting as a Data Controller, Adbite determines the purposes and means of processing for platform account data, billing records, and website analytics. We are responsible for ensuring this processing has a valid legal basis, that data subjects are informed of their rights, and that we honor requests for access, deletion, and portability within the required timeframes under GDPR Articles 12–22.
Processor
Data Processor Obligations
When acting as a Data Processor on behalf of publishers and advertisers, Adbite processes personal data strictly according to documented instructions and only for the purposes agreed in our Data Processing Agreement (DPA). We maintain records of processing activities as required by Article 30 GDPR, implement appropriate technical and organizational security measures, and assist controllers in fulfilling their GDPR obligations including data subject rights requests and breach notifications.
Data Subject
Data Subject Rights
If you are an individual whose personal data is processed by Adbite, whether as a platform user or as an end user of a publisher's digital property, you have rights under GDPR that we are committed to facilitating. These include the rights to access, correct, delete, port, restrict, and object to processing of your data. You can submit a request using the form on this page, and we will respond within 30 days of verification.

Legal Bases for Processing

GDPR requires that every processing activity have a documented legal basis under Article 6. Adbite relies on the following legal bases depending on the nature of the processing.

1
Consent (Art. 6(1)(a))
For behavioral advertising, audience profiling, and non-essential cookies on publisher properties, we rely on freely given, specific, informed, and unambiguous consent collected via TCF 2.2-compliant consent management platforms.
2
Contract (Art. 6(1)(b))
For processing necessary to fulfill our contractual obligations to platform users, including account creation, billing, campaign delivery, and publisher payouts, we rely on the performance of a contract as our legal basis.
3
Legal Obligation (Art. 6(1)(c))
For processing required to comply with applicable laws, such as retaining financial records for tax purposes, responding to lawful data access requests from authorities, or maintaining audit logs, we rely on legal obligation.
4
Vital Interests (Art. 6(1)(d))
In rare circumstances where processing is necessary to protect the vital interests of an individual, such as in a security emergency, Adbite may rely on this basis, though it is not a primary basis for routine platform operations.
5
Legitimate Interests (Art. 6(1)(f))
For fraud detection, security monitoring, platform abuse prevention, direct marketing to existing business contacts, and limited contextual advertising (non-profiling), we rely on legitimate interests after conducting and documenting a balancing test.
6
Public Task (Art. 6(1)(e))
This basis is not currently relied upon by Adbite for any routine processing activity, as Adbite is a private commercial entity. It is listed here for transparency and completeness of our legal basis documentation.

Your GDPR Rights as a Data Subject

Under the GDPR, individuals in the EU and EEA have eight fundamental rights relating to their personal data. Adbite is committed to honoring all of these rights.

Submit a GDPR Request

Use the form below to submit a data subject request. We will verify your identity and respond within 30 days as required by GDPR Article 12. All requests are handled by our Data Protection Officer.

You may also email your request directly to [email protected]. We may need to verify your identity before processing sensitive requests.

Data Protection Officer

Adbite has appointed a dedicated Data Protection Officer (DPO) as required under GDPR Article 37. Our DPO is responsible for overseeing data protection strategy, ensuring regulatory compliance, and serving as the primary point of contact for data protection authorities and data subjects.

🛡
Contact Our Data Protection Officer

Our DPO can be reached directly for any GDPR compliance inquiries, data subject rights matters, or regulatory communications. The DPO operates independently within Adbite and reports directly to senior management.

Email: [email protected]  ·  Post: Data Protection Officer, Adbite, Inc., 245, 5th Ave, New York, NY 10001, United States  ·  EU Representative: Adbite EU B.V., Keizersgracht 424, 1016 GC Amsterdam, Netherlands