Please note that we have changed the menu structure.To simplify navigation, your elopage account is now structured slightly differently. But the functions remain the same. We will adjust the help section and renew the screenshots. If you have any questions, our support will be happy to help.
Achtung, neue Menüstruktur! Um die Navigation zu vereinfachen, ist dein elopage-Account jetzt etwas anders strukturiert. Die Funktionen bleiben aber die gleichen. Wir werden den Hilfebereich anpassen und die Screenshots erneuern. Bei Fragen hilft unser Support gerne weiter.
This is a machine-translated article. We’re constantly working on improving translation quality for an optimized help center experience. We apologize for any inconvenience.

FAQ about GDPR

  • Updated

Is elopage GDPR compliant?

Yes, elopage is GDPR compliant.

We only use GDPR-compliant companies as processors (subcontractors). A data processing agreement has been concluded with all subcontractors. 

New features / updates under the GDPR

For you as a seller there are the following new features:

  • On your checkout page, you can include an opt-in checkbox that enables customers to agree to receiving your newsletter directly when making a purchase. Here, you can also provide, as required by the GDPR, the text that informs customers what happens to their data if they agree. In the text here, you should also provide a link to your privacy policy.

  • The data processing agreement can be concluded easily, directly online in the account.
  • If you sell in the seller model, upload your own privacy policy or create one using our privacy policy app. The privacy policy then appears in the footer of your elopage pages.

  • Sample text for the privacy policy on your website: After concluding the data processing agreement, you will receive a text from us, explaining how you can include elopage in your privacy policy.

  • When you visit your elopage pages, your customers will now see a cookie banner by default. You can switch this off or choose the variant in which the cookies can be displayed, selected and deselected (opt-in/opt-out).

What are the differences for sellers in the reseller model compared with those in the seller model?

In the reseller model, you are also the controller according to the GDPR. You conclude a data processing agreement with this model. elopage also processes the data on your behalf. 

When a purchase is made, the data is transferred to the reseller (for payment processing) and to elopage (platform).

  • You do not need your own privacy policy, since - as with the terms and conditions - we display the reseller's privacy policy here because the customer concludes the agreement with the reseller.

  • Once the data processing agreement has been concluded, you will be provided with a sample text for your website / landing page.  
  • You conclude a data processing agreement with elopage as well as one with the reseller. 

Why do I as a seller with elopage have to upload a privacy policy?

If you sell in the seller model with elopage, it is your shop. You decide which tools, integrations and apps you use in the background and what you do with the collected data. Although we process the payment and digital delivery, we do not work with the data beyond that. The shop and the handling of the data are therefore the responsibility of the seller.

You now have two options for compiling a privacy policy for your elopage:

  • Upload your own privacy policy.
  • Use our GDPR-compliant data security generator.

If you would like to upload your own privacy policy, you can do so directly in your elopage administration. Remember that you have to specify all tools and integrations used. For the standard processes via elopage you can incorporate our sample text, which you have also used on your own website.

What if I have an affiliate program?

Your publishers have access to the transfers for which they receive commission. This means that data processing / transfer takes place here. Therefore, you should conclude a confidentiality agreement with your publishers.

We are currently considering how we can offer a sample for this and include it directly in the registration process.

Does elopage offer a data processing agreement?

Yes, we offer customers who are registered as sellers on a comprehensive data processing agreement according to Art. 28 GDPR. This agreement regulates the relationships between the seller as the "controller" and elopage as the "processor".

This makes it easier for our customers to meet their obligations under the GDPR.

The agreement was drawn up together with our law firm, Keese-Haufs.

Why doesn't the data processing agreement have to be signed?

According to the current formal requirements, electronic conclusion without a qualified electronic signature is sufficient.

Only the person responsible for the company / the seller has access to the account and the agreement can only be concluded from the account. For this reason, upon conclusion, we automatically use the data provided in the legal notice (company name and name of the person responsible) below as the agreement signatory.

Which subcontractors does elopage use?

All subcontractors are listed in Appendix 4 of the "Data processing" agreement.

Which data categories are collected?

The data categories are listed in Appendix 2, paragraph 1 of the data processing agreement.

Which technical and organizational measures does elopage use?

The technical and organizational measures are listed in Appendix 3 of the data processing agreement.

Which services are included in the data processing?

The services are listed in the appendix to the data processing agreement. The service overview includes the apps booked in the seller account.
As soon as an app is booked or canceled or made available by default via an update in the plan, this appendix is automatically updated.

Who can I contact if I have questions? 

Sellers who use elopage and have questions about how elopage implements the GDPR are welcome to contact us at

  • Customers who have bought a product from a seller who uses the platform and would like to exercise their rights as a data subject or
  • partners of a seller who uses the platform (e.g. publishers, authors, joint venture partners).

please contact the seller's support team because the seller is the controller according to the GDPR.

Exercising the rights of data subjects

Chapter 3 of the GDPR regulates various rights of real people as data subjects for whose implementation the "controller" (in this case the seller who sells their product via is responsible.

This includes, for example, the right of access, the right to erasure of personal data, the right to restriction of processing, the right to data portability, etc.


  • Who have purchased a product or
  • are your partners (e.g. publishers, authors, joint venture partners)

therefore contact you directly to exercise their rights. You then commission us, as one of your subcontractors, to carry out the implementation. 

If a data subject asserts their rights, for example, their right to access, rectification or erasure with regard to their data, by contacting us directly, we will not respond independently, but rather we will refer the data subject to you and wait for your instructions.



Was this article helpful?