Is your ecommerce platform committed to GDPR compliance?

FastSpring is compliant with the EU General Data Protection Regulation.

The GDPR + Your Business

In May 2018, the EU General Data Protection Regulation (GDPR) went into effect. The GDPR is a European regulation that establishes a new framework for handling and protecting the personal data of EU-based residents. It applies to all companies processing and holding the personal data of data subjects residing in the European Union, regardless of the company’s location.

What does the GDPR do?

This regulation enhances the data privacy protections for European Union citizens and is a mandatory requirement for any company with access to personal data of EU citizens. If your company is conducting business with EU residents, your ecommerce platform must be GDPR compliant.

What are the goals of the GDPR?

One of the aims of the GDPR is to harmonize and bring data privacy laws across Europe up to speed with the rapid technological change of the past two decades. It builds upon the current legal framework in the European Union, including the EU Data Protection Directive in existence since 1995.

Who does the GDPR affect?

GDPR compliance is different for every company and depends on, among other factors, company size, the types and amount of data it processes, and its current security and privacy measures. The GDPR will apply not only to organizations located within the EU, but also to organizations located outside of the EU if they offer goods or services to, or monitor the behavior of, EU data subjects.


The GDPR + Your Personal Data

What Constitutes Personal Data?

Any information related to a natural person or ‘Data Subject’, that can be used to directly or indirectly identify the person. It can be anything from a name, a photo, an email address, or bank details to posts on social networking websites, medical information, or a computer IP address.
Automated Back Office Management

Protecting Your Personal Data

Personal data plays a huge part in society and the economy. It is essential that people have—and know they have—control and clarity over how their data is used, are protected by any organization they interact with, and that organizations are given clear guidelines to protect all personal data. Note that FastSpring is a Data Controller. A data controller is the entity which determines the purposes and means of the processing of personal data (where as a data processor is the entity which processes personal data on behalf of the controller).
GDPR Compliance

FastSpring Compliance with the GDPR

FastSpring is compliant with the EU General Protection Regulation. Our ecommerce platform is capable of conducting business with all EU-based customers online store. FastSpring complies with the EU-US Privacy Shield Framework as set forth by the US Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries.

Learn more about the how FastSpring can help you and your business with GDPR compliance.

GDPR lock: Data privacy reshape digital economy

How Data Privacy is Reshaping the Digital Economy

The way consumers think about their personal data is changing and evolving. Businesses are being held accountable for keeping up with the emerging trends and regulation.

Read the blog post >

(GDPR) General Data Protection Regulation Compliant Checklist

Are You Ready to be GDPR Compliant?

There has been a 42% increase in the number of internet users worldwide. Our in-house Data Protection Officer, Matt Loos, reviews the General Data Protection Regulation.

Read the blog post >


Learn More About GDPR Compliance

Although FastSpring is compliant with GDPR requirements, your company may have separate obligations under the GDPR, and FastSpring cannot provide legal advice on this or other subjects.

Read the docs >

What do you need to do?

Any business that collects or receives customer data from contacts in the EU is responsible for GDPR compliance and customer data protection. We strongly encourage you to familiarize yourself with the new regulation and prepare for implementation. Information is available at, and