Does your website use third-party services? Get GDPR compliant in minutes.
Try FlowConsentFree plan · 10-min setup
Dable is a South Korean content recommendation and native advertising platform that embeds a JavaScript widget on publisher sites to recommend articles and sponsored content based on reading behaviour.
Dable is a South Korean content recommendation and native advertising platform comparable to Taboola or Outbrain. Publishers embed a JavaScript widget on article pages that displays a grid of related articles, sponsored stories and native ads at the bottom of the page or within the article body. Dable personalises these recommendations using reading behaviour, visit history and inferred interests, and monetises a portion of the slots through native advertising sold to advertisers via direct deals and IAB TCF compatible programmatic channels.
Dable sets first party and third party identifiers such as dable_uid and dable_uid_alias to recognise returning visitors, plus dable_consent and session cookies for technical operation. It collects the page URL, referrer, article metadata, scroll and click behaviour, dwell time, viewport, IP address, user agent and approximate location derived from IP. These signals are combined into interest profiles that drive both recommendation ranking and advertising targeting across the Dable publisher network.
Because Dable stores and reads identifiers on the user device, Art. 5(3) of the ePrivacy Directive and, in Germany, section 25 TDDDG apply: prior informed consent is mandatory before the widget loads. Under the GDPR, profiling for behavioural advertising is a high risk activity that requires a clear legal basis, transparency information naming Dable as a recipient or joint controller, and respect for data subject rights including objection, access and erasure.
Get GDPR compliant in 10 minutes
Free plan available · No credit card required
The only viable legal basis in the EU is consent under Art. 6(1)(a) GDPR, collected through a compliant consent management platform before any Dable script executes. The consent banner must list Dable explicitly or via a TCF vendor entry, describe profiling and cross site tracking, mention the South Korea transfer, and offer a reject option that is as easy as accept. Pre ticked boxes, implied consent and consent walls without a genuine choice are not lawful.
Data flows to Dable infrastructure in South Korea. The European Commission adopted a partial adequacy decision for South Korea in December 2021, which covers transfers to private sector recipients subject to PIPA; verify that Dable falls within that scope, otherwise rely on Standard Contractual Clauses plus a transfer impact assessment. Practical steps: block the widget until consent is given, configure IAB TCF signalling, document the processor relationship in a DPA, list Dable in the privacy notice and ROPA, and review logs and vendor disclosures annually.
Websites using Dable must obtain user consent under GDPR regulations.
DPIA considerations
Dable performs profiling and behavioural advertising at scale, combines tracking across publisher sites and transfers personal data to South Korea. A DPIA is strongly recommended under Art. 35 GDPR, particularly for publishers with large reach or sensitive content categories.
Sample consent text
We use Dable to recommend articles and sponsored content. Dable sets cookies and collects identifiers, page URLs and reading behaviour. Data may be transferred to South Korea. Do you consent to this processing? You can withdraw your consent at any time in the cookie settings.
Third-party domains contacted
dable.iostatic.dable.iopcdn.dable.iodist.dable.ioservice.dable.iotrack.dable.iolog.dable.ioCookies placed
| Name | Type | Duration | Purpose |
|---|---|---|---|
| dable_uid | third_party | 1 year | Unique user identifier used by Dable to recognise returning visitors and build interest profiles for recommendations and advertising. |
| dable_uid_alias | third_party | 1 year | Secondary identifier that maps user IDs across publisher domains and partner networks for cross site tracking and frequency capping. |
| dable_consent | third_party | 6 months | Stores the user IAB TCF consent string and signals to gate behavioural tracking and ad personalisation by Dable. |
| dable_session | third_party | Session | Session cookie used for technical operation of the widget, A/B testing of recommendation slots and short term deduplication. |
| dable_ab | third_party | 30 days | Stores the A/B test bucket assignment used to measure recommendation algorithm performance. |
| dable_ev | third_party | 30 days | Records engagement events such as impressions, clicks and scroll depth to feed personalisation and reporting. |
Dable places tracking cookies for advertising — comply with GDPR using FlowConsent.
Dable sets identifiers such as dable_uid and dable_uid_alias to recognise returning visitors, dable_consent to record consent signals, and various session cookies. Exact names depend on the publisher configuration and the IAB TCF integration.
Yes. Dable reads and writes identifiers on the user device and performs profiling for advertising, so prior explicit consent is required under Art. 5(3) ePrivacy and Art. 6(1)(a) GDPR. The script must not load until consent is granted.
Consent under Art. 6(1)(a) GDPR is the only viable basis. Legitimate interest is not appropriate for cross site behavioural advertising and profiling carried out by Dable on behalf of publishers.
Yes. Data is sent to Dable infrastructure in South Korea. South Korea benefits from a partial EU adequacy decision since December 2021 covering private sector recipients; transfers outside that scope require SCCs and a transfer impact assessment.
A DPIA is strongly recommended. Dable performs systematic profiling and combines data across publisher sites for advertising, which triggers Art. 35(3)(a) GDPR. Document the assessment before deployment, especially for sites with sensitive content.
Block the widget until consent is given via a CMP, integrate IAB TCF signalling, sign a DPA with Dable, list it in your privacy notice and ROPA, document the transfer to South Korea, and configure cookie expiry and storage minimisation in line with your retention policy.
Yes. Comparable services include Taboola, Outbrain, Ligatus, Plista and MGID. EU based options such as Strossle and editorial recommendation engines like Smartocto can reduce third country transfers and simplify compliance.
List Dable as a third party recipient with category advertising and profiling, describe each cookie, its purpose and duration, mention the South Korea transfer and adequacy basis, link to Dable privacy policy, and explain how users can withdraw consent.