We, at Daisycon do not store personal data for our Affiliate Marketing service. The data that we use to assign the right publisher a fee for his efforts can never, even combined, be traced back to a person. IP addresses are truncated before being stored ("shortened") and encrypted directly via an irreversible MD5-hash. This creates a unique parameter that we can use to trace the uniqueness of transactions, without this being traceable to an individual.
Advertisers also pass on transaction data to us. This data is generally completely anonymous and cannot be traced back to persons. Daisycon applies the principle "privacy by design" and advises the advertiser not to include any personal details in the transaction data. This is always checked at the start of a campaign or when changing a conversion pixel. To be compliant for all data exchanges, our contracts with advertisers include a processor agreement by default. You can read the standard processor agreement here: https://www.daisycon.com/en/processor-agreement/.
For several lead campaigns, Daisycon hosts the lead campaign for its customers. A processor agreement is concluded for the storage of these personal details.