VTEX is already applying GDPR guidelines

Breno Barreto

Breno Barreto

Last updated

With a growing presence in the European market, we needed to update our Terms of Service and Privacy Policy. That way, we are now compliant with the GDPR (General Data Protection Regulation), a set of rules that aims to protect the privacy and data of website and digital products' users.

GDPR's main goal is to ensure transparency in the way companies use and store personal data. It also gives users more control over the information they provide. Take a look at how we commit to GDPR's principles:

  • Lawfullness, Fairness and Transparency: VTEX will always abide to the law and the fair use of the private data collected to provided the service offered, and in an allways transparent maner.
  • Purpose Limitation: the information related to the Data Subject will always be used only for the purpose it is collected.
  • Data Minimisation: VTEX has, by a company principle, since the launching of the SmartCheckout, in 2014, always collected only the minimum amount of data necessary to process the orders received, and the GDPR corroborates the correctness of this practice.
  • Accuracy: the data collected and processed by VTEX is necessarily accurate and current, as it is the intention of the Data Subject to have their orders fulfilled as it is of the Controller to fulfill them; VTEX will always provide the means for both parts to have this intention satisfied.
  • Storage Limitation: as well as for Data Minimisation, also VTEX only stores the information related to the Data Subject while it is necessary for the processing proposed by the service provided.
  • Integrity and Confidentiality: VTEX will always do whatever is within our reach, based on standards and best practices, to take appropriate measures to ensure segurity of the personal data.

Know more about all things related to our commitment with the GDPR here.