Datenschutzverordnung Für in der EU ansässige Personen:Die Allgemeine EU-Datenschutzverordnung (General Data Protection Regulation/GDPR) tritt am 25. Mai 2018 in Kraft. Die GDPR aktualisiert und ersetzt bestehende Gesetze der EU-Mitgliedsstaaten auf der Grundlage der EU-Datenschutzrichtlinie (46/95/EG). Da Privatsphäre und Datenschutz wichtig für uns sind, stellen wir Ihnen die zusätzlichen Informationen bereit, zu deren Erhalt Sie unter der GDPR berechtigt sind.

Wir haben Informationen darüber aufgenommen, wie wir Ihre Daten verarbeiten, und hier erläutern wir die Grundlage, auf der wir dies tun:

  • Wenn Sie sich für unsere Produkte oder Dienstleistungen anmelden, verarbeiten wir Ihre personenbezogenen Daten, um unseren Vertrag mit Ihnen zu erfüllen;
  • Wir können Ihre personenbezogenen Daten verarbeiten, wenn ein EU-Gesetz dies von uns erfordert;
  • Wir haben ein berechtigtes Interesse an der Verarbeitung von Daten, z. B. für Direktmarketing- oder Forschungszwecke; oder
  • Wir werden Ihre personenbezogenen Daten auch verarbeiten, wenn Sie uns Ihre Zustimmung dazu gegeben haben.

Die GDPR verleiht Ihnen zudem zusätzliche Datenschutzrechte und Sie können von uns Folgendes verlangen:

  • Die Korrektur von personenbezogenen Daten, die falsch oder unvollständig sind;
  • Sie können der Verarbeitung Ihrer personenbezogenen Daten unter bestimmten Umständen widersprechen, wenn wir sie auf der Grundlage unseres berechtigten Interesses verarbeiten;
  • Sie können jeder auf Ihrem Verhalten basierenden automatisierten Entscheidungsfindung widersprechen, beispielsweise von uns durchgeführte Analysen für Direktmarketingzwecke. Wir führen eine automatische Verarbeitung durch, wenn wir Cookies verwenden, die auf Dritt-Websites zur Web-Publikumsmessung platziert werden, um zu messen, wie Sie mit den Websites verschiedener Herausgeber interagieren und diese nutzen oder um Fernsehgewohnheiten zu analysieren, wenn Sie an einer unserer Forschungsgemeinschaften teilnehmen und von unseren Panelteilnehmern;
  • Sie können Ihre Zustimmung zu unserer Verarbeitung Ihrer personenbezogenen Daten widerrufen;
  • Sie können Beschwerde bei der nationalen Datenschutzbehörde Ihres Wohnsitzlandes einlegen. 

Wir verwenden eine automatisierte Verarbeitung für Marketing und Medienforschung sowie zur Messung von Werbung. Zu unseren Verfahren zur Durchführung dieser Form der Verarbeitung gehören: die Erfassung von Daten aus unserem digitalen Erhebungsnetzwerk, das Software-Code implementiert und als „Tagging“ bezeichnet wird, die Messung der Werbeplatzierung, Sichtbarkeit, der Nutzereinbindung, Markensicherheit und Publikumsgröße, der Erwerb von Informationen der Fernsehzuschauer von Satelliten-, Telekommunikations-, und Kabelbetreibern, die Set-Top-Boxen und Video on Demand (VOD) Zuschauer abdecken, die Messung von Bruttoeinnahmen und Besucherzahlen von Kinos. Die Internetnutzung des Web-Publikums und die Fernsehinformationen sowie Umfrageergebnisse werden zusammen mit Informationen von Millionen anderer Panelteilnehmer verwendet, um Forschungsberichte über Internettrends, Fernsehgewohnheiten, e-Commerce- und Mobilgerätaktivitäten zu erstellen.  In den meisten Fällen sind diese Informationen pseudonymisiert und/oder anonymisiert und es findet keine Identifikation von Namen oder Haushalten statt. In manchen Fällen verwenden wir Längsschnitt-Verhaltensdaten für eine ID, um die Mitgliedschaft des Publikumssegments zur Verwendung in unserem Berichtswesen zu erschließen (Interesse und demografisch). Hierbei handelt es sich um eine Wahrscheinlichkeitsberechnung und nicht um eine direkte Messung.

Wenn wir Ihre personenbezogenen Daten erfassen und verarbeiten, um den von Ihnen angeforderten Produkten und Dienstleistungen zu entsprechen oder um Vertragsbedingungen zu erfüllen, sind wir ohne personenbezogene Daten möglicherweise nicht in der Lage, Ihrer Anfrage oder unseren vertraglichen Verpflichtungen gerecht zu werden. Wenn Sie sich bemühen, ein Recht auszuüben, können wir zusätzliche Informationen bei Ihnen anfragen, um Sie zu verifizieren und um uns bei der Bearbeitung Ihrer Anfrage zu unterstützen.

Siehe unsere Datenschutzrichtlinie

comScore is a recognized global leader in cross-platform measurement of audiences, advertising and consumer behavior. Built on precision and innovation, comScore combines proprietary TV, digital and movie viewing data with vast demographic details to measure consumers’ multiscreen behavior at scale. With more than 3,200 clients and a global footprint in 70 countries, comScore is delivering the future of media measurement.

comScore products and services help our customers measure audiences and consumer behavior across media platforms, while also providing a validation of advertising delivery and its effectiveness. Our products and services are organized around four major offerings:

  • Digital Audience Measurement: provides the size, behavior and characteristics of online audiences across multiple digital platforms including computers, tablets, smartphones, game consoles and other connected devices.
  • Advertising Measurement:  provides end-to end solutions for planning, optimization and evaluation of advertising campaigns.
  • TV and Cross-Platform Measurement: measures consumer viewership of television content for both linear and on-demand viewing in the U.S. at the national level and in [all 210] local markets.  Provides an unduplicated view of cross-platform consumer behavior when integrated with our Digital Audience and Advertising Measurement products and services.
  • Movie Measurement: precisely measures movie viewership, uses social media and exit polling to capture audience demographics and sentiment and provides tools to the largest movie studios and movie theater customers around the world.

The following identifies the different categories of recipients with who we may share your personal data. This may include:

  • Our selected third party partners;
  • Third party data enrichers, data quality aggregators and providers of data cohort matching services;
  • Our customers;
  • Our vendors, consultants, agents, contractors, and other service providers that we use to support our business;
  • Joint industry committees (“JIC’s”) involved in media audience measurement and research. Further details of JIC’s can be found here: http://i-jic.org/about_us;
  • comScore affiliates, subsidiaries, or parent companies; and
  • A prospective seller or buyer in the event of a sale or purchase of any comScore business or asset.

The GDPR Preparedness Kit – May 2018 is Coming

Here is a comScore FAQ to help you with your GDPR compliance.[1]

Executive Summary  

  • The General Data Protection Regulation (GDPR) goes into effect on May 25, 2018.
  • Most of comScore products fall under GDPR. As comScore collects, stores and uses personal data, it is 'processing’ personal data and subject to the rules under the GDPR; comScore additionally sells market solutions in the EU commercial marketplace.
  • Under GDPR, we are required to update contract provisions with any company where we provide, receive or exchange data with that company. We have done this outreach in March and April of 2018.
  • You can direct any questions to GDPR@comscore.com.

 

What is the GDPR?

  • The General Data Protection Regulation (GDPR) is a new European Union (EU) law that will update and replace all existing national data protection legislation in Europe. It will apply and be enforced across all EU and European Economic Area (EEA) markets from May 25, 2018.
  • The GDPR is a comprehensive reform because it applies directly to all EU and EEA markets and therefore represents one data protection law applicable across all of the EU. However, the GDPR does allow EU countries to issue their own data protection laws on some topics.  
  • The GDPR will have a global impact: it imposes new rules on companies – regardless of their location - that offer goods and services directly to people in the EU, or that ‘monitor’ their behavior (e.g. for analytics or behavioral targeting purposes).
  • The GDPR introduces new rules for the governance of personal data, building upon existing EU data protection laws. It broadens the scope of personal data to include scenarios where an individual is both “identified” and “identifiable” and specifically includes the use of online identifiers (e.g. cookies).  

 

What does comScore do?

comScore is a recognized global leader in cross-platform measurement of audiences, advertising and consumer behavior.  Built on precision and innovation, comScore combines proprietary TV, digital and movie viewing data with vast demographic details to measure consumers’ multiscreen behavior at scale.  With more than 3,200 clients and a global footprint that spans more than 75 countries, comScore is delivering the future of media measurement.

Our Products and Services
comScore products and services help our customers measure audiences and consumer behavior across media platforms, while also providing a validation of advertising delivery and its effectiveness. 

Our products and services are organized around four major offerings:

  • Digital Audience Measurement: provides the size, behavior and characteristics of online audiences across multiple digital platforms including computers, tablets, smartphones, game consoles and other connected devices.
  • Advertising Measurement:  provides end-to end solutions for planning, optimization and evaluation of advertising campaigns.
  • TV and Cross-Platform Measurement: measures consumer viewership of television content for both linear and on-demand viewing in the U.S. at the national level and in [all 210] local markets.  Provides an unduplicated view of cross-platform consumer behavior when integrated with our Digital Audience and Advertising Measurement products and services.
  • Movie Measurement: precisely measures movie viewership, uses social media and exit polling to capture audience demographics and sentiment and provides tools to the largest movie studios and movie theater customers around the world.

Third Party Accreditation, Certification and Review
comScore is committed to providing the market with transparency into the methods, methodologies, practices and techniques we use in our measurement. To do so, we continuously engage with third-party auditors around the world to prove the soundness of our measurement methods. Learn more at https://www.comscore.com/About-comScore/Third-Party-Review.

 

Does the GDPR apply to comScore?

  • Yes. ‘Processing’ means any operation performed on personal data, such as collection, recording, organizing, structuring, storing, adapting or altering, retrieving, consulting, using, disclosing by transmission, disseminating or otherwise making available, aligning or combining, restricting, erasing or destructing. As comScore collects, stores and uses personal data it is ‘processing’ personal data and subject to the rules under the GDPR.

The following are examples of our data sourcing:

  • Digital Audience Measurement:  We have created an opt-in Total Home Panel® which can capture all forms of data that run through a home’s internet connection.  This expands our intelligence to include OTT and IOT behavior and is captured in an aggregate form.
  • Advertising Measurement:  We integrate many of our services with ad serving platforms. We collect data from our census digital network implementing software code, referred to as “tagging.”
  • TV: We obtain television viewership information from satellite, telecommunications and cable operators covering set top boxes and Video OnDemand (VOD) viewership.
  • Movie Measurement: We measure gross receipts and attendance information from movie theaters.  

 

What ‘personal data’ does comScore collect?

As you can see from above, comScore collects personal data through a variety of ways, including directly from individuals who are panelists, from publishers or third parties that comScore may partner with. 

  • The types of personal data collected about individuals may include, for example, user demographic data (i.e. region, language, age group, gender, etc.), the types of cookies deployed to an individual’s device, URLs/websites and webpages visited and other web browsing activity data, device identifiers and information included in online forms the individual may have completed. 

 

What is the ePrivacy Regulation (ePR)?

  • The ePrivacy Regulation is a draft piece of legislation being discussed in the EU with the aim of reforming the existing ePrivacy Directive (aka ‘cookie directive’) which requires the user’s informed consent for the storing of information of a device or accessing that information (e.g. via a cookie or Advertising ID). It aims to align with the GDPR but as a sector-specific regulation for electronic communications, ComScore will need to comply with it as well as the GDPR. The ePrivacy Regulation has not yet been agreed upon and it is still in draft form. We will continue to monitor updates on the ePrivacy Regulation as necessary but it will not distract us from preparing for the GDPR.

 

What is comScore doing to comply with GDPR?

  • comScore has significant experience in protecting data, championing privacy, and complying with complex regulations. We believe that the GDPR is an important step forward for clarifying and enabling individual privacy rights. 
  • comScore is in the process of taking all necessary steps to comply with the GDPR, including evaluating all our data processing activities and reviewing contracts as well as privacy and security policies, and procedures, to ensure that they are in line with the GDPR in advance of the May 25, 2018 deadline.
  • We are also reviewing how we communicate our data processing activities and privacy policies in our ‘Privacy Notice’. The GDPR outlines very clear transparency requirements for organizations and we will be setting out the “who, how, what, why, where and what” of comScore’s data processing activities in clear and plain language.
  • comScore complies with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Economic Area and Switzerland to the United States. To learn more, please view our EU-U.S. Privacy Shield and Swiss-U.S. Privacy Shield Statement
  • comScore has been actively engaged in several key industry and legal organizations to better understand the GDPR requirements.  These organizations include: ESOMAR, IAB GDPR Implementation Working Group, Association of Corporate Counsel (ACC), International Association of Privacy Professionals (IAPP).  

 

Can you provide some insight on your data security?

  • Our Information Security team has implemented a number of security controls pertaining to comScore’s business, including:
    • SSAE16 SOC 1 and SOC 2 compliant data centers
    • DDOS prevention service
    • Intrusion detection/prevention services
    • Encryption of data in transit and at rest
    • Disaster recovery plan and failover site
    • Security and privacy awareness training for employees and vendors

If you have additional questions, please contact us at gdpr@comscore.com.

[1] Legal disclaimer: This should not be construed as legal advice nor is intended to be a complete listing of GDPR obligations. comScore recommends that entities subject to legislation seek legal counsel from qualified sources.