GDPR Compliance

Last updated: August 17, 2022

This page addresses new data regulations that go into effect on May 25th, 2018 and explains how Cart2Cart processes personal data to guarantee its customers greater security, transparency, and control over their personal information. Our company strives to provide Cart2Cart clients with a seamless experience and data security is the main issue we focus on while performing automated data transfers between the shopping carts.

This GDPR Compliance policy (the “GDPR Compliance”) is the integral part of the Privacy Policy of Cart2Cart.

What is GDPR?
Quick Summary of the Updates
What Kind of Personal Data does Cart2Cart Collect with Your Consent?
How Long the Data is Being Saved
Servers Location
What are Cookies and What Data is Collected
Why does Cart2Cart Collect Personal Data?
How is the Personal Data Protected?
Key Aspects on Personal Data Deletion
Submit a Request on Personal Data Collected any Time
Changes
More Questions?

What is GDPR?

1.1. The General Data Protection Regulation (GDPR) is a regulation within EU law that determines the data protection and privacy protection of European Union citizens. GDPR directs the export of personal data outside the European Union as well. According to its terms, a person has to give freely given, specific, informed, and unambiguous consent for the information to be used by the company, otherwise using the personal data of a particular individual is considered illegal.

1.2. Because Cart2Cart deals with the personal data of EU citizens and since the proper treatment of personal data of all clients, regardless of their nationality, is the company’s primary goal, we have taken a set of measures to get compliant with EU data protection requirements and have made the treatment of personal data even more transparent.

Quick Summary of the Updates

2.1. Cart2Cart guarantees that every client or Website visitor has the right to:

Know what kind of information is collected by Cart2Cart and how it will be processed;
Inquire why and at what steps of cooperation the personal data is collected;
Agree or disagree on providing personal data during the very first interaction with the Website/Service;
Request correction, amendment or extraction of their personal data;
Ask to specify the ways the data provided is secured by Cart2Cart;
Withdraw the consent for personal data processing.

2.2. Thus, every client has the following rights due to GDPR: to be informed, to request access to, correct (rectify), amend, delete (erase), port to another service provider (if technically feasible), restrict data processing, or object to certain uses of their personal data.

2.3. Cart2Cart does not use your personal data for automated decision-making.

2.4. You may send a request relating to your personal data at email: [email protected] . Then your request will be processed and you will receive the report on the actions undertaken.

2.5. Please note that if you send us a request relating to your personal data, we have to make sure that it is you before we can respond. In order to do so, we may ask to see documentation verifying your identity.

What Kind of Personal Data does Cart2Cart Collect with Your Consent?

3.1. For a Website visitor

When you visit Cart2Cart Website, our server records the information being sent from your browser:

Web request (e.g. date, time, etc.)
IP address
Browser type
Browser language
One or more cookies identifying the browser

Once you visit the Website we send a cookie banner informing you how we use cookies and give you an opportunity either to accept all cookies or read more about cookies. The data we receive at this stage are used to monitor and analyze Website visitor flow in Google Analytics.

3.2. For a person registering an Account

When creating Cart2Cart Account, you are asked to provide the following information:

Name
E-mail address
Password for the Cart2Cart account
Phone number

The data collected will be used by the Service to identify the user and guarantee the security of the eCommerce information they transfer while performing either Demo or Full migration.

3.3. For a person performing data migration

Depending on the type of cart a client performs data migration to or from, Cart2Cart might request the following information:

Type of Source and Target Shopping Platform
FTP/Cpanel access (required for particular platforms only)
Both Source and Target Stores’ URLs
Store login and password (required for particular platforms only)

3.4. What about database backup?

When migrating data to/from/between bridge carts (in other words, if you've installed the Connection Bridge during the migration setup), the database backup that has been created during Full migration is stored on servers Amazon S3 for 2 years. If necessary, you can contact our Support Team to remove the backups once the Full migration is over.

At every step Cart2Cart guarantees data protection against unauthorized access to or unauthorized alteration, disclosure or destruction of personal information.

How Long the Data is Being Saved

4.1. We retain personal data that you provide us as long as we consider it potentially useful in contacting you about the Service. If you wish to inquire about your personal data that may have been collected by Cart2Cart, contact us by emailing to [email protected]m or [email protected].

5. Servers Location

5.1. Depending on the location of the ecommerce platform the migrations can be carried out by Cart2Cart on Hetzner servers located in Germany according to Hetzner Terms and Conditions or on Amazon Web Services (AWS) servers located in the United States of America or in any other country in which AWS maintains facilities according to AWS Customer Agreement.

What are Cookies and What Data is Collected

6.1. A computer “cookie” (HTTP cookie, a web cookie, browser cookie or Internet cookie) is a packet of data that a computer receives and sends back without changing. Once you visit any website, it sends cookies to your computer and the data gets saved in a file located inside the web browser. Cookies include information that helps any website keep track of the visits and users' activities.

6.2. If you visit Cart2Cart's official Website or perform eCommerce information transfer via our Service at your consent we collect the following data:

Browser language;
Email and Account information;
Shopping carts pair you perform data migration from and to;
Online Migration Wizard settings of your stores that help to recover information on your data migration.

6.3. How to control cookies?

1) You may set up your web browser to refuse cookies, or to be warned when cookies are being sent. It should be taken into consideration that if you do so, some parts of the Website may not function properly. Most browsers allow you to control cookies through their settings, which may be adapted to reflect your consent to the use of cookies. To learn more about browser controls, please consult the documentation that your browser manufacturer provides.

2) If you would like to disable “third party” cookies you can turn them off by going to the third party’s website and getting them to generate a one-time “no thanks” cookie that will stop any further cookies from being written to your machine. We have no control over “third-party” cookies. We suggest that you check the privacy policies (if any) of such third-party websites for more information about their use of your information and/or how to opt-out or delete such information.

6.4. We use the following types of cookies:

1) Strictly necessary cookies. These are cookies that are required for the operation of our Website to enable you to move around our Website and use its features. They include, for example, cookies that enable you to log into secure areas of our Website. Without these cookies, our Website does not work properly.

2) Analytical/performance cookies. These cookies allow us to recognize and count the number of visitors and to see how visitors move around our Website when they are using it. This helps us to improve the way our Website works, for example, by ensuring that users are finding what they are looking for easily. We only use these cookies to improve how our Website works.

3) Functionality cookies. These are used to recognize you when you return to our Website and enable us to remember the choices you make when using our Website. This enables us to personalize our content for you, greet you by name, and remember your preferences (for example, your choice of language or region).

Why does Cart2Cart Collect Personal Data?

7.1. GDPR introduces relevant terms to provide online users with greater security, transparency, and control of their personal data — a principle we couldn't agree more with. Therefore, Cart2Cart is a GDPR-friendly company and has implemented all the necessary changes to the ways customers’ information is collected.

7.2. Here is why we collect customers' personal information described in the previous section:

To track Website traffic and analyze the customers flow to provide the most relevant materials for the website audience;
To perform swift and accurate data migration process;
To improve the customer journey and usability of Cart2Cart Website and Online Migration Wizard;
To send the important information on your migration – the results of data migration, price estimates, and other significant migration-related notifications.

How is the Personal Data Protected?

8.1. Cart2Cart uses innovative methods, the latest hardware appliances, and sophisticated perimeter security technologies to keep personal data safe. Some of the major Cart2Cart security measures include:

Implementation of network firewalls to prevent unauthorized access;
DDoS preventions against large-scale DDoS attacks;
Network posture assessment that set the rules for protected authorization;
Regular backups of all the information that is processed;
System performance duplication that excludes the system errors and data migration interruptions.

8.2. Check more information on Cart2Cart Privacy Policy here.

Key Aspects on Personal Data Deletion

9.1. Cart2Cart customers can submit a request for personal data deletion at any time and be on any step of the migration data process (either after registering an Account, performing Demo or Full transfer). At your consent, the personal information can be completely or partially deleted from the company’s database. Send an email to [email protected] and your request will be processed and you will receive the report on the actions undertaken.

9.2. Note, that the process of data deletion is irreversible. Thus, after the request has been fulfilled we won’t be able to restore your Account and Demo or Full data migration results.

Submit a Request on Personal Data Collected any Time

10.1 Cart2Cart customers have the right to submit any request on the personal information they submitted while interacting with the online automated migration Service. Drop us a line and we’ll send you the report on the personal data that you’ve provided. Contact the Data Protection Officer at [email protected] and get all the necessary information.

Changes

11.1 We reserve the right to modify this GDPR Compliance at any time and at our own discretion.

11.2 If we decide to change our GDPR Compliance, we will post those changes on this page.

11.3 By using our Website and Services, you acknowledge and agree that it is your responsibility to review this GDPR Compliance periodically and become aware of the possible modifications.