Protection of personal data and consent

More and more countries are adopting regulations on privacy and the protection of personal data.

Neostore has adopted the concept of “privacy by design” and has implemented specific features to help you comply with these regulations (GDPR, CCPA, LGPD, etc.).

Additionally, as customers are now able to regain control of their personal data and ‘third-party data’ is becoming less and less relevant, Neostore promotes and helps you collect ‘Zero-party data’ or ‘Earned data’ »: data directly provided by the customer to a brand in a trusted environment.

Have questions about privacy issues? Neostore could help you, do not hesitate to contact us.

1. A platform built with technologies limiting the processing of personal data without losing contact with your customers

  • No direct identification data is required to send a push notification and/or manage your customers’ wallet or loyalty card. A single unique token/identification number is generated and processed.
  • Thus, your cashiers do not need access to identification data to use your customers’ loyalty card and/or voucher. A scan of your phone at point of sale only is necessary (via QR code or NCF).
  • For registration and login, “Apple Sign-in” functionality is available to customers, including “Hide my email” functionality to avoid identifying data sharing (such as name or address e-mail) with the brand. In this case, a unique token/identification number is generated and processed.
  • Neostore does not store any data for the authentication of your customers.


2. Maintain control over your data storage and limit data duplication

  • Neostore does not store data provided by your customers. After collection, this data is directly stored in your CRM system/tool (Cegid Retail, Salesforce, etc.).
  • If regulations requiring local storage in a specific country (Russia, China, etc.) apply to you, storage directly on your local servers could be considered.


3. Minimize personal data processing and collect the data you really need

  • Through our Neostore web pages, you can collect the data from your customers that you really need to meet your goals, then minimize the data to build a trusting relationship with them. Neostore does not require you to collect specific data from your customers.
  • Data minimization is part of the principles relating to the processing of personal data in several regulations around the world.


4. Establish a relationship of trust with your customer: collection of consent and transmission of transparent information

  • In a trusted environment, customers are more likely to provide their data to brands. Then, the quality of your data and your customer experience will improve.
  • According to its “Zero party data” vision, Neostore helps you collect consent from your customers:
  • In your Neostore layout, you can implement one or more consent checkboxes (“Opt-in”) with a relevant information notice about the purpose.
  • For example: To comply with CCPA, you can add a “Do not sell my personal information” checkbox.
  • This consent could be recorded in your CRM tool if such storage is possible.
  • You can provide your customers with all the information necessary to comply with information transparency requirements under privacy regulations. This information could be provided with a first layer of information and a link to your full privacy policy.
  • A GDPR information model may be shared with you.
  • This functionality could also be used as proof of the implementation of “freely given, specific, informed and unambiguous” consent as required by the GDPR.


5. Keep your Consent Management Platform (CMP) for your cookie policy

  • Neostore does not use cookies or other trackers. Neostore encourages you to stop using third-party data, however you can customize your form and decide to implement your own CMP in your Neostore page.


6. Help your customer exercise their rights over their personal data

  • The platform could be used to encourage customers to exercise their rights (modification, deletion, opposition, etc.) directly from it.
  • You can use our APIs from your web & mobile applications to strengthen your GDPR compliance.
Need information or a demonstration ?