Revive Adserver Hosted edition
Privacy and the protection of personal data of individuals are important topics in today’s society.
The team responsible for Revive Adserver Hosted edition have taken great care to design a technical platform and a set of operating procedures to ensure we can live up to the expectations of our subscribers, and the requirements of the relevant legislation and regulations.
Quick access to sections on this page:
Our commitment to privacy
Revive Adserver Hosted edition is a hosting service operated by a company called Aqua Platform.
Contrary to so many other vendors in the ad tech industry, our business model does not rely on collecting, processing, analysing, storing, or selling personal data about users of the internet. Instead, our guiding principle has been Privacy by Default.
We create value by operating servers and networking as efficiently as possible, while still maintaining a high level of service for our subscribers, and by enabling our subscribers to use the software hosted on these facilities to run their advertising businesses. We do not get involved in the business of our subscribers, other than providing the technical infrastructure and the software.
Our technical platform, meaning servers and networking facilities, have been designed to need as little personal data as possible. For example, in order for the staff members of our subscribers to be able to log in on their accounts, we provide usernames and store their e-mail addresses so we can send password reset emails, but we do not collect any other personal data about them. Simply, because we have no need for those.
About Revive Adserver Hosted edition
Is this page for me?
Here are some guidelines to determine if this page has information relevant for you.
I'm a member of the public
As a member of the general public, you are more than welcome to continue reading this page, but please keep in mind that we are unable to help you with your questions about your privacy, or the protection of your personal data. We do not collect, process or move your personal data, or at least we do not control those activities.
If you’re concerned about how another business deals with your rights with regard to your personal data, you should contact that business directly, even if you have reason to believe that the business is a client at Revive Adserver Hosted edition.
I'm a client at Revive Adserver Hosted edition
As a client of Revive Adserver Hosted edition, we hope you can benefit from the information we’ve put together on the page below, so that you can better fulfil your own obligations with regard to privacy, the processing of personal data, and data protection in general. And of course: thanks for being our client, we very much value your business!
I'm considering to join Revive Adserver Hosted edition as a subscriber
GDPR – General Data Protection Regulations
If you work in the digital advertising industry, you must have heard about GDPR by now. So a very brief introduction should be sufficient. Here are a few questions you might have:
What is GDPR?
GDPR oversees the collection, processing, and movement, of personal data about individuals residing in one of the 28 EU states and 4 other European states that also adopted these regulations.
Where does GDPR apply?
Can't we just ignore GDPR?
What are the penalties for non-compliance?
Should we seek legal advice?
GDPR is an extremely complicated set of rules, and it is actually much more a legal matter than a technical matter. Revive Adserver Hosted edition is not qualified to provide legal advice, so this page should be considered to be simply informative. We recommend that you consult with a lawyer or a qualified expert in order to be fully compliant with GDPR.
What is a Data Controller and a Data Processor?
- Data Subject: a natural person from whom data is available and who should be able to determine how their data will be collected, stored, and/or moved;
- Data Controller: a legal or natural person controlling the processing of personal data belonging to a Data Subject;
- Data Processor: a legal or natural person performing the processing of personal data belonging to a Data Subject;
Instead of trying to go into the details of what a Data Controller and a Data Processor is and how it is determined whether you are the former, the latter, or both, we recommend having a look at the article by Sagara Gunathunga on All you need to know about GDPR Controllers and Processors.
I want to learn about GDPR, where can I go?
- The full text of the GDPR has been made available in a search-enabled format with annotations by Algolia;
- There is a page about GDPR on Wikipedia.
The Roles of Revive Adserver Hosted edition
In light of the various roles defined above, we as Revive Adserver Hosted edition conduct them as follows:
Data controller, Data Processor, or both?
For the most part, Revive Adserver Hosted edition is not a Data Controller, with one exception.
Revive Adserver Hosted edition is a Data Processor.
Please continue reading for a more detailed explanation.
Revive Adserver Hosted edition as a Data controller
For the most part, we are not a Data Controller. Our clients, the publishers and other businesses for whom we provide our services, should be considered the Data Controller. In accordance with GDPR, these Data Controllers give us their instructions on Data Processing, while first ensuring that they have obtained the consent of any Data Subjects they engage with. It is the responsibility of these Data Controllers to be compliant with GDPR or other regulations. In some cases, our clients are not in direct contact with Data Subjects, instead they perform an intermediate role for their own clients, who are in direct contact with them. There is one exception: when it comes to our own website and other ways of interacting with clients, potential clients, and others who are interested in our services and our business, we process a certain amount of personal data. For example, to be able to send an invoice to a client, we need to first store and later use their name, e-mail address, business name, address and so on. In that kind of capacity, Revive Adserver Hosted edition is both a Data Controller and a Data Processor (more on that role below).
Revive Adserver Hosted edition as a Data processor
Revive Adserver Hosted edition can be considered a Data Processor, and for the most part that’s our only role. Our clients, or their clients, perform the role of Data Controller. Since they engage with Data Subjects, in this case people visiting their websites or using their apps for example, it is their role and responsibility to provide information about the intended use of Personal data, and to get consent from such Data subjects for doing so. Since GDPR applies to any business, by default, it is the position of Revive Adserver Hosted edition, that our clients and their clients must be in compliance, and therefor, we do not have to perform any of the Controller roles in such cases.
Revive Adserver hosting
Revive Adserver Hosted edition is a services provider for the free, open source Revive Adserver software. With regard to privacy and compliance with data protection regulations, we hope the following information is useful for our clients.
What is Revive Adserver?
How does Revive Adserver software treat personal data?
How does Revive Adserver Hosted edition hosting services with regard to personal data?
At Revive Adserver Hosted edition, we use the Revive Adserver software without any modifications. As such, the treatment of personal data by the software is exactly as described on the Revive Adserver website. We have added a few plugins to improve and scale up the functionality for the collection of delivery statistics, but these have been designed and developed to function identically to the built-in functionality.
Processing of Personal data by Revive Adserver Hosted edition
As a business, it can not be avoided that we process a certain amount of personal data. Our guiding principle in such cases is always: Privacy by Default.
Does Revive Adserver Hosted edition process any personal data of internet users?
As an example: the servers we use to deliver the ads for our hosting customers do not have any log files enabled. When an ad request arrives on the platform, it obviously comes with an IP address from the requestor. The ad server could use that IP address for geolocation, but the ad server does not log the IP address. The web server software underneath uses the IP address in order to be able to send the response back to the requester, but it does not log the web server event either. The reason is that we do not need these log files, which are traditionally being used for things like website statistics or performance measurement. Essentially, our servers process and then immediately forget any personal data they might see.
There are just a few exceptions, when it comes to interacting with organisations and individuals with whom we have a direct business relationship. This is detailed in the next block.
Does Revive Adserver Hosted edition process personal data about clients?
Yes, we do. As a business, we need to be able to communicate with our clients. They need ways to contact us, and we need to be able to respond to them, and to initiate our own communications towards them. And in order to do that, we need to collect and store a limited set of personal data about the individuals representing our clients.
But, as noted before, the concept of Privacy by Default was essential here as well.
As an example: to be able to send our customers their monthly invoices, we need to collect and store their names and e-mail addresses. Fiscal legislation also dictates that we store and use their business names, postal addresses and in some cases tax registration numbers. As a matter of fact, tax authorities dictate that we keep a record of every financial transaction and the associated personal data (if any), for at least 7 years. We’re not even allowed to delete any of those.
However, dictated by Privacy by Default, we never collect any personal data that we do not absolutely need.
Yes, we do, but we make a point of not processing any personal data in cookies.
We use Google Analytics to count how many visits and pageviews we get on our website, and which pages are being viewed. To comply with GDPR, we’ve enabled the anonymizeIP setting in Google Analytics, so no personal data is ever collected, let alone shared with Google.
GDPR is an extremely complicated set of rules, and it is actually much more a legal matter than a technical matter. The team offering Revive Adserver Hosted edition is not qualified to provide legal advice, so this page should be considered to be simply informative when it talks about how others should comply with GDPR. We recommend that you consult with a lawyer or a qualified expert in order to be fully compliant with GDPR yourself.