The GDPR is a European Union regulation on personal data processing. It affects everyone who collects and uses personal data (that includes contact information or addresses) of EU citizens and residents.
Version 4.7.4 is accompanied by the new GDPR add-on that informs new customers about how the store handles his personal data. The addon also helps you manage your data: anonymize or export users personal data to an XML file, as well as capture requests from data owners. (at this point accessed only from the database)
We have customized the add-on so you can install it on any 4.x.x version of CS-Cart or Multi-Vendor.
Unfortunately, the plugin can not be customized for older versions such as 2.x.x or 3.x.x without major revisions, which means creating the plugin from scratch.
ADVANCED GDPR Addon
Until 25/5/18 we will add many automations that will make it very simple to use and much more advanced than its current first form. Everyone who buys it will have a free upgrade to the newest advanced version!
Extra Features:
1. All the custom forms will be logged in history log, as now you need to archive them via emails (not in store)
2. customer will be bale to request the xml file with his data inside his profile screen, as now he is requesting this via email(not in store). Also the request and download of data is logged in history log.
3. anonymize will be requested from customers via their profile screen, as now he must send email. The request and answer to him is also logged in history
4. log history will be inside the admin screen as a seperate menu, as now you need to open phpmyadmin in hosting to see the log in DB., The advacned version will have the history of every customer in a tab on their profile, in Store admin.
IMPORTANT
Until 14/5/2018 we will receive only pre-orders, and after 15/05 we will start delivering the addon!
So Fotis, just to be clear. Your addon is an extension of the 4.7.4 gdpr addon that will make many of the tasks easier and better able to be used if an audit occurs or other "what happened with this customer" events happen? Please confirm or clarify.
So Fotis, just to be clear. Your addon is an extension of the 4.7.4 gdpr addon that will make many of the tasks easier and better able to be used if an audit occurs or other "what happened with this customer" events happen? Please confirm or clarify.
our Addon is based on the default CS-Cart 474 GDPR addon , but we take it a step further by making many tasks inside the store like :
1. log all the custom forms as now you need to archive the emails
2. customer can request the xml file with his data inside his profile, as now he is requesting this via email. Also the request and download of data is logged in history
3. anonymize is been requested from customers profile screen as now he must send email. The request and answer to him is also logged in history
4. log history is inside the admin screen as now you need to open phpmyadmin to see the log in DB
So as you see you will have one place to keep al lthe logging of action in case of audit, the whole procedure is more bullet proof as you don't have to rely on emails that might also endup in your spam folder (customers requests) or your emails (info emails on requests) to customers spam folder.
Its laso much easier to follow the whole procedure when you know where to find what, so we try to minimize the possibility you miss something especially in a high trafic store.
Natural persons may be associated with online identifiers […] such as internet protocol addresses, cookie identifiers or other identifiers […]. This may leave traces which, in particular when combined with unique identifiers and other information received by the servers, may be used to create profiles of the natural persons and identify them.
In short: when cookies can identify an individual via their device, it is considered personal data.
This supports Recital 26, which states that any data that can be used to identify an individual either directly or indirectly (whether on its own or in conjunction with other information) is personal data.
We need to store in a separate table all the data about cookies, for audit and control.
We need to be able to deliver only the cookies that the customer approved.
If they make a request to delete their data, cookies is also involved.
So please think about this development, is the most important part of the "tehnical" GDRP.
Also, 70% of the customers in some countries, are not willing to make an account in order to make an order. Cs-cart is only focusing on customers with an account, not the rest. You can order without an account, and the site keeps your data and also is using plenty of cookies!!!
The compliant Cookie addon will be ready on the 25/5 and its free for those who will buy our gdpr Addon till then
After that the gdpr advanced extension and the new cookie Addon will be sold separate
Ps the new cookie addon is a big project as you need to make it work with all Addons adding tracking code to page like tag manager and Facebook pixel etc
They need to get deactivated by the cookie settings. This is an issue as there are many Addons out there and also many store owners have had the tracking code manually added
So it will be almost impossible to make it work with any Addon. We will guaranty default Google analytics and offcourse all our tracking addons but the rest should get customized.
Also, 70% of the customers in some countries, are not willing to make an account in order to make an order. Cs-cart is only focusing on customers with an account, not the rest. You can order without an account, and the site keeps your data and also is using plenty of cookies!!!
The anonymizatkon is been done on either registered or guest customer. Doesnt matter. The data for guest is let only in order which is by default anonymized, so this is not correct.
The cookie is indeed an issue not covered but as said in the 25/5 is getting out
They need to get deactivated by the cookie settings. This is an issue as there are many Addons out there and also many store owners have had the tracking code manually added
So it will be almost impossible to make it work with any Addon. We will guaranty default Google analytics and offcourse all our tracking addons but the rest should get customized.
Fotis
Yes, and i'm surprised that cs-cart dint't get involved in this, because this part will be a future decision regarding the eCommerce platform.
Is this platform GDRP ready? This will become a buying question starting with 25/05.
Maybe a browser extension will be useful.My guess is that all the browsers will start to show the cookie for each site, so having a browser extension will help determinate the cookies from a website, and can be saved in the cookie add on, at least for showing them.
So at least we need to have:
- googe analytics, tag manager, rmk
- facebook
- hotjar, and similar
- criteo, and similar
--- maybe a list is required, and you can update the addon from time to time, charge for update, or do custom work for some of the sites with plenty of cookies.
Cookies can be displayed and deleted. However, it will be extremely difficult to identify the addons that are setting the cookies and forcing them to conditionally do so (or preventing them from doing so in the future). Allso, there are a ton of manually added tracking scripts, badges, maps and other items that simply insert JS code into various pages. It would be near impossible to identify all of those insertions and provide a means to notify those providers that a customer has requested their data be anonymized.
Cookies can be displayed and deleted. However, it will be extremely difficult to identify the addons that are setting the cookies and forcing them to conditionally do so (or preventing them from doing so in the future). Allso, there are a ton of manually added tracking scripts, badges, maps and other items that simply insert JS code into various pages. It would be near impossible to identify all of those insertions and provide a means to notify those providers that a customer has requested their data be anonymized.
Well we are going to implement in the addon a script to udentify and activate/deactivate the most improtant and known scripts from google and facebook (tag manager, analytics, facebook pixel etc) no matter if they are added by hand or by any type of addon, along with a few of our own addons from the greek market and this will cover most of the cases. The rest we can offer as customization to the buyer
mailchimp, klavio, paypal, shopping.com (and 10K other shopping listings), etc. Most if not all of these can have transaction tracking scripts installed that can send anything from user's email and IP to full user/order info.