Data protection according to EU-GDPR

At parcelLab we protect your data like it’s our own

Implementation of GDPR at parcelLab

The protection of your customer data is very important to us. We would therefore like to be open and transparent about our data protection policy.

Data Protection Officer

Our DP officer is Marco Abels (dataprotection@parcellab.com). All employees are clearly trained in data protection Art. 32 Para. 4 GDPR.

Data encryption

The transmission and storage of personal data is encrypted so that the confidentiality and integrity of the data is protected.

Server in Germany

The contractual agreement with the cloud infrastructure stipulates that the data itself will not be transferred to other server locations or regions.

Security & Privacy Features

Everyone at parcelLab is committed to protecting our customers.
The promises below have been part of our goals from day one.

Physical Security

Our services are hosted on AWS who provides robust, physical data center security and environmental controls.

Encryption

Important and sensitive data encryption both at rest and in transit over public networks.

Data Usage

We never use or access your data for advertising purposes.

Data Security

Two levels of security ensure that all your data is 100% secure. We host your data in a encrypted and password-protected database.

Integrated Services

We use OAuth2 to securely authorize other SaaS services and do not store username or password for those services.

Privacy & Safety Features

Adjust the privacy settings of our features and tools to easily meet all your needs.

Data Privacy

We only use your customers data to provide our service; we don’t look into your account without your permission.

Data Recovery

Your data regularly gets backed up to provide a 24-hour RTO and RPO.

Data Ownership

Your data belongs to you. 100%. All personal data is automatically deleted after 90 days. Never will we delete the data in your account without your knowledge.

Status Transparency

parcelLab continuously monitors our uptime and makes our system status publicly available.

Further documents for download

Upon request, parcelLab provides documents on data protection which are agreed with retailers within the GDPR compliance framework.

Data privacy

The processing of personal data by parcelLab as a website operator can be downloaded as a pdf file.

DPA

The DPA describes the data protection obligations of the parties within the framework of their relationship as data providers and contract processors.

TOMs

parcelLab undertakes to implement technical and organisational measures in accordance with Art. 28 Para. 3 S. 2 lit. c, 32 GDPR.

General questions about parcelLab data protection

  Does parcelLab have a data protection officer?

We have appointed an external data expert for data protection issues. Marco Abels is a certified data protection officer and works for many other well-known companies alongside parcelLab. If you have any questions regarding data protection at parcelLab, please contact us at dataprotection@parcellab.com or +49 151 289 30582.

  Is it possible to sign a DPA with parcelLab?

Yes, we sign a DPA with all our customers according to Art. 28 EU-GDPR, which regulates the processing of all data by the parcelLab software. For this purpose we have developed a template with our data protection officer for DE & EN, which we will send to you in electronic form before the signing of the contract.

  Is parcelLab EU-GDPR compliant?

Yes, parcelLab is EU-GDPR compliant. We meet all requirements of the EU data protection basic regulation, which concern the organisation itself as well as our software provided for dealers. This includes the right to complete deletion, the right to information or the right to data transfer (chapter 3 EU-GDPR) of customer data, which merchants can request from parcelLab.

  How does parcelLab ensure that employees are entrusted with the legal requirements?

parcelLab hires qualified professionals to conduct special annual data protection training sessions with its employees. It is particularly important to us that all employees know the requirements of GDPR. Data protection and the trusted handling of personal data, as well as sensitive customer data, is not a task for our employees, but rather a matter of course. In addition to this extra measures such as user authorisations were implemented.

  What happens in the event of a data breakdown?

If, contrary to expectations, a data glitch should occur in which the personal data of our customers is affected, parcelLab will inform you immediately in accordance with the legal and contractual obligations. In order to prevent data protection breakdowns in the first place, parcelLab carries out penetration tests of the IT infrastructure as well as audits of the technical and organisational measures at regular intervals. The findings are documented and processes optimised as required.

  How does parcelLab protect personal data?

All data is backed up during transmission. The processing of personal data is encrypted so that the confidentiality and integrity of the data is protected at all times.

  Is our data encrypted?

Yes. Your customers personal data is encrypted at all time and is 100% secure. We host your sensitive data in a encrypted and password-protected database.

  Who owns the data we store in your service? Will you use our data to build advertising products?

As a parcelLab customer you own and control your data. We do not use your data for anything else than the service you booked with us.