Zemez

You, Your Website and GDPR. Tips to Start Preparing for GDPR

Just worth mentioning what GDPR stands for, as it seems to be a nice way to start explaining what actually GDPR is.

What is the GDPR?

GDPR is short for “General Data Protection Regulation”, and may sound familiar enough. Still, it is a whole new regulation of personal data protection in the EU (any organization that handles data about EU citizens, whether the one is located in the EU or not) with an effective date of May 25, 2018. The GDPR obviously intends to help protect any personal data and provide extended rights around it.

Does GDPR affect your eCommerce store?

The “D” in GDPR means you have to deal, with a lot of data, but does that mean GDPR should bother you, as an eCommerce website owner?

GDPR could affect you and your online store, in the following cases:

Here are some of the most basic requirements:

How to make your website GDPR-compatible?

1. Keep Your Data Safe and Secure

Your site visitors or customers should be able to receive any personal data, such as email address, purchase history, and phone number, he or she has provided to your store without obstruction or delay from you, so you should do regular backups of your store database.

2. Keep Customers Informed

Customers and visitors of your online store have the right to obtain information on how and for what purposes your store uses any provided personal data.

This means you should provide a privacy note on Account Registration, or Product Purchase and inform visitors about how you collect the data. E.g. let your site visitors know that you use Cookies, etc.

3. Right “To Be Forgotten”

This means you should delete any mention of the customer from ALL the tools and databases you’ve used to manage your online store upon your customers’ request.

Any registered customer of your store should be able to delete his or her account.

4. Deactivate Any Default Opt-ins

Do NOT use pre-ticked boxes or other pre-selected options for your online store. The checkboxes should always be clear.

5. Keep Data Fresh

The customers should be able to update details through their online accounts.

So, enable the registered customers to change their name, password, or contact information that is indicated on the user’s account page.

6. GDPR-concept Design

The banner and all supporting information must be in clear and easy-to-understand language.

7. Reduce the Amount of Data Stored

The less personal data you collect, the better the overall data security is.

Make sure that only necessary fields are covered, if you don’t need to know the customer’s gender, do not include this field in any registration or contact form.

Helpful GDPR Resources: