Termini di utilizzo

Preamble

Updated October 17, 2025

PrestaShop is the designer and publisher of an open-source software solution, distributed under a free license (Open Software License OSL-3.0), allowing its users to create e-commerce sites.

This solution, called Solution Edition Classic, is available for download from the PrestaShop website www.prestashop.com.

It allows its users to create and personalize their e-commerce site and add features, free or paid, freely developed by the PrestaShop community already integrated into the solution or accessible on the PrestaShop marketplace.

The benefit of the services of these T&Cs is exclusively reserved for professionals within the meaning of French consumer law. As such, it expressly acknowledges that it does not have the right of withdrawal enjoyed by consumers within the meaning of the Consumer Code.

These T&Cs govern the services provided by PrestaShop to its users. They form, with the Personal Data Protection Policy and the general conditions of use of “prestashop.com”, the totality of the conditions of use.

PrestaShop reserves the right to modify these T&Cs at any time. If applicable, the modifications will take effect fifteen (15) days after their publication on the prestashop.com site.

Summary

1. DEFINITIONS

  • Back Office

    Designates the interface through which the Merchant or Technical Service Provider acting on behalf of a Merchant can administer and configure their Merchant Site and, in particular, add Addons.

  • Business Hours

    Means, from Monday to Saturday (excluding public holidays), the period from 9:00 a.m. to 10:00 p.m., French time (GMT+1). Certain higher support levels may offer extended hours, as defined at https://care-center.prestashop.com/fr/niveaux-de-support-client.

  • Care Center

    Refers to the platform centralizing support resources, documentation, and the entry point for submitting information or intervention requests, accessible at https://care-center.prestashop.com/ (or any URL that may replace it).

  • Connectors

    Designates the interface allowing access to third-party services offered by official partners.

  • General Conditions of Use or T&CS

    Means these general conditions, including its possible annexes and modifications.

  • Hours worked

    Means, Monday to Friday (excluding public holidays), from 9:00 a.m. to 6:00 p.m., French time (GMT +1).

  • Intervention Ticket

    Designates the Service request made by the User.

  • Merchant

    Designates any natural or legal person acting in a professional capacity and operating a Merchant Site.

  • Merchant Site

    Designates the e-commerce site created by the Merchant using the Solution.

  • Modules

    Designate software developments carried out by PrestaShop or by a Seller intended to add one or more functionalities to the Merchant Sites, whether pre-installed or downloadable from the PrestaShop Marketplace.

  • PrestaShop

    Designates the limited company whose head office is located at 84 avenue du Maine, in PARIS (75014), registered with the Paris RCS under number B 497 916 635.

  • PrestaShop Account

    Designates the account allowing the User to authenticate and access the services offered by PrestaShop.

  • PrestaShop Marketplace

    Designates the platform referencing all Modules and Themes accessible at the address: https://addons.prestashop.com (or any URL that would be substituted for it).

  • Seller

    Designates any natural or legal person, professional, other than PrestaShop, having developed one or more Modules referenced on the PrestaShop Marketplace.

  • Services

    Designates all Support Services governed by these General Conditions.

  • Solution PrestaShop

    Designates the software published by PrestaShop and downloadable from the site www.prestashop.com, allowing the creation, administration, and operation of a Merchant Site.

  • Support Level

    Refers to the set of services and commitments (response times, communication channels, scope of intervention) to which the User is entitled, based on the profile defined in the PrestaShop Care Center.

  • Support Services

    Refers to the technical assistance services as detailed in the product sheet of the PrestaShop Marketplace, and subject to purchase by the User.

  • Technical service provider

    Designates any natural or legal person acting in a professional capacity on behalf of a Merchant operating or wishing to operate a Merchant Site or on behalf of a Seller for the development of a Module.

  • Themes

    Designate software developments carried out by PrestaShop or by a Seller, allowing graphic customization of Merchant Sites.

  • User

    Designates Merchants, Technical Service Providers acting on behalf of a Merchant or Sellers using the Services subject to these General Conditions.

2. ACCEPTANCE OF GENERAL CONDITIONS

Access to the Services is subject to full, complete, and unreserved acceptance of these T&Cs and the Personal data protection policy.

3. PRESENTATION OF SUPPORT SERVICES

The User may consult the different Support offers and their descriptions in the PrestaShop Care Center. These are organized by Support Levels, providing distinct service commitments and scopes of intervention, either included or available for an additional fee. Unless otherwise stated, the purchase of a Support Service applies to a single Merchant Site.

The User is responsible for ensuring that the Support Service meets their needs. PrestaShop shall not be liable for providing any advice in this regard.

4. FINANCIAL CONDITIONS

The price of each Support Service is indicated on the PrestaShop Marketplace or on the Care Center.

Payment is a prerequisite for access to the Service. Rejection of payment, for whatever reason, may result in the suspension of the provision of the Service or its termination.

The order for additional Intervention Ticket(s) must be paid for on the PrestaShop Marketplace or on the Care Center.

Any day in services not included in the Support Service must be the subject of an estimate between the User and PrestaShop.

5. SERVICE ACTIVATION

The User acknowledges that PrestaShop provides the Services in accordance with the scope of engagement set out in Annex 2.

Access to the Services may require prerequisites as defined in Annex 1.

Following the purchase of a Support Service, the User must submit an Intervention Ticket to PrestaShop via the website https://care-center.prestashop.com/fr

The Intervention Ticket must be submitted during the Support Service period indicated on the PrestaShop Marketplace. Beyond this period, the User will no longer be able to submit an Intervention Ticket to obtain the Service.

Furthermore, in the event that the Intervention Ticket refers to support hours, the User acknowledges that any Service hour commenced shall be counted as a full hour, even if the actual time spent providing the Service is less.

Clear,

  • The Services are carried out within the limits of the scope of intervention presented in Annex 2.
  • The User can submit Service requests by submitting Intervention Tickets on the site https://care-center.prestashop.com.
  • To be valid, Intervention Tickets must be submitted during the period indicated on the PrestaShop Marketplace at the time of purchase.
  • Any hour of Service started is considered a full hour.

6. USER COMMITMENTS

To benefit from the Services, the User undertakes to provide accurate and current data and to provide PrestaShop with all the necessary cooperation. As such, he undertakes in particular to provide all the documents and information described in Annex 1.

The User undertakes to modify their passwords and Merchant Site access upon closing of the Intervention Ticket.

Clear,

The User undertakes to:

  • provide the data detailed in Annex 1;
  • provide accurate data;
  • provide cooperation;
  • validate the intervention reports at the end of the service;
  • modify your access to the Merchant Site at the end of the service.

7. PRESTASHOP COMMITMENTS

PrestaShop undertakes to take into account the Intervention Tickets submitted by the User within the time limits indicated on the product page of the relevant Support Service on the Care Center or the Marketplace, or within the time limits specified in the support level of the User’s profile. In the absence of any specific indication, the initial response time shall not exceed twenty-four (24) business hours.

PrestaShop undertakes to provide the Services to Users during Business Hours, as detailed on the PrestaShop Marketplace.

By express agreement, PrestaShop's obligation to provide the Service is considered an obligation of means, PrestaShop committing to make its best efforts to address the need in the Intervention Ticket, without any guarantee of result.

Clear,

  • PrestaShop undertakes to take into account Intervention Tickets within 24 hours and to provide the Service during working hours.
  • PrestaShop undertakes to make its best efforts to process the Intervention Ticket, without guarantee of result.

8. END OF SERVICE AND TERMINATION

8.1 End of Service

When the Support Service has been performed, PrestaShop shall provide the User with the elements implemented to address the User’s request.

The User may subscribe to a new Support Service on the PrestaShop Marketplace or on the Care Center under the same conditions.

8.2 Termination of Services by PrestaShop

PrestaShop may terminate the Service upon prior notice sent at least two (2) months before closure.

PrestaShop reserves the right to suspend or terminate the provision of the Services to which the User has subscribed, in particular in one of the following cases:

  • illicit, unfair, or contrary use of the laws and regulations in force of one or more of the Services;
  • activity of the Merchant Site contrary to the laws and regulations in force;
  • behavior likely to harm the image of PrestaShop;
  • suspicion of fraud;
  • malfunction, attack, or fraud on one of the Services attributable to the User;
  • any violation of these T&Cs.

Termination of the Service for one of these reasons will not give rise to any reimbursement from the User.

Clear,

  • At the end of the Support Service, PrestaShop sends an intervention report to the User.
  • Furthermore, PrestaShop may suspend or terminate the Services in the event of use or actions contrary to legislation, fraud, or non-compliance with these T&Cs by the User.

9. RESPONSIBILITY

The User is solely responsible for the backup and protection of his donationsborn and data from its Merchant Site. In this respect, he undertakes to take all useful and necessary measures to preserve the integrity of its data before and after any intervention by PrestaShop and in general throughout the duration of the Services.

PrestaShop cannot under any circumstances be required to repair damage of an indirect nature, such as, without this list being exhaustive: a loss of income or turnover, a drop in traffic, a loss of customers, an attack on image or reputation, loss or theft of data.

In addition to the above, the liability of PrestaShop will also be excluded if it finds its origin in:

  • the configuration of the hosting environment of the Merchant Site;
  • the use by the User of a version other than the latest updated version of the PrestaShop Solution ;
  • a lack of cooperation from the User in processing an Intervention Ticket;
  • loss of data, a computer virus or hacking, slowdown in operation or interruption of service of the Customer's Merchant Site;
  • the provision of erroneous information by the Utilisateur ;
  • and more generally, a circumstance attributable to the User or one of its service providers other than PrestaShop.

Clear,

  • The User is solely responsible for the backup and protection of his data and the data of his Merchant Site.
  • PrestaShop cannot be held responsible for repairing direct or indirect damage suffered by the User as a result of the use of the Services. Likewise, PrestaShop is not responsible for the configuration and content of the Merchant Site, the provision of false information or any element that may be attributable to the User.

10. INTELLECTUAL PROPERTY

10.1 No transfer of intellectual property rights

Use of the Services does not result in any transfer of ownership between the parties. PrestaShop and the User have no rights to the brands and distinctive signs of the other party.

Consequently, the User undertakes not to infringe in any way whatsoever the intellectual property rights held by PrestaShop, in particular relating to texts, photos, videos, data, posters, logos, brands, and other elements reproduced on the PrestaShop sites and its services.

The use of the PrestaShop brand in a domain name by the User is strictly prohibited. The User therefore undertakes not to use the registered PrestaShop trademark within the domain name and URL of their Merchant Site.

10.2 Commercial reference

All texts, photos, videos, data, logos, brands, and other elements reproduced on the PrestaShop company websites are reserved and protected by intellectual property rights, in particular copyright, rights related to copyright, trademark right,s and legislation relating to the protection of databases.

Consequently, no exploitation, distribution, reproduction, or other use of these elements, even partial, can be carried out without the express prior authorization of PrestaShop.

The User may, however, cite PrestaShop as a commercial reference.

Conversely, PrestaShop is authorized to cite the User as well as the brands of its products for commercial reference.

Each party expressly undertakes not to harm the image or reputation of the other party.

Clear,

  • PrestaShop remains the owner of all the brands and logos it owns.
  • The User is not authorized to use them, in particular in communications, advertising or registering them in a domain name.
  • The User can use the name PrestaShop to make commercial references.

11. PERSONAL DATA

Information relating to the collection and processing of personal data is detailed in the Personal Data Protection Policy.

In order to provide the Services, PrestaShop is required to process data in the name and on behalf of the user. For this purpose, the parties detail in Annex 3 the contract for subcontracting personal data carried out within the framework of the Services.

12. CONFIDENTIALITY

Subject to Article 13 “Personal Data”, PrestaShop and the User mutually undertake to keep confidential all information and work provided to the other party as part of the Services, and undertake not to disclose it to any third party, other than employees or agents needing to know them, and to use this information only for the purpose of carrying out their respective obligations under the terms of the T&Cs.

13. NON-SOLICITATION OF STAFF

The User undertakes not to make a job offer or hire, directly or indirectly, a member of PrestaShop staff for the entire duration of the Services and for a period of one (1) year from the end of their supply.

In the event of non-compliance with this clause, the User undertakes to pay PrestaShop a lump sum compensation corresponding to two years of remuneration for each member of the poached staff.

14. INDEPENDENCE OF THE PARTIES

The parties remain independent of each other. No stipulation of these T&Cs has the object or purpose of creating any partnership, mandate, representation, or subordination between PrestaShop and the User.

15. FORCE MAJEURE

PrestaShop may suspend the Services in the event of the occurrence of an event beyond its control, a case of force majeure as defined by the case law of the French courts, or due to the action of a third party.

16. APPLICABLE LAW

These T&Cs are subject to French law.

Any dispute that may arise from the interpretation or execution of these T&Cs will be submitted, prior to any legal procedure, to the mediation of a mediator designated by the most diligent party. If mediation is not successful, the dispute will be subject to the exclusive jurisdiction of the Paris Commercial Court.

ANNEX 1: ELEMENTS NECESSARY FOR PROVIDING SUPPORT SERVICES

1. General conditions for performance

For the proper performance of the Services, the User undertakes to provide PrestaShop with accurate information, to ensure functional access, and to maintain its Merchant Site within a compatible and secure technical environment.

If the eligibility conditions are already met, no limitation shall apply.

2. Prerequisites for access to Support Services

Before submitting an Intervention Ticket, the User must ensure that the following conditions are met. These elements are essential for identifying the Merchant Site and processing the request:

  • The Merchant Site must be linked to the User’s PrestaShop Account. Authentication via the PrestaShop Account is required to validate the User’s profile and to associate the Support Service request with the relevant Merchant Site.
  • The “PrestaShop Marketplace” module must be installed and activated in the Merchant Site’s Back Office. The User must have accessed at least once the “Modules > Marketplace” page from the Back Office.

3. Information on the technical environment

To enable accurate diagnosis and effective intervention, the User must provide PrestaShop, when opening an Intervention Ticket, with the following information:

  • Version of the PrestaShop Solution;
  • URL of the Merchant Site (Front Office);
  • Theme used (name and version);
  • PHP version used on the hosting server;
  • Where applicable, list of modules concerned by the request (name and version);
  • Any relevant information regarding recent changes or specific developments.

4. Required access

To perform the Support Service, the User must provide PrestaShop, upon request and through a secure channel, with all or part of the following access credentials, with sufficient rights:

  • Administrator access to the Back Office;
  • Server access via SFTP or FTP;
  • Where applicable, access to the hosting management interface (e.g., cPanel) and to the database (e.g., phpMyAdmin).

5. User’s responsibility regarding the working environment

PrestaShop strongly recommends that any intervention be carried out on a test environment (also referred to as “pre-production” or “staging”).

If the User chooses to provide access to its production environment, the User acknowledges and accepts that PrestaShop’s interventions, although carried out with the utmost care, may result in temporary service interruptions or instabilities on the Merchant Site.

Consequently, PrestaShop shall in no event be held liable for any direct or indirect damages arising from such interruption during the Intervention Ticket period, including, but not limited to, loss of revenue, customers, or data.

It is the User’s responsibility to perform a full backup of its files and database before any intervention requested on a production environment.

6. Scope of support by version and duty of care

PrestaShop undertakes to provide the Services for the two most recent major versions of the PrestaShop Solution (for example, if the current version is 9.x, support will be provided for versions 9.x and 8.x).

For any earlier version (for example, version 1.7 or older), PrestaShop shall only be bound by a duty of care, without any obligation of result.

The User acknowledges that interventions on obsolete versions may prove impossible and may be advised to purchase a migration service.

7. Non-compliance clause

PrestaShop reserves the right to suspend, refuse an intervention, or propose an additional quotation if:

  • The information or access provided is inaccurate or incomplete;
  • The Merchant Site’s technical environment does not comply with the official system requirements;
  • The “core” of the PrestaShop Solution has been materially modified, making a standard intervention risky or ineffective.

ANNEX 2: SUPPORT SERVICES SCOPE OF INTERVENTION

1. General Scope

The Services is intended to assist Users in the use of the PrestaShop Solution and products developed by PrestaShop.

The scope of intervention varies depending on the nature of the request.

2. Support on the Open Source Project (PrestaShop Core)

Support related to the PrestaShop software as an Open Source project (“the Core”) is provided by the community.

  • Inclusions: General questions regarding the native features of the PrestaShop Solution.
  • Exclusions and guidance:
    • Anomalies (“bugs”) not yet recognized and feature requests not included in the Core are not handled by the Support Service.
    • In such cases, the User is invited to contribute to the Open Source project by creating a detailed “issue” on the official PrestaShop GitHub repository, available at https://care-center.prestashop.com/.

3. Scope of paid Support Services

For any paid Support Service (Support Plan, Maintenance Pack, Intervention Ticket, etc.), the scope of intervention is exclusively and fully defined by the description on the product page of the relevant service, accessible on the PrestaShop Marketplace or Care Center at the time of purchase.

Generally, unless otherwise stated on the product page, these services cover:

  • The PrestaShop Solution (“the Core”) as defined in section 2;
  • Modules and themes developed by PrestaShop and sold on the PrestaShop Marketplace.

4. General exclusions applicable to all Services

Unless expressly stated otherwise on the product page of a paid service, the following are systematically excluded from the scope of intervention:

  • Intervention on a PrestaShop Solution whose Core has been modified by the User or a third party;
  • Resolution of anomalies on modules or themes not developed by PrestaShop;
  • Custom developments desired by the User;
  • Creation of a graphic charter or advanced theme customization;
  • Support for non-reproducible anomalies;
  • Configuration of hosting, server, or third-party services (carriers, payment solutions, etc.).

ANNEX 3: AMENDMENT RELATING TO THE PROCESSING OF PERSONAL DATA

This contract relating to the processing of personal data forms, with the General Conditions of Use of the Support services above and the Personal data protection policy, all of the conditions of use of the Service apply to any User.

As part of the Services, the User may be required to communicate personal data to PrestaShop. Within the meaning of Article 4, points 7 and 8 of the GDPR, the User is responsible for processing and the Service Provider is the subcontractor of personal data.

Article 1. Definition

  • User

    Designates any person who has contracted with the User on their Merchant Site.

  • Data) personal(s)

    Means any information relating to an identified or identifiable natural person (hereinafter referred to as “Data Subject”). An “identifiable natural person” is deemed to be a natural person who can be identified, directly or indirectly, in particular by reference to an identifier, such as a name, an identification number, location data, an online identifier, or to one or more specific elements specific to their physical, physiological, genetic, psychological, economic, cultural or social identity. Personal Data are those entrusted by the User to PrestaShop for their Processing on their behalf within the framework of the Contract; they are listed in article 4 below.

  • Data Controller

    Has the meaning given to it in article 4 -7° of the Regulation. For the purposes hereof, the Data Controller is the “User”.

  • Regulations

    Means Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016.

  • Subcontractor

    Means the natural or legal person, public authority, service or other body which processes Personal Data on behalf of the User; under the Contract, PrestaShop is the Subcontractor.

  • Treatment

    Means any operation or set of operations carried out or not using automated processes and applied to data or sets of personal data, such as collection, recording, organization, structuring, conservation, adaptation or modification, extraction, consultation, use, communication by transmission, dissemination or any other form of making available, reconciliation or interconnection, limitation, erasure or destruction.

  • Violation

    Means a breach of security resulting, accidentally or unlawfully, in the destruction, loss, alteration, unauthorized disclosure of Personal Data transmitted, stored or otherwise processed or unauthorized access to such Personal Data.

Article 2. Purpose

The purpose of this contract is to define the conditions under which PrestaShop undertakes to carry out, on behalf of the User, the processing operations of Personal Data defined below.

As part of their contractual relations, the Parties undertake to respect the regulations in force applicable to the processing of Personal Data and, in particular, the Regulation (as well as Law No. 78-17 of January 6, 1978 amended “Informatics and Freedoms.”

Article 3. Duration of the contract

This Agreement comes into force from the User’s Subscription to the Service and ends from the end of the Support.

Article 4. Description of the processing subject to subcontracting

Service provided

PrestaShop is authorized to process on behalf of the User the Personal Data necessary to provide them with Support services.

Nature of operations carried out:

The services provided and during which PrestaShop may process the User's Personal Data are described in these T&Cs.

Purpose of processing:

Access to Personal Data processed by the Merchant as part of the operation of its Merchant Site is necessary so that PrestaShop can fulfill its contractual commitments to the User and effectively provide Support services.

Personal data processed and persons concerned:

Support requires intervention by our teams on the User's Merchant Site at the User's request. Access to the store's back office necessarily gives access to the User's personal data (last name, first name, email address, telephone number).

Likewise, PrestaShop may have access to the data of the User's Customers. PrestaShop may have access to the following Personal Data: Customer identification data (last name, first name, postal address and email address, telephone number) as well as data relating to any purchases made on the User's Merchant Site.

For the execution of the service covered by this contract, the data controller (the User) provides the Subcontractor with the necessary information in its Personal Data Protection Policy.

Article 5. Obligation de PrestaShop

5.1. Processing of Personal Data

PrestaShop undertakes to:

(i) process Personal Data only for the sole purpose(s) which are the subject of subcontracting, as defined in article 3 and in accordance with these T&Cs,

(ii) process Personal Data in accordance with documented instructions of the User. If PrestaShop considers that an instruction constitutes a violation of Regulation (EU) No. 2016/679 or any other provision of Union law or the law of the Member States relating to data protection, it inform immediately the data controller. Furthermore, if PrestaShop is required to transfer data to a country outside the European Union, it must inform the User of this legal obligation before processing, unless the relevant law prohibits such information for reasons important in the public interest,

The User is informed that he can send written instructions if they are consistent with the Service.

(iii) guarantee confidentiality Personal Data processed within the framework of the contract. In the event that PrestaShop is legally required to communicate Personal Data to an authority, it will inform the User in advance, unless the law prohibits such information for reasons of public interest,

(iv) ensure that the persons authorized to process Personal Data under this contract:

  • undertake to respect the confidentiality of Personal Data;
  • receive the necessary training in matters of personal data protection,
  • only process Personal Data for the sole purposes of the aforementioned processing.

(v) take into account, with regard to its tools, products, applications or services, the principles of data protection by design and of data protection by default.

5.2 Subsequent subcontracting

The User authorizes PrestaShop to use subcontractors (hereinafter the “sub-processor”) to carry out specific processing activities.

The User is informed that PrestaShop already uses the subcontractors listed below as part of Support.

  • For the management and provision of the Service: Zendesk (USA, contract ensuring an adequate level of protection and security).
  • For level 1 support: Active Contact (Tunisia, contract ensuring an adequate level of protection and security).
  • For the use of the Maintenance Pack: Chargebee Inc (USA, contract ensuring an adequate level of protection and security).
  • For the ticketing system: Jira (Atlassian – Australia, hosted on Google server in the Netherlands).

In the event of subsequent subcontracting, PrestaShop will inform the User of any change concerning the addition or replacement of other subcontractors, at least one (1) month before the change, in order to give the User the possibility to object to these changes.

When PrestaShop uses another subcontractor, PrestaShop undertakes to ensure that the same obligations are imposed on this subcontractor as those set out in this Contract, relating to the protection of personal data and so that this subcontractor -subcontractor meets the requirements of the above-mentioned regulation.

5.3 People affected by the processing

People's right to information. It is up to the User to provide information to their Customers affected by the processing operations at the time of collection of Personal Data.

Exercise of people’s rights. As far as possible, PrestaShop will help the User to fulfill their obligation to respond to requests to exercise the rights of the User's Customers: right of access, rectification, deletion and opposition, right to limitation of processing, right to data portability, right not to be subject to an automated individual decision (including profiling).

The service is configured so that the User can respond to the requests of their Customers.

5.4 Notification of personal data breaches

PrestaShop notifies the User of any Personal Data violation within a maximum period of seventy-two (72) hours after becoming aware of it and by email. This notification is accompanied by any useful documentation to enable the User, if necessary, to notify the data breach to the competent data protection authority.

PrestaShop will indicate, to the extent that the information is available, the following:

  • nature of the incident;
  • date and time the incident was noticed;
  • Personal data impacted;
  • direct measures taken to limit any further damage;
  • date and time the incident ended;
  • structural preventive measures for the future.

5.5 Aide

PrestaShop undertakes to help the User, as far as possible, so that the latter respects their obligations with regard to the aforementioned processing concerning the carrying out of a possible impact analysis, for the notification of data breach and for the exercise of the rights of the User's Customers.

5.6 Data fate

At the end of the Support service relating to the processing of Personal Data, PrestaShop undertakes to return all Personal Data to the User or to the subcontractor designated by the User.

The return will be accompanied by all existing copies present in the PrestaShop information system and will justify the destruction in writing to the User, unless applicable legislation prohibits the User from destroying the Personal Data for a certain period. In such a case, PrestaShop undertakes to respect the confidentiality of the Personal Data and to archive them in order to preserve them as proof, in particular.

5.7 Documentation

PrestaShop declares to keep a written record of all categories of processing activities carried out on behalf of the User.

PrestaShop provides the data controller with the necessary documentation to demonstrate compliance with all its obligations and to enable audits to be carried out by the User.

Article 6. User Obligations

The User undertakes to:

  1. document in writing any instructions regarding the processing of Personal Data by PrestaShop, if specific instructions need to be given,
  2. supervise processing, including carrying out audits and inspections with PrestaShop,
  3. Notify any violation of Personal Data subject to a legal notification obligation to the competent supervisory authority.

Article 7. Security measure

PrestaShop undertakes to implement technical and organizational measures intended to guarantee the security and confidentiality of Personal Data against any unauthorized access, alteration, use, modification and disclosure during the Support services.

As such, PrestaShop employees in charge of Support are subject to an obligation of confidentiality.

Taking into account the state of knowledge, the implementation costs and the nature, scope, context and purposes of the processing, PrestaShop and the User undertake to implement appropriate technical and organizational measures in order to guarantee a level of security appropriate to the risk.

The User is responsible for the security of his Store at all times.

Article 8. Responsibilities

The parties recognize the sharing of their responsibilities towards the User's Customers, in accordance with article 82 of Regulation (EU) n°2016/679.

The user recognizes that PrestaShop is only liable for the damage caused by the processing if it has not complied with the specific obligations for subcontractors in the aforementioned Regulations.