Legal & Compliance
fraud0 as a fraud detection and prevention software may be used under legitimate interest in the sense of Art. 6 lit f GDPR, as well as under the exception to obtain consent in the sense of § 25 II 2 TTDSG. However, it remains the responsibility of the fraud0 client to verify the legal basis for the data processing.
As support, we are happy to provide you with a detailed legal assessment. Please request via privacy@fraud0.com
You can find our DPA here: https://fraud0.com/dpa/
Proposed non-binding text for your data protection policy
We XXX as the website provider use fraud0, a service provided by fraud0 GmbH Sendlinger Straße 7, 80331 Munich, to detect invalid traffic and low-quality traffic and to prevent fraud on our website. By using the fraud0 service, we can detect invalid traffic on our site, improve our online marketing efforts, clean marketing-relevant statistics and improve the usability of our website.
The data obtained from this service is only used for analysis and mitigation of invalid and low-quality traffic. fraud0 processes data on our behalf and is contractually committed to measures to ensure the confidentiality of the processed data. A data processing agreement with fraud0 has been concluded. The fraud0 technology uses JavaScript pixels. During your website visit, the following data are collected by or through the use of this service:
Browser and device information, such as the device type and model, manufacturer, operating system type and version (e.g. iOS or Android), web browser type and version (e.g., Chrome or Safari), user-agent, flash version, location information, IP address, JavaScript support, pages visited, time zone, the network connection type, hardware-based identifiers (e.g. MAC address), referrer URL, number of fonts, fonts hash, number of plugins, plugins hash, screen height and width, colour depth, platform, whether the resolution has been tampered, language or OS, whether ad blocking is enabled, whether do not track is enabled.
End-user’s behaviour on Controller’s sites, information, such as click path, session ID, session start/stop time, timezone offset, date and time of visit, usage and behavioural data.
In our admin interface From fraud0 we receive a classification for invalid and low quality traffic, no personal data. There is no transfer of data to third parties - except as otherwise stated in our data processing agreement with you. When invalid or low quality traffic is detected, we generate invalid audience lists using our tag manager to automatically de-targeted this traffic across all our major buying channels like GoogleAds, Facebook, DV360 etc. Data processing by fraud0 only continues until a classification is done. Data processing by fraud0 will only continue until a classification has been made. The data is stored for further bot analysis with a period of one year.
Tracking across websites does not happen at any time. We process data by using the fraud0 bot detection service based on Art. 6 lit. f GDPR. It is in the interest of the website operator to classify the users of its website as valid or as invalid traffic. First and foremost, we are preventing fraud (recital 47 of the GDPR), but we can also correct the website statistics by removing invalid traffic shares from our statistics. This will allow us to use our online marketing budget more efficiently and therefore continue to provide our services (as usual/free of charge/at a reasonable price). In case of using additional fraud0 services, we may process your data on another legal basis such as your consent, see further information: https://fraud0.com/privacy-policy/ . The data processing is performed exclusively in the European Union and Data is stored on Google's servers within the European Union and is not intended to be transferred to Google servers in the USA. The User may object to the processing by fraud0 at any time. The privacy policy and contact details of fraud0's data protection officer can be found at the following link: https://fraud0.com/privacy-policy/