Also known as "Persondataforordning" in Denmark, "Dataskyddsförordningen" in Sweden and "Personvernforordningen" in Norway.
As a part of the addwish business solution, addwish business is handling information on your behalf – but only the data you share with us.
In the context of GDPR addwish business will act as a data processor, and you as our customer (the webshop) will act as the data controller (responsible). In this regard, it's important for us as a subcontractor to you, to be GDPR compliant.
GDPR will be enforced by the 25th of May 2018.
addwish business will by then, provide all existing and new customer with a specific data processor agreement. This agreement will include details about what information is processed and how information is handled, to be compliant with the GDPR rules.
As a foundation for this, even as of today, information is securely exchanged and stored with addwish business and all data are stored and processed within the EU.
Information collected about the visitor
- Pages visited.
- Products added to cart and included in the order.
- Interactions with the addwish business solution elements.
- Email address, if shared with us.
Specifically on the topic of triggered emails
Triggered emails - are only sent, if you hold the permission to send an email to a specific email address, that is why emails need to be synchronised with your addwish business account.
When leveraging addwish (wish list) permissions to extend your reach of triggered emails, addwish business is only sending emails where permission exist between the consumer and addwish (the wish list, these emails are also sent in addwish branding).
If you are using triggered emails, in a country - where holding permission, for sending marketing related email, are not required, you can choose to opt. out of the permission check, however, this is NOT the case in, e.g. Denmark. You as a company, hold the responsibility, to ensure you comply with the local law when setting up features in addwish business.