Authorized Buyers policies and enforcement

As part of our recent suspension of ads in Russia for Google Ads products, we will also suspend Authorized Buyers and Open Bidders based in Russia.
Due to the war in Ukraine, we will pause ads containing content that exploits, dismisses, or condones the war.
Due to the ongoing war in Ukraine, we will be temporarily pausing Google ads from serving to users located in Russia.
Effective immediately, due to an ongoing sensitive event (the war in Ukraine), we are pausing ads from and for Russian Federation state-funded media.

This guide is intended to provide answers to commonly asked questions and share the framework of Authorized Buyers policy enforcement. The information presented here does not, in any way, change the actual policies, which are available here. You can also access the Authorized Buyers policies from the Program Guidelines link located in the footer of the application.

Automated creative review

Authorized Buyers reserves the right to conduct automated creative reviews in order to maintain the quality of ads on the exchange. While this does not change the Authorized Buyers guidelines, creatives that don't meet our policies will be paused until corrected. The most common issues are: destination URL not working, flash cookies, raw IP addresses, missing or broken click macros, invalid 4th party calls, undeclared or incorrect landing page, customer creative ID misuse, non certified vendors, and creative download sizes.

To browse this page, click to see details of any policy topic, or expand all and press Ctrl + F (Command ⌘ + F, for Mac) to find terms on this page.

Expand all  Collapse all

Content and creatives

Authorized Buyers reserves the right to disapprove ads in breach of the content and creative policies outlined in the Google Ads Advertising Policies and to suspend entire accounts for certain violations. If you have any questions about the violations, please contact your account team.

Examples:

  • Animation length
  • Ads must remain static after 30 seconds
  • Creatives:
    • May not exceed a 150K initial load. For video creatives, this refers to when nearly 15-20% of the total weight for the first frame is served by the ad server. For display creatives, this refers to when the image or banner is displayed until all the creative assets load on the web page.
    • Total download cannot exceed 5MB. Total download is referring to when the complete web page or all of the creative assets have been loaded and displayed. 
  • Maximum frame rate
  • All creatives must open in new windows. The target window for the click-through URL must be set to "_blank" so the click-through will open in a new window. Do not leave the target statement undeclared
  • Trafficking errors, e.g. the destination URL matching where the user is sent, http://www.gooooogle.com, and leads to a parked domain
  • Blank ads - each trafficked ad must contain a creative; rendering blank creatives is not acceptable
  • Click-to-call ads - currently not supported

Please refer to the full content guidelines outlined in the Google Ads Advertising Policies, as well as the Requirements for third-party ad serving.

If a client’s ad is disapproved under these circumstances, they will be required to make the necessary compliance changes and resubmit their ads for review.

In addition to the above policies, Authorized Buyers has the following policy on family safe status:

Google assigns a family status to all ads to make sure that ads are shown to an appropriate audience. Products that are considered to have "non-family safe" status cannot currently be run on Authorized Buyers.

We continue to review this status and reserve the right to change this policy for Authorized Buyers.

Data and third-party ad serving

Data and third-party ad serving includes the following topics.

Declaration of third and fourth-party calls
All third- and fourth-party calls must be declared. This includes:
  • Redirects or server-to-server callouts.
  • Redirects or callouts to any technology, including ad servers, rich-media servers, tracking technologies, or verification technologies.

Unless:

  • The technology is issued by a single buyer on Authorized Buyers solely for their own use and is not licensed to any third parties
  • The technology is an approved technology vendor

No fifth-party calls are allowed. You cannot have an ad on Authorized Buyers that calls a third-party ad server that calls another third-party ad server (fourth-party call) that calls another third-party ad server (fifth-party call).

Policy for third and fourth-party calls

Refer to the requirements for third-party ad serving, under third-party ad serving for a complete list of policy requirements.

Data collection

You may use a cookie, web beacon, or other tracking mechanism to collect anonymous traffic data for purposes of aggregated reach, frequency, and/or conversion reporting, provided you use a certified third-party vendor for this purpose. Collecting impression-level data via cookies or other mechanisms for purposes of subsequent re-targeting, interest category categorization or personalization, or syndication to other parties on Google Display Network inventory is prohibited unless publisher provides permission. This restriction does not apply to click- or conversion-level data.

You may not associate cookies, web beacons, or other tracking mechanisms with personally-identifiable information (PII) for any purpose or with precise user location for behavior targeting unless the user has knowingly and expressly opted in. For purposes of this document, PII and precise user location does not include IP addresses.

You will not, and will not assist or knowingly permit any third party, to set a cookie, or alter or delete a cookie set, on any Google owned and operated domains, including, without limitation, on a DoubleClick domain.

You must display a prominent privacy policy with an option for users to persistently opt out of any cookie, web beacon, or other tracking mechanism set by you for data collection.

You can see a list of approved technology vendors who perform data collection, by searching for a research vendor type.


Example

An ad served by a buyer for an advertiser contains a tracking URL, collecting user data to be used with subsequent campaigns. For example, using the pixel below, the vendor "collectuserdata.net", needs to be declared in the ad:

http://collectuserdata.net?name=barry&time=1200&bannerseen=12345

If the vendor is not available on the list of declarable vendors, it is either allowed on the approved technology vendors list or not allowed under any circumstances.

Flash cookies and other locally shared objects

Flash cookies and other locally shared object (LSO) technologies are not allowed on Authorized Buyers.

Flash cookies & local storage

Flash cookies are defined as any locally shared object (LSO) technologies (including, but not limited to, flash cookies, browser helper objects, or HTML5 localStorage) for behavioral advertising, ad delivery, reporting, and/or multi-site advertising.

Example

A flash banner is served that sets a .lso file;  the banner writes data about the page the user was on, the products displayed in the banner, and makes a backup of the user’s web cookie data. Users cannot easily or transparently block LSO objects, and it is against Google policies to gather ad serving data from an ad impression.

Please refer to the Requirements for third-party ad serving, under third-party ad serving.

Malware

Malware is not accepted or tolerated within any Google product including Authorized Buyers. Google verifies any creatives directly uploaded into Authorized Buyers, or follows the third-party redirect for malware or viruses through proprietary systems.

Malware violations are not accepted or tolerated within any Google product, including Authorized Buyers. Google reviews creatives or the third-party redirect uploaded in the service. Learn more about What Google does to prevent malware.

Given Authorized Buyers's relationship with third-parties, however, there is the possibility that a buyer on Authorized Buyers, either in their system or through a call-out from their system, may have a policy violation or introduce malware or viruses to Authorized Buyers. Any buyer that intentionally violates policy or actively uploads malware or viruses directly into Authorized Buyers will be immediately and permanently terminated. For those using external calls, Google will attempt to detect any such activity and suspend the associated creative or call-out. Should a violation be detected, Google's policy toward the buyer is as follows in the Enforcement section.

Click macros

Buyers that serve ads from a third-party are required to use a Google click macro in their tags. This allows clicks to be reported back to Google, which can then share them with publishers. Click macros are also used to protect inventory by detecting invalid clicks and impressions. All certified vendors and tags have been tested to support the Google click macro.

Learn more about the different macros and their implementation.

Responsible ad tracking
Buyers should work with their advertising partners to minimize the use of 3rd and 4th party tracking, such that campaign goals are met, without significantly affecting the User experience. For example, don’t include more than one hundred fourth party calls in a single creative, as this results in increased latency, and a poor user experience.

Helping partners comply with U.S. states privacy laws

Google has a long history of taking a user-first approach in everything we do. As a part of our commitment to users, we never sell personal information. We give users transparency and control over their ad experiences via My Ad Center, My Account and several other features to help you manage your account. Per our Personalized advertising policy, we never use sensitive information like health, race, religion, or sexual orientation to personalize ads. We also invest in initiatives such as the Coalition for Better Ads, the Google News Initiative, and ads.txt to support a healthy and sustainable ads ecosystem.

Google welcomes privacy laws that protect consumers. In May 2018, we launched several updates to help advertisers and publishers comply with the General Data Protection Regulation (GDPR) in the EEA and the UK.

In 2019, Google began offering restricted data processing (RDP) to help advertisers, publishers, and partners manage their compliance with the California Consumer Privacy Act (CCPA). In January 2023, we expanded the operation of restricted data processing to help customers and partners manage their compliance with the new U.S. state privacy laws.

Restricted Data Processing

The Authorized Buyers and Open Bidding services always operate under Restricted Data Processing for queries. Buyers/bidders do not need to make any changes for this behavior to be applied.

For customers on our online contracts and updated platform contracts, the restricted data processing terms will be incorporated into our existing platform contracts via the controller-controller terms and will come into force on Jan 1, 2020. There is no action required on your part to add this restricted data processing language into your contract.

Was this helpful?

How can we improve it?

Need more help?

Try these next steps:

Search
Clear search
Close search
Google apps
Main menu
13505058954710733648