FAQ on Trusted Shops Data Protection

Does Trusted Shops conclude an additional data processing agreement with the online retailer?

Trusted Shops does not provide services as a processor pursuant to Art. 28 DSGVO within the scope of the contract. Rather, there is data processing under joint responsibility. Therefore, a Joint Controllership Agreement (JCA), i.e., an agreement on joint responsibility pursuant to Art. 26 of the GDPR, takes the place of a commissioned processing agreement. The JCA is an integral part of the Trusted Shops General Terms and Conditions and includes detailed provisions on data processing when using the services offered by Trusted Shops.

As part of the Trusted Shops membership agreement, Trusted Shops concludes a data processing agreement with the website owner. The terms and conditions are available here:

Joint Controllership Agreement pursuant to Art. 26 GDPR and the technical and organizational measures 

The processing operations covered by the Agreement are specified in the Agreement.

They include above all

  1. The integration of the Trustbadge on the website.
  2. The transmission of personal data for the conclusion of the Buyer Protection for orders placed.
  3. The sending of review request emails on your behalf in the framework of the Buyer Protection when using the tools Review Collector and Trusted Shops API.
  4. The collection of ratings via the rating platform as well as comments on them.

When are data processed by processors and for how long are they stored?


Trusted Shops


Use of the B2B online system

Solely responsible 


Use of the B2C online system

Solely responsible


Use of the review system

Solely responsible


Content of the Trustbadge / Use of Trusted Shops services

Jointly responsible

Jointly responsible

Display of the Trustbadge in the shop


Solely responsible

Sending review invites

Jointly responsible

Jointly responsible

Review Collector

Jointly responsible

Jointly responsible


Jointly responsible

Jointly responsible

Application programming in­terface (API)

Jointly responsible

Jointly responsible

Trusted Shops legally compliant text generator / generator for records of processing activities

Jointly responsible

Jointly responsible

For more details see the Joint Controllership Agreement pursuant to Art. 26 GDPR

Why is information about recipients of review request emails partially hidden in the Control Center?

In the Control Center, there are two overviews available:

  • the Invite History, which is the overview of the sent review request emails,
  • and the Review Inbox, which is the overview of received reviews.

Review invite emails sent in our capacity of processors (see above) can be viewed together with the related information on the recipients in the Invite History.

However, review invite emails sent out by Trusted Shops as the controller cannot be viewed together with the corresponding information on the recipients, because this would mean a change in the purpose of the processing and would also require transferring personal data to a third party, for which no legal ground exists.

Trusted Shops sends out these review invite emails as a controller as part of fulfilling the end user contract and therefore does not obtain separate consent.

In the Review Inbox, the email address of the customer adding a review can be displayed because this information is necessary for the retailer to check the authenticity of the transaction and of the review. Data subjects are duly informed of this fact before their data are processed.

Do I have to adjust my Privacy Policy if I use the Trustbadge?

When displaying/using the Trustbadge for the ordering process on your website, you, as the data controller under the joint controllership, are required to:

  • keep information in your records of processing activities up-to-date;
  • ensure the balancing of interests in accordance with Article 6 (1) (f) GDPR; and
  • adjust your Privacy Policy.

For these required adjustments, you can use the following tools:

What data of our customers are processed and stored?

The minimum scope of the required data: For displaying the Trustbadge, the IP address of the customer will be processed. However, this is anonymized immediately. For sending review invite emails through Review Collector, the function of sending review invite emails automatically, or API, the minimum scope includes the email address, the order number and the order date. Optionally, other data such as forename, surname and product details (only for product reviews) can be transmitted and processed.

For what purposes are data processed – only for review invite emails?

If Review Collector, Auto-Collect or API are used, Trusted Shops sends out review invite emails on your behalf. The data are not used or stored by Trusted Shops for any other purposes than that. Only by adding a review does the customer who received a review invite email agree to the Trusted Shops terms of use and the further use of their data for the purpose of fulfilling the contract.

Is data disclosed to Trusted Shops AG when a customer clicks on the review link in the merchant's rating request?

If you click on a review link from Trusted Shops, your email address and order number will be transmitted to Trusted Shops in order to pre-fill the review form.

This is necessary for the fulfillment of our and Trusted Shops' overriding legitimate interests in the provision of the transactional review services linked to the specific order in each case and the avoidance of input errors pursuant to Art. 6 para. 1 p. 1 lit. f DSGVO.

If you do not submit the review form afterwards, the transmitted data will be automatically deleted and otherwise used by Trusted Shops exclusively for the processing of the contract on the use of the review system.

The above statements only apply to review links that have been manually created by the store member and via which a store review and not a product review is to be submitted.

Are data disclosed to other parties – if yes: to what third parties? Also to third countries?

Trusted Shops uses hosting and infrastructure service providers. It also makes use of services from Amazon Web Services (AWS). AWS is based in the USA. However, Trusted Shops and AWS agreed on Germany as the server and thus processing location. As a result, Art. 44 et seq. of the GDPR on the transfer of personal data to a third country are not applicable. The ECJ ruling Schrems II therefore has no direct impact on processing.

A transfer to the United States can only occur in the following exceptional case: In order to properly display the Trustbadge, AWS is used as a CDN provider. The processing required for this purpose generally takes place on servers in the European Union, in particular in Germany. However, it may happen that servers in third countries are also used if the website call is made from such a country.

In addition, when the website is called up and the Trustbadge is displayed, a log file is written and stored on servers provided by AWS. In this case, too, the processing takes place within the European Union.

An appropriate level of data protection is also ensured by the conclusion of EU standard contractual clauses.

Is data anonymised?

Personal data are transmitted at all times using state-of-the-art encryption technologies. The IP address processed for displaying the Trustbadge is anonymized immediately.

For how long are customer data stored? Are they erased automatically? (After what time are they erased? What is the data erasure concept?)

Whenever the Trustbadge is used, the web server automatically saves a so-called server log file which contains also your IP address, the date and time of the request, the volume of data transferred and the requesting provider (access data), and documents the request. The IP address is anonymized immediately after collection so that the stored data cannot be assigned to your person. The anonymized data is used in particular for statistical purposes and for error analysis.

The data processed for sending the review invite emails are automatically deleted after the deadline for submitting a review has expired.

If the recipient submits a review, the data received will be further used within the framework of the user agreement.

How can we comply with the customer request to erase their personal data? Do we have to inform Trusted Shops of every customer request so that the data are also erased by Trusted Shops?

According to Article 19 GDPR, each recipient to whom the personal data have been disclosed must be informed of the exercise of the rights of data subjects, this includes Trusted Shops, in any case where an operation relates to customers whose data have been processed by Trusted Shops, too.

Should a reference to the customer’s right to object (Article 21 GDPR) be included?

Displaying the Trustbadge

The member is jointly responsible with Trusted Shops for displaying the trustbadge. The member must inform about the right to object according to article 21 GDPR. The simplest option is to provide a contact address for corresponding objections. In addition, optional reference can be made to tools with the help of which the user of the pages can suppress third-party content of the website himself, e.g. Privacy Badger or Ghostery.

The latter is not mandatory, for prior to the customer's objection taking effect, the data controller must be able to check whether the data processing is necessary for the establishment, exercise or defence of legal claims, or whether compelling legitimate grounds for the processing exist which outweigh the interests, rights and freedoms of the data subject.

As a result, even in cases where processing has already taken place, it will be possible to continue processing based on Article 21(1) sentence 2  GDPR. As you can see from the Privacy Policy Template, the IP address (no other pb date is affected) is anonymised immediately after collection.

Data processing in the context of recognising registered Trusted Shops member buyers

Trusted Shops, as the controller in this case, is responsible for this type of data processing and informs users thereof in its own Privacy Policy a link to which is integrated in the Trustbadge.

However, the data required for customer recognition (pseudonym of the e-mail address, hash value) are automatically collected from the order data via the Trustbadge. As can be seen in the latest version of the Privacy Policy Template, this processing is based on Article 6 (1) sentence 1, (f) GDPR as well.

With regards to the data subjects’ right to object, please confer the previous paragraph which applies analogously.

The data protection officer at Trusted Shops AG:

Trusted Shops AG
Data Protection Officer
Subbelrather Str. 15c
50823 Köln

Was this article helpful?

2 out of 5 found this helpful