Data Controller – Any private or public body that collects user data. This includes anyone who collects and processes orders or collects marketing data through cookies, analytics, marketing automation, etc., which erase and secure customer data. The customer may use this control as an aid to Nosto by appropriate technical and organizational measures to fulfill the obligation for the customer as a controller under the regulation to respond to requests to exercise the rights of the data subject. Detailed information on data protection related to the use of Google Maps is available on the Google website (“Google Privacy Statement”) at the following address: policies.google.com/privacy?hl=en. to inform you immediately if you become aware of any accidental, unauthorized or unlawful processing, disclosure or access to personal data and you confirm them; 1.1.3. Examination. The audit recording of the Nosto infrastructure is carried out at several levels, including the activities carried out by Nosto employees, customers or system components. Monitoring configuration change tests that occur during monitoring function operations are recorded. These protocols are transmitted to a remote, centralized logging system where they can be monitored. Logs are stored in a dedicated DB cluster that is replicated for redundancy and availability reasons.

Configuration changes to AWS resources are tracked. These protocols contain detailed information about API calls to AWS resources. 2.5. Instructions for data processing. Nosto (and its subcontractors) only process customer data in accordance with the customer`s documented instructions, including with regard to the transfer of personal data to a third country, unless this is necessary by Union law or by the law of the Member States to which the processor is subject, in which case Nosto will inform the customer of this legal requirement before processing. unless this law prohibits such information for important reasons of public interest. The parties agree that this DPA is the complete and final instruction of the customer to Nosto with regard to the processing of customer data. Processing outside the scope of this DPA (if any) requires prior written agreement between Nosto and the customer regarding additional instructions for processing, including agreement on the additional fees that the customer will have to pay Nosto to carry out these instructions. The customer may terminate this DPA, including the service agreement, in accordance with the terms of use if Nosto refuses to follow the instructions requested by the customer, which are outside the scope of this DPA. Although the merchant may also be a separate controller of the buyer`s personal data in such cases, Shopify processes the personal data of these buyers as the controller, as shown in the graph below: Through a “Do Not Track Headers”, Hotjar gives each user the opportunity to prevent the use of the Hotjar tool.

in such a way that no data is collected about the visit to the website concerned. This is a setting that supports all common browsers in updated versions. For this purpose, your browser sends a request to Hotjar to request the deactivation of tracking of the user concerned. If you visit our website with different browsers/computers, you must use the “Do Not Track Header” separately for each browser/computer. . . .