We at Cart2Cart prioritize data security and have a set of practices, technologies and policies in place to ensure the highest level of security for your data, which this document outlines.

Data Security Levels

Physical Security

Network Security

Application Security Layer

The migrations are carried out on Hetzner servers located in Germany. Hetzner Online has taken measures to protect their data centers and facilities, including:

  • 24/7 surveillance to monitor access

  • fire and natural disaster protection

  • only authorised staff can access control terminals via a transponder key

  • diesel power generators ensure autonomous mode of operation

Cart2Cart security team takes steps to protect your data against the most elaborate electronic attacks. The following measures are taken:

  • network firewalls

  • DDoS preventions (we use the latest hardware appliances and sophisticated security technologies, which ensure top level protection against large-scale DDoS attacks.)

  • network posture assessment

  • The exchanged data is protected by HTTPS secure protocol and 128-bit SSL encryption

  • All requests are validated

  • Role-based authorization is in place

Security Audits

All systems are scanned regularly to prevent any vulnerabilities. The software is being updated on an ongoing basis, so all connections to the previous version are limited, logged and checked. We guarantee 100% security of your shopping cart data before, during, and after migration.

Our security measures are directed at protecting against unauthorized access to or unauthorized alteration, disclosure or destruction of data. These include internal reviews of our data collection, storage and processing practices and security measures, as well as physical security measures to guard against unauthorized access to systems where we store personal data.

Data Access Security

Only authorized Cart2Cart tech engineers can access the source code, handle custom migration requests and work on support cases on demand of the support staff. Each of them has their own credentials and can reach certain areas of software only from specific IPs.

GDPR Compliance

Cart2Cart is compliant with GDPR regulations, more info on this you can find on our GDPR Compliance page.

PCI DSS Compliance

Cart2Cart is using 2Checkout and PayPro - certified PCI Level 1 Service Providers, the highest level of certification available in the payments industry. For more details, check fraud protection policy of 2Checkout and a compliance page of PayPro.

Note. None of your payment data is stored or processed by Cart2Cart.