To protect your ad spend from click fraud and invalid traffic, Lunio should be implemented regardless of user consent. This setup is fully compliant with GDPR and ensures you're protected.
Key Information:
GDPR Compliance
Lunio operates under the legitimate interest basis (Article 6(1)(f) of the GDPR), which allows essential fraud prevention tools to run without requiring prior user consent.
Data collected is limited strictly to what is necessary for fraud detection.
No cookies are used unless they are strictly necessary under applicable laws.
The data is not used for marketing, profiling, retargeting, or other secondary uses.
What Advertisers Need to Do
You don’t need to collect separate user consent to use Lunio.
As a data controller, your only requirement is to mention Lunio’s fraud prevention tool in your privacy policy, along with a brief explanation that it's based on legitimate interest.
Some suggestions on what you can do:
If you remove Lunio as a vendor from your CMP/consent prompt, you will need to update your privacy policy to mention Lunio’s fraud prevention tool along with a brief explanation that it is based on legitimate interest; or
Ensure that Lunio is part of the 'Legitimate Interest' legal basis category within your CMP/consent prompt.
If you require any further information, please reach out to your CSM or contact [email protected]