Data protection guideline – provision of the required order data

When using the Trustbadge within the order process on your website, you – as the data controller under joint controllership– are required to:

  • keep the information in your records of processing activities up-to-date;
  • ensure the balancing of interests in accordance with Article 6 (1) (f) GDPR; and
  • update your Privacy Policy.

Information concerning records of processing activities

The following information should be included in the records of processing activities:

Provision of order data required for the use of the Trusted Shops services

This procedure describes how personal data are processed in the context of providing the order data necessary for the use of the Trusted Shops services.

Detailed description of the processing:

In order to display the Trusted Shops services (e.g. Trustbadge, collected reviews) as well as to offer the Trusted Shops products to customers after they have placed a purchase order, the Trusted Shops Trustbadge is integrated on the controller’s website under a joint controllership with Trusted Shops AG.

For customers who use the Trusted Shops services and who have established or are about to establish a contractual relationship with Trusted Shops AG, the order data required for the provision of the contractual services are provided and collected through the Trustbadge.

Legal grounds

Overriding legitimate interests pursuant to Article 6 (1) (f) GDPR

Processing purposes

  • Product offers and website optimization
  • Optimal marketing of the controller’s products by providing a safe purchasing experience thanks to the Trusted Shops Buyer Protection and guarantee and to authentic customer reviews
  • Abuse and fraud prevention: only real transactions can be reviewed / insured

Data subjects

Website visitors

Processed data

  • Order date
  • Order number
  • Customer number
  • Amount
  • Currency
  • First name / Surname
  • Delivery date
  • E-mail address
  • Payment type
  • Product details (only for product reviews)


Trusted Shops AG, Subbelrather Str. 15c, 50823 Köln

Storage period

After the contract is completed or a customer account deleted, any further processing of the data is restricted. After expiry of the statutory retention periods, the data are erased, unless the user has expressly consented to the further use of their data or unless we reserve the right to use further data where legally permissible, and insofar as the user has been informed of this fact. The customer account can be deleted at any time.

Technical and organisational measures

Encrypted transfer via TLS and other technical and organisational measures taken by Trusted Shops AG based on a separate agreement.

Balancing of interests

Interests of the controller


Controller's own interests: The controller’s interest lies in the optimal marketing of their products while ensuring the safety of purchases through automatic protection in the form of the Trusted Shops Buyer Protection guarantee, and through authentic customer reviews.


Interests of third parties: Trusted Shops AG also has an interest in the fulfilment of its contracts with registered buyers.


Those interests are also recognized by third parties, e.g. other companies. This indicates that said interests are legitimate.


The controller’s right to exercise a trade or profession is affected as its fundamental right. This indicates that said interests are legitimate.


These interests are recognized in other legal regulations as well, e.g. Act Against Unfair Competition [UWG], German Trademark Act [MarkenG]. This indicates that the said interests are legitimate.


There is no less severe measure which can guarantee faultless security of the respective purchase, and the submission and verification of an "authentic" customer review than connecting the customer's information to the respective transaction, and automatically providing the relevant transaction data.


Interim result:
The controller has a legitimate interest in the processing.

Interests / Fundamental rights / Fundamental freedoms of data subjects


No other fundamental rights besides the right to the protection of the processed personal data of the data subject are affected.


The person can directly be identified based on the data alone, there is no pseudonymisation.


Several types of data of the data subject are processed. However, the data are processed only to the extent contractually agreed between Trusted Shops and the data subject, and only as far as this is necessary for the provision of contractual services.


The data are not public. However, the data are collected from the data subject directly, and they are clearly informed of this. The data are not published.


The data are of high quality; the error rate is low thanks to automatic transfer.


The data are processed by several companies: by the shop for the purpose of optimal marketing of its products (see above), and by Trusted Shops for the purpose of fulfilling registered buyers' contracts.


Only buyers registered with Trusted Shops who shop in a certified online shop, and only customers who decide to use the Trusted Shops services for the first time through the Trustbadge are affected.


Website visitors know of the data processing, since they are clearly informed of it in the Privacy Policy, and because data subjects affected by such processing expect Trusted Shops to provide the contractual services.



No less severe measure exists, because there is no legal obligation to obtain consent. Obtaining consent would lead to disadvantages for the person submitting the review and for the data controller since additional personal data would be collected and stored as a result, and the data controller would have to document this.


Interest of the reviewer: Generating a unique review link ensures that each order is reviewed only once, and reflects an authentic buying experience. 


Interest of the general public: The procedure ensures that only the generated link can be used for the review and that it is therefore an authentic review. 

Balancing of interests in the narrow sense

All data subjects have concluded a contract with the data controller or are about to conclude one in the context of the data processing. Thus, the processing also serves the interests of the data subject and should be expected by them. The data subject receives clear information on the data processing when concluding the contract and also in the Privacy Policy.

The automatic collection of data is neither contrary to expectations nor excessively burdensome for the data subject since they expect the contractual services to be provided by the data controller and are interested in the appropriate protection of their purchases, as well as in being able to rely on real customer reviews. This, however, can only be ensured by automatically connecting data information with transactions the authenticity of which can be verified. There is also no legal obligation to obtain consent, so no less severe measure exists. 

The interests, fundamental rights, and freedoms of the data subject are not excessively affected by the data processing. Thanks to transparent information, data subjects are aware of the processing taking place. What is more, it is even expected as part of handling their contracts. The automatic processing of the data is also justified by the overriding legitimate interests of the data controller.

Privacy Policy Template

Privacy Policy Template


We have developed this guideline with utmost care but cannot guarantee that it is complete and / or correct. It is intended as a checklist with text templates and as a suggestion on how the aforementioned issues should be processed.

For detailed questions in individual cases, always seek professional legal advice.

Was this article helpful?

0 out of 0 found this helpful