Requirements for third-party ad serving

Third-party ad serving is available by invitation only to a select number of participants. The following policies only apply to these program participants.

You must comply with these policies if you serve ads or use pixel-tracking (beacons) on the Google Display Network and:

  • Are participating in the third-party ad serving program.
  • Use a third-party server.
  • Use a research vendor.
  • Are a third-party server.
  • Are a research vendor.

Requirements on the Google Display Network through AdWords

Third-party ad serving
  • Cookies and targeting: You may use cookies for reporting purposes and creative selection, provided that the data you use was collected in accordance with industry standards:

    Where there is a conflict between the NAI and IAB UK policies, the more stringent policy applies. Google determines at its own discretion whether or not you are compliant with these standards.

    In particular, the certification process requires you to have the following:

    • A descriptive privacy policy on your site
    • A prominent link to opt-out from the privacy policy
    • No PII used in the creation of segments (including PII related to the user's mobile phone device)
    • No sensitive segments or segments targeted at children under 13 years of age
    • No packet sniffing in the collection of behavioral data

    You may not use locally shared object (LSO) technologies (including but not limited to flash cookies, browser helper objects, or HTML5 localStorage) or device fingerprints for behavioral advertising, ad delivery, reporting, and/or multi-site advertising.

  • Data collection: You may use a cookie, web beacon, or other tracking mechanism to collect anonymous traffic data for purposes of aggregated reach, frequency and/or conversion reporting, provided you use a certified third party vendor for this purpose. Collecting impression-level data via cookies or other mechanisms for purposes of subsequent re-targeting, interest category categorization, or syndication to other parties on Google Display Network inventory is prohibited. (This restriction does not apply to click- or conversion-level data.) You may not associate cookies, web beacons, or other tracking mechanisms with personally- identifiable information (PII) for any purpose or with precise user location for behavior targeting unless the user has knowingly and expressly opted in. (For purposes of this document, PII and precise user location does not include IP addresses.) You will not, and will not assist or knowingly permit any third party, to set a cookie, or alter or delete a cookie set, on any Google owned and operated domains, including, without limitation, on a DoubleClick domain. You must display a prominent privacy policy with an option for users to persistently opt out of any cookie, web beacon, or other tracking mechanism set by you for data collection.

  • Fourth-party calls: All ads may only include tracking elements from certified third-party servers or research vendors already approved by Google. No fourth-party calls are permitted, except tracking elements associated with certified third-party servers or research vendors expressly authorized by Google. All tags may only be associated with a single advertiser. Multiple advertisers cannot be represented through a single tag.

  • Creative approval: All creatives and tags that call the third-party server or research vendor must be fully tested and pre-approved by Google Ad Operations at least 72 hours prior to the campaign start date.

  • Creative modifications: Creative substitution or modification via the third-party vendor without prior approval isn't allowed. All creatives must be pre-approved by Google Ad Operations. Any ads with dynamically changing content must be initially reviewed and pre-approved by Google Ad Operations but may be exempt from additional reviews and approvals at Google's sole discretion.

  • Delays due to revisions: Any ad element not meeting the specifications in this policy will be returned for revision, which may cause a campaign delay.

  • Tag performance: Tags must display consistently. If a tag doesn't conform to our performance or reliability standards, we reserve the right to pause or stop the campaign.

  • Sending tags: All tags must be sent in an email text attachment, not in the body of an email.

  • Reporting: Traffic or impression reports provided by Google will be the reports of record between Google and the advertising partner. Any reports delivered to the advertising partner by the third party will not affect the rights or obligations of Google and the advertising partner.

  • Data from context-aware macros: Unless permitted otherwise by Google in writing, you may only use data from context- aware macros exclusively for the impression associated with that data. You may not use data from context-aware macros elsewhere or at any other time.

  • Site-level tagging: If you use Google's placement targeting feature, you must aggregate a minimum of four unique web properties with adequate impression distribution across properties with each ad tag. You may not associate impression-level cookies, web beacons, or other tracking mechanisms with individual sites.
  • Brand Features and Publicity: You may not publicly indicate your participation or compatibility with the program or disclose any relationship between you and Google without Google’s prior written approval.
  • Google Analytics auto-tagging: Google Analytic's auto-tagging feature is not currently compatible with third-party served ads. If you rely on auto-tagging, we suggest using separate accounts for third-party served ads and AdWords-hosted ads. Follow these instructions to enable or disable auto-tagging.
Technical specifications and creatives

Technical specifications

Unit sizes:
  • 120 x 600
  • 160 x 600
  • 200 x 200
  • 240 x 400
  • 250 x 250
  • 250 x 360
  • 300 x 250
  • 300 x 600
  • 336 x 280
  • 468 x 60
  • 580 x 400
  • 728 x 90
  • 930 x 180
  • 980 x 120
  • 970 x 90
  • 320 x 50
File types:
  • Image: JPEG, PNG, GIF
  • Flash: SWF (Flash versions 4-10)
  • HTML5: HTML, CSS, JS, JPEG, PNG, and GIF
Maximum file size:
  • Initial: 150K recommended
  • Total load size*: 2.2 MB maximum

    *Total load size includes initial and subsequent/polite loads

Animation length:
  • Maximum host-initiated play: 30 seconds
  • Maximum user-initiated play (click required): 4 minutes
Maximum frame rate:
  • 24fps

Creatives

Except where indicated otherwise in this policy, all creatives related to a third-party tag must comply with Google's image ad policies.

  • Creatives should not exceed a 150K initial load for fastest initial load time. Additional load must be "polite" and total load may not exceed 2.2MB.
  • Creatives may not expand past ad unit boundaries unless they are rich media ads built according to the specifications described under the section "Expandable ad units" below.
  • All creatives must be free of applications including, but not limited to, ActiveX, viruses, exit pops, spyware, and malware.
  • Third-party ads containing Flash must not exceed 50% of a user's CPU. Common causes of high CPU use are continued animation, heavy animation sequences, and animation that surpasses the 30-second limit. If applicable, you can use the Task Manager feature in Windows to check for compliance with this rule.
  • Creative coding may not use cross-domain scripting or set cookies in unapproved domains.
  • All creatives must open in new windows. The target window for the clickthrough URL must be set to "_blank" so the clickthrough will open in a new window. Do not leave the target statement undeclared.
  • For Flash creatives:
    • Creatives must be built to use Flash versions 4 through 10.
    • You must supply a default image. If the browser doesn't support the Flash version used for your creative, the default image will be served.
    • The last frame of the animation must include the following code in actionscript: "stop()".
    • You must include a clickTag layer. The clickTag layer must be the topmost layer.
    • You may use a maximum of 2 clickTags in a single creative.
    • Creatives must support Google's click tracking. Where supported, all click events must be passed to Google.
  • All sound and animation (including video) must stop upon exit click.
  • On all ads with partially black, white, or transparent backgrounds, you must add a visible border of a contrasting color to the majority background color of the creative.
  • Creatives must support Google's click tracking. Where supported, all click events must be passed to Google.
  • The http headers for Google's click-tracking URL must be sent by the user's browser. A client-side HTTP request, not a server-side request, must be sent to the Google click-tracking URL.
SSL-compliant ad units

SSL-compliant ad units are accepted on the Google Display Network according to the following policies. We require that all ads and tracking pixels targeting SSL inventory (including YouTube) are SSL-compliant.

SSL-compliant ads guidelines

  • All ad responses must be SSL-compliant (“HTTPS”). All servers involved require full SSL certification.
  • It is preferred that your ad tag can auto-detect that it is being requested from the HTTP/HTTPS protocol and will auto-adjust any responses to be SSL-compliant if necessary. Otherwise, Google has a protocol macro that we can insert in any URIs or ad tags to auto-update “http” to “https” if necessary.
  • Any 4th-party calls to other technologies within the ad unit must also be from SSL-compliant vendors that have been certified by Google.
  • Please notify your Google account representative that you are submitting an SSL-compliant ad. Note that if an ad is declared as SSL- compliant but makes any non-SSL-compliant responses, the ad will be disapproved.
  • Please see the section "In-stream video ad units (VAST-compliant)" for SSL-compliant VAST ad specifications.
  • A vendor must receive specific certification to serve ads on SSL-compliant publisher inventory. Approved SSL-compliant ad vendors are listed in the Vendors lists.
Expandable ad units

Expandable ad units are accepted on the Google Display Network according to the following policies:

Technical specifications

    Expansion method        
Unit sizes Expansion direction Expand Close Maximum file size Max Size Per Panel Required controls Audio
728x90 to 728x270 Up or down On click only On click or mouseoff 50K, 2.2MB polite 200K Panels must contain a prominent Close X, in 16 pt. font or larger, on the corner of the unit. User-initiated on click only
468x60 to 468x180
120x600 to 240x600 Left or right
200x200 to 400x200
250x250 to 500x250
336x280 to 672x280
160x600 to 320x600
300x250 to 600x250
300x600 to 600x600

Expandable ads guidelines

  • Expandable ads are currently available to advertisers supported by a dedicated account manager.
  • Expandable ads must be designed to be multi-directional and to use the Google expandable ad API.
  • Depending on its placement, an ad must expand in one plane (either left or right, up or down) only. The ad may not expand in two directions at the same time.
  • The initial unexpanded layer of the creative must have a z-index value that is less than 9010, and the expanded layer must have a z-index value greater than 11100. This is to accommodate for any Online Behavioral Option Icon provided by Google and/or a 3rd-party vendor. Please read the section below called "Online Behavioral Advertising Option Icon" for more details about this icon.
  • Expandable ads currently depend on use of JavaScript tags. Iframe tags cannot be used.
  • Expandable ads are not currently available through the Google Display Network's Reservation program.
  • A vendor must receive specific certification to serve expandable ads on the Google Display Network. Approved expandable ads rich media vendors include:
    • DoubleClick Rich Media
    • eyeReturn Rich Media
    • EyeWonder Rich Media
    • Flashtalking Rich Media
    • Interpolls Rich Media
    • Linkstorm Rich Media
    • MediaMind Rich Media
    • Mediaplex Rich Media
    • Oggifinogi Rich Media
    • Pointroll Rich Media
In-stream video ad units (VAST-compliant)

Third-party In-Stream Ads are accepted on the Google Display Network according to the following policies:

Technical specifications

In-stream video ad
  File types Maximum file size Video length Maximum frame rate
Unit sizes Video Audio   Maximum Recommended  
480x360 (4:3)
640x360 (16:9)
1920x800 (5:2)
H.264 (MP4), FlashVideo (FLV), and WebM video file types must all be included (other formats may be included but will not be used) MP3 or AAC preferred 10MB 60 sec <15 secs
(to be eligible for the most publisher inventory incl. YouTube)
30fps
Companion ad (optional, but recommended)
  File types Maximum file size Animation length Maximum frame rate
Unit sizes Image Flash   Host-initiated play User-initiated play (rollover or click)  
300x250 Static GIF, JPG, PNG SWF with backup GIF/JPG (Flash 7-10; AS2 & AS3) 50K 30 secs 4 mins 24fps
300x60

Creatives

  • Third-party In-Stream Ads and their companion banner ads must be served via a linear VAST tag (pre-fetch tag) by a Google VAST-approved vendor. (For the DoubleClick Ad Exchange, please see "Requirements on the Google Display Network through the DoubleClick Ad Exchange.)":
  • The VAST tag must comply with Google's XML summary for VAST ad server response.
  • For each video ad served in the VAST tag, there needs to be a minimum of 3 separate nodes included - one for each FLV, MP4, and WebM video formats. Other formats may be included but will not be used.
  • Consistent Node Value: Please be sure that your all of your VAST tags include a specific consistent value for your company in the node in the VAST XML. For example, Google would always include the following for all our VAST tags: Google
  • Unique Ad ID Value: Each VAST tag generated should include a unique value for the “id” attribute in the node. Two different VAST tags should not have the same Ad id value. For instance:
    - VAST tag 1:  <Ad id="3947179">
    - VAST tag 2:  <Ad id="8741831">
  • In order for Google’s Flash SDK to serve video ads from a 3rd-party ad server, the 3rd-party ad server must include a crossdomain.xml with specifications to allow access to all specific Google domains or all domains. Also, the attribute secure needs to be set to “false”. The crossdomain.xml should be formatted as follows:

     <cross-domain-policy>
     <!-- Allow access to ALL domains
       <allow-access-from domain="*" secure="false"/>
     <!-- OR allow access to the domain from originating request
    </cross-domain-policy>

    IMPORTANT NOTE: When you add a domain to your website's crossdomain.xml file, any Flash file hosted within that domain can access data belonging to users logged into your website. Due to this, you should generally not add advertising network hosts to crossdomain.xml files on websites that contain authenticated functionality such as user profiles.

  • In order for Google’s HTML5 SDK to serve video ads from a 3rd-party ad server, the 3rd-party ad server must include a CORS header in all of its responses. The CORS header must be formatted as follows:

    Access-Control-Allow-Origin: [allow access to the domain from originating request]
    OR Access-Control-Allow-Origin: *

    Note: Access-Control-Allow-Origin: * cannot be use in combination with Access-Control-Allow-Credentials: true

  • Audio is not allowed for companion ads.
  • Creatives may not expand past ad unit boundaries.
  • On all ads with partially black, white, or transparent backgrounds, you must add a visible border of a contrasting color to the majority background color of the creative.
  • All creatives must be free of applications including, but not limited to, ActiveX, viruses, exit pops, spyware, and malware.
  • Companion ads containing Flash must not exceed 50% of a user's CPU. Common causes of high CPU use are continued animation, heavy animation sequences, and animation that surpasses the 30-second limit. If applicable, you can use the Task Manager feature in Windows to check for compliance with this rule.
  • Creative coding may not use cross-domain scripting or set cookies in unapproved domains.
  • All creatives must open in new windows. The target window for the clickthrough URL must be set to "_blank" so the clickthrough will open in a new window. Do not leave the target statement undeclared.
  • For Flash creatives:
    • Creatives must be built to use Flash versions 7 through 10 (AS2 & AS3).
    • You must supply a default image. If the browser doesn't support the Flash version used for your creative, the default image will be served.
    • The last frame of the animation must include the following code in actionscript: "stop()".
    • You must include a clickTag layer. The clickTag layer must be the topmost layer.
    • You may use a maximum of 2 clickTags in a single creative.
    • Creatives must support Google's click tracking. Where supported, all click events must be passed to Google.
  • VAST wrappers are NOT currently allowed on the Google Display Network via AdWords.
  • For SSL-compliant VAST ads:
    • A vendor must receive separate certification to serve VAST ads on SSL-compliant publisher inventory.
    • All ad responses must be SSL-compliant (“HTTPS”). All servers involved require full SSL certification.
    • It is preferred that your VAST tag can auto-detect that it is being requested from the HTTP/HTTPS protocol and will auto-adjust the URIs and companion banners to be SSL-compliant if necessary. Otherwise, Google has a protocol macro that we can insert in your VAST tag to auto-update “http” to “https” if necessary.
    • The vendor/client must ensure that any URIs within the VAST XML (e.g. the , , and other nodes) that are served by a party other than the primary VAST vendor are also from vendors approved by Google for SSL-compliant ad serving/tracking.
    • The companion ad banner as well as any 4th-party calls to other technologies within the companion ad banner must also be made from SSL-compliant vendors that have been certified by Google.
    • Please notify your Google account representative that you are submitting an SSL-compliant ad. Note that if an ad is declared as SSL-compliant but makes any non-SSL-compliant responses, the ad will be disapproved.
General guidelines and editorial policies

Google reserves the right to remove any ads deemed intrusive or inappropriate. Please review our advertising policies for more information.

Ads must:

  • On all ads with partially black, white, or transparent backgrounds, you must add a visible border of a contrasting color to the majority background color of the creative.
  • Conform to Google's specifications.
  • Contain family safe content.

Ads may not:

  • Contain fake hyperlinks.
  • Resemble Windows, Unix, or Mac dialog boxes.
  • Simulate fake interactivity.
  • Contain sexual content.
  • Contain audio (exception: user-initiated rich media ads).
  • Initiate downloads.
  • Be intrusive.
  • Advertise competitive content.
  • Contain misleading content.
Pop-up windows

A pop-up:

  • Is a window that opens in addition to the original window.
  • Includes pop-unders, timed or intermittent pop-ups, mock system warnings, and pages that automatically initiate a download.
  • Is prohibited regardless of its content.
Audio effects

Audio requirements:

  • Effects must be user-initiated on click; ads may not play sound automatically.
  • Audio settings must be set to 'off' by default.
  • Users must have the option to mute all audio in the ad.
  • Audio volume must be encoded at no more than -12 db.
Personally-identifiable information

Ads may not directly capture any personally-identifiable user information. Personal information includes, but isn't limited to, e-mail addresses, telephone numbers, and credit card numbers. No sensitive information can be collected through the ad.

You may not associate cookies, web beacons, or other tracking mechanisms with personally-identifiable information (PII) for any purpose or with precise user location for behavior targeting unless the user has knowingly and expressly opted in. (For purposes of this document, PII and precise user location does not include IP addresses.)

Research

If authorized by Google, you may implement research studies in connection with an ad campaign. If expressly approved by Google, these research studies may be exempt from some of the third-party serving restrictions outlined above.

All research must be conducted as follows:

  • You may conduct research only for the purpose of measuring the effectiveness of mutually agreed-upon, ad-served advertising placements purchased through Google.
  • Google must approve, in writing, the public disclosure of any campaign-specific data and compilation or aggregation of data across multiple campaigns attributable to Google prior to any such disclosure.
  • Only a third-party research provider that appears on Google's approved provider list may conduct research.
  • All methodologies and survey tools (including recruitment processes, incentives, solicitation/invitation content, questionnaire content, data collection, and survey appearance) will be subject to Google's advance approval.
  • For brand studies, please reference the following survey content guidelines.
  • You are responsible for ensuring that all survey results and associated data are kept strictly confidential, and that personally- identifiable data is not solicited or collected, except as necessary by you for granting incentives to research participants. All personally-identifiable data may be used only to deliver the relevant incentives, and such data must be destroyed promptly following delivery of the relevant incentives.
  • If you are a verification or audience metric service provider, as classified by Google, you must be able to demonstrate that your service has gone through a formal third-party audit. Any data you collect must be used strictly for reporting against the advertiser's campaign. You must not collect site-level information (domain/URL) in connection with a cookie. You may not sell or make available for resale any information you may collect via your service to others. You may not share or aggregate data beyond the advertiser's campaign for whom you are providing the reporting. NOTE: Verification Services are not permitted to drop cookies.
  • Verification and audience metric service providers may only be used for research and analytics purposes. You may not use any technology that will effect or prevent the serving of the ad, which includes but is not limited to services like ad blocking. Certification of these vendors only indicates that Google permits their use by clients on our network, but Google does not validate the accuracy of the data and analysis reported by any research vendors in our program including but not limited to verification and audience metric service providers. Google does not offer credits for any discrepancies between our reports and the third party's reports or for any issues flagged by these types of services.
HTML5 ad units

Except where indicated otherwise in this policy, all creatives related to a third-party tag must comply with all other requirements for third-party ad serving on this page as well as Google's image ad policies.

File requirements

  • No Flash files may be included.
  • All HTML5 ads must gracefully fallback to support basic HTML5 to ensure full functionality across all modern browsers.

Video

  • Both MP4 and either WebM or Ogg formats must be used to ensure compatibility across all major browsers.

Rich media and other features

Features including, but not limited to the following, must be fully tested and pre-approved for cross-device functionality by Google Ad Operations. Any ad element not meeting the specifications in this policy will be returned for revision, which may cause a campaign delay.

  • Expandable ad units
  • In-banner video
  • Research, including in-banner surveys or invitations
  • Geolocation
  • Forms
  • Drag and drop or mouseover/hover interaction
  • 3D transforms
Third-party tracking

You must comply with these policies if you use third-party tracking, including pixels (beacons) on the Google Display Network.

Format

Only 1x1 pixels are supported for third-party tracking site-served ad units. Javascript is not allowed.

Click trackers are supported for third-party tracking clicks on select site-served ad units. See the Ad formats section for a full list.

Certified vendors

AdWords supports third-party tracking on the Google Display Network from certified vendors. Please consult the list of certified vendors for your region in the Vendor list section.

Click tracking vendors are not required to be certified.

Fourth-party calls and multiple vendor tracking

Multiple impression pixels per event are not supported for our site-served and/or video ad units through AdWords. However, clients may daisy-chain multiple vendor tracking and/or fourth-party calls into a single asset. This must be a standard format 1x1 pixel that fires simultaneous calls to each vendor upon serving the impression. The client or agency is responsible for piggybacking or daisy-chaining the pixels.

Ad formats

Third-party pixels are supported on the below ad formats. Some ad formats allow for multiple events to be tracked. However, only one pixel can be appended per event.

Ad format Pixels allowed Click trackers allowed
Site-served image/video (non-TrueView) ads Yes - impression Yes
Site-served text ads No Yes
TrueView in-stream Yes - impression, view, and skip Yes
TrueView in-display Yes - view No

Companion banners

Separate tracking for companion banners is not supported for auction video ads. Videos and their accompanying companion banners will share the same tracking assets.

TrueView video ads

Please see the TrueView ad specifications.

Mobile in-app ads

Technical specifications

  Unit sizes File types Maximum recommended file size Maximum animation length Maximum number of animation loops
Mobile 320 x 50 JPEG, PNG, and GIF (static only) 150 KB Not applicable Not applicable
Tablet 728 x 90
468 x 60
300 x 250
JPEG, PNG, and GIF (static only) 150 KB Not applicable Not applicable

Creatives

Except where indicated otherwise in this policy, all creatives related to a third-party tag must comply with Google's image ad policies.

  • Only standard image ad formats (JPEG, PNG, and GIF) are permitted to be third-party served on the AdMob In-App Network. Only standard format image tags will be accepted. iFrame and Javascript tags are not eligible.
  • All creatives must be free of applications including, but not limited to, ActiveX, viruses, exit pops, spyware, and malware.
  • Creative coding may not use cross-domain scripting or set cookies in unapproved domains.
  • Creatives must support Google’s click tracking. Where supported, all click events must be passed to Google.
  • Creatives with partially black or white backgrounds must include a visible border of a contrasting color to the majority background color of the creative.
  • All creatives must open in new windows. The target window for the click-through URL must be set to "_blank" so the clickthrough will open in a new window. Do not leave the target statement undeclared.
  • The http headers for Google's click-tracking URL must be sent by the user's browser. A client-side HTTP request, not a server-side request, must be sent to the Google click-tracking URL.
Online Behavioral Advertising Option Icon

If you would like to display a third-party Advertising Option Icon for online behaviorally targeted ads, you must abide by the following the requirements:

  • For ads served on the Google Display Network for most publishers, Google's Advertising Option Icon (“AdChoices”) will appear at the top right corner of the ad unit in accordance to industry standards.
  • If you choose to use a third-party Advertising Option Icon and layer it over the Google Advertising Option Icon, the third-party vendor is responsible for complying to the requirements outlined by the Self- Regulatory Program for Online Behavioral Advertising (www.aboutads.info), which includes but is not limited to the following specifications:
    • The layer must use the Advertising Option Icon’s official 76x15 “AdChoices” image. If the 19x15 “i” image is used instead, the layer should change to the full 76x15 “AdChoices” image upon mouseover.
    • The Icon must appear in the top-right corner of the ad.
    • The ad must have a z-index value of less than 9010 to ensure that the Google and third-party icon appear above the ad. If you are using an expandable ad unit, the initial unexpanded layer of the creative must still have a z-index value that is less than 9010, and the expanded layer must have a z-index value greater than 1110.
  • Additionally, if a third-party Advertising Option Icon covers the Google Advertising Option Icon, the 3rd-party icon must include the Google Display Network as a company associated with user data collection and/or usage within the ad, and the user must be provided with Google’s cookie opt-out.
  • Any privacy notification must appear within the ad units boundaries or open in a new browser window. No pop-ups are allowed.
  • Any vendors that are permitted by Google to display an Advertising Option Icon may not write and/or read cookies in association with any functionality of the icon.
  • You may only serve third-party Advertising Option Icons from a Google-approved Advertising Option Icon vendor, which include:
    • Evidon (formerly Better Advertising)
    • TRUSTe
Vendors list (Global)

Requirements on the Google Display Network through the DoubleClick Ad Exchange

To run ads on the Google Display Network through the DoubleClick Ad Exchange, you must follow the requirements below.

Third-party ad serving
  • Cookies and targeting: You may use cookies for reporting purposes and to target ads, provided that the data you use was collected in accordance with industry standards:

    Where there is a conflict between the NAI and IAB UK policies, the more stringent policy applies. Google determines at its own discretion whether or not you are compliant with these standards.

    In particular, the certification process requires you to have the following:

    • A descriptive privacy policy on your site
    • A prominent link to opt-out from the privacy policy
    • No PII used in the creation of segments (including PII related to the user's mobile phone device)
    • No sensitive segments or segments targeted at children under 13 years of age
    • No packet sniffing in the collection of behavioral data

    You may not use locally shared object (LSO) technologies (including but not limited to flash cookies, browser helper objects, or HTML5 localStorage) or device fingerprints for behavioral advertising, ad delivery, reporting, and/or multi-site advertising.

  • Data collection: You may use a cookie, web beacon, or other tracking mechanism to collect anonymous traffic data for purposes of aggregated reach, frequency and/or conversion reporting, provided you use a certified third party vendor for this purpose. Collecting impression-level data via cookies or other mechanisms for purposes of subsequent re-targeting, interest category categorization, or syndication to other parties on Google Display Network inventory is prohibited. (This restriction does not apply to click- or conversion-level data.) You may not associate cookies, web beacons, or other tracking mechanisms with personally- identifiable information (PII) for any purpose or with precise user location for behavior targeting unless the user has knowingly and expressly opted in. (For purposes of this document, PII and precise user location does not include IP addresses.) You will not, and will not assist or knowingly permit any third party, to set a cookie, or alter or delete a cookie set, on any Google owned and operated domains, including, without limitation, on a DoubleClick domain. You must display a prominent privacy policy with an option for users to persistently opt out of any cookie, web beacon, or other tracking mechanism set by you for data collection. Please note that 3rd-party reported reach and frequency numbers tend to be less accurate on the mobile platform.

  • Fourth-party calls: All ads may only include tracking elements from certified third-party servers or research vendors already approved by Google. No fourth-party calls are permitted, except tracking elements associated with certified third-party servers or research vendors expressly authorized by Google.

  • Tag performance: Tags must display consistently. If a tag doesn't conform to our performance or reliability standards, we reserve the right to pause or stop the campaign.

  • Reporting: Traffic or impression reports provided by Google will be the reports of record between Google and the advertising partner. Any reports delivered to the advertising partner by the third party will not affect the rights or obligations of Google and the advertising partner.
Technical specifications and creatives

DoubleClick Ad Exchange buyers of ad inventory displayed on websites must follow the same policies detailed in the Adwords section Technical specifications and creatives.

DoubleClick Ad Exchange buyers of ad inventory displayed in mobile applications ("In-App Ads") must follow the technical specifications and creatives immediately below:

Technical specifications for In-App Ads

Device type (Android or iOS only) Unit sizes Tag types File types Static image max file size Animated image max file size
Smartphone 320x50
300x250
Interstitial
Image tag wrapped in anchor tag JPEG
PNG
GIF (static only)
40KB N/A (animated images are not supported)
JavaScript tag (beta)
MRAID (beta)
Tablet 300x250
728x90
468x60
Interstitial
Image tag wrapped in anchor tag JPEG
PNG
GIF (static only)
150KB (2.2MB polite download) 150KB (2.2MB polite download)
JavaScript tag (beta)
MRAID (beta)

In-App Ad Creatives

In-App Ads served by third parties must comply with both Google's image ad policies and the following policies.

  • Only standard image ad formats (JPEG, PNG, and GIF) may be third-party served.
  • Third-party served ads must not contain Flash or JavaScript.
  • Standard image banner ads must be served via a standard redirect tag, as in: <a href="..."><img src="..." /></a>
SSL-compliant ad units

SSL-compliant ad units are accepted on the Google Display Network according to the following policies:

SSL-compliant ads guidelines

  • All ad responses must be SSL-compliant (“HTTPS”). All servers involved require full SSL certification.
  • It is preferred that your ad tag can auto-detect that it is being requested from the HTTP/HTTPS protocol and will auto-adjust any responses to be SSL-compliant if necessary. Otherwise, Google has a protocol macro that we can insert in any URIs or ad tags to auto-update “http” to “https” if necessary.
  • Any 4th-party calls to other technologies within the ad unit must also be from SSL-compliant vendors that have been certified by Google.
  • AdX buyers must declare through RTB or the AdX UI that the ad is SSL-compliant. Note that if an ad is declared as SSL-compliant but makes any non-SSL-compliant responses, the ad will be disapproved.
  • Please see the section "In-stream video ad units (VAST-compliant)" for SSL-compliant VAST ad specifications.
  • A vendor must receive specific certification to serve ads on SSL-compliant publisher inventory. Approved SSL-compliant ad vendors are listed in the Vendors lists.
Expandables ad units

For the DoubleClick Ad Exchange, Expandable ad units are not allowed on Google Display Network Inventory.

In-stream video ad units (VAST-compliant)

Third-party in-stream video ads are accepted on the DoubleClick Ad Exchange according to the following policies:

Technical specifications

In-stream video ad
  File types Maximum file size Video length Maximum frame rate
Unit sizes Video Audio   Maximum Recommended  
480x360 (4:3)
640x360 (16:9)
1920x800 (5:2)
H.264 (MP4), FlashVideo (FLV), and WebM video file types must all be included (other formats may be included but will not be used) MP3 or AAC preferred 10MB 60 sec <15 secs
(to be eligible for the most publisher inventory incl. YouTube)
30fps
Companion ad (optional, but recommended)
  File types Maximum file size Animation length Maximum frame rate
Unit sizes Image Flash   Host-initiated play User-initiated play (rollover or click)  
300x250 Static GIF, JPG, PNG SWF with backup GIF/JPG (Flash 7-10; AS2 & AS3) 50K 30 secs 4 mins 24fps
300x60

Ad Exchange does not support in-stream video ads in mobile applications or on sites accessed through mobile browsers.

Creatives

  • Third-party in-stream ads must be served via a linear VAST tag (pre-fetch tag) by a VAST vendor approved specifically for the DoubleClick Ad Exchange:
  • The VAST tag must comply with Google's XML summary for VAST ad server response.
  • For each video ad served in the VAST tag, there needs to be a minimum of 3 separate nodes included - one for each FLV, MP4, and WebM video formats. Other formats may be included but will not be used.
  • Consistent Node Value: Please be sure that your all of your VAST tags include a specific consistent value for your company in the node in the VAST XML. For example, Google would always include the following for all our VAST tags: Google
  • Unique Ad ID Value: Each VAST tag generated should include a unique value for the “id” attribute in the node. Two different VAST tags should not have the same Ad id value. For instance:
    - VAST tag 1:  <Ad id="3947179">
    - VAST tag 2:  <Ad id="8741831">
  • Note that only the following resource types will be allowed for node in the VAST XML:
    • StaticResource: URI to a static file, such as an image or SWF file
    • IFrameResource: URI source for an IFrame to display the companion element
    The HTMLResource type will no longer be permitted.
  • In order for Google’s Flash SDK to serve video ads from a 3rd-party ad server, the 3rd-party ad server must include a crossdomain.xml with specifications to allow access to all specific Google domains or all domains. Also, the attribute secure needs to be set to “false”. The crossdomain.xml should be formatted as follows:

     <cross-domain-policy>
     <!-- Allow access to ALL domains
       <allow-access-from domain="*" secure="false"/>
     <!-- OR allow access to the domain from originating request
    </cross-domain-policy>

    Important: When you add a domain to your website's crossdomain.xml file, any Flash file hosted within that domain can access data belonging to users logged into your website. Due to this, you should generally not add advertising network hosts to crossdomain.xml files on websites that contain authenticated functionality such as user profiles.

  • In order for Google’s HTML5 SDK to serve video ads from a 3rd-party ad server, the 3rd-party ad server must include a CORS header in all of its responses. The CORS header must be formatted as follows:

    Access-Control-Allow-Origin: [allow access to the domain from originating request]
    OR Access-Control-Allow-Origin: *

    Note: Access-Control-Allow-Origin: * cannot be use in combination with Access-Control-Allow-Credentials: true

  • Audio is not allowed for companion ads.
  • Creatives may not expand past ad unit boundaries.
  • On all ads with partially black, white, or transparent backgrounds, you must add a visible border of a contrasting color to the majority background color of the creative.
  • All creatives must be free of applications including, but not limited to, ActiveX, viruses, exit pops, spyware, and malware.
  • Companion ads containing Flash must not exceed 50% of a user's CPU. Common causes of high CPU use are continued animation, heavy animation sequences, and animation that surpasses the 30-second limit. If applicable, you can use the Task Manager feature in Windows to check for compliance with this rule.
  • Creative coding may not use cross-domain scripting or set cookies in unapproved domains.
  • All creatives must open in new windows. The target window for the clickthrough URL must be set to "_blank" so the clickthrough will open in a new window. Do not leave the target statement undeclared.
  • For Flash creatives:
    • Creatives must be built to use Flash versions 7 through 10 (AS2 & AS3).
    • You must supply a default image. If the browser doesn't support the Flash version used for your creative, the default image will be served.
    • The last frame of the animation must include the following code in actionscript: "stop()".
    • You must include a clickTag layer. The clickTag layer must be the topmost layer.
    • You may use a maximum of 2 clickTags in a single creative.
    • Creatives must support Google's click tracking. Where supported, all click events must be passed to Google.
  • For VAST wrappers:
    • No more then 1 (one) VAST wrapper redirect to 1 (one) VAST In-Line is permitted.
    • Supported TrackingEvents (wrapper may include more than one node per each event):
      • start
      • firstQuartile
      • midpoint
      • thirdQuartile
      • complete
      • mute
      • unmute
      • pause
      • resume
  • For SSL-compliant VAST ads:
    • A vendor must receive separate certification to serve VAST ads on SSL-compliant publisher inventory.
    • All ad responses must be SSL-compliant (“HTTPS”). All servers involved require full SSL certification.
    • It is preferred that your VAST tag can auto-detect that it is being requested from the HTTP/HTTPS protocol and will auto-adjust the URIs and companion banners to be SSL-compliant if necessary. Otherwise, Google has a protocol macro that we can insert in your VAST tag to auto-update “http” to “https” if necessary.
    • The vendor/AdX buyer must ensure that any URIs within the VAST XML (e.g. the , , and other nodes) that are served by a party other than the primary VAST vendor are also from vendors approved by Google for SSL-compliant ad serving/tracking.
    • The companion ad banner as well as any 4th-party calls to other technologies within the companion ad banner must also be made from SSL-compliant vendors that have been certified by Google.
    • AdX buyers must declare through RTB or the AdX UI that the ad is SSL-compliant. Note that if an ad is declared as SSL- compliant but makes any non-SSL-compliant responses, the ad will be disapproved.
General guidelines and editorial policies

DoubleClick Ad Exchange buyers must following the same policies detailed in the Adwords section on General guidelines and editorial policies.

Pop-up windows

DoubleClick Ad Exchange buyers must following the same policies detailed in the Adwords section on Pop-up windows.

Audio effects

DoubleClick Ad Exchange buyers must following the same policies detailed in the Adwords section on Audio effects.

Personally-identifiable information

DoubleClick Ad Exchange buyers must following the same policies detailed in the Adwords section on Personally-identifiable information.

Research

If authorized by Google, you may implement research studies in connection with an ad campaign. If expressly approved by Google, these research studies may be exempt from some of the third-party serving restrictions outlined above. Research tags may not be used in In-App Ad campaigns.

All research must be conducted as follows:

  • You may conduct research only for the purpose of measuring the effectiveness of mutually agreed-upon, ad-served advertising placements purchased through Google. You may only use a web beacon or other tracking mechanism in order to track a user's exposure to an ad. No surveys or survey invitations are allowed to be served on the Google Display Network via the DoubleClick Ad Exchange. When trafficking 3rd-party tags that serve surveys and survey invitations, the appropriate research vendor needs to be selected from the "Ad Technology" drop-down in the user interface. This will allow the survey and survey invitations to run on other AdX inventory, but not the Google Display Network.
  • Google must approve, in writing, the public disclosure of any campaign-specific data and compilation or aggregation of data across multiple campaigns attributable to Google prior to any such disclosure.
  • Only a third-party research provider that appears on Google's approved provider list may conduct research.
  • You are responsible for ensuring that all survey results and associated data are kept strictly confidential, and that personally- identifiable data is not solicited or collected, except as necessary by you for granting incentives to research participants. All personally-identifiable data may be used only to deliver the relevant incentives, and such data must be destroyed promptly following delivery of the relevant incentives.
  • If you are a verification or audience metric service provider, as classified by Google, you must be able to demonstrate that your service has gone through a formal third-party audit. Any data you collect must be used strictly for reporting against the advertiser's campaign. You must not collect site-level information (domain/URL) in connection with a cookie. You may not sell or make available for resale any information you may collect via your service to others. You may not share or aggregate data beyond the advertiser's campaign for whom you are providing the reporting. NOTE: Verification Services are not permitted to drop cookies.
  • Verification and audience metric service providers may only be used for research and analytics purposes. You may not use any technology that will effect or prevent the serving of the ad, which includes but is not limited to services like ad blocking. Certification of these vendors only indicates that Google permits their use by clients on our network, but Google does not validate the accuracy of the data and analysis reported by any research vendors in our program including but not limited to verification and audience metric service providers. Google does not offer credits for any discrepancies between our reports and the third party's reports or for any issues flagged by these types of services.
Online Behavioral Advertising Option Icon

If you would like to display a third-party Advertising Option Icon for online behaviorally targeted ads, you must abide by the following the requirements:

  • If you choose to use a third-party Advertising Option Icon, the third-party vendor is responsible for complying to the requirements outlined by the Self-Regulatory Program for Online Behavioral Advertising (www.aboutads.info), which includes but is not limited to the following specifications:
    • The layer must use the Advertising Option Icon’s official 76x15 “AdChoices” image. If the 19x15 “i” image is used instead, the layer should change to the full 76x15 “AdChoices” image upon mouseover.
    • The Icon must appear in the top-right corner of the ad.
  • Any privacy notification must appear within the ad units boundaries or open in a new browser window. No pop-ups are allowed.
  • Any vendors that are permitted by Google to display an Advertising Option Icon may not write and/or read cookies in association with any functionality of the icon.
  • You may only serve third-party Advertising Option Icons from a Google-approved Advertising Option Icon vendor, which include:
    • Evidon (formerly Better Advertising)
    • TRUSTe
Vendors list (Global)