LMS Partners should not transfer any personal data to LinkedIn other than, at the direction of a joint customer (who is the controller of the audience data), audiences (including in the form of hashed email addresses) to target via the LinkedIn Matched Audience product.

LinkedIn does not transfer personal data to Audience Management partners, except for leads collected by LinkedIn on behalf of a joint customer of LinkedIn and the Audience Management partner, where that joint customer has directed LinkedIn to transfer it. The joint customer is the controller of the Lead Gen Forms data; the Audience Management partner and LinkedIn are both processors of the data. Both the Audience Management partner and LinkedIn have GDPR obligations to the controller (the joint customer). The Audience Management partner is obligated to only process the personal data transferred from LinkedIn within the scope of the agreement that the Audience Management partner has in place with the joint customer.

Customers are responsible for legal compliance for any personal data they provide to LinkedIn (e.g. to target an ad) and should ensure they have a legal basis and right to provide LinkedIn any personal data (including hashed email form) for advertising purposes on LinkedIn. Customers are also responsible for (1) the content of their ads, including GDPR compliance for any personal data contained in the ad, and (2) any personal data that they may gather in response to their ads, including a recipient providing contact information. LinkedIn recommends customers get advice from their own counsel regarding the applicability of the GDPR to their activities. Matched Audiences will only match members who have opted in from the EU, EEA, or Switzerland and members who have not opted out from other countries.

In many cases, customers will not need to take any additional action to use LinkedIn's Sponsored Messaging products. However, if customers are providing personal data to LinkedIn to target Sponsored Messaging, customers should ensure that they have a legal basis and right under GDPR to provide LinkedIn any personal data (even in hashed email form) for advertising purposes. It should be noted that 1) customers are always responsible for any personal data contained in the ad, and 2) customers are responsible for any personal data that they may gather in response to their ads, including a recipient providing contact information. LinkedIn recommends customers get advice from their own counsel regarding the applicability of the GDPR to their activities.

Customers are responsible for legal compliance for any personal data they provide to LinkedIn (e.g. to target an ad) and should ensure they have a legal basis and right to provide LinkedIn any personal data (including hashed email form) for advertising purposes on LinkedIn. Customers are also responsible for (1) the content of their ads, including GDPR compliance for any personal data contained in the ad, and (2) any personal data that they may gather in response to their ads, including a recipient providing contact information. LinkedIn recommends customers get advice from their own counsel regarding the applicability of the GDPR to their activities.

The LinkedIn Insight Tag creates a unique LinkedIn browser cookie on a visitor's browser and enables the collection of the following data for that cookie: metadata such as IP address, timestamp, and page events (like page views). For more information see: https://www.linkedin.com/help/linkedin/answer/65521.

Lead gen forms are a valuable way for potential users to express to an advertiser that they may be interested in its products and services. In most cases our lead gen customers will not have to take additional action to comply with GDPR when it comes to targeting lead gen form ads because LinkedIn is managing GDPR compliance with regard to targeting and tracking of ads directed at LinkedIn members using LinkedIn data. That said, keep in mind that customers, (1) are always responsible for the content of their ads, including GDPR compliance for any personal data contained in the ad, (2) are responsible for any personal data that they may gather in response to their ads, including a recipient providing personal information in the lead gen form, and (3) are responsible for GDPR compliance for any personal data that they provide to LinkedIn to target an ad. With respect to data gathered by customers through the lead gen form, we updated that form to better call out the customer's privacy policy and how it will use the data, along with the users' consent to it, as described here. In addition, members are able to revoke their lead gen submission and have the data deleted from LinkedIn at any point during the 365 day period during which we hold the lead data. LinkedIn recommends that customers get advice from their own counsel regarding GDPR applicability to their ad activities.

Regardless of whether a customer has sought and received permission from its audience to target ads to them using personal data (such as email addresses), a member's personal data sharing preferences on LinkedIn ultimately determine whether the advertiser is allowed to use such data to target that member with ads on the LinkedIn platform.

Advertisers need to comply with the law at all times. Advertisers who have concerns about whether their data is GDPR compliant should address these matters with their own legal counsel.

All members have the option of opting out of allowing use of their demographic data in ad targeting. Members control this from a new advertising settings page.

Please note, LinkedIn disables targeted advertising to members in the European Union that may be under the age of 18.

LinkedIn continues to invest in high-performance targeting capabilities. Customers can continue to use Matched Audiences and profile-based targeting. In some circumstances, such as Matched Audiences, the GDPR requires LinkedIn and/or customers to obtain an explicit opt-in from members who reside in the European Union, EEA, or Switzerland to receive targeted advertising based on third-party data (that is, data collected off of LinkedIn, such as browsing behavior or email addresses provided by an advertiser). The features that members who reside in the European Union, EEA, or Switzerland are invited to opt in to include: website retargeting with all ad formats, email contact targeting via third-party data segments, and targeting saved leads from Sales Navigator with ads in Campaign Manager. Customers are still able to use account targeting (which uses only first party data) without obtaining an explicit member opt in.

Yes, the member counter / audience estimator reflects available size based on audience impact.

LinkedIn continues to offer the same level of reporting, including campaign demographics and conversion tracking. All members remain opted-in to conversion tracking by default. No separate opt-out option for third-party impression or click tracking for campaigns run on LinkedIn are included in LinkedIn's settings, because all underlying campaigns honor member settings.

Members who are EU residents see a message that asks them to adjust their advertising settings to agree to receive more relevant ads based on their personal data collected off of LinkedIn. All members worldwide are also able to adjust their preferences at any time from their advertising settings page on LinkedIn.

Advertisers should include data use descriptions with consent checkboxes when creating their new Lead Gen Forms. This is reflected in the advertisers' preview during form creation.

Customers can have members see one or more opt-in checkboxes above the blue Submit button when they submit information on a Lead Gen Form. Members see a new consent tracking and revoke screen in their privacy settings. This allows members to revoke their consent on a per lead basis, as long as the submission occurred less than 365 days prior. Lead data is deleted from LinkedIn's servers automatically after 365 days, so advertisers must download or pass their leads from LinkedIn to their own third-party tool by then.

Members don't need to opt-in to receive ads on LAN but can opt-out. That said, the targeting of ads (whether on LinkedIn or LAN) requires opt-in consent from residents of the European Union, EEA, or Switzerland when using third party data. Publishers are also required to comply with the GDPR to the extent they collect or use personal data of residents of the European Union, EEA, or Switzerland. It is the responsibility of each individual publisher to remain compliant with the GDPR.

Yes. Refer to our Trust and Compliance page for a comprehensive list of industry standard certifications to validate our commitment to members first. Our members entrust us with their information every day and we take their security seriously. We follow industry standards and have developed our own best practices.

When members join LinkedIn, they expressly agree to LinkedIn's terms, which includes agreeing to receiving promotional and other messages from LinkedIn and our partners. Section 2.3 of LinkedIn's Privacy Policy informs LinkedIn members that they may receive messages "about how to use the Services, network updates, reminders, job suggestions and promotional messages from us and our partners." In addition, following the member's initial consent to receive promotional messages (provided at the time of account creation), LinkedIn again confirms that the member consents to LinkedIn sending promotional messages to him/her. Specifically, the message we send to verify the member's email address asks them again to confirm their consent to receive promotional and other messages.

Members control which messages they receive by adjusting their communication preferences on the Privacy Settings page or using the unsubscribe options in the footer of messages as applicable (e.g., Sales Navigator InMails). These settings allow a user to control which emails, InMails, and other communications the member receives from LinkedIn and our partners, including the ability to opt-out of marketing communications.

Please note that LinkedIn cannot control the specific messages sent by a customer, which ultimately determine the customer's compliance with relevant laws throughout the world. As such, we advise our customers to seek the advice of their own counsel regarding their specific uses of promotional messaging within LinkedIn.

Please also note that Sponsored Messaging is a form of native advertising, displayed in the messaging interface context to audiences with certain characteristics (e.g. software engineers in a certain area with 10 years of experience and C++ skills), not messages sent to specific individuals chosen by a sender. Learn how members can opt-out of Sponsored Messaging.

In preparation for GDPR, we launched 15 new ad settings that allow our members globally to control how LinkedIn uses their personal data for advertising. For members in the European Union, EEA, or Switzerland, the Interactions with businesses setting (found in the Advertising data section of your LinkedIn settings) that controls the use of third-party data for ad targeting (specifically for Website Retargeting and Contact Targeting) is defaulted to off, so we will only use such personal data from customers with the individual member's unambiguous consent, illustrated below. Furthermore, as we have committed contractually, we use this data in an identified state, associated with individual members, solely to provide services to the respective customer who provided the data. We remove direct identifiers from this data before we use it to optimize our systems.