Knowband Blog | Ecommerce Modules

PrestaShop & GDPR: New update from PrestaShop regarding GDPR

Prestashop has released a white paper in order to inform the merchants regarding the GDPR which will be applicable in EU from May 25, 2018. Prestashop has also declared that they are going to release a GDPR module for the Prestashop versions 1.5, 1.6 and 1.7 to help the merchants to comply with the GDPR. The official Prestashop GDPR module will be available free of cost for the Prestashop version 1.7. The official Prestashop GDPR addon for the Prestashop version 1.5 and 1.6 can be downloaded from the Prestashop Addon store.

Here are the key points highlighted in the article shared by PrestaShop:

As you are probably already aware, in a few weeks (May 25th of this year) the new European law on personal data protection will come into effect.

As an e-commerce software, our goal is to help merchants all around the world to sell their products while complying with legal regulations. This is why it is important for us to provide a tool which will allow your shop to become GDPR compliant.

Many are concerned about this new regulation (especially in view of possible financial penalties) and what PrestaShop plans to do about it. This article aims at providing answers to the most frequent questions we have received and sharing more details about our forthcoming actions.

What is GDPR?

The General Data Protection Regulation (GDPR) which will come into effect on May 25th aims at unifying regulations related to data privacy policies in the European Union. This text reinforces people’s rights and imposes a new accountability logic on entities involved by requiring them to take the necessary, appropriate measures to ensure a suitable level of security when processing personal data.

GDPR is intended to apply to all processing of personal data, whether automated or manual. Processing of data is defined as an operation or set of operations carried out and applied to personal data or data sets (e.g. Collection, storage, modification, extraction, viewing, use, communication, destruction, etc.).

Personal data comprises all information relating to a natural person and enabling that person to be directly or indirectly identified (E.g. full name, email address, IP address, telephone number, location data, consumer habits, etc.).

The main requirements of this law include:

For the merchants’ customers
The right to access their personal data;
The right to data portability;
The right to obtain rectification and/or erasure of their personal data;
The right to give and withdraw consent.
For the merchants
The obligation to keep a record of processing activities (especially for access, consent and erasure).
For more information, you can read our GDPR white paper here.

Who is concerned?

Given the extent of these concepts and your e-commerce business, it is highly likely that you process personal data. Furthermore, the GDPR affects not only every european companies, but also companies located outside of Europe which collect european citizens’ personal data. Needless to say that no merchant can avoid it and store compliance upgrade is not an option.

Modules which collect and stock personal data are also affected as they must be updated to be GDPR compliant, so module developers, this applies for you too!

What is PrestaShop doing to help you comply with GDPR?

In addition to the work being done to ensure our own compliance, we are currently developing new features to help both merchants and module developers comply with the main regulation’s requirements listed above.

More precisely, a specific GDPR module will bring those new features, available for 1.5, 1.6 and 1.7 versions. It should have no impact on the core software and should be compatible with most themes (custom ones included).

Our objective for this module is to handle customers’ personal data collected by the PrestaShop software, native modules and also community modules installed on PrestaShop stores. As a module developer, it will require some work on your side, but our module will bring the necessary tools to make updates easier.

This module will provide new features for both store merchants and their customers and tools for modules’ developers to help them update their module for GDPR.

As a community developer

The GDPR module will provide:

New hooks that will enable you to automatically add a new checkbox and a specific text on the front-office of your module (if needed);
A new hook to select and display the personal data being collected by your module.
More information will be provided in a few days!

As an e-commerce merchant

PrestaShop’s official GDPR Module will allow merchants to:

Make it easier for their customers to give their consent by adding a consent confirmation checkbox to different forms of your store (account creation, newsletter subscription, etc.). You will be able to customize the consent request message for each checkbox and refer to the CMS page of your choice to give more information to your customers.
Easily manage your customers’ requests related to their personal data erasure and modification. If your customer requests to delete his account, you will be able to:
Download all of his invoices in one click (if he has any);
Delete his customer account and his personal data in one click;
If he has made one or several orders on your website in the past, they will be automatically transferred to a GDPR anonymous account. This will enable you to keep exact order results, reportings and accountability while deleting your customers’ personal data.
Keep track of the effective exercise of their right to access and manage their consent actions (obtainment and withdrawal) regarding marketing emails (newsletter).

As a customer Eventually, the module will also allow customers to:

Manage access their personal data, as well as the portability of it (through a automatic download of a csv file including all their personal data collected on the website) – directly via their customer account.
Contact you through your contact form for erasure / modification purposes.
Our Official GDPR module – currently being developed by our team due for release at the beginning of May will be:

Provided for free for all 1.7 versions
Available as a paid plugin on the Addons PrestaShop marketplace for 1.5 and 1.6 versions.

Click on the link below to find the details:
https://build.prestashop.com/news/prestashop-and-gdpr/

Click on the link below to download the White paper from the Prestashop Addon store:
https://addons.prestashop.com/en/free-prestashop-modules/31944-gdpr-whitepaper-.html

How can Prestashop GDPR Module by Knowband help you?

Knowband has also released the Prestashop GDPR module. The Prestashop GDPR addon by Knowband handles the rights of the customers. GDPR provides the rights to the customers to protect their personal data. By using the Prestashop GDPR extension launched by Knowband, Prestashop store admin can easily provide an interface to the customers so that they can access their GDPR rights and if the required customer can also request for the detailed report. The Prestashop GDPR Compliance Addon can help the store admin to provide following rights to the customers:

  1. Right to access
  2. Right to the data rectification
  3. Right to data erasure
  4. Right to object
  5. Rights related to the automated decision making

Additional features of the Prestashop GDPR Addon:

  1. EU Cookie law: The Prestashop GDPR addon allows the store admin to display a cookie notice banner on the website. Admin can add the “More Information” link to the cookie notice. The customer has the option to accept the cookies or deny.  We are in the process to make the required changes in the Cookie law feature so that it can meet the GDPR requirements.
  2. Data anonymization request: Prestashop GDPR Compliance module allows the store admin to handle the data anonymization request. Customer will be able to request for the data anonymization and after getting the customer request Prestashop store admin has the options to anonymize the customer name, email id and order details.
  3. Email templates: Prestashop GDPR compliance module comes up with the readymade email templates. For each customer request, an email will be sent to the customer as well as admin will also be notified regarding the same over email. Prestashop GDPR compliance addon has the following email templates:

4. Admin reports: Prestashop GDPR compliance addon allows the admin to keep the track of all the requests processed under GDPR rights. Admin can easily track all the GDPR requests from the back-office.

Prestashop GDPR addon, Prestashop GDPR update, Prestashop update regarding GDPR, Latest update of Prestashop regarding GDPR,

Get the Prestashop GDPR Module:
https://www.knowband.com/prestashop-gdpr-addon

Front Demo of Prestashop GDPR Module:
https://psm.knowband.com/gdpr/16/en/

Admin Demo of Prestashop GDPR Module:
https://psm.knowband.com/gdpr/16/admin1/index.php?controller=AdminLogin&token=ffa17b0c72ff8c0ab7cf3e344c5ae4fc&redirect=AdminModules

User Manual of Prestashop GDPR Module:
https://www.knowband.com/blog/user-manual/gdpr-module-user-manual/

Useful links:

GDPR: All you need to know about the law and it’s effect on eCommerce