OpenX Ad Exchange Demand Policy

Effective: December 19, 2023


OpenX prides itself on quality.  This characteristic is the foundation for our OpenX Ad Exchange Demand Policy (“Demand Policy”), which obliges our advertising partners to meet certain minimum standards in the delivery of ads that we help deliver to our publishers and the compliance with relevant laws. 

Your use of OpenX’s advertising web-based marketplace, known as either an exchange or a supply side platform (“OpenX Ad Exchange”) is governed by your contract with OpenX, which requires compliance with this Demand Policy as it may be updated by OpenX from time to time. If you do not agree to comply with the Demand Policy, notify us immediately and do not use or continue to use the OpenX Ad Exchange.

OpenX may update this Demand Policy at any time by posting notice of such changes at its website or by otherwise providing notice. By using the OpenX Ad Exchange following such posting or notice, you agree to any updated version of this Demand Policy.

If you have any questions about any of the sections below, or any other questions about your advertising on the OpenX Ad Exchange, please contact your Account Manager.

Permitted vs. Prohibited Creatives

Permitted Creatives

The OpenX Ad Exchange welcomes a wide variety of ads, including display, mobile and video, on a variety of platforms.

Ads must respect the requirements of the publisher (e.g., auto play, sound on/off, ad duration) as communicated in the bid request.

Before an initial campaign delivery, you are required to scan your creatives and associated landing pages for malware and other related threats using an approved third party service (e.g., The Media Trust, GeoEdge, Confiant, or AdLightning).

Prohibited Creatives

There are certain types of ads that we do not permit because they create an unwelcome or deceptive environment for the user.  For example, you may not send us ads that:

  • Automatically redirect the user to a new page or app;
  • Automatically refresh;
  • Contain annoying or distracting images, or excessive animation;
  • Contain audio in a display ad that is triggered by anything other than a click (such as auto-play or rollover-initiated audio); 
  • Employ phishing techniques or seek to trick the user into providing information by misrepresenting the identity of the advertiser;
  • Employ deceptive practices to encourage or trick the user into clicking on the ad;
  • Expand beyond their original size;
  • Initiate a download;
  • Install spyware, trojans, viruses or other malware;
  • Mimic system errors or messages; and/or
  • Pop-up upon banner open or upon page exit.

Permitted Domains

OpenX will only deliver advertisements to domains that are in compliance with the Better Ads Standards developed by the Coalition for Better Ads. For more information, see

Prohibited Content

Brands can feature many types of content on the OpenX Ad Exchange appealing to every demographic and geography.  Some types of content are prohibited throughout the Ad Exchange and others (including ads in the categories listed below) may be restricted (or illegal) only in certain territories. Please confirm in writing with your Account Manager before placing ads in certain territories and discuss appropriate territorial restrictions with your Account Manager.  In certain situations, we may request to see the creative and you will need prior written approval before initiating a campaign. Also, see Content Prohibited for Minors and Restricted Content for further details on additional restrictions that may be required for such ads.

Prohibited Content

OpenX will not accept ads that:

  • Are misleading or contain content that is not reflective of what the user will find on the clickthrough URL;
  • Promote hacking, cracking, or warez;
  • Contain profanity;
  • Promote or contain libel or fraud;
  • Incite hatred of any race, religion, creed, class or ethnic group, or of any individual or group;
  • Infringe intellectual property rights;
  • Promote P2P file-sharing, torrent, or anything that facilitates or promotes copyright infringement;
  • Sell or promote electronic cigarettes or vaping devices;
  • Sell or promote illegal drugs, drug paraphernalia, or ways to pass a drug test;
  • Contain nudity or suggestive content or images;
  • Promote adult products, including sex toys and sexual enhancers;
  • Promote adult-themed dating, escort services, “mail-order brides,” or similar services;
  • Promote fireworks;
  • Sell or promote firearms, ammunition, bombs or other weapons, or related design materials, including handgun safety certificates and BB guns;
  • Describe, depict, or glorify pain, suffering, torture, violence or death of or against humans or animals; 
  • Promote any other products, services, or content that are illegal, promote harmful activity, or infringe on the rights of others. This includes sites that provide “how-to” information on bomb-making, lock-picking, and similar topics;
  • Violate any applicable law, regulation, governmental rule or court order or which contain content that is otherwise harmful or illegal.

Content Prohibited for Minors

In certain territories, depending on the jurisdiction, your ability to use personal data to target ads or properties to minors under the age of 18 might be restricted or prohibited.  In addition to the prohibitions listed above, you cannot use the OpenX Ad Exchange for ads that promote products that are generally prohibited to minors. Please check with your Account Manager before placing any ads that may have such restrictions.

Restricted Content

While content may be allowed in certain territories, it may be subject to further restrictions.  For instance, political ads and ads related to tobacco and related products may be subject to various restrictions and standards that you are required to observe, including, but not limited to, local law requirements, the DAA’s Self-Regulatory Principles on Political Advertising, and the OpenX Political Advertising Policy. Please check with your Account Manager before placing any ads that may have local restrictions.

Recommended vs. Prohibited Practices

  • You may only purchase inventory for use directly by an advertiser (or direct agent of an advertiser) with which you have a direct relationship. 
  • Reselling, distributing or otherwise sub-syndicating inventory to another indirect sales channel (e.g., another ad network or trading desk) is prohibited.
  • You may not create targeting profiles or segments or use any targeting profiles or segments to show ads to consumers if such profiles or segments may lead to discriminatory treatment of a consumer. 
  • If you are using the OpenX Ad Exchange to advertise opportunities, products, or services in the credit, insurance, employment, or housing sectors on behalf of yourself or your clients or customers, you must abide by our Anti-Discrimination Policy.
  • If you are using the OpenX Ad Exchange to place political advertisements, you must abide by our Political Advertising Policy.
  • When syncing cookies with OpenX, you will not add or drop any 3rd party pixels without the express written approval of OpenX, email sufficing. If approval is given, it will be limited to pixels placed by data management platforms or other approved data providers.

Compliance with Laws and Data Privacy

General Compliance

  • You will comply, and ensure your ads and any transfers of data from you to OpenX comply, with all applicable laws and regulations as related to your use of the OpenX Ad Exchange. This includes any applicable privacy and data protection laws and regulations, including but not limited to (as applicable) the EU General Data Protection Regulation (“GDPR”) and U.S. federal and state privacy legislation including the Children’s Online Privacy Protection Act (“COPPA”), the California Consumer Privacy Act, as amended by the California Privacy Rights Act (collectively, the “CCPA”), U.S. state privacy laws in Connecticut, Colorado, Virginia, and Utah (together with the CCPA, the “U.S. State Privacy Laws”), and any regulations issued thereunder. Any definitions used in this section and not otherwise defined have the meaning given to them, or substantially similar terms, in the GDPR and the U.S. State Privacy Laws, as applicable.
  • You shall use the personal data passed to you by OpenX only for the purposes of advertising, solely via the OpenX Ad Exchange, on behalf of yourself or your customers or clients, and in accordance with our agreement.
  • You shall not transfer or provide the personal data of an individual you know or suspect to be a minor or child (being any data subject under the age of 18).
  • You shall not transfer or provide any of the following personal data to OpenX or make use of such data within the OpenX Ad Exchange:
    • full name;
    • direct contact information including address, telephone number, or email address (but excluding device identifiers);
    • social security number, driver’s license number, other state or government identification number, biometric data, or account or payment card number; and
    • sensitive or special categories of personal data (as defined in applicable privacy and data protection laws and regulations).
  • Without limitation of the foregoing, you will comply, as applicable, with the United States Digital Advertising Alliance Self-Regulatory Principles published at (“DAA Self-Regulatory Principles”) and, as applicable, with the corresponding DAA-designated self-regulatory frameworks established in other countries and/or regions.  You will also comply, as applicable, with the enhanced notice obligations applicable to Third Parties as defined in the DAA Self-Regulatory Principles.

GDPR Compliance 

  • Although OpenX Poland sp. z o.o (“OpenX Poland”) is not a billing entity of OpenX, it is the OpenX entity that is responsible for making decisions related to OpenX’s processing of personal data collected in the EEA, Switzerland, and UK. Irrespective of the OpenX entity identified in your terms with OpenX, you acknowledge that OpenX Poland is a controller of EEA, Swiss, and UK personal data processed within the OpenX Ad Exchange, and that obligations on you under this Demand Policy to notify OpenX or to provide information to data subjects relating to the processing carried out by OpenX shall be owed to OpenX Poland where this relates to data subjects in the EEA, Switzerland, or the UK. OpenX Technologies Inc. will be a business, controller or equivalent entity of personal data in regions other than EEA, Switzerland, or UK, processed within the OpenX Ad Exchange.
  • Both you and OpenX are controllers of personal data processed within the OpenX Ad Exchange. OpenX is responsible for the processing of personal data within the OpenX Ad Exchange, whereas you are responsible for ensuring all required notices related to the data you share or receive are provided to individuals. 
  • Because OpenX Poland is the data controller of EEA, Swiss and UK data, it is responsible for any onward transfer of that data outside of the EEA, Switzerland or the UK. Where it is required to enter into appropriate data transfer terms, for example where it sends data to OpenX Technologies Inc., then OpenX Poland has ensured that appropriate and adequate data transfer measures are in place. Where OpenX transfers EEA, Swiss, or UK personal data to you (for example, where personal data is provided to you through the OpenX Exchange as part of a bid request), and where you are located in a country where OpenX is required to enter into a data transfer agreement with you to ensure this personal data is adequately protected, you must comply with the applicable obligations under our European Data Transfer Terms, which make up part of this Demand Policy.

U.S. State Law Compliance 

  • Under U.S. State Privacy Laws implemented and amended from time to time, and unless otherwise specified in our agreement, both you and OpenX are “controllers” or “third party businesses” when OpenX passes personal data of a relevant state’s consumer to you or you pass personal data of a relevant state’s consumer to OpenX.
    • To the extent that your agreement with OpenX explicitly states that OpenX will act as your “processor” or “service provider” (collectively, “Processor”) for certain personal data you provide or make available to OpenX, then the OpenX Data Processor Terms will apply to such personal data instead of this U.S. State Law Compliance section of this Demand Policy. All other sections of this Demand Policy will continue to apply.
  • OpenX requires its supply partners to provide consumers with (a) notice of OpenX’s processing activities, including processing for purposes of cross-context behavioral and targeted advertising, and (b) an opportunity to opt out of such processing activities, including via industry standard global privacy controls where required. When OpenX has knowledge that a consumer has not been given notice and an opportunity to opt out of such processing activities or has elected to opt out of such processing activities, it will pass to you an industry standard opt out signal (i.e., an opt out signal endorsed by the IAB and transmitted via the IAB OpenRTB specification) (an “Opt Out Signal”). You must read and honor all Opt Out Signals provided by OpenX to you in bid requests, including by (i) restricting your processing activities and not engaging in cross-context behavioral or targeted advertising with respect to the consumer who has elected to opt out, and (ii) not otherwise selling personal data we provide to you subject to an Opt Out Signal.
  • Whenever you or OpenX (the “Sender”) shares personal data subject to U.S. State Privacy Laws with the other (the “Recipient”), the Recipient agrees to the following terms:
    • it will use the personal data only for the limited purposes specified in this Demand Policy and any written agreement entered into with the Sender;
    • it will comply with its obligations under U.S. State Privacy Laws and provide the same level of privacy protection as is required by U.S. State Privacy Laws, including by complying with Opt Out Signals;
    • it will allow the Sender to take reasonable and appropriate steps to help to ensure that it uses the personal data in a manner consistent with the Sender’s obligations under U.S. State Privacy Laws;
    • it will notify the Sender if it makes a determination that it can no longer meet its obligations under U.S. State Privacy Laws;
    • it will grant the Sender the right, upon prior notice, to take reasonable and appropriate steps to stop and remediate unauthorized use of the personal data.

If there is any conflict between this Demand Policy and any other agreement between OpenX and you, the Demand Policy will prevail.