Skip to main content
Version: 2.11

GDPR Compliance


By default, Saleor handles several aspects of the regulations introduced by the GDPR.

Deleting users#

A user account can be deleted from the dashboard level by a staff user. This action is processed immediately.

Users are also able to request their account to be deleted, from the storefront level, on their user profile settings. In such case, a confirmation email is sent to the email address associated with the account.


Deleting a user removes their account instance. All data used for the checkout process are left untouched. This is to keep track of financial transaction.

This solution follows the GDPR regulations.


All cookies used by Saleor are strictly necessary to move around the website and use its features, therefore there is no need to notify the users about them.

Privacy policy and terms of service statements#

Make sure your Terms of Service and Privacy Policy statements properly communicate to your users who you are and how you are using their data.

We recommend that you ensure your policies are kept up to date and are clear to your readers.