How to comply with GDPR

In this article:

What is GDPR?

How does GDPR relate to my business?

Tools for compliance

Email marketing

Other tools

Unsubscribing customers

Deleting customer data

What data does Sellfy collect?

How long will Sellfy keep personal data?

What is GDPR?

GDPR stands for General Data Protection Regulation and relates to the lawful right of individual (EU) citizens to protect their personal data and privacy. The regulation was enforced by the European Union on May 25, 2018, stipulating new global data protection rights for citizens of the European Union (EU) and the European Economic Area (EEA).

The regulation includes provisions and requirements addressing the export and processing of personal data of individuals. The primary focus of the GDPR is to allow individuals authority over their personal information, as well as streamline the regulatory environment for global business.

How does GDPR relate to my business?

The GDPR relates to you on an individual (personal) and business level. 

GDPR for individuals

If you're an EU citizen, your privacy and personal data associated with your store/business information are lawfully protected under this regulation. 

GDPR for businesses

Regardless of your citizenship, as a store owner, you have an obligation to comply with the GDPR as it pertains to the data protection and privacy of your (EU) customers. You, as a seller, are responsible for treating your customers' data in accordance with GDPR.

Important! As a store owner, you are responsible for treating your customers' data in accordance with GDPR. We urge you to comply with these guidelines in all business actions and processes that involve your customers' personal data. 

If you are a seller using Sellfy, we recommend applying the tools available in your Sellfy account to abide by GDPR guidelines.

Tools for compliance

Sellfy is GDPR-compliant, supporting both the privacy rights of users as well as their customers. There are several services we offer to ensure our and our users' compliance with GDPR.

Email Marketing

When using the built-in Sellfy Email Marketing feature, we'll help by only allowing you to contact the customers that have given permission to be contacted. You'll be able to contact newsletter subscribers and customers that have given their consent. You can also export email addresses to use with other email services and manage your customers' data.

Newsletter subscription opt-in checkbox

You can offer a newsletter subscription option to your customers during checkout. This allows buyers the option to opt-in or give their consent to receive email communications from you. This helps you legally ensure that you have their permission to contact them. This is essential for complying with GDPR.

To enable this:

  1. Navigate to Store Settings > Customize store  
  2. Select the Checkout page > click on the Checkout module 
  3. Scroll down to checkout features > turn the toggle next to Enable newsletter subscription
  4. To opt-in customers by default, turn the toggle next to Opt-in newsletter by default (optional)

Exporting data for 3rd party email services

When exporting data (in particular email addresses) via the Order export to use with other email services, please ensure you check the Opt-in column in the report. If customers did not check the opt-in box, their personal email address should not be used for marketing purposes. 

You can find out which of your buyers have agreed to receive emails by viewing the "Consent to receive" column (I) of your Order export.

Other personal data available in the Order export:
  • Customer's email
  • Payment processor customer used for checkout
  • Customer's location
  • Customer's IP address
As a seller, it is important to treat this data in accordance with GDPR.

Other tools

Sellfy is GDRP-compliant supporting the privacy rights of users as well as their customers. There are several services we offer to ensure our and our users' compliance with GDPR.

Account deletion

Important! information related to paid invoices and order payments as well as data pertaining to it will remain in our records after account deletion due to legal regulations about payment information.

If a store owner decides to terminate their subscription and leave the platform, we are committed to deleting all personal account information and its contents.

Sellfy pages

Sellers manage their own Terms & Privacy, About, and Contact store pages to provide all necessary information for customers.

Unsubscribing customers

All customers are offered links to "unsubscribe" at the bottom of each email. But, if a customer reaches out with a request, sellers are also able to unsubscribe customers manually from Email Marketing.
To do this:
  1.  Go to Customers
  2. Select the customer
  3. Select Unsubscribe from all lists
  4. Confirm

Deleting customer data

Under GDPR, your customers located in the EU have the right to request that all data you have stored about them be removed or deleted. If your customer requests that to be done, you can do this in your Customers section. Deletion of data is permanent and it can not be restored.

  1.  Go to Customers
  2. Select the customer
  3. Select Clear data
  4. Confirm

What data does Sellfy collect?

Sellfy collects personal data of individuals that sign up for a Sellfy account and/or browse Sellfy-owned sites.


Upon registration, we collect:

  • Your username
  • Your password 
  • The e-mail address you sign up with

User content

Data we collect once you upload content:
  • Texts, photos, vectors, and product files in any format that you upload to your account

Payment details

If you decide to subscribe to a paid plan on, we collect the following payment information:

  • Credit card number 
  • Credit card expiration date
  • CVV number 
  • The billing address and postal code
  • PayPal account email (if applicable)
You may also provide your company name, company registration number, full billing address, and phone number. This information is used to verify credit card authenticity and process payments. 

Google Analytics

Sellfy uses Google Analytics to track user data related to traffic sources, visitor behavior flow, and audience overview. A user ID may be used to track specific behavior. However, this information cannot be connected to other data we are collecting about users.

Server logs and Cookies

When accessing our services online, web servers automatically create records of the individual who is visiting our site. These records typically include IP address, access times, the sites linked from, pages visited, the links and features used, the content viewed or requested, browser or application type, and other information of similar nature. 

How long will Sellfy keep personal data? 

Sellfy retains data about users for the period necessary to fulfill the purposes for which the information was collected. After that, all information will be deleted. 

If we are obliged by legal requirements to store information for tax purposes, or data for pre-trial investigation, Sellfy will keep the data for that purpose only. In any case, the retention period will not exceed 10 years after which the data will be deleted in such a way that it cannot be restored.

You can find more information about this in the Sellfy Privacy Policy.

Did this answer your question? Thanks for the feedback There was a problem submitting your feedback. Please try again later.

Still need help? Contact Us Contact Us