Data protection, data privacy and GDPR in Custobar


The Custobar Customer Data Platform (CDP) and Marketing Automation system is a European software. From the start, it has been created to accommodate strong safety measures and all European data protection laws, regulations and policies, first and foremost the GDPR.

Some of our first customers in the early years of Custobar were German. Germany is, of course, known to be particularly strict with protecting customer data. We have developed Custobar to meet our German clients’ and partners’ highest quality standards.

Tatu Kuivalahti, CEO of Custobar

Our four data protection cornerstones

1. Servers located in the EU region

The servers for Continental European clients and partners are located in Germany. The servers for North European clients and partners are in Finland.

2. Custobar is GDPR compliant

Our GDPR compliance in practice:

  • The right to restrict data processing. A customer’s personal data can be deleted and the statistics anonymised, if they so wish. This can be done directly in the Custobar user interface, or via an API interface. Simultaneously with personal data deletion and anonymisation, the customer ID will be locked so that any personal data concerning that particular customer cannot re-enter the system even from any integration or other data source. Custobar can also remove passive customer data from the system automatically after a specified data storage period.
  • The right to access data. Typically, the personal data a company has collected is scattered across many software and systems. The Custobar CDP collects all customer data from all touch points and all various systems into one customer profile. That makes it easy for customer service to create a clean report with just one click, when and if a customer asks for access to their personal data. The report can be further modified before sending it to the customer.
  • The right to rectify data. Custobar has the full version history of any customer’s data. This makes it possible to rectify personal data - directly from the Custobar user interface or via API from other systems. This ensures that customer data is always up to date. It also simplifies tracking the source or sources of any incorrect or flawed data.

3. Continuous improvement of data security

We at Custobar take data security seriously at every level. We are aware that customers have trusted us with the control of their most valuable asset, their personal data, and we approach it accordingly. Our processes and mechanisms for high level data security are comprehensively documented. We also develop them constantly moving forward. Furthermore, we require our subcontractors to comply with the same high data security standards.

4. Custobar is independent of 3rd party data

Custobar is not dependent on 3rd party data or 3rd party cookies. On the contrary, Custobar operates on 1st party data, which has been directly collected from your customers. That means that you control, you ‘own’, the customer data you have collected. That customer data is not controlled by any third party.

The Custobar CDP is intended for managing and utilising 1st party customer data. That is one of the many reasons why Custobar is such a perfect tool for today’s eCommerce and retail.

Tatu Kuivalahti, Co-Founder and Executive Advisor Custobar

Related topics:

Read our blog on How can retailers handle customer data in a GDPR compliant way?

Find out more about 3rd party cookie independence:
Marketer, don’t let the death of the third-party cookie be your funeral!

Custobar privacy policy
Custobar and Data Security