Are you sure? I didn't find a clear sentence on this last time I looked. It seems hard to define what is derived data (if they guess that a 20 year old is a student, is that derived data? or just a guess) and I can imagine it leaking information about other people if it involved aggregating together pieces of data from multiple people.
The GDPR says "'personal data’ means any information relating to an identified or identifiable natural person". So as long as this derived data is directly related to a person, the GDPR applies.
More explicitly, the UK's regulator says: "You should however note that if this ‘inferred’ or ‘derived’ data is personal data, you still need to provide it to an individual if they make a subject access request."
For ads, you probably don't need to tell people about the "birthstone". But if that automatic processing "produces legal effects concerning him or her or similarly significantly affects him or her" (such as denying a credit card or job offer), then you have to give the person "meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for [them]."