GDPR Compliance Magento® 2 Extension
The Magento 2 GDPR compliance extension is an ingenious tool that provides complete tool-set required to help online website/store comply with the latest EU's regulations in a secure way.
- Core GDPR compliance rules Account deletion, anonymization, and personal data export can be done in 'My Account > Manage Account'
- Email Verification and Admin moderation, to handle request made by customer requires email verification and admin moderation to protect against data theft and fraudulent activities
- Privacy Consent will be requested & appear on registration & checkout page. Can also be updated on Account > Privacy setting page.
- Customer Consent grids, to give track of all customers accepted consent and yet to accept configured privacy notice
- Cookie Compliant with customizing cookie consent popup (accepting cookie notice) with top and bottom style position
- Auto Delete Unwanted Data, like abandoned cart following admin configuration
7-DAY MONEY BACK
HOW MAGENTO 2 GDPR EXTENSION WORKS?
Manage Account with (Delete, Download & Erase action)Admin can configure each of this request processing immediate, Awaiting admin approval or auto mode as described above after sensing the right need.
Delete Account:According to an EU’s regulation, a customer should have an option to delete an account permanently. This General Data Protection Regulation compliant plugin, empowers customers for delete an account from new “My Account > Manage Account” page. A request is handled securely by sending out the request mail to user ensures action is taken by an authorized user only
Download Personal Data:In order to comply with an EU’s right to access rule, an extension allows the user to make a download request from “My Account > Manage Account” page. This will export all user’s own personal info, sales history, invoicing etc. into the machine-readable format (atm its CSV only). Once the download is ready, a downloadable attachment link will be sent to customer’s verified email address.
Erase/Anonymize Account Data:To comply right to be forgotten, GDPR Magento 2 extension adds an option to Erase/Anonymise user data which replaces customer personal data, sales history with placeholder text in the database which hides customer's information.
Each of these data-related requests (delete, erase & download) allows 3 modes of servicing enhancing the flexibility and security:
- By Customer
- By Admin
In Auto mode when a request is raised by the customer & completes email verification, all received requests will then be automatically serviced based on cron setting done by admin and email will be sent out to respective customers who then take control through an email received.
In By Admin mode, when a request is raised by the user, admin receives all request on his dashboard and when the admin approves the request then a mail is sent out to the customer who then takes a relevant action to complete their request. This method is used to ensure more security.
Privacy Consent ManagementA Magento GDPR compliance module also sets cronjob for automatically truncate abandoned carts from quote table periodically. admin can set this frequency on backend via cron settings.
Admin will be presented 2 separate customer consents grids loading users who accepted consents & customers pending privacy consents. Admin can reset previously recorded users consent to run through new privacy terms. The customer then has to give their consents again with new privacy updates.
Cookie ConsentsOur M2 GDPR extension enables cookie consent with customized popup at the top or bottom of the screen to the customer.
Important noticeThis module designed with best of our knowledge & understanding of regulation to help merchants comply M2 stores with EU's regulation. However, please consult your lawyer to confirm compliant accordingly.
Magento 2 GDPR Extension Set up:
1. Install module from the marketplace.
2. For using this module, go to STORE> Configuration > SETUBRIDGE > GDPR Tab:
USER REVIEWS ON GDPR COMPLIANCE MAGENTO 2 EXTENSION
Version 1.0.1 CE (Released on Aug 17, 2018)
- * Bug Fixes & Improvement
- + Enterprise Edition Compatibility
Version 1.0.0 CE (Released on Jun 23, 2018)
- + Core GDPR Compliance rules for delete-anonymize-export personal data can be managed from 'My Account > Manage Account'
- + To avoid data theft & fraudulent actions, there are Admin Moderation and Email Verification gate on handle request made by the customer.
- + Privacy Consent will be mentioned and show up on a register and checkout. It will also be updated on the Account > Privacy setting page.
- + Customer Consent Grids to tracking for all accepted assent & till which are not accepted the notice.
- + A cookie compliant notice pop-up can be customized with a top & bottom position of your web-page.
- + Admin configuration for auto-deletion of unwanted data like an abandoned cart.
- + Consent Reset when policy update & added 2 new grid for consent visibility
- + Popup appearing when customer get the login for update consent