This page addresses new data regulations that go into effect on May 25th 2018 and explains how Cart2Cart process sensitive data to guarantee its customers greater security, transparency, and control over the personal information. Our company strives to provide Cart2Cart clients with seamless experience and data security is the main issue we focus on while performing automated data transfers between the shopping carts.
What is GDPR?
The General Data Protection Regulation (GDPR) is a regulation within EU law that determines data protection and privacy protection of European Union citizens. GDPR directs the export of personal data outside the European Union as well. According to its terms, a person has to give freely given, specific, informed, and unambiguous consent for the information to be used by the company, otherwise using the personal info of a particular individual is considered illegal.
Because Cart2Cart deals with the personal data of EU citizens and since the proper treatment of personal data of all clients, regardless of their nationality, is the company’s primary goal, we have taken a set of measures to get compliant with EU data protection requirements and have made the treatment of sensitive data even more transparent.
Quick Summary of the Updates
Cart2Cart guarantees that every client or website visitor has the right to:
- Know what kind of information is collected by Cart2Cart and how it will be processed;
- Inquire why and at what steps of cooperation the personal data is collected;
- Agree or disagree on providing personal info during the very first interaction with the website/service;
- Request correction, amendment or extraction of their personal data;
- Ask to specify the ways the data provided is secured by Cart2Cart;
- Withdraw the consent for personal data processing.
What Kind of Personal Data does Cart2Cart Collect with Your Consent?
For a website visitor
When you visit Cart2Cart website, our server records the information being sent from your browser:
- Web request (e.g. date, time, etc.)
- IP address
- Browser type
- Browser language
- One or more cookies identifying the browser
Once a person visits Cart2Cart official website we send a notification informing what data is being collected and give an opportunity either to agree or disagree with data processing.
The data we receive at this stage are used to monitor and analyze website visitor flow in Google Analytics.
For a person registering an account
When creating Cart2Cart account, you are asked to provide the following information:
- E-mail address
- Password for the Cart2Cart account
- Phone number
The data collected will be used by the service to identify the user and guarantee the security of the eCommerce information they transfer while performing either Demo or Full migration.
For a person performing data migration
Depending on the type of cart a client performs data migration to or from, Cart2Cart might request the following information:
- Type of Source and Target Shopping Platform
- FTP/Cpanel access (required for particular platforms only)
- Both Source and Target Stores’ URLs
- Store login and password (required for particular platforms only)
At every step Cart2Cart guarantees data protection against unauthorized access to or unauthorized alteration, disclosure or destruction of personal information.
How Long the Data is Being Saved
What are Cookies and What Data is Collected
A computer “cookie” (HTTP cookie, a web cookie, browser cookie or Internet cookie) is a packet of data that a computer receives and sends back without changing. Once you visit any website, it sends cookies to your computer and the data gets saved in a file located inside the web browser. Cookies include information that help any website keep track of the visits and users activities.
If you visit Cart2Cart official website or perform eCommerce information transfer via our service at your consent we collect the following data:
- Browser language;
- Email and account information;
- Shopping carts pair you perform data migration from and to;
- Online Migration Wizard settings of your stores that help to recover information on your data migration.
Why does Cart2Cart Collect Personal Data?
GDPR introduces relevant terms to provide online users with greater security, transparency, and control of their personal data — a principle we couldn't agree more with. Therefore, Cart2Cart is GDPR-friendly company and has implemented all the necessary changes to the ways customers’ info is collected. You trust us your sensitive data and we take all the necessary measures to guarantee its security and transparency of processing.
Here is why we collect customers personal information described in the previous section:
- To track website traffic and analyze the customers flow to provide the most relevant materials for website audience;
- To perform swift and accurate data migration process;
- To improve customer journey and usability of Cart2Cart website and Online Migration Wizard;
- To send the important info on your migration – the results of data migration, price estimates and other significant migration-related notifications.
How is the Sensitive Data Protected?
Cart2Cart uses innovative methods, the latest hardware appliances and sophisticated perimeter security technologies to keep the valuable information safe. Note, since 2009 the company has vast experience in treating information that comprises trade secret. Some of the major Cart2Cart security measures include:
- Implementation of network firewalls to prevent unauthorized access;
- DDoS preventions against large-scale DDoS attacks;
- Network posture assessment that set the rules for protected authorisation;
- Regular backups of all the information that is processed;
- System performance duplication that excludes the system errors and data migration interruptions.
Key Aspects on Personal Data Extraction
Cart2Cart customers can submit a request on personal data extraction any time and being on any step of migration data process (either after registering an account, performing Demo or Full transfer). At your consent, the personal information can be completely or partially deleted from the company’s database. Send an email to firstname.lastname@example.org and Cart2Cart Data Protection Officer will process your request and send you the report on the actions undertaken.
Note, that the process of data extraction is irreversible. Thus, after the request has been fulfilled we won’t be able to restore your account and Demo or Full data migration results.
Submit a Request on Personal Data Collected any Time
Cart2Cart customers have the right to submit any request on the personal information they submitted while interacting with the online automated migration service. Drop us a line and we’ll send you the report on your personal data that you’ve provided. Contact Data Protection Officer at email@example.com and get all the necessary information.
Cart2Cart Support Managers will be happy to provide you with any assistance regarding your personal details or give you comprehensive answers on the way your data are treated by our system.
Support Managers are available 24/7, contact us via firstname.lastname@example.org and get immediate report upon your claim.
Last updated: May 15, 2018