How One Location-Based Data Firm Is Preparing for GDPR

European-collected stats are getting wiped and rebuilt

Ad-tech companies are working to meet GDPR requirements.
Getty Images

With the European Union’s General Data Protection Regulation (or GDPR) going into place on May 25, ad-tech companies are busily assembling teams to handle privacy and set up new processes to avoid potentially huge penalties of 20 million Euros or 4 percent of a company’s global revenue.

Mobile location firms that collect latitude and longitude stats have been particularly scrutinized because the data is considered personal under GDPR, requiring that consumers consent to providing companies with their information—which could potentially creep consumers out if they know their location is being mined for advertising.

Los Angeles location firm Factual is aiming to mitigate GDPR’s risks by scraping all of its data collected on European citizens. It will then get to work rebuilding its database by asking for consumers’ “explicit consent.” The company’s contracts now also require that partners have obtained data explicitly.

Gil Elbaz, founder and CEO of Factual, said that he does not have a timeline in place for when Factual will have a rebuilt European database. However, he added that “it’s a function of how quickly we can help our partners understand what compliance means—as soon as they can do that, we’ll allow them to start streaming data to us so that we can process it.”

While marketers are still uncertain about how GDPR will impact location data, it will be intriguing to see if other location firms with large businesses in Europe also decide to wipe out their databases and start from scratch instead of finding a workaround.

“We’ll see short-term reductions in the quantity of data, and this has some impact on products on Europe, but we see this as the only appropriate response to the new set of regulations,” Elbaz said.

Factual employs 165 employees, with a half-dozen staffers in a London office that opened last year. The firm helps clients like Apple, Capital One and Uber plug location data into their products and pull out insights using first-party data.

Under GDPR, Factual plays a role as both a processor (meaning that Factual handles data, but that it’s ultimately owned by a brand) and a controller (where publishers fork over their data for Factual to own and monetize).

“This has been on our radar and we’ve been working on this for about a year,” Elbaz said. “It’s challenging because it’s been an evolving story in terms of what it means for proper consent measures to be executed within the region—the industry isn’t at a point where everybody has adopted these standards, even though we’re close to the May 25 deadline.”