It is not easy to prepare for your company to prepare for GDPR, and in the law When it took effect on May 25, it was not over.
The first step: prepare for the GDPR on May 25th and later, you need to designate an employee to supervise the compliance and update your privacy policy. These are not only legal requirements -they also laid a good foundation for continuous compliance and can affect sales.
Let someone be responsible for the data
Data protection officer is GDPR requirements formal role. If you are a shop, this depends on you, so you need to leave some time to maintain compliance. Whether you are or your employee, you must designate someone to be responsible for your business’s data protection strategy and compliance, and:
[ 123]
- Determined how customers should make
- requests specific to privacy. This can be through the contact form on your website or through a special email address (for example, [email \u0026#160; Protected] To.
- . GDPR requires you to disclose data information. Can you collect less personal data? How long does your company keep the state/provincial/federal tax record? When do you back up and eventually destroy customers and order records? For WordPress and Woocommerce, this includes a review data practice that your store depends on. All information should be released as your privacy policy.
- . Customers can ask you to delete their data, and you must follow.
- .123] GDPR requires you to disclose illegal behaviors to customers in time. Pay attention to the future changes of the privacy law that may affect your business
- How to update your privacy policy
Update your privacy policy, explain the way you use and store data
Prepare and respond to the right to delete/access request
Prepare and deal with security loopholes
.
In addition to being a GDPR require Sales with more and more consumers who pay more attention to privacy. Summarizing privacy policies for your Wooocommerce store involves some research, some writing, and re -examining the commitment of the policy from time to time.
Starting from wordpress 4.9.6, you It will be able to create or specify a page on your website as a privacy policy for your store. You will find this new feature in privacy in wp management \u0026 gt; settings \u0026 gt; privacy:
If you create a privacy policy page for the first time, WordPress will provide a template to help you get started. Generally speaking, a good privacy policy can answer the following questions:
1. What data this store collects about me?
First \”Self -testing\” your own store, and write down
to remind customers to enter information or make all fields (must be filled or available or available select).
Please pay attention to obvious personal data, such as names and addresses, and any other data collected from them when you checkout or become registered users on your website.
Next, check the unclear tools used by your website, such as cookies or analysis. Check which plug -in you installed and view its privacy information. Does the plug -in sending data to foreign or EU? This is another thing you need to disclose to customers.
Use the new tools in WordPress to view the privacy update from the event plug -in: From
wordpressFrom 4.9.6, the plug-in can register privacy information to WordPress itself. When you edit it, you will see the information in a special box near the editor. Your privacy policy page in WP-Admin. WordPress itself will also provide information about the information collected from your website, such as comments and cookies.
The new privacy information box can directly copy and paste the privacy information in WordPress and plug -in to your privacy policy. Essence
However, Because it depends largely on the specific settings you use and the interaction between plug -ins, you need to view and edit the text to ensure that it is suitable for you Shop.
If the plug -in does not provide privacy information, you you, you You can access the developers’ websites or contact them directly, asking their plug -ins any data (if so) and how they handle these data from the visitors on your website.
2. What did this store do for my data, why? After you know You are collecting
What
, you need 123] Why
Collect it.
The explanation of most of the data you collected is simple: you need their address to transport them to them, or you need their email address to update their order status. If you are collecting any personal data that you actually do not need to perform the order, you need to explain the reason to your customers and let them choose to withdraw from this \”processing\” (please refer to refers to \”The check box is\” not the only way \”). Who share my data with this store? Here, you need to conduct some surveys -you need to view how the data they collected are used.
several types of plug -in are more likely to share data:
Payment gateway
Usually share data with payment providers to process payment.
Transportation expansion
Share data with transport providers to calculate freight or print transportation labels. Marketing and analysis expansion Usually shared data to add customers to lists or analyze their behavior.
- In essence,
- You need to view the privacy policies of these services to ensure that they meet your privacy priority. Expansion of the market using the WOOCOMMERCE.com market? To accurately understand how our extension (including payment and transportation gateway) uses and store data.
- 4. How long will this store keep my data?
If the plug -in is connected to the external service, they may share some types of data with the service.
There are many reasons for the reserved record, including customers with disputes, tax audits or other legal issues for charges.
Although the laws such as GDPR have the right to \”delete\”, But you don’t need to delete the records required by other aspects of the business .
In other words Terms and condition pages should clearly explain the time and reasons for your personal data to keep your personal data. 5. How to access, update or delete collected data? In addition to knowing what you did to personal data, customers need to know how to update their data, including:
] Get the copy of their data
Update their data
- Delete their data
- Your privacy policy should explain to customers how to contact you or your specified privacy person through these requests. If you allow your customers to edit some of their own information, such as under my account, you can also mention it here.
- The check box is not the only method
According to GDPR, there are many legal methods to process personal data. Your privacy policy should explain that you are rightHuman data is based on various processing.
The most suitable for e -commerce websites include:
Agree : The user clearly agrees to process specific types of personal data processing specific types of processing (For example, agreed to participate in market research conducted by third parties). The necessity of the contract
: The processing of personal data is necessary to perform the contract (for example, to transport their orders).
- Comply with legal obligations : For legal reasons (such as VAT tax number), personal data is required.
- Legal interests : The processing of personal data is a legal and expected corporate behavior (for example, after they order other products they may be interested mail).
- Formulate your privacy policy step by step
- This is a long list, we know! Step step by step, don’t worry about formulating a perfect privacy policy on the first day.
Keep your privacy policy the latest and latest, especially when you add plug -in or plug -in functions, this will be a continuous activity, just like any other business maintenance you do.
Next?
The length of the access right request.
