ShipStation has undergone a thorough review of our policies and procedures to ensure our own compliance and give you the peace of mind you need from your shipping software. Below we've compiled some details about how we're compliant with GDPR and why it's important.
NOTE: This article is for informational purposes only and is not meant to serve as legal advice. For your particular situation, we recommend that you reach out to your legal advisor.
What is the GDPR?
The General Data Protection Regulation (commonly referred to as GDPR) is a comprehensive data protection law that replaces existing European privacy laws. Its purpose is to strengthen the protection of personal data, something we care about here at ShipStation. The GDPR is enforceable in each European Union (EU) member state and gives individuals more control over their personal data.
When did it go into effect?
The GDPR took effect May 25th, 2018. We have updated our processes, systems, and policies to make sure we and our customers are compliant.
Does it apply to me?
The GDPR applies to organizations processing the personal data of EU individuals. So even if you aren't a company based in the EU, the GDPR matters if you are selling to customers in the EU.
What is personal data?
Personal data is any information related to a natural person (individual) that can be used to directly or indirectly identify the person. It can be anything from a name or photo to an email address.
What is ShipStation doing?
ShipStation has obtained certification within the EU-US Privacy Shield Framework, a precursor to GDPR compliance that covers the lawful transfer of data outside the EU. This certification means ShipStation has been compliant with many aspects of the GDPR from before the date it went into effect (May 25th, 2018).
If you have any additional questions, reach out to our support team at firstname.lastname@example.org.