Notes about GDPR
Also known as "Persondataforordning" in Denmark, "Dataskyddsförordningen" in Sweden and "Personvernforordningen" in Norway.
As a part of the helloretail solution, helloretail is handling information on your behalf – but only the data you share with us.
In the context of GDPR helloretail will act as a data processor, and you as our customer (the webshop) will act as the data controller (responsible). In this regard, it's important for us as a subcontractor to you, to be GDPR compliant.
GDPR will be enforced by the 25th of May 2018.
helloretail will by then, provide all existing and new customer with a specific data processor agreement. This agreement will include details about what information is processed and how information is handled, to be compliant with the GDPR rules.
As a foundation for this, even as of today, information is securely exchanged and stored with helloretail and all data are stored and processed within the EU.
Information collected about the visitor
- Pages visited.
- Products added to cart and included in the order.
- Interactions with the helloretail solution elements.
- Email address, if shared with us.
Specifically on the topic of triggered emails
Triggered emails - are only sent, if you hold the permission to send an email to a specific email address, that is why emails need to be synchronised with your helloretail account.
When leveraging helloretail (wish list) permissions to extend your reach of triggered emails, helloretail is only sending emails where permission exist between the consumer and helloretail (the wish list, these emails are also sent in helloretail branding).
If you are using triggered emails, in a country - where holding permission, for sending marketing related email, are not required, you can choose to opt. out of the permission check, however, this is NOT the case in, e.g. Denmark. You as a company, hold the responsibility, to ensure you comply with the local law when setting up features in helloretail.