Jump to content

 

mumbomedia

Member Since 13 Jan 2017
Offline Last Active May 23 2018 08:48 PM
-----

Posts I've Made

In Topic: Gdpr Compliance In Cs-Cart And Multi-Vendor

14 May 2018 - 10:42 PM

The current GDPR plugin is NOT multi-store able. It should be, since based on the store, information can be diffrent. I have a cusomer running zoho mails for most of the shops but a local server for another. 
 

 


In Topic: Gdpr Compliance In Cs-Cart And Multi-Vendor

03 May 2018 - 09:29 AM

Cool.

You have to inform then that their information is stored in CS Cart, (some) information in Stripe and Paypal, and have to inform then how your e-mail is handled, local server, on the webserver or Google Apps/Exchange, stuff like that.
Also who handles the website. Local/selfhosted server or Hosting Company. You also have to inform them who internally is responsible for their data, who they can contact if they want it deleted/anonymized and what the steps are to do that. You also have to have a Data Emergency Plan (not sure if that's the actual English title), but what internally are the steps if there is a data leak. You don't have to make that public though, but just mention you have that.


In Topic: Gdpr Compliance In Cs-Cart And Multi-Vendor

03 May 2018 - 09:12 AM

Thank you for the clarification.

 

If we make a mistake which normally does not happen we are always happy to take care of it.

 

Next we will update our Privacy page and then we should be fine.

 

Keep in mind though that if you sell to EU Customers (not companies) you still have to be GDPR-ready and ask your customers for consent on all things where you store their information. If you work with a 3rd party accountant you have to inform your customers in the privacy policy.
/offtopic out of curiousity, what custom items are you making for your EU customers? :)


In Topic: Gdpr Compliance In Cs-Cart And Multi-Vendor

03 May 2018 - 09:09 AM

The add-on will provide the tool: 1. Ask for consent

That's great, but it only affects to customers who register a new account. Customers who already have an account, must also agree with the terms.
I have to write to all customers and ask them to agree to the new privacy policy, set a deadline and who has not consented at this time delete the data. The add-on does not offer a solution for this yet.

This is something i've actually mentioned to them. Maybe Ilya can clarify this.
Either way, i think you have to send your customers a mail anyhow. You have to get concent from them to send that mail after 24th of may though ;)
The GDPR also applies to invoicing/accountancy software you might be using, external accountants handling their information, etc.
 


In Topic: Gdpr Compliance In Cs-Cart And Multi-Vendor

03 May 2018 - 09:05 AM

 

Interesting about the 14 day rule as we have a firm no return policy as all our sales are custom made.

 


No worries here then. If custom product customer can't return product, except if product is faulty or customisation has gone wrong