GDPR is here!

May 25, 2018

GDPR is here!

Magento is really excited to share some important steps we’ve taken as a company in our ongoing commitment to being clear and transparent with how we handle and protect data. To that end, we’ve launched the following:

  1. An updated Privacy Policy to provide users of the Magento websites with more information on:

  • The types of information we collect and how (and for what purposes)

  • How long we may hold such information, in addition to with whom we may share it and for what specific purposes

  • Cookies and how to manage cookies

  • How to reach Magento in the event of an individual data rights request and information needed to include in that request

  1. We’ve worked with the U.S. Department of Commerce to obtain our Privacy Shield certification, which is the European Commission-approved mechanism for the transfer of personal data from the European Union and Switzerland to the United States. This certification affirms Magento’s commitment to the privacy principles of the Privacy Shield framework. We encourage you to review our Privacy Shield Privacy Policy.    

  2. You may also take a look at our data processing agreement, which amends all existing commercial agreements with our merchants and sets forth our obligations around the handling of EU individual personal data.

  3. Last, but certainly not least, we’ve also made our subprocessor list available online. Take a look. It details out certain service providers that we use to assist us in the provision of services to our customers.

You can locate all of this information at  

Click here for more guidance on GDPR