Our stance on GDPR

Version Two has always taken its data protection obligations seriously. Here we explain what the General Data Protection Regulation (GDPR) is and the network’s position under it.

The General Data Protection Regulation (GDPR) came into force on 25th May 2018. It represents a change to the way personal data is regulated in the EU, replacing an existing legal framework which did not foresee the rapid increase of the use of personal data by businesses that has become commonplace in the last 20 years.
GDPR’s increased scope and application to types of personal data is of particular relevance to our industry as this data will now be subject to regulation. This may include device IDs, customer reference numbers and other technical identifiers. Furthermore, GDPR places stricter requirements for obtaining user consent to personal data processing.

The GDPR maintains the ability to lawfully process personal data without user consent, subject to the implementation of appropriate safeguards for privacy. Version Two has concluded that it can justify the processing of personal data for its basic tracking technologies under legitimate interest.

Having considered the impact on individual's rights, Version Two is comfortable that it can lawfully process personal data for its tracking services on the basis that this processing is necessary for Version Two to pursue its legitimate interests. This means Version Two will not depend on individual consent as the legal basis for the processing of personal data, as part of its tracking services under GDPR.

Version Two has also implemented several safeguards and compliance measures, as required to protect individual's rights and freedoms, and as set out in the GDPR. This includes minimising personal data processing wherever possible and publishing notices to explain how data is processed.

We respect your right to erasure and will action all requests in an efficient manner.