Glossary

An ad library is a public, searchable database where political advertising publishers must store transparency information about political advertisements.…

Ad-delivery techniques are automated methods used to optimise when, where, and to whom political advertisements are shown online. These techniques process…

Administrative fines are financial penalties that national authorities can impose on sponsors, providers of political advertising services, or publishers…

Ancillary services are supporting activities that help produce or deliver political advertising but do not involve making decisions about how, where, or…

An audit trail is a detailed, chronological record of all actions, decisions, and data processing activities related to political advertising. It…

A business user is any person or company acting in a professional or commercial capacity who uses core platform services to provide goods or services to…

Commercial content that is purely promotional—advertising a product, service, or brand without any political purpose—is not considered political…

A competent authority is a national body designated by each EU Member State to supervise and enforce the rules on political advertising under the TTPA…

Complaint mechanisms are formal processes and channels that enable individuals, organizations, and authorities to report violations or suspected…

A compliance audit is a systematic, independent examination of an organisation's policies, procedures, and practices to verify that they meet legal…

A compliance culture is the set of shared values, attitudes, and behaviours within an organisation that promotes adherence to laws, regulations, ethical…

Compliance monitoring is the ongoing process of checking whether political advertising services meet the transparency and targeting rules set out in EU…

A compliance officer is a professional responsible for ensuring that an organisation meets all applicable legal requirements, industry standards, and…

A compliance program is a structured system of policies, procedures, and controls that organizations put in place to ensure they follow applicable laws…

Compliance risk is the potential for financial loss, legal penalties, or reputational damage that an organisation faces if it fails to meet legal,…

A compliance risk assessment is a systematic process organizations use to identify, evaluate, and prioritize potential legal, regulatory, and ethical…

Compliance training is structured education and instruction provided to employees, contractors, and stakeholders to ensure they understand and can fulfill…

Consent under the GDPR is a freely given, specific, informed and unambiguous indication of the data subject's agreement to the processing of their…

Consent for political ad targeting is your explicit, informed agreement to allow your personal data to be used to show you political advertisements. Under…

A controller is the person or organization that decides the purposes and means of processing personal data in the context of political advertising. Under…

A core platform service is a type of digital service that connects large numbers of users and businesses, including online marketplaces, search engines,…

Corporate compliance means the system of policies, procedures, and controls that a company puts in place to ensure it follows all applicable laws,…

Corrective measures are actions that supervisory authorities or the Commission can require sponsors, providers, or publishers of political advertising to…

Cross-border political advertising refers to political advertising services that are provided, published, or disseminated across the borders of two or…

The Digital Markets Act (DMA) obligations are specific duties that "gatekeepers" – large digital platforms with significant market power – must follow to…

Penalties under the Digital Markets Act (DMA) are financial sanctions the European Commission can impose on gatekeepers that fail to comply with DMA…

DSA penalties are fines and enforcement measures imposed by the European Commission or national Digital Services Coordinators on providers of online…

Dark patterns are design tricks used in online interfaces that manipulate or deceive users into making choices they might not otherwise make. These…

A data breach notification is a legal requirement to inform supervisory authorities and, in some cases, affected individuals when personal data has been…

A data controller is a person or organisation that decides why and how personal data is processed. In the context of political advertising, controllers…

A data processor is an entity that processes personal data on behalf of and under the instructions of a data controller. In the context of political…

A data protection impact assessment (DPIA) is a formal process used to identify and minimize data protection risks when processing personal data.…

A data protection officer (DPO) is an expert appointed by an organization to oversee compliance with data protection law, particularly the GDPR. The DPO…

A data subject is any living person whose personal data is being collected, stored, or used. In the context of political advertising, this includes voters…

Declaration obligations refer to the legal requirement for sponsors and providers of political advertising services to provide specific transparency…

The Digital Markets Act (DMA) is a European Union regulation that sets rules to ensure fair and contestable digital markets. It targets large online…

The Digital Services Act (DSA) is an EU regulation that sets harmonised rules for digital services across Europe, including obligations for online…

A Digital Services Coordinator (DSC) is the national authority in each EU Member State responsible for supervising and enforcing the Digital Services Act…

Documentation requirements under the TTPA Regulation refer to the obligations for sponsors and providers of political advertising services to create,…

Due diligence refers to the careful checks and processes that political advertising sponsors, providers, and publishers must follow to ensure transparency…

Elections organised at European Union level to select representatives to EU institutions. The main EU-level election is the European Parliament election,…

The editorial content exemption means that journalism, interviews, opinion pieces, and similar content created under editorial responsibility is not…

Effective, proportionate, and dissuasive are the three legal standards that Member States must apply when setting penalties for breaches of the political…

An end user is any person who uses or accesses an online platform, social media service, or digital advertising service for their own purposes. In the…

The European repository for political advertisements is a centralized, publicly accessible online database where providers of political advertising…

Evidence preservation means keeping records, documents, and data safe and unchanged so they can be used later to prove what happened. In political…

GDPR fines are financial penalties imposed by data protection authorities on organisations that violate the EU General Data Protection Regulation (GDPR).…

A gatekeeper is a large digital platform provider designated by the European Commission under the Digital Markets Act (DMA) because of its significant…

A hosting service stores information provided by users at their request. This includes platforms like social media, cloud storage, and websites that store…

Illegal content is information that violates EU or national law. This includes material that is inherently unlawful (such as child sexual abuse material…

In-house activities refer to political advertising or campaigning conducted directly by political actors using their own channels, staff, and resources,…

Information transmission is the act of moving or conveying information across a communication network or from one point to another. In the context of the…

An interested entity is any organisation, company, or individual that provides services to help prepare, place, promote, publish, or disseminate political…

An intermediary service is a digital service that transmits, stores, or provides access to information provided by users. These services act as a…

Internal controls are the systems, processes, and checks that organisations put in place to ensure they follow their own policies and meet legal…

Internal reporting refers to the process by which employees, partners, or other stakeholders within an organization notify management or designated…

Interoperability refers to the ability of different digital systems, services, or platforms to work together and exchange information seamlessly. In the…

Issue-based advertising is advertising that promotes or opposes a specific political issue, policy position, or social cause, but does not explicitly…

Labeling requirements under the TTPA Regulation mandate that all political advertisements must be clearly marked as such and include specific transparency…

A legal representative is a person or entity established in the EU that a sponsor or provider of political advertising services must appoint when they are…

Legitimate interest is one of the legal grounds under data protection law (GDPR) that allows organizations to process personal data when they have a valid…

A machine-readable format is a structured way of presenting information that computer systems can automatically process and interpret. For political…

National elections are elections held in a Member State to elect representatives to national legislative bodies, such as parliaments or national…

National implementing legislation refers to the laws, regulations, and administrative rules that each EU Member State adopts to put the Political…

Notice and action is a mechanism that allows users to report illegal or harmful content to online platforms and other hosting service providers. When a…

Government communications that inform citizens about public services, health, safety, or voting procedures are generally exempt from the TTPA regulation.…

Online advertising transparency under the Digital Services Act (DSA) refers to the requirement that advertisements on online platforms must clearly…

An online platform is a hosting service that stores and disseminates information to the public at the request of users. Examples include social media…

Opt-out mechanisms are tools or processes that allow individuals to withdraw from or decline receiving political advertising, or to refuse the use of…

Personal data is any information that relates to an identified or identifiable natural person. This includes obvious identifiers like names and email…

Clear policies and procedures are the foundation of compliance with the TTPA Regulation. They are the documented rules and step-by-step processes that…

A political actor is any person or organisation that directly participates in political activities, such as a political party, an elected representative,…

Political advertising is any paid communication made by or on behalf of a political actor that is intended to influence people's voting behaviour,…

A political advertising campaign is an organised series of political advertisements prepared, placed, promoted, published or disseminated with a common…

A political advertising publisher is any entity that publishes or displays a political advertisement to the public, whether online or offline. This…

A political advertising service is any professional activity involved in creating, placing, promoting, publishing, or distributing political…

A political party is an organized group of people who share common political goals and beliefs, and who work together to influence public policy and gain…

Privacy by design is a principle requiring organisations to build data protection and privacy safeguards into systems, processes, and services from the…

Profiling in political advertising means using automated processing of personal data to evaluate, analyse, or predict someone's political opinions,…

A provider of political advertising services is any person or organisation that offers services to prepare, place, promote, publish, deliver, or…

A recommender system is an automated system used by online platforms to suggest, rank, or prioritize specific content for users. These systems decide what…

Record retention refers to the legal obligation for providers of political advertising services to keep detailed records of political advertisements they…

Record-keeping obligations require providers of political advertising services to maintain detailed records of political advertisements they publish or…

A referendum is a direct vote in which eligible citizens are asked to approve or reject a specific proposal, law, or constitutional change. In the context…

Regional and local elections are elections held at the sub-national level within EU Member States, including elections for regional parliaments, city…

Regulatory compliance means following all laws, rules, and standards that apply to an organization's activities. In the context of political advertising,…

Regulatory enforcement refers to the process by which competent authorities monitor compliance with the TTPA Regulation, investigate potential violations,…

Reporting mechanisms are the systems and channels that platforms and publishers must provide to allow individuals, organisations, and authorities to…

The right to erasure, also known as the "right to be forgotten," gives individuals the legal power to request the deletion of their personal data under…

A risk assessment is a systematic process organizations use to identify, evaluate, and prioritize potential threats and vulnerabilities that could harm…

Risk mitigation refers to the actions and measures that providers of core platform services take to reduce or eliminate identified systemic risks that…

A risk register is a structured document or system that records, tracks, and manages identified risks to an organisation's operations, compliance, or…

Self-preferencing occurs when a digital platform or gatekeeper gives its own services, products, or content better treatment than similar offerings from…

The seven-year retention period is the minimum time frame that publishers and providers of political advertising services must keep records related to…

Special category data refers to particularly sensitive personal information that reveals racial or ethnic origin, political opinions, religious or…

Special category data refers to particularly sensitive types of personal information that receive extra protection under EU data protection law. In the…

A sponsor is the person or organisation that pays for a political advertisement or provides other valuable benefits, such as benefits in kind, in exchange…

Standard contractual clauses (SCCs) are pre-approved legal templates issued by the European Commission that allow organizations to transfer personal data…

Supervision and enforcement refers to how authorities monitor compliance with the TTPA regulation and take action against violations. National competent…

A systemic risk assessment is an evaluation that very large online platforms (VLOPs) and very large online search engines (VLOSEs) must conduct to…