As a programmatic player that was founded in Europe and one whose business model is so heavily reliant on ad retargeting, Criteo’s performance is often deemed as emblematic of the fortunes of the wider ad-tech sector, post-GDPR.

Earlier this week, the publicly listed ad-tech outfit reported its third consistent slowdown in revenues since the enforcement of GDPR in the E.U. on May 25 last year, with Q4 revenues of $670 million, representing a slowdown of 1 percent year over year.

It would be a natural assumption to lay the blame of Criteo’s decrease—it likewise posted a 0.2 percent annual revenue increase for full-year 2018—entirely at the door of GDPR, but not all are in agreement.

Under repeated questioning from financial analysts, Criteo executives said the financial impact of the data-privacy legislation, which requires consent from consumers before their data can be used to target an ad buy, was in the region of $5 million.

Criteo CEO JB Rudelle said, “As regards [to] GDPR, we don’t see this as anything existential for us … smaller than what we, what we expected … less than 2 percent, to be exact.”

Although the ad-tech company’s traffic acquisition costs increased more sharply in Europe compared to any other part of the world—an increase of 6 percent in the E.U. compared to a decrease of 4 percent in the Americas during Q4— executives expect to return to double-digit growth in late 2019.

The markets have responded positively in the aftermath of Criteo’s latest filing with its share price spiking by as much as 15 percent in early trading. However, Richard Kramer, founder of financial analyst firm Arete Research, believes this is more indicative of bets against the ad-tech company and how low expectations had sunk in the last 12 to 18 months.

“I don’t think you can parse it [Criteo’s performance] to say GDPR is directly impacting them [leaving revenues flat or slightly down for three consecutive quarters],” he said, adding that it could potentially have proven a boon for the French outfit.

“What we’ve seen is that GDPR has raised the value of first-party datasets and to the extent that Criteo is able to ingest the first-party CRM data from its clients—it might be trusted to do that in a way the average retailer wouldn’t hand the same data over to Amazon or Google—it probably puts them in a marginally better position,” he said.

“Where GDPR has been an abject disaster, it’s hit the data brokers and small publishers, many of which must be hoping to avoid regulatory scrutiny.”

Meanwhile, Kramer also went on to note how Criteo’s dip in take rates, the difference between its gross revenues and what it pays publishers on its network, were a “mean reversion” and likely one of the reasons for its flat revenues.

However, Criteo’s take rates are still above what pure-play demand-side platforms charge in the market. Albeit, Kramer added that the lowering of Criteo’s take rate could potentially be a competitive play to compete with pure-play DSPs such as The Trade Desk.