Amasty LGPD Magento 2 Extension

September 11, 2020 - E-Commerce, Magento 2

Amasty LGPD Brasil Magento 2 extension

Today, we will talk about Magento 2 possibilities related to the protection of customers’ data within the territory of Brazil. Brazilian General Data Protection Law, or LGPD, became effective on August 15, 2020. The law implies the legal basis and standardization of rules and practices for processing sensitive data of online shoppers from Brazil. According to statistics, more than 140 million Internet users are located in Brazil. It means that any ecommerce store interacts with online shoppers from this part of the world in this or that way.

To ensure compliance with the LGPD requirements and run your business in line with the privacy law, we recommend you to install the Amasty LGPD extension for Magento 2. The module provides all necessary tools for adjusting your privacy policy documentation according to the LGPD legislation and collecting and processing your storefront users’ data transparently and securely. Below, we describe all the features of the Brasil LGPD Magento 2 module, as well as its functionality on both backend and frontend.

Download / Buy Amasty LGPD Magento 2 Extension

The main goal of the Brazilian General Data Protection Law is to protect the rights of customers from Brasil regarding their personal data. The law covers the following rights:

the right to get access to personal data;
the right for rectification;
the right to erase the data;
the right to restrict processing of personal details;
the right for data portability;
the right to object.

The Amasty Magento 2 LGPD extension provides merchants with the settings that enable them to make their stores fully compliant with the latest LGPD requirements and inform website visitors about how their data is used and processed.

Table of contents

1 Features
2 Backend
3 Frontend
4 Recent Updates
5 Final Words

Features

Functionality for collecting privacy policy and cookie consents;
Management of cookies and cookie groups;
Two types of cookie policy bar;
Customizable design of the cookie bar;
Dedicated CMS page for managing cookie settings on the frontend;
Ability to place multiple privacy policy consent checkboxes on various pages;
Built-in GeoIP support;
Display of consent checkboxes based on the user geolocation;
Flexible management of privacy policy documents;
Ability to manage privacy settings in the customer account area;
Logging of the privacy policy and cookie consents;
Auto-removal of abandoned customer accounts;
Management of account removal requests in the backend.

One of the main LGPD requirements is related to compliance with the cookie policy. It means that an online store should clearly inform customers about the means and purpose of gathering their personal data and receive user consent to each of the collected cookies. The Amasty LGPD extension for Magento 2 includes all features of Amasty Cookie Consent, letting store admins manage all existing cookies from one place in the backend and separate them between various cookie groups.

One of the options available with the Amasty module is placing a pop-up window on your store pages for collecting consents to cookies. The cookie policy bar shows a description for each category of collected cookies. Besides, it includes toggles that let customers decide to which cookies they want to give their consent instantly. The cookie notice bar is highly customizable, so you can fine-tune its design to fit better into your storefront.

Also, note that the Magento 2 LGPD Brasil module lets customers view and manage their cookie settings on a separate CMS page. The Cookie Settings page provides detailed information on each type of cookies collected on your store and lists all cookies wth their description and duration in every group. This way, you will comply with the LGPD law’s requirement on providing online customers with the right to revoke their consents at any time. All cookie usage consents given by customers are gathered in a dedicated log.

Another essential feature of the Amasty cookie policy consent Magento 2 module is the ability to place checkboxes for collecting customer consents on various pages throughout a website. You can place checkboxes for each policy existing on your store on the registration, checkout, and Contact Us pages, as well as newsletter subscription form. Besides, you can customize the text shown next to a checkbox and insert a privacy policy link in the text. As a store manager, you also decide to users from which countries, e.g., only Brasil, a consent checkbox will be displayed and whether it is required to agree to the policy to use the website.

As for privacy policy management, the Amasty LGPD extension allows backend users to create several documents adapted to a particular region and local legislation and manage them on a separate grid in the Magento admin. This way, you will also be able to track modifications that need to be implemented in your policies in line with the changes in the LGPD regulations and quickly update relevant documents.

To make your webstore visitors acquainted with your privacy policy, you can show the text of the relevant document in a pop-up window. Also, you can place a link leading to the privacy policy description on any CMS page or in a custom block using the “Amasty Privacy Policy” widget. This way, you will add motivation for customers to accept your policy and proceed with browsing your store without further distractions. Also, you will help customers to quickly find information about processing their consents and ensure the implementation of the customer right to be timely informed about a store’s policy.

Moreover, LGPD regulations require online store owners to provide customers with the ability to get access to their personal information, as well as modify and erase it. With the Amasty LGPD Magento 2 extension, customers registered on your store get a chance to manage their data in the extended account area. The module adds new options to the customer accounts, letting them download a CSV file that keeps the copy of their personal details, anonymize data, and send a request for removing their account.

All delete requests submitted from the frontend can be viewed and managed by store admins on a dedicated grid in the backend, where they can approve or deny them in one click. Besides, the Magento 2 LGPD Brasil extension fulfills customers’ right to revoke their privacy policy consents, meaning that they can opt in or opt out from previously given consents at any time.

As for the admin possibilities provided by the Magento 2 LGPD compliance module, they help store managers to comply with the law’s requirement to keep records of customers’ data processing. All submitted consents are logged in a separate grid that allows users to view them from one place and delete selected records in bulk. Another log in the extension’s backend collects data on the activities related to personal data management, performed by customers from their accounts.

One more vital feature of the Amasty LGPD Magento 2 extension is the automatic removal of inactive customer accounts. The module automatically deletes outdated information after the time specified in the backend. At the same time, the tool lets you set a period for keeping data in the recent order-related documents, which will help you avoid possible issues with tax control or other institutions.

Backend

Cookies Management

First, let’s see which possibilities the Amasty Magento 2 LGPD compliance module offers in regards to the cookies management.

All cookies are gathered on a separate grid under Customers -> Cookie Consent -> Cookies. The Cookies grid shows the following details: each cookie’s unique ID, name, a group where it is assigned, description, and lifetime. The grid supports the filtering and sorting of the columns and allows deleting selected cookies using appropriate mass action. You can edit the cookies information via the Action column, as well as create a new cookie by clicking the “Add New Cookie” button.

When creating a new cookie, you should specify its name and description, set a lifetime, and select one of the available groups to assign the cookie.

As for the cookie categories, they are managed on another grid under Customers -> Cookie Consent -> Cookie Groups. The Cookie Groups grid consists of the following columns:

Checkbox;
ID;
Cookie Group Name;
Description;
Is Essential;
Is Enabled;
Action.

Here, you can also apply filtering and sorting to the grid columns, modify details of a particular cookie group using the “Edit” action, as well as delete groups in bulk using mass actions. If you want to create a new cookie category, press the “Add New Group” button.

When adding a new group, you can enable/disable it and mark it as essential if required. Then, you should enter a new cookie group’s name, add a description (here, you can provide details on the usage of the cookies in this group), and select specific cookies to include in the group.

Amasty LGPD Magento 2 extension cookies

Cookie consents collected from the store visitors are also gathered on a separate grid that you will find under Customers → Cookie Consent → Cookie Consents Log. The grid gathers the data on customers who accepted the cookie policy: a customer’s ID, name, and email. Besides, the grid shows IP addresses and websites where the consent was given. Here, you can also check the date and time of the approval of cookies, as well as consent status.

Magento 2 Cookie Consent module backend

LGPD management

Now, let’s navigate to the page where you can view and manage privacy policy documents. The corresponding grid includes the following columns:

ID;
Date Created;
Version Number;
Last Edited;
Last Edited By;
Comment;
Status (Disabled, Enabled);
Action (Edit).

You can apply filters to quickly find a required document and sort the grid columns. It is also possible to modify a particular privacy policy via the Edit link in the Action column, as well as delete selected documents using mass actions.