Audits - Skimlinks is audited and certified by EDAA and US DAA. We are also a member of IAB Consent Framework both as a CMP and as a vendor.
Consent - Skimlinks relies on publishers to get consent from the user for specific purposes and we will audit randomly selected publishers to make sure the Skimlinks JS is only triggered with valid consent. Consent was only required for European Economic Area (EEA) countries, but starting from January 2020, we will require consent for California State too. In addition to relying on publisher consent, for selected publishers, Skimlinks has our own interstitial on-click consent pop-up to get consent from the user. Again, this pop-up was shown only for EEA traffic but starting from January 2020, we will enable this for California traffic too.
Data Processing - Skimlinks collects Personal Information (WEB Cookie and IP addresses) relying on consent legal basis. Skimlinks expects all our publishers to get consent from the users before placing Cookies including Skimlinks Cookie.
Data Subject Rights - Skimlinks has already enabled data subject rights execution through optout.skimlinks.com globally rather limiting it to EEA countries. Thus, this is ready for CCPA.
Security - Skimlinks has put into place necessary security measures to protect end user data. In addition to in-house continuous security controls, Skimlinks also have a security expert partner running security checks on our platform periodically.