Display & Video 360 – Security & Privacy
Display & Video 360 – Security & Privacy
Security, Data Privacy & Transparency with Display & Video 360
Security, Data Privacy & Transparency with Display & Video 360
Display & Video 360 (DV360) is built on a foundation of security and data privacy. The platform's infrastructure prioritizes compliance, transparency, and data integrity, ensuring a secure environment for programmatic advertising. This page outlines the key principles, agreements, and practices that govern data security, privacy, and compliance when using DV360.
Security, Data Privacy & Transparency with Display & Video 360
Security, Data Privacy & Transparency with Display & Video 360
Display & Video 360 (DV360) is built on a foundation of security and data privacy. The platform's infrastructure prioritizes compliance, transparency, and data integrity, ensuring a secure environment for programmatic advertising. This page outlines the key principles, agreements, and practices that govern data security, privacy, and compliance when using DV360.
Data Privacy
Data Privacy
Google prioritizes user data security, working closely with European Data Protection Authorities to implement robust privacy protections guided by their advice.
Security
Security
Google has earned the globally recognized security standard ISO 27001 for its systems, technology, processes, and data centers across various products, including DV360.
Compliance
Compliance
Comprehensive policies ensure regulatory compliance and safeguard the experience for advertisers, publishers, technology partners, and users.
Transparency
Transparency
DV360 enhances cost transparency & supply chain optimization by allowing advertisers to compare media costs with seller gross revenue, revealing all fees and eliminating hidden charges.
Brand Safety
Brand Safety
Multiple brand safety features enable inventory filtering based on the subject matter of the ad's surrounding content and can be deployed as-is or customized to meet specific needs.
Brand Suitability
Brand Suitability
Deploying inclusion and exclusion lists of websites and apps can further extend brand safety measures to meet brand suitability standards and performance goals while automating the process.
Fraud Prevention
Fraud Prevention
Backend features and third-party verification technology integrations help avoid impressions being associated with illegal or deceptive activity, such as click fraud or impression fraud.
Sustainability
Sustainability
With viewability targeting, attention-based bidding, A/B tests, and attention metrics, DV360 cuts out extra impressions and decarbonizes advertising.
See what Display & Video 360 security & privacy features and approaches are in place:
See what Display & Video 360 security & privacy features and approaches are in place:
Google Core Principles
Google Core Principles
Google’s approach to data protection is built on clear principles: Customers retain ownership of their data at all times, and Google processes it strictly within the scope of agreed terms. Customer data is never used to create ad profiles or enhance Google Ads products, nor is it ever sold to third parties. Transparency is central – Google provides clear information on how data is collected and used, in line with regulatory requirements such as GDPR. Security and data protection are fundamental to product design, with robust technologies in place to safeguard customer information across all services.
Compliance
Compliance
Using Display & Video 360 requires strict adherence to compliance standards covering data privacy, user consent, and advertising policies. Advertisers must obtain and transmit valid user consent for personalized advertising, particularly for users in the European Economic Area, aligning with Google’s consent requirements. Campaigns must also comply with Google’s advertising policies, including rules on prohibited content and deceptive practices. Beyond platform policies, advertisers are responsible for meeting all relevant legal obligations such as the GDPR and other national data privacy laws. Transparency remains essential – clear privacy policies, user control over data, and responsible handling of personal information are core to operating compliantly in DV360.
Data Protection Agreement & SLA
Data Protection Agreement & SLA
Display & Video 360 is governed by both Data Processing Agreements (DPAs) and Service Level Agreements (SLAs), which collectively define the responsibilities around data protection and platform reliability. DPAs outline how personal data must be handled in accordance with laws like the GDPR, covering obligations for data security, subprocessors, international transfers, and user rights. These agreements ensure that data shared within DV360 is processed lawfully and transparently. SLAs, on the other hand, define Google’s service commitments, including platform availability, performance metrics, and remedies in case of service disruption. Together, these agreements form the foundation for compliant, secure, and dependable use of DV360 in enterprise environments.
International Data Transfer
International Data Transfer
International data transfers in Display & Video 360 refer to the transmission or accessibility of personal data beyond the European Economic Area (EEA), often to locations such as the United States. These transfers must comply with GDPR and require appropriate safeguards to ensure data remains protected. Where applicable, adequacy decisions issued by the European Commission enable lawful transfers without additional mechanisms. In DV360, international transfers may occur during the activation of first-party data, such as hashed email mapping for publisher-specific identifiers (e.g., PAIR), or when integrating with platforms like LiveRamp. Standard practices – including the use of hashed identifiers, correct account setup, and Transfer Risk Assessments (TRAs) – are essential. Additional measures may include data processing agreements, contractual safeguards, and technical protections like encryption.
These companies use Display & Video 360 for programmatic advertising:
These companies use Display & Video 360 for programmatic advertising:
Frequently Asked Questions
Frequently Asked Questions
Advertisers retain full ownership of their data. Google processes this data solely in accordance with the terms defined in data processing agreements (DPAs) and service contracts.
Data Processing Agreements (DPAs) define the roles and responsibilities between Google and advertisers concerning the handling of personal data. They ensure legal compliance and data protection, particularly for users in the EEA.
Transfers of personal data outside the EEA are supported through mechanisms like Standard Contractual Clauses, adequacy decisions, and additional safeguards to ensure GDPR compliance.
Yes. Advertisers must obtain and pass user consent for personalized advertising when targeting users in the EEA. Consent signals must be collected and transmitted via Floodlight tags.