Scroll to top

What any Magento shop owner should know about GDPR compliance?

No comments

What is essential for any merchant to know about GDPR compliance?

Webmeriddian e-commerce, online shop, online store, magento website development, magento development services, magento programming, ecommerce design

  • It doesn’t matter whether you are located in the EU or any other part of the world – if you handle personal data of at least one individual from EU, your shop should be GDPR compliant. It is not about the store, it is about the customer’s protection.
  • GDPR has a broad definition of personal data, it is not only about name, ID numbers or email address, but also financial info, IP address, social network posts. To cut it short if any information is related to person’s identity, it is under GDPR.
  • Your shop can store or process the data only if a person gave a consent for that, and it still should be deleted upon request and data breaches should be reported about to authorities and the persons’ affected in 3 days after it’s discovery


There are solutions for both Magento 1 and Magento 2 shops to become compliant

To make sure your web store is GDPR compliant you will need to review all the extensions you have as being developed by third parties, extensions may store or send information to different locations than Magento itself.
Thus, to confirm GDPR compliance, there is a need to review all the contracts with the third parties and have some sort of consultation with a legal counsel.

The next steps would make it easy to get your Magento shop GDPR compliant:

  • webmeridian hire magento developers custom magento developmentInstall EU Cookie Law Compliance Magento module.
    Magento 2 –
    Magento1 –
  • Update the pages, the terms and conditions informing that your webshop processes personal data and stores cookie files.
  • It should be pointed out that a person can get more info or accept the conditions
  • To get subscribed for a newspaper, your customer should tick it. There should be a separate consent forms at
  • your website for your customers to subscribe for your newsletter, to accept terms and conditions and form of consent for other ways of using data
  • An option stating “Newsletter Subscriptions” should be added to your customer’s account

Other things nice to be done

Also it would be good to have a notification regarding the terms of use of the customer’s data stating the reasons why the data is stored and how it will be used.

You need to make it  transparent for your customers letting know what the information will be used for and how long it will be stored by the system.

There is also a need to update the terms and conditions at your website regarding to GDPR terminology.

So, getting your Magento webstore GDPR compliant is easy though essential, please contact our experts at to sort this out for you.

Related posts

Post a Comment