Free AI AuditBook a Call
Back to Security

GDPR Compliance

5 min readLast updated: February 2026

PageX and GDPR

PageX is designed with GDPR compliance as a core requirement, not an afterthought.

Data Controller vs Processor

In the context of your Shopify store data, PageX acts as a Data Processor operating on your behalf. You remain the Data Controller responsible for your customers' data.

Data Processing Agreement (DPA)

A DPA is available upon request. Enterprise and Growth+ plan customers can request a signed DPA from support@pagex.to.

Your Rights as a Data Subject

Under GDPR, you have the right to:

  • Access the data we hold about your account
  • Correct inaccurate data
  • Request deletion of your data
  • Export your data in a portable format
  • Object to specific processing activities

Data Transfers

PageX infrastructure is hosted in the EU (Frankfurt, Germany) and the US. For EU customers, data is processed in the EU by default.

Sub-Processors

We use a limited number of vetted sub-processors (e.g., cloud hosting, analytics). A current list of sub-processors is available on request.

Contact Our DPO

For GDPR inquiries, contact our Data Protection Officer at privacy@pagex.to.

Was this article helpful?

Related Articles

Data We CollectData Deletion RequestsSecurity Practices

Still need help?

Our support team is happy to assist.

Contact Support