GDPR Compliance
Zoey has always been dedicated to maintaining the best security for our merchants and their customers. GDPR is a new regulation that will evolve as its implementation is rolled out. Zoey is actively reviewing the general market trends to better understand how we can evolve our practices to meet GDPR regulations.
What you should know
GDPR distinguishes between a data controller (who collects and owns the data) and a data processor (who handles the data on behalf of the Controller). As a merchant with Zoey, you are usually the processor and controller (unless you happen to be sub-contracted processor for another company).
When classified as the data controller, Zoey merchants must meet certain obligations, such as notifying or obtaining data subject consent.
How Zoey can help
As a potential data processor, Zoey internally conforms to the following standards:
- Keep your data safe, secure, and private
- Disclose our sub-processors and monitor their GDPR compliance
- Keep records of compliance and audit logs as required
- Make available tools to handle data subject requests, such as right-to-erasure and right-to-access
- Notify you of a security breach using your account notification contact
Zoey GDPR App
You can install the GDPR App into your Zoey Store to give you better control over GDPR requirements. You can learn more at https://www.zoey.com/apps/gdpr-management
Zoey Cookie Law Banner Integration
Zoey does not provide any out of the box tools for this but you can use third party sites like:
- https://cookieinfoscript.com/ - free version
- https://cookie-script.com/ - paid version (https://support.zoey.com/v1.0/docs/using-cookie-scriptcom)
Zoey Functional Cookies
Zoey uses the following functional cookies, but not limited to, in order to render your store:
- frontend (users session ID)
- epc-ic (caching)
- epc-initiated (caching)
- epc-no-primary-cache (caching)
- store (customer language choice)
- currency (if a customer chooses a different currency)
- persistent_shopping_cart (remembers the cart)
- customer_group (language/currency/theme routing)
- _GPSLSC (Google Chrome Local Cache Storage)
Sub-Processors
Zoey utilizes the following Sub-Processors when providing our service:
- Amazon Web Services - https://aws.amazon.com/compliance/gdpr-center/
- Chargify - https://www.chargify.com
Integration Partners
You also have the option to enable additional Zoey integrations (either built-in or through our APIs). We do NOT directly evaluate or attest to the GDPR qualifications of integration partners. Each merchant is responsible for evaluating any third-party before creating or enabling an integration. These include, but are not limited to:
- Glew.io
- QuickBooks Online
- Salesforce
- Mailchimp
- ERP / CRM Systems
Updated about 1 year ago