Authorized Buyers policies and enforcement

As part of our recent suspension of ads in Russia for Google Ads products, we will also suspend Authorized Buyers and Open Bidders based in Russia.

Due to the war in Ukraine, we will pause ads containing content that exploits, dismisses, or condones the war.

Due to the ongoing war in Ukraine, we will be temporarily pausing Google ads from serving to users located in Russia.

Effective immediately, due to an ongoing sensitive event (the war in Ukraine), we are pausing ads from and for Russian Federation state-funded media.

This guide is intended to provide answers to commonly asked questions and share the framework of Authorized Buyers policy enforcement. The information presented here does not, in any way, change the actual policies, which are available here. You can also access the Authorized Buyers policies from the Program Guidelines link located in the footer of the application.

Automated creative review

Authorized Buyers reserves the right to conduct automated creative reviews in order to maintain the quality of ads on the exchange. While this does not change the Authorized Buyers guidelines, creatives that don't meet our policies will be paused until corrected. The most common issues are: destination URL not working, flash cookies, raw IP addresses, missing or broken click macros, invalid 4th party calls, undeclared or incorrect landing page, customer creative ID misuse, non certified vendors, and creative download sizes.

To browse this page, click to see details of any policy topic, or expand all and press Ctrl + F (Command ⌘ + F, for Mac) to find terms on this page.

Expand all Collapse all

Content and creatives

Authorized Buyers reserves the right to disapprove ads in breach of the content and creative policies outlined in the Google Ads Advertising Policies and to suspend entire accounts for certain violations. If you have any questions about the violations, please contact your account team.

Examples:

Animation length
Ads must remain static after 30 seconds
Creatives:
- May not exceed a 150K initial load. For video creatives, this refers to when nearly 15-20% of the total weight for the first frame is served by the ad server. For display creatives, this refers to when the image or banner is displayed until all the creative assets load on the web page.
- Total download cannot exceed 5MB. Total download is referring to when the complete web page or all of the creative assets have been loaded and displayed.
Maximum frame rate
All creatives must open in new windows. The target window for the click-through URL must be set to "_blank" so the click-through will open in a new window. Do not leave the target statement undeclared
Trafficking errors, e.g. the destination URL matching where the user is sent, http://www.gooooogle.com, and leads to a parked domain
Blank ads - each trafficked ad must contain a creative; rendering blank creatives is not acceptable
Click-to-call ads - currently not supported

Please refer to the full content guidelines outlined in the Google Ads Advertising Policies, as well as the Requirements for third-party ad serving.

If a client’s ad is disapproved under these circumstances, they will be required to make the necessary compliance changes and resubmit their ads for review.

In addition to the above policies, Authorized Buyers has the following policy on family safe status:

Google assigns a family status to all ads to make sure that ads are shown to an appropriate audience. Products that are considered to have "non-family safe" status cannot currently be run on Authorized Buyers.

We continue to review this status and reserve the right to change this policy for Authorized Buyers.

Data and third-party ad serving

Data and third-party ad serving includes the following topics.

Declaration of third and fourth-party calls

All third- and fourth-party calls must be declared. This includes:

Redirects or server-to-server callouts.
Redirects or callouts to any technology, including ad servers, rich-media servers, tracking technologies, or verification technologies.

Unless:

The technology is issued by a single buyer on Authorized Buyers solely for their own use and is not licensed to any third parties
The technology is an approved technology vendor

No fifth-party calls are allowed. You cannot have an ad on Authorized Buyers that calls a third-party ad server that calls another third-party ad server (fourth-party call) that calls another third-party ad server (fifth-party call).

Policy for third and fourth-party calls

Refer to the requirements for third-party ad serving, under third-party ad serving for a complete list of policy requirements.

Data collection

You may use a cookie, web beacon, or other tracking mechanism to collect anonymous traffic data for purposes of aggregated reach, frequency, and/or conversion reporting, provided you use a certified third-party vendor for this purpose. Collecting impression-level data via cookies or other mechanisms for purposes of subsequent re-targeting, interest category categorization or personalization, or syndication to other parties on Google Display Network inventory is prohibited unless publisher provides permission. This restriction does not apply to click- or conversion-level data.

You may not associate cookies, web beacons, or other tracking mechanisms with personally-identifiable information (PII) for any purpose or with precise user location for behavior targeting unless the user has knowingly and expressly opted in. For purposes of this document, PII and precise user location does not include IP addresses.

You will not, and will not assist or knowingly permit any third party, to set a cookie, or alter or delete a cookie set, on any Google owned and operated domains, including, without limitation, on a DoubleClick domain.

You must display a prominent privacy policy with an option for users to persistently opt out of any cookie, web beacon, or other tracking mechanism set by you for data collection.

You can see a list of approved technology vendors who perform data collection, by searching for a research vendor type.

Example

An ad served by a buyer for an advertiser contains a tracking URL, collecting user data to be used with subsequent campaigns. For example, using the pixel below, the vendor "collectuserdata.net", needs to be declared in the ad:

http://collectuserdata.net?name=barry&time=1200&bannerseen=12345

If the vendor is not available on the list of declarable vendors, it is either allowed on the approved technology vendors list or not allowed under any circumstances.

Flash cookies and other locally shared objects

Malware

Click macros

Responsible ad tracking

Helping partners comply with U.S. states privacy laws

Google has a long history of taking a user-first approach in everything we do. As a part of our commitment to users, we never sell personal information. We give users transparency and control over their ad experiences via My Ad Center, My Account and several other features to help you manage your account. Per our Personalized advertising policy, we never use sensitive information like health, race, religion, or sexual orientation to personalize ads. We also invest in initiatives such as the Coalition for Better Ads, the Google News Initiative, and ads.txt to support a healthy and sustainable ads ecosystem.

Google welcomes privacy laws that protect consumers. In May 2018, we launched several updates to help advertisers and publishers comply with the General Data Protection Regulation (GDPR) in the EEA and the UK.

In 2019, Google began offering restricted data processing (RDP) to help advertisers, publishers, and partners manage their compliance with the California Consumer Privacy Act (CCPA). In January 2023, we expanded the operation of restricted data processing to help customers and partners manage their compliance with the new U.S. state privacy laws.

Restricted Data Processing

The Authorized Buyers and Open Bidding services always operate under Restricted Data Processing for queries. Buyers/bidders do not need to make any changes for this behavior to be applied.

For customers on our online contracts and updated platform contracts, the restricted data processing terms will be incorporated into our existing platform contracts via the controller-controller terms and will come into force on Jan 1, 2020. There is no action required on your part to add this restricted data processing language into your contract.

Choose a section to give feedback on

Was this helpful?

How can we improve it?

Authorized Buyers policies and enforcement

Automated creative review

Examples:

Policy for third and fourth-party calls

Data collection

Flash cookies & local storage

Example

Helping partners comply with U.S. states privacy laws

Restricted Data Processing

Was this helpful?

Need more help?

Try these next steps:

What is the issue with this selection?

Share additional info or suggestions