El Reglamento General de Protección de Datos (GDPR) entra en vigencia el 25 de mayo y tiene como objetivo unificar las regulaciones relacionadas con las políticas de privacidad de datos en la Unión Europea. Este texto refuerza los derechos de las personas e impone una nueva lógica de responsabilidad a las entidades involucradas al exigirles que tomen las medidas necesarias y adecuadas para garantizar un nivel adecuado de seguridad a la hora de procesar datos personales.
¿Por qué deberías preocuparte por este asunto?
Dada la llegada y el alcance de estos términos y el hecho de que tienes en funcionamiento un negocio de comercio electrónico, es muy probable que proceses datos personales. Por otra parte, el GDPR no solamente afecta a todas las empresas europeas, sino también a empresas ubicadas fuera de Europa que recopilan datos personales de ciudadanos europeos. Por tanto, ningún comerciante puede eludir este reglamento y debe actualizar el cumplimiento de su tienda a esta normativa.
Our GDPR module is available on our marketplace Addons and is here to protect your customers’ data. In short, they should be able to access their personal data, they have the right to data portability, obtain rectification and/or erasure of their personal data, and mostly give or withdraw their consent. For merchants, the law demands to keep a record of processing activities such as access, consent, and erasure.
Article 83 of the GDPR provides sanctions up to €20 million or, for a company, up to 4% of its total global annual turnover for the previous financial year.
Configure the GDPR module
This tab will help you become familiar with the General Data Protection Regulation (GDPR) and our module. Here, you will find general information about this EU regulation (our whitepaper, video, article, etc.) and the user guide for our module to download in PDF format to help you get set up.
Personal Data Management
In this tab, you will first find the list of modules installed in your store that are GDPR compliant.
If you consider that one or several modules collect personal data and that they don’t appear on this list, please make sure that you have access to the latest version of these modules to fully benefit the GDPR update.
If they are still not displayed in the list, we invite you to contact their respective developers to have more information about these modules.
Next, you can search for a customer and an unknown or guest user who has given his email address or phone number in your database and view all of his data collected by the PrestaShop solution and the GDPR-compliant modules installed in your store. To search for a user, please enter the first letters of the name, email address or phone number:
The personal data that you can visualize in this interface will be used at two different levels:
- When a user requests access to his data: he gets a copy of his personal data collected on your store in PDF or CSV format.
When a user requests data erasure: if you accept his request, his data will be removed permanently.
You can also process all of your users' data erasure requests that are done through your contact form and with your validation. Before accepting the data deletion request and deleting a user permanently from your database, we recommend you to download all of the invoices linked to his/her account.
For further details on data, you will be redirected to the customers part of the back office in order to manage all the profiles registered and have a look at the information they contain.
Note that this module also allows the deletion of guest accounts. Merchants just need to search for the exact email address or phone number.
Once the data erased, the user does not exist anymore (account and address are deleted from your database) but its invoices remain available with the order. Only his personal data are suppressed. His abandoned carts are transferred to an anonymous account while his orders are no longer associated with any customer account.
Consent Checkbox Customization
This tab allows you customize the consent confirmation checkboxes and the corresponding consent request messages in various forms of your store.
Configure your checkboxes
You can activate and customize the consent confirmation checkboxes in two places by default:
In the account creation form on your store
In the Information tab in the customer account
We recommend you to write your consent request messages in all available languages of your online store.
Depending on your stores installed modules and if they have been updated for GDPR compliance, the corresponding text fields will be shown on this interface so that you can personalize your permission request messages.
Customer Activity Tracking
In this tab, you can view all your customers' actions related to their personal data (especially for data accessibility, permission, and deletion).
In this summary table, you will find the information below:
Customer's first and last name or client ID
Type of request: data accessibility, permission, or deletion
Date and time of the action
In this tab, you will find a list of questions frequently asked by our merchants as well as answers provided by our module and GDPR experts.