Publishers can share secure signals on RTB requests with the third-party bidders they choose. These signals can be created through a signal collection script or adapter provided by a bidder or third party that the publisher chooses to work with.
The publisher is ultimately responsible for what information their chosen signals contain. The signals must be obfuscated before sending them to Google. Secure signals will only be shared at the publisher’s explicit instruction and only with bidders the publisher has allowed to receive the signals. At no point will information contained in the signals be visible or readable by Google or its platforms.
Examples of obfuscated data:
- Encrypting, hashing, or otherwise transforming data to a non-human readable format.
- Any information that doesn’t include a self-describing component and is not recognizable as PII or structured data.
Examples of data that hasn't been obfuscated:
- PII in the clear. Examples: phone number, email address
- Structured data that makes otherwise “non-plain text” information understandable. Examples: .json, .xml that provides an explanation of the data it contains
Web signal deploy option | Google actions | Publisher actions |
---|---|---|
Publisher deploy | None |
Publisher is fully responsible:
|
Google deploy |
Google will load the vendor’s script from a location provided by the vendor. Google does not:
|
The publisher is responsible for any additional integrations required for the script’s operation. |
Prebid UserID module | Google passes output of a Prebid UserID module(s) per configuration in the Ad Manager UI. |
Prebid UserID module integration can be manually controlled by the publisher, or you can choose to automatically pass all Prebid UserID modules through secure signals. Locate the automated option in Inventory, then Secure signals. Select the checkbox "Use your Prebid configuration to automatically configure your Secure signals settings", which overrides any manual configuration for the secure signals that are detected in the Prebid UserID module. You won't be able to use Ad Manager to individually control those secure signals. |
In this article:
- Allow secure signal sharing
- Select allowed secure signals
- Select bidders to share secure signals
- Select override groups to share secure signals
- Report on secure signals
- How Google processes secure signals
Allow secure signal sharing
Complete the following steps to allow secure signal sharing:
- Sign in to Google Ad Manager.
- Click Admin, then Global settings, and then Ad exchange account settings.
- In the "Secure signal sharing" section, click the toggle on to allow secure signal sharing. To disable secure signal sharing, click the toggle off .
- Click Save.
Share contact information (Optional)
You can select a contact to receive notices from Google about the Ads Data Processing Terms and EU General Data Protection Regulation.
- Select the type of contact: Primary contact, EU representative, or Data Protection Officer.
- Provide the following contact information:
- Enter the contact’s name.
- Enter the contact’s email address.
- (Optional) Enter the contact’s phone number and address.
- Click Save.
Select allowed secure signals
Complete the following steps to select the secure signals to share with bidders:
- Sign in to Google Ad Manager.
- Click Inventory, then Secure signals. A table shows the secure signals you can share.
- To share a secure signal, under "Enable secure signal," turn-on the toggle .
- For Google to deploy the signal collection script for you, select Google deploy under "Signal collection deployment."
- Alternatively, for an existing Prebid UserID module to deploy the signal collection script, select Prebid UserID module (Beta) under "Signal collection deployment."
- Under "Secure signals settings," select Share to share secure signals on non-personalized (NPA) ad requests.
- Click Save.
Select bidders to share secure signals
To view and edit bidder groups, the "View bidders" and "Edit bidders" permissions must be enabled. By default, these permissions include the following user roles:
- View bidders: admin, executive, trafficker, salesperson, and sales manager
- Edit bidders: admin, trafficker, salesperson, and sales manager
To view and edit Secure signals, the Manage people permissions, "Edit companies" and "Edit contacts", must be enabled.
To allow secure signals to be shared with a specific bidder:
- Sign in to Google Ad Manager.
- Click Delivery, then Bidders.
- Select Authorized buyers or Open Bidding.
- Click the name of the bidder.
- For Open Bidding, click Settings.
- Turn on the Allow secure signal sharing toggle .
- Click Save.
The bidder can now receive the secure signals you share with them. Bidders can choose whether they want to receive a signal when it's available.
Select override groups to share secure signals
To allow secure signals to be shared with bidders in an override group:
-
Sign in to Google Ad Manager.
-
Click Delivery, then Demand channel settings.
-
There are two ways to change secure signal settings depending on whether the bidder is currently included or not included in an override group:
-
Bidder is not included in an override group. On the "Default settings" tab, under "Secure signals", turn on Secure signal sharing for the desired demand channel.
-
Bidder is included in an override group. Click the Override groups tab and select an override group. On the "Settings" tab for the selected override group, under "Secure signals", turn on the Allow secure signal sharing toggle . This setting applies to all bidders in the selected override group.
-
-
Click Save.
The bidders in the override group can now receive the secure signals you share with them. Bidders can choose whether they want to receive a signal when it's available.
Report on secure signals
Use the following dimensions to report on secure signals.
- Secure signal presence Beta serves as an integration health check to ensure secure signals are being sent from client to Ad Manager.
- Secure signal delivery Beta is whether any of the secure signals were sent to the winning bidder.
-
Secure signal name (presented) Beta and Secure signal name (delivered) Beta both serve to measure the impact of a specific secure signal, such as do the winning bidders use specific signals.
Learn more about report dimensions for secure signals.
How Google processes secure signals
When Google processes secure signals for Ad Manager it operates as a data processor under the General Data Protection Regulation and as a service provider under the California Privacy Rights Act, Virginia’s Consumer Data Protection Act, the Colorado Privacy Act, Connecticut’s Act Concerning Data Privacy and Online Monitoring, and the Utah Consumer Privacy Act. As such, Google processes secure signals on your behalf.
Security certifications
ISO 27001
ISO 27001 is one of the most widely recognized, internationally accepted independent security standards. Google has earned ISO 27001 certification for the systems, applications, people, technology, processes and data centers serving a number of Google products, including Google Ad Manager.
About GDPR
Keeping users’ information safe and secure is among our highest priorities at Google. Over the years, we've worked closely with Data Protection Authorities in Europe and have implemented strong privacy protections that reflect their guidance. We are committed to complying with the General Data Protection Regulation (GDPR) and will collaborate with partners throughout this process.
For the use of secure signals from publishers, we are offering the Google Ads Data Processing Terms, which you may review and accept in Ad Manager.
How to accept the Ads Data Processing Terms
When you turn on secure signal sharing, you acknowledge that secure signals is a processor feature and is subject to the Ads Data Processing Terms. Turning on secure signal sharing means that you have reviewed and agree to be bound by the Ads Data Processing Terms.