Skip to content

GDPR Data Management

As of 25 May 2018, the European Union's General Data Protection Regulation (GDPR) will be the new primary law regulating how companies have to treat and protect the personal data of EU residents.

Retailers most likely store personal information about their visitors in their own systems. However, as Apptus eSales manages behavioural data, it also makes a retailer's eSales implementation a part of a retailer being overall compliant with the new legislation.

Apptus eSales and GDPR

The two most notable points for retailers regarding GDPR compliance when using Apptus eSales are the following:

  • Never create and use customer keys based on personal information such as user names or email addresses.
  • Plan for how to manage and use the GDPR API to export, download, and remove behavioural data.


The GDPR API is part of the Apptus eSales Web API. It is used to execute queries enabling functions supporting the Right to access, Right to portability, and the Right to be forgotten.

To be fully compliant with GDPR in regards to Apptus eSales data, a retailer is likely to have to implement necessary functions for managing GDPR related requests from their visitors.

When executing queries with the GDPR API, basic HTTP authentication with eSales cluster credentials is required.

End points

More information

Please see the official GPDR homepage for more information regarding the European Union’s General Data Protection Regulation.

For more information regarding GDPR compliance with Apptus eSales without the Web API, please see Apptus Connector Docs for Java, .NET, or PHP.

To be GDPR compliant with regards to the Apptus eSales solution, information about data usage should be provided. A sample text for GDPR compliance to be published on a website using Apptus eSales can be found below.

GDPR compliance sample text

Use of Apptus Technologies AB

This website uses Apptus Technologies, an all-in-one AI-powered eCommerce
optimization solution from Apptus Technologies, Trollebergsvägen 5,
222 29 Lund, Sweden (Apptus).

The Apptus solution optimizes the search and navigation experience on this website by utilizing your input to expose the most relevant products based on your search and navigation activity

Apptus collects pseudonymised information about your search usage and
stores this information in local storage in your browser. Apptus generates
a pseudonymised session ID, a pseudonymised customer ID, and your recent searches. This data is stored on your browser in order to provide a good search experience. No personal data is sent to a server and you can at all times clear your local storage to erase this data.

You can find more information on Apptus at