Madden General Data Protection Regulation Policy

Last Updated: Monday, April 30th 2018 at 01:15:05 PM


The General Data Protection Regulation (GDPR) is the European Union’s legal framework for protecting personal data and digital privacy. It unifies data privacy laws throughout the EU and strengthens the ability of European citizens to protect their personal information. The GDPR has an enforcement deadline of May 25, 2018. Madden is committed to providing the right tools and processes to support its partners and help customers meet their GDPR requirements.

How is Madden preparing?

In executing Madden marketing programs, Madden does not control or process personal data targeting the EU. However, we share the responsibility with our clients when using client-provided email addresses to do custom audience matching. In this case, we are considered Controllers of the personal data and will ensure that our clients are GDPR compliant before using said data.

We are communicating constantly with our clients to make sure their web properties give users explicit control over permissions to add, edit, or delete cookie data. We will also be conducting regular audits to ensure that any personal data collected via these web properties have controls, explicit opt-ins, and privacy policies that speak to how personal data is stored, used, and discarded.

We will update this page with more information as we approach the May 25, 2018 deadline.

What should you do to be GDPR-compliant?

If you collect personal data such as email addresses, first names, birthdates, or mailing addresses: Get clear, unambiguous affirmative consent before collecting that personal data. Pre-ticked checkboxes, silence, or inactivity can no longer be used to show consent under the GDPR.

Any conduct that clearly indicates a user is accepting to have their data processed at the time will work to show consent.

If you collect sensitive personal data such as sexual orientation, health information, religious views, etc.: Get explicit consent before collecting that sensitive personal data. The best way to get explicit consent is by using checkboxes next to language that clearly states what it means when a user checks that box.

(Source:, please read for more.)