New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Tools to help with GDPR #1892

Closed
abrookbanks opened this Issue Mar 6, 2018 · 18 comments

Comments

Projects
None yet
4 participants
@abrookbanks
Member

abrookbanks commented Mar 6, 2018

CubeCart 6.1.13 is not far off having the right tools for GDPR as it is.

  • cookie consent
  • privacy policy (albeit blank)
  • opt out by default
  • tools to manage marketing preferences.

Some improvements are required especially for the right to be forgotten and how personal data is deleted is required.

Suggest a delete account feature from customer account page.

@abrookbanks abrookbanks added this to the 6.2.0 milestone Mar 6, 2018

@abrookbanks abrookbanks self-assigned this Mar 6, 2018

@havenswift-hosting

This comment has been minimized.

havenswift-hosting commented Mar 6, 2018

I covered many of the issues and requirements here https://forums.cubecart.com/topic/53273-customer-records/?tab=comments#comment-231298

A delete button on customer records should only be available under certain circumstances and the “right to be forgotten” is very different if a customer has placed an order for example

@abrookbanks

This comment has been minimized.

Member

abrookbanks commented Mar 6, 2018

Yes thats for that I was going to refer to it. My sister is an in house lawyer for a supermarket in the UK so I might see if I have have a chat with her too.

@abrookbanks

This comment has been minimized.

Member

abrookbanks commented Mar 6, 2018

different if a customer has placed an order for example

That was my main bit of research for today. How can a customer be forgotten when accounts need their address etc for tax?

@havenswift-hosting

This comment has been minimized.

havenswift-hosting commented Mar 6, 2018

How can a customer be forgotten when accounts need their address etc for tax?

They can’t and they don’t have a legal right to be forgotten under these circumstances - but proving under what basis a person’s data was collected, when consent was given is much more important as is a person’s right to have access to what data is stored.

The main process for GDPR is deciding and publishing under what basis data is collected, stored and used - that is the Privacy Policy document wording and down to each store owner.

The double opt-in on email and customer sign-up and recording the dates on when this consent was given, I think are vital! Currently in CubeCart, I can sign you up for a newsletter, create you as a customer and even place an order in your name, all with valid information and all without your knowledge and vitally for GDPR, your consent !

Being able to search for a person based on email address, name etc and then create an easily readable report showing exactly what data is held on that person is also important

@abrookbanks

This comment has been minimized.

Member

abrookbanks commented Mar 6, 2018

So we need to store the data and IP address against newsletter subscribers maybe the method too like for example if it was imported or added by the customer themselves.

I think legally invoices only need to be kept six years so maybe after six years they have a right for that to be deleted too. It's all a lot more complex then I first thought.

@abrookbanks

This comment has been minimized.

Member

abrookbanks commented Mar 6, 2018

I would suggest that CubeCart has the following tools;

  • Double opt in for newsletters
  • Date and IP address stored against subscription.
  • GDPR data export tool by email address (what data is stored)
  • Date T&C's were agreed

Everything in CubeCart can be deleted via the admin control panel so a delete account tool for right to be forgotten is not necessary.

@havenswift-hosting

This comment has been minimized.

havenswift-hosting commented Mar 6, 2018

Double opt in for newsletters ; Date and IP address stored against subscription.

Yes, agreed and date / IP address should be recorded at the point of completing double opt-in and not initial request (or both but that is a little overkill) I also think that double opt-in is required for customer and ghost sign-up with same data recorded.

GDPR data export tool by email address (what data is stored)

A printable report (pdf format) would be best and provided as an admin tool - doesnt need to be front end.

@abrookbanks

This comment has been minimized.

Member

abrookbanks commented Mar 6, 2018

Totally agree. Thanks for helping me with this.

@abrookbanks

This comment has been minimized.

Member

abrookbanks commented Mar 7, 2018

screen shot 2018-03-07 at 14 30 06

@briansandall

This comment has been minimized.

Contributor

briansandall commented Mar 7, 2018

I'm not a lawyer, but isn't anything stored in a database subject to a large dose of skepticism?

I mean, it's all well and good to store that information, but I can edit any of it I want at any point on the back end. Requiring an IP address helps, but if the customer ever visited our site I can get that, or claim they were on wireless or using a proxy. IPs are also easy to spoof.

Anyway, probably not super relevant to the implementation details. Just the ramblings of a cynical dev. ;)

@abrookbanks

This comment has been minimized.

Member

abrookbanks commented Mar 7, 2018

Yes but we have to abide by what the EU bureaucrat tell us to do.

I actually believe things like mandatory double opt in and the right to be forgotten is essential to the public's privacy. Also forcing merchants to clearly spell out how data is used and what the sites cookies do is a really good thing.

abrookbanks added a commit that referenced this issue Mar 8, 2018

abrookbanks added a commit that referenced this issue Mar 8, 2018

#1892 - Added double opt in checkbox to emailer
Also updated naming consitence

abrookbanks added a commit that referenced this issue Mar 8, 2018

@nutbags

This comment has been minimized.

nutbags commented Apr 15, 2018

I've only recently heard about the new GDPR regulations coming into force next month and am looking in to what I need to do as a commerce business owner. I note that your new 6.2 update will feature tools to help our compliance and I look forward to getting Havenswift to update me as soon as fully available(I still cannot auto update!) I have a couple of questions though:
I understand that you are making it possible for customers to cancel their accounts. Does this mean that I(as admin on my website) can log in "as the customer" and delete accounts? Will we get a notification if a customer deletes an account?
I send out quarterly newsletters to my customers using a third party(mailchimp) after finding that my own internet provider(BT) might limit the amount of emails I can send out due to SPAM laws. I have had to manually add customer email addresses to a database on my mailchimp account in order to send these newsletters. Does new regulation now mean I have to ask their permission to send them? Again, the question of notification if a customer cancels their account is vital to me,as I'd need to then manually delete info on Mailchimp too!
thanks
Paul

@havenswift-hosting

This comment has been minimized.

havenswift-hosting commented Apr 25, 2018

I think the newsletter consent side needs some extra work. The ICO document states that you must

"Keep evidence of consent – who, when, how, and what you told people."

What I have seen in other software products is a list of date/time and IP address when people have opted in and out - so you can prove that if a person was opted in on 1st April, received a newsletter sent on the 4th April and then opted out on the 10th April.

Obviously, if they then request their information be deleted, and they arent a customer where the information needs to be retained for contractual / legal reasons, then this history is lost !

@abrookbanks

This comment has been minimized.

Member

abrookbanks commented Apr 25, 2018

Ok so we need another table for subscription history. Makes sense....

@abrookbanks abrookbanks reopened this Apr 25, 2018

@abrookbanks

This comment has been minimized.

Member

abrookbanks commented Apr 25, 2018

Obviously, if they then request their information be deleted, and they arent a customer where the information needs to be retained for contractual / legal reasons, then this history is lost !

So are you saying it shouldn't be deleted from history? But then you have their email on file. LOL. Fun this isn't it?!?

@abrookbanks

This comment has been minimized.

Member

abrookbanks commented Apr 25, 2018

I've closed this again but opened a new issue in regards to evidence of consent. See: #1979

@havenswift-hosting

This comment has been minimized.

havenswift-hosting commented Apr 25, 2018

Yep - all good intentions but not very practical as usual !

I think if they are only signed up for newsletters (ie arent an active customer) and they request to be deleted - then the history has to go which contradicts this statement but I guess a deletion request trumps unsubscribe !

If they ask to unsubscribe, you dont need to delete their details, just record that they dont want to receive newsletters

@abrookbanks

This comment has been minimized.

Member

abrookbanks commented Apr 25, 2018

Thanks Ian, that's massively helpful. I'll get onto this one right away.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment