Privacy Policy

Information we collect falls into one of two categories: "voluntarily provided" information and "automatically collected" information. "Voluntarily provided" information refers to any information you knowingly and actively provide us when using or participating in any of our services and promotions. "Automatically collected" information refers to any information automatically sent by your devices in the course of accessing our products and services.

1.1 Log Data

When you visit our website, our servers may automatically log the standard data provided by your web browser. It may include your device's Internet Protocol (IP) address, your browser type and version, the pages you visit, the time and date of your visit, the time spent on each page, and other details about your visit. Additionally, if you encounter certain errors while using the site, we may automatically collect data about the error and the circumstances surrounding its occurrence. This data may include technical details about your device, what you were trying to do when the error happened, and other technical information relating to the problem. Please be aware that while this information may not be personally identifying by itself, it may be possible to combine it with other data to personally identify individual persons.

1.2 Device Data

When you visit our website or interact with our services, we may automatically collect data about your device, such as:

• Device type
• Operating system
• Unique device identifiers
• Device settings
• Geo-location data

Data we collect can depend on the individual settings of your device and software. We recommend checking the policies of your device manufacturer or software provider to learn what information they make available to us.

1.3 Personal Information

We may ask for personal information — for example, when you subscribe to our newsletter or when you contact us — which may include one or more of the following:

• Name
• Email
• Date of birth
• Phone/mobile number
• Home/mailing address

1.4 Transaction Data

Transaction data refers to data that accumulates over the normal course of operation on our platform. This may include transaction records, stored files, user profiles, analytics data and other metrics, as well as other types of information, created or generated, as users interact with our services.

1.5 Migration-Specific Data

For Migrationpro account creation, we collect:

• Name
• Organization
• Email
• Password (stored in hashed form only)

For individuals performing data migration, we may additionally collect:

• Source and Target Store URLs
• Source and Target Shopping Cart Platform types
• FTP/cPanel access (only required for specific platforms)
• Admin account credentials (only required for specific platforms)

1.6 Credential Security for Migration Data

FTP/cPanel access credentials and admin account credentials collected during the migration process are classified as high-sensitivity data. These credentials are encrypted using AES-256 encryption at rest and transmitted exclusively over TLS 1.2+ connections. Access to these credentials is restricted to authorized migration engineers only, from designated IP addresses. All migration credentials are permanently deleted within 7 days of migration completion, or immediately upon customer request, whichever occurs first.

1.7 Website Visitor Data

For website visitors, we may automatically collect:

• Web request details (date, time, etc.)
• IP address
• Browser type and language
• One or more cookies identifying the browser

We only collect and use your personal information when we have a legitimate reason for doing so. The following table outlines the lawful bases under GDPR Article 6 for each processing activity:

As a GDPR-compliant company, Migrationpro has adopted necessary changes to how customer information is collected. We are dedicated to protecting your data while using our website and ensuring its security and transparency.

We may collect personal information from you when you do any of the following on our website:

• Register for an account
• Purchase a subscription
• Sign up to receive updates from us via email or social media channels
• Use a mobile device or web browser to access our content
• Contact us via email, social media, or on any similar technologies
• When you mention us on social media

We may collect, hold, use, and disclose information for the following purposes, and personal information will not be further processed in a manner that is incompatible with these purposes:

• To provide you with our platform's core features and services
• To enable you to customize or personalize your experience of our website
• To deliver products and/or services to you
• To contact and communicate with you
• For advertising and marketing, including to send you promotional information about our products and services
• To enable you to access and use our website, associated applications, and associated social media platforms
• To comply with our legal obligations and resolve any disputes that we may have
• To attribute any content you submit that we publish on our website
• For security and fraud prevention, and to ensure that our sites and apps are safe, secure, and used in line with our terms of use

We may combine voluntarily provided and automatically collected personal information with general information or research data we receive from other trusted sources.

The primary objective of data security is to maintain privacy while protecting personal or corporate data from unauthorized access and manipulation throughout its entire life cycle.

4.1 Encryption and Protocol

At Migrationpro, we secure your data using HTTPS protocol and TLS 1.2+ encryption. We respect your privacy, and therefore, we do not store your data on our servers beyond the retention periods described in this policy. The migration from the Source Store to the Target Store will be executed securely.

4.2 Server Security

All migration tasks are performed on CONTABO servers located in Germany. CONTABO has implemented the following measures:

• 24/7 monitoring for access control
• Restricted access to control terminals for authorized employees using a transponder key
• DDoS prevention
• Network firewalls

4.3 Data Access Security

Only authorized Migrationpro employees with unique credentials have access to the source code, migration requests, and customer support queries. Furthermore, they can only access specific software sections from designated IP addresses.

4.4 Payment Security

Migrationpro employs PayPal and Stripe for payment processing. These systems process customer payment information, while Migrationpro does not retain any customer payment data, such as credit card numbers or bank account information.

4.5 Non-Disclosure Agreement

We assure you that our technicians will not disclose your data to any third parties, and we will delete your credentials upon the completion of the migration. An NDA will be signed between you and our representative before initiating the process. Although we will do our best to protect the personal information you provide to us, we advise that no method of electronic transmission or storage is 100% secure, and no one can guarantee absolute data security. You are responsible for selecting any password and its overall security strength, ensuring the security of your own information within the bounds of our services.

We keep your personal information only for as long as we need to. Retention periods vary by data type:

If your personal information is no longer required, we will delete it or make it anonymous by removing all details that identify you. However, if necessary, we may retain your personal information for our compliance with a legal, accounting, or reporting obligation.

We do not aim any of our products or services directly at children under the age of 13 (or the applicable age of digital consent in your jurisdiction, such as 16 under the GDPR), and we do not knowingly collect personal information about children under these ages.

We may disclose personal information to:

• A parent, subsidiary, or affiliate of our company
• Third-party service providers for the purpose of enabling them to provide their services, including IT service providers, data storage, hosting and server providers, analytics, error loggers, maintenance or problem-solving providers, marketing or advertising providers, professional advisors, and payment systems operators
• Our employees, contractors, and/or related entities
• Our existing or potential agents or business partners
• Credit reporting agencies, courts, tribunals, and regulatory authorities, in the event you fail to pay for goods or services we have provided to you
• Courts, tribunals, regulatory authorities, and law enforcement officers, as required by law
• Third parties, including agents or sub-contractors, who assist us in providing information, products, services, or direct marketing to you
• Third parties to collect and process data
• An entity that buys, or to which we transfer all or substantially all of our assets and business

7.1 Third Parties We Currently Use

• Google Analytics (website analytics)
• Mixpanel (analytics)
• Hotjar (behavior analytics)
• Facebook Pixel (advertising)
• Microsoft Clarity (session recording)
• LinkedIn Insight Tag (advertising)
• Google Ads Conversion Tracking (advertising)
• MailChimp (email marketing)
• SendGrid (transactional email)
• PayPal (payment processing)
• Stripe (payment processing)
• Cloudflare (hosting and CDN)

The personal information we collect is stored and/or processed in the United States and Germany, or where we or our partners, affiliates, and third-party providers maintain facilities. The countries to which we store, process, or transfer your personal information may not have the same data protection laws as the country in which you initially provided the information. If we transfer your personal information to third parties in other countries: (i) we will perform those transfers in accordance with the requirements of applicable law; and (ii) we will protect the transferred personal information in accordance with this privacy policy. For transfers of personal data from the European Economic Area (EEA), we rely on Standard Contractual Clauses (SCCs) approved by the European Commission, or other lawful transfer mechanisms as appropriate.

The General Data Protection Regulation (GDPR) is a comprehensive regulation that governs how organizations and companies manage personal data within the EU and EEA. Migrationpro adheres to GDPR, emphasizing our commitment to safeguarding our clients' personal information. Ensuring the security of customer data is a top priority for us. All customers and website visitors have the following rights under GDPR:

• Right to be informed about the types of information Migrationpro collects and how it is processed (Art. 13/14)
• Right of access to their personal data (Art. 15)
• Right to rectification of inaccurate personal data (Art. 16)
• Right to erasure or right to be forgotten (Art. 17)
• Right to restrict processing (Art. 18)
• Right to data portability (Art. 20)
• Right to object to processing (Art. 21)
• Right not to be subject to automated decision-making (Art. 22)

To exercise any of these rights, please contact our privacy team at [email protected]. We will respond to your request within 30 days. If you are located in the EU/EEA and believe we have not adequately resolved your concerns, you have the right to lodge a complaint with your local Data Protection Authority (DPA).

If you are a California resident, the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA) provides you with specific rights regarding your personal information:

• Right to Know: You have the right to request that we disclose the categories and specific pieces of personal information we have collected about you
• Right to Delete: You have the right to request that we delete any personal information we have collected from you, subject to certain exceptions
• Right to Correct: You have the right to request that we correct inaccurate personal information we maintain about you
• Right to Opt-Out of Sale/Sharing: You have the right to opt out of the sale or sharing of your personal information. Migrationpro does not sell personal information
• Right to Limit Use of Sensitive Personal Information: You may request that we limit the use of your sensitive personal information to purposes necessary to provide our services
• Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA/CPRA rights

To exercise your rights, please contact us at [email protected] or write to us at the address listed in the Contact Us section below. We will verify your identity before processing your request and respond within 45 days. In the preceding 12 months, we have collected the following categories of personal information: identifiers (name, email, IP address), commercial information (transaction records), internet activity (browsing history, search history), and professional information (organization name).

Your choice: By providing personal information to us, you understand we will collect, hold, use, and disclose your personal information in accordance with this privacy policy. You do not have to provide personal information to us, however, if you do not, it may affect your use of our website or the products and/or services offered on or through it.

Information from third parties: If we receive personal information about you from a third party, we will protect it as set out in this privacy policy.

Marketing permission: If you have previously agreed to us using your personal information for direct marketing purposes, you may change your mind at any time by contacting us using the details below.

Access: You may request details of the personal information that we hold about you.

Correction: If you believe that any information we hold about you is inaccurate, out of date, incomplete, irrelevant, or misleading, please contact us. We will take reasonable steps to correct any information found to be inaccurate.

Non-discrimination: We will not discriminate against you for exercising any of your rights over your personal information.

Notification of data breaches: We will comply with laws applicable to us in respect of any data breach.

Complaints: If you believe that we have breached a relevant data protection law and wish to make a complaint, please contact us and provide us with full details of the alleged breach. You also have the right to contact a regulatory body or data protection authority in relation to your complaint.

Unsubscribe: To unsubscribe from our email database or opt-out of communications, please contact us or opt-out using the opt-out facilities provided in the communication.

We use cookies to help improve your experience of our website at https://migrationpro.io. This cookie policy is part of Migrationpro LLC's privacy policy.

12.1 Cookie Consent

In accordance with the ePrivacy Directive and applicable data protection laws, we will request your consent before placing any non-essential cookies on your device. When you first visit our website, you will be presented with a cookie consent banner that allows you to accept or reject non-essential cookies. You may update your cookie preferences at any time through our cookie settings page. Essential cookies required for the basic functioning of our website do not require consent and cannot be disabled.

12.2 What is a Cookie?

A cookie is a small piece of data that a website stores on your device when you visit. It typically contains information about the website itself, a unique identifier that allows the site to recognize your web browser when you return, additional data that serves the cookie's purpose, and the lifespan of the cookie itself.

12.3 Types of Cookies and How We Use Them

Essential cookies: Essential cookies are crucial to your experience of a website, enabling core features like user logins, account management, shopping carts, and payment processing.

Performance cookies: Performance cookies track how you use a website during your visit. They do not collect personal information about you. We use performance cookies on our site, subject to your consent.

Functionality cookies: Functionality cookies are used to collect information about your device and any settings you may configure. We use functionality cookies for selected features on our site, subject to your consent.

Targeting/advertising cookies: Targeting/advertising cookies help determine what promotional content is most relevant to you. We use targeting/advertising cookies on our site, subject to your consent.

If we or our assets are acquired, or in the unlikely event that we go out of business or enter bankruptcy, we would include data, including your personal information, among the assets transferred to any parties who acquire us.

Our website may link to external sites that are not operated by us. Please be aware that we have no control over the content and policies of those sites.

At our discretion, we may change our privacy policy to reflect updates to our business processes, current acceptable practices, or legislative or regulatory changes. If we decide to change this privacy policy, we will post the changes here. If the changes are significant, or if required by applicable law, we will contact you and all our registered users with the new details and links to the updated policy.