On May 25, 2018, the GDPR regulations came into force, implying new requirements on personal data collection and management that ecommerce businesses have to follow. With the Amasty GDPR extension for Magento 2, merchants will get all necessary tools to make their web stores compliant with the GDPR legislation and collect and process customers’ data most transparently and efficiently.
Let’s see in detail what functionality the Magento 2 module provides.
- Customer consents management
- Configurable popups for collecting user consents
The module provides store owners with a beautiful popup window that can be used to ask visitors for data processing consents in a subtle way without too much disturbing. Later, customer consents can be used for Google and Facebook remarketing, marketing automation, A/B testing, and more.
- Consents grids
- Delete requests management
The GDPR module by Amasty also provides a grid for managing delete requests, as it is the customers’ right granted by the GDPR regulations. Admins decide whether to approve such requests or refuse them.
- Extended customer account area
Customers get new options in their accounts enabling them to download (via CSV file), anonymize (irreversible action), and request to delete personal details.
The grid consists of the following columns:
- Date Created;
- Version Number;
- Last Edited;
- Last Edited By;
- Status (Disabled, Enabled);
- Action (Edit).
There is also the Customers Consents Email Queue grid where admins can check statuses of sent emails.
As for the mentioned before delete requests management, the appropriate grid shows the date when a request was submitted, customer name and email, and quantity of completed and pending orders. As for the Actions menu, here you can decide whether you want to approve or deny an account removal request.
As for the main settings, the GDPR Magento 2 module’s configuration is divided into two sections: Geo Ip Data and GDPR. In Geo Ip Data, you can download and import Geo IP database, so that the location of your store users will be identified.
The GDPR section is divided into four tabs: Anonymisation Notifications, Account Deletion Notifications, Consent Request Notifications, and Privacy Checkbox.
In the first three tabs, you should select an email sender and email template for three types of notifications separately.
Now, let’s see how the GDPR extension communicates with the frontend users of your web store.
Below, you can see how the checkbox looks on the registration page:
After installing the GDPR module, customer account area gets a new section – Privacy Settings. Here users can download their personal details in a CSV file, anonymize their personal data, and send requests to delete their accounts.
Anonymization of personal data changes how it looks in the account information by substituting customer’s contact and address details with the random sequence of symbols.
Magento 2 GDPR 1.2.1
- Possibility to edit the list of EU countries in the admin panel was implemented.
- Possibility to switch on/off anonymization, deletion, and download actions of personal data for customers was added.
- New feature: personal data of an order made by a guest can be anonymized now.
Magento 2 GDPR 1.1.7
- New option: possibility to disallow optional cookies.
The Amasty’s new module for GDPR compliance brings merchants a comprehensive toolset to follow the latest EU legislation requirements. With the module’s features, you are enabled to collect, process and store customers’ personal data most properly and effectively. The price of the Magento 2 extension is $199 with free lifetime updates and 90 days of free support included.