What Is Essential for Any Merchant to Know About GDPR Compliance?
- It doesn’t matter whether you are located in the EU or any other part of the world – if you handle personal data of at least one individual from the EU, your shop should be GDPR compliant. It is not about the store; it is about the customer’s protection.
- GDPR has a broad definition of personal data; it is not only about name, ID numbers, or email address, but also financial info, IP address, social network posts. To cut it short, if any information is related to a person’s identity, it is under GDPR.
- Your shop can store or process the data only if a person gave consent for that, and it still should be deleted upon request. Data breaches should be reported to authorities and the persons affected in 3 days after it’s discovery.
To make sure your web store is GDPR compliant, you will need to review all the extensions you have as being developed by third parties. Extensions may store or send information to different locations than Magento itself.
Thus, to confirm GDPR compliance, there is a need to review all the contracts with the third parties and have a consultation with a legal counsel.
The next steps would make it easy to get your Magento shop GDPR compliant:
- Install the EU Cookie Law Compliance Magento module.
– Magento 2
– Magento 1
- Update the pages, the terms, and conditions informing that your webshop processes personal data and stores cookie files.
- It should be pointed out that a person can get more info or accept the conditions.
- To get subscribed to a newspaper, your customer should tick it. There should be a separate consent form at your website for your customers to subscribe for your newsletter, to accept terms and conditions and form of consent for other ways of using data
- An option stating “Newsletter Subscriptions” should be added to your customer’s account.
Other Nice Things to Be Done
It would be best if you made it transparent for your customers, letting know what the information will be used for and how long the system will store it.
There is also a need to update the terms and conditions at your website regarding GDPR terminology.
So, getting your Magento website GDPR compliant is easy though essential, please contact our experts at firstname.lastname@example.org to sort this out for you.