# [Data protection and Affiliate Marketing – an impossible match?](https://usercentrics.com/knowledge-hub/data-protection-and-affiliate-marketing/) **Author:** Tilman Harmeling · **Read time:** 3 mins · **Published:** May 5, 2020 --- Ever since the [ECJ](http://curia.europa.eu/juris/document/document_print.jsf?docid=218462&doclang=DE&part=1&occ=first&mode=req&pageIndex=0&cid=2564265) ruling on the active consent requirement for (advertising) cookies, the online marketing industry has been in a frenzy: Will [GDPR](https://usercentrics.com/gdpr/)-compliant affiliate marketing even be possible in the future? And what role do Consent Management Tools play in this? The topic surrounding all Consent Management Platforms (CMP) has been skyrocketing – 43% of affiliate marketers find this to be the case according to a survey conducted by [affiliateblog.de](https://www.affiliateblog.de/der-grosse-affiliate-marketing-trend-report-2020/#dsgvo) earlier this year. And it is not surprising at all, considering the latest legal rulings and the guidelines from the AdTech industry (ex. the IAB Transparency and Consent Framework (TCF) 2.0). **But can this shotgun wedding between affiliate marketing and CMPs work?** One thing is certain: Consent Management and Affiliate Marketing will go fully hand in hand in the future – perhaps not completely voluntarily at first, because let's face it, who wants to break old habits? But, the affiliate industry must find ways to master the balancing act between its desire for maximum information on the one hand and the users' desire for maximum privacy on the other. Read about [marketing compliance checklist](https://usercentrics.com/guides/privacy-led-marketing/marketing-compliance-checklist/) now On the basis of which legal framework could GDPR-compliant Affiliate Marketing be conducted in the future? Every company or website operator should seek comprehensive advice from a certified lawyer specializing in data privacy. Here, the following questions should be clarified: Which category do I assign Affiliate Marketing to? And on which legal basis do I invoke a legitimate interest or user consent? --- ## Affiliate Marketing and Consent Management Tools – how do they fit together? ## Legitimate interest or consent – where is the boundary? ## BVDW vs. DSK – no current consensus on a legal interpretation The legal interpretation of the [BVDW](https://www.bvdw.org/veroeffentlichungen/publikationen/detail/artikel/datenschutzkonformes-affiliate-marketing/) in regards to "Affiliate Marketing in Conformity with Data Protection" is based on legitimate interest in the area of tracking. The Conference of Independent Data Protection Authorities of the Federal Government and the States ([DSK](https://www.bvdw.org/veroeffentlichungen/publikationen/detail/artikel/datenschutzkonformes-affiliate-marketing/)), on the other hand, assumes that explicit user consent is required in order to use tracking technologies as a website operator. Anyone who closely observes the current trend in regulations towards ever stricter data protection requirements must expect that in future, things will change. Both advertisers and affiliates will not be able to avoid obtaining the consent of users for certain technologies, especially if the profiling or tracking of user behaviour is made possible as a result. Read about [marketing data privacy](https://usercentrics.com/guides/privacy-led-marketing/) now. --- ## The right to maximum transparency in data protection This makes everything considerably more transparent to the user in regards to what data is collected and, above all, for what purposes it is passed on to third parties. A general right to chose is embedded in the GDPR regulations. A Consent Management Platform (CMP) enables website operators to give their users a right to choose when collecting their personal data. If the website user agrees to the use of certain technologies in a granular manner, he or she in turn enables the website operator to use the user data for personalised advertising measures. Every website operator must carefully assess which technology is of legitimate interest (without consent) or which technology can classify obtaining consent as a legal requirement and set up his or her CMP accordingly. If you are interested in finding out how such a GDPR-compliant implementation of a CMP can look like, click here. Read about [affiliate marketing compliance](https://usercentrics.com/guides/privacy-led-marketing/affiliate-marketing-compliance/) now --- ## Conclusion All in all, let's not forget: [A GDPR-compliant approach to user consent](https://usercentrics.com/gdpr/) also represents a great opportunity – especially for Affiliate Marketing. Because if and only if, the data controller can prove correct, informed, concrete and explicitly gathered consent, can the use of data be legally valid. Data-driven business models can then work not only with greater transparency with clients, but also deeper into the data. For operational purposes such as AI, tracking or retargeting, as well as for Affiliate Marketing, a legally compliant database will be an essential component in the future. This will make marketing measures focused on opt-in users even more successful. *DISCLAIMER: We, as Usercentrics, assume no legal liability for the texts in our database. Please check them yourself and/or with your legal advisor.* --- ## Products - [Usercentrics Web CMP](https://usercentrics.com/website-consent-management/) - [Usercentrics App CMP](https://usercentrics.com/in-app-sdk/) - [Usercentrics CTV CMP](https://usercentrics.com/usercentrics-ctv-cmp/) - [Privacy Policy Generator](https://usercentrics.com/privacy-policy-generator/) - [Server-side Tagging Solution](https://usercentrics.com/server-side-tracking-solution/) - [Preference Manager](https://usercentrics.com/preference-management/) - [Audience Unlocker](https://usercentrics.com/audience-unlocker/) - [Integrations](https://usercentrics.com/integrations/) - [Web Compliance Scan](https://usercentrics.com/privacy-compliance-scanner/) - [App Compliance Scan](https://usercentrics.com/app-data-privacy-audit/) - [ROAS Calculator](https://usercentrics.com/roas-calculator/) ## Solutions - [Data Privacy Regulatory Compliance](https://usercentrics.com/data-privacy-regulatory-compliance/) - [Marketing Performance Optimization](https://usercentrics.com/marketing-performance-optimization/) - [Migration](https://usercentrics.com/migration/) - [Media & Publishing](https://usercentrics.com/media-publishing/) - [Retail & Ecommerce](https://usercentrics.com/retail-ecommerce/) - [Banking, Finance & Insurance](https://usercentrics.com/banking-finance-insurance/) - [Healthcare & Pharmaceuticals](https://usercentrics.com/healthcare-pharmaceuticals/) - [Gaming](https://usercentrics.com/gaming/) - [Education](https://usercentrics.com/education/) - [Automotive](https://usercentrics.com/automotive/) - [Travel & Hospitality](https://usercentrics.com/travel/) ## Regulations & Frameworks - [GDPR (EU)](https://usercentrics.com/gdpr/) - [GDPR (UK)](https://usercentrics.com/uk-gdpr/) - [CCPA (California)](https://usercentrics.com/ccpa/) - [TCF v2.3 (IAB)](https://usercentrics.com/cmp-for-publishers/) - [DMA (EU)](https://usercentrics.com/digital-markets-act-dma/) - [Amazon Consent Signal](https://usercentrics.com/usercentrics-cmp-and-amazon-consent-signal/) - [Google Consent Mode (EU)](https://usercentrics.com/usercentrics-cmp-and-google-consent-mode-v2/) - [Microsoft UET Consent Mode (EU)](https://usercentrics.com/usercentrics-cmp-and-microsoft-consent-mode/) - [Microsoft Clarity Consent Mode](https://usercentrics.com/usercentrics-cmp-and-microsoft-clarity-consent-mode/) - [View all regulations](https://usercentrics.com/regulations-and-frameworks/) ## Resources - [Blog](https://usercentrics.com/knowledge-hub/) - [Whitepapers](https://usercentrics.com/whitepapers/) - [Checklists](https://usercentrics.com/checklists/) - [Courses](https://courses.usercentrics.com/) - [Case Studies](https://usercentrics.com/case-studies/) - [Privacy-Led Marketing](https://usercentrics.com/privacy-led-marketing/) - [Events](https://usercentrics.com/webinar/) - [CONSENTED Podcast](https://usercentrics.com/consented/) - [Guides](https://usercentrics.com/guides/) - [Release Notes](https://releases.usercentrics.com/en) - [Developer Documentation](https://usercentrics.com/docs/) - [RFI Template](https://usercentrics.com/resources/usercentrics-rfi-template/) - [Customer Directory](https://usercentrics.com/usercentrics-customer-directory/) ## Company - [About Us](https://usercentrics.com/about-us/) - [Press](https://usercentrics.com/press/) - [Our Offices](https://usercentrics.com/contact/) - [Trust Center](https://trust.usercentrics.com/) - [Careers](https://usercentrics.com/career/) - [Open Positions](https://apply.workable.com/usercentrics/) - [Diversity & Inclusion](https://usercentrics.com/dei/) ## Support - [General Support](https://support.usercentrics.com/hc/en-us) - [Contact Sales](https://usercentrics.com/book-a-consultation/) - [Technical Support](https://support.usercentrics.com/hc/en-us/requests/new) - [Billing & Account](https://support.usercentrics.com/hc/en-us/categories/12253804608156-Account-and-billing) - [Suggest a Feature](https://support.usercentrics.com/hc/en-us/requests/new?ticket_form_id=10610312381340) - [Partner Login](https://partnerportal.usercentrics.com/) - [Partner Program](https://usercentrics.com/partner-program-overview/) - [Affiliate Program](https://usercentrics.com/affiliates/) ## Legal - [Terms & Conditions](https://usercentrics.com/terms-and-conditions/) - [Terms & Conditions USA](https://usercentrics.com/terms-and-conditions-usa/) - [Privacy Policy](https://usercentrics.com/privacy-policy/) - [Legal Notice](https://usercentrics.com/legal-notice/) - [Legal Documents](https://usercentrics.com/legal-documents/) - [Accessibility Statement](https://usercentrics.com/accessibility-statement-wcag-compliance/) © 2026 Usercentrics GmbH