Chances are, your e-commerce store isn’t yet ready for GDPR, and if you still don’t know, how to fix the problem, you’ve come to the right place. In the following post, we compare two robust Magento 2 GDPR extensions developed by Amasty and Aheadworks respectively. Prepare for the detailed description of what both modules can.'
Table of contents
- 1 Magento 2 GDPR Extensions: Core Features
- 1.1 Aheadworks
- 1.2 Amasty
- 2 Magento 2 GDPR Extensions: Backend
- 3 Magento 2 GDPR Extensions: Frontend
- 4 Aheadworks
- 5 Amasty
- 6 Magento 2 GDPR Extensions: Price
- 7 Honorable Mention
- 8 Magento 2 GDPR Extensions Comparison (Aheadworks vs. Amasty)
- 9 Final Words
Magento 2 GDPR Extensions: Core Features
Below, you will find a list of core features for each Magento 2 GDPR extension. We describe opportunities provided by Aheadworks and then proceed to the Amasty’s tool.
Aheadworks provides the ability to make your store GDPR-compatible due to the following features.
GDPR compliant personal data
Right after installing the Magento 2 GDPR extension by Aheadworks, you make your customers’ legitimate and your web store compliant with the latest GDPR regulations. Store visitors get the ability to:
- access their data and view it in PDF and XML;
- approve its usage;
- give consent for data access and processing;
- request to delete their details.
Besides, the Magento 2 GDPR module by Aheadworks simplifies management of massive databases with customer information. It offers a user-friendly way of tracking customer consents to data processing and requests for erasing the data.
Data protection policy consents
One of the most critical aspects of GDPR is to provide customers with the ability to give their permission to data protection policy on various pages. The Aheadworks GDPR Magento 2 extension offers this opportunity on registration and checkout page, as well as via individual popups. The following image displays the improved registration form with a link to the GDPR policy.
Customer access to personal information
Another vital aspect of GDPR is the ability to access personal data. With the Magento 2 GDPR extension by Aheadworks, your clients will quickly obtain a copy of it via PDF or XML. As a Magento administrator, you can get the necessary files in the backend section as follows:
Enhanced customer account
Of course, customers get not only a new registration form but also an improved customer account with the Magento 2 GDPR extension by Aheadworks. The plugin allows users to request access to their data and delete their accounts. Note that data erasure leads to the deletion of all incomplete orders and abandoned carts.
It is also necessary to mention that the extension reduces helpdesk workload. Customers’ requests are collected directly from their accounts. Next, you can quickly filter them out and handle appropriately within the admin area.
The following image illustrates the improved customer account of the Aheadworks GDPR extension for Magento 2:
Email Verification & Data Retrieving
It is also worth mentioning that the extension offers a safe verification mechanism designed to protect customer data from fraudulent activity. As a store owner, you can filter out malicious requests via email.
Another significant opportunity is related to data retrieving. Due to the current API, you can effortlessly retrieve data from the related third-party apps.
Convenient backend management
As a store administrator, you also get several new mechanisms. There is a grid that lets you track customers’ consents and export them as a list. Besides, you can process the requests for data access and erasure in a user-friendly manner. Everything is available within three independent sections: Consent Relevance, Data Access Requests, and Removal Requests.
The Magento 2 GDPR module by Aheadworks enables you to:
- segment customers by consent statuses;
- manage requests for data access and data removal;
- delete selected customers.
The following image shows how to erase customers in bulk
GDPR requirements are not eternal, so you should be ready to modify your store according to new changes and rules. With the Magento 2 GDPR extension by Aheadworks, you won’t have to collect consents once again. Instead, the module provides the ability to reset current statuses in one click and ask customers to agree to the modified data protection policy version. Thus, you avoid multiple headaches related to all further GDPR updates.
Now, let’s focus on what Amasty offers to make your store suitable for the GDPR standards.
Advanced customer consents management
Furthermore, the collected consents can be used for remarketing campaigns, marketing automation, A/B testing, etc.
Convenient backend management
Another grid provided by the GDPR module by Amasty contains delete requests. As a Magento 2 administrator, you can decide whether to approve or decline such requests.
Extended customer account
As for the customer account area, it includes three new options:
- Download personal information via CSV;
- Anonymize personal data;
- Request to delete personal details.
Note that data anonymization is only represented with the Magento 2 GDPR extension by Amasty. Aheadworks doesn’t provide any similar opportunities. Take a look at the following image for more details:
Magento 2 GDPR Extensions: Backend
Now, when you know about the core differences between the two significant GDPR extensions for Magento 2, we can explore them in more detail, starting from the backend section.
The backend section of the Magento 2 GDPR extension by Aheadworks is admin-friendly and intuitive. Below, we explore its core areas.
The corresponding configuration section of the Magento 2 GDPR extension by Aheadworks is divided into two subsections: General & Email Settings. The first one allows you to select a data protection policy page displayed to customers. In Email Settings, you can specify a sender as well as select templates for removal confirmation and data access confirmation emails. These are all configuration settings:
The Consent Relevance grid allows you to see customers with relevant consents. You can view such parameters as a customer ID, name, email, website, latest consent date, and relevant consent. You can erase customers individually or in bulk. Besides, it is possible to export the grid in CSV or XML.
Data Access Requests
All data access requests are gathered in a grid as well. The grid displays a customer name and email, a request status and time of creation, as well as a resolution time. The available actions allow changing the request status to processing, canceled, or complete. Besides, it is possible to download data in PDF or XML for each request individually. Mass actions provide the ability to change statuses in bulk.
The similar grid is available for removal requests. It provides the ability to remove data by changing statuses. If an admin changes the request status to ‘Complete,’ the corresponding customer’s personal data is erased. Note that this action is unrestorable and the status of a completed request cannot be changed.
Now, let’s take a look at the corresponding admin section of the Magento 2 GDPR extension by amasty.
The GDPR section itself is divided into the following tabs:
- Anonymisation Notifications;
- Account Deletion Notifications;
- Consent Request Notifications;
- Privacy Checkbox.
The first three tabs are designed to configure email notifications by specifying such parameters as an email sender and email template.
To create a new policy, the Amasty GDPR Magento 2 extension offers a convenient WYSIWYG editor. Specify the title of the document in the Comment field, add the policy version, enable/disable the policy, and create the content just as follows:
Customers With Consents
- Date of giving consent;
- A version of the policy he or she agreed.
The grid provides the ability to send requests for accepting new policy version to selected customers in bulk. Use the Email Consequent Request action.
Customers Without Consent
Customers Consent Email Queue
Another supplementary grid is Customers Consents Email Queue. Here, you can check statuses of sent emails.
The Magento 2 GDPR extension by Amasty provides an intuitive way to manage delete requests which are collected in a grid as well. You can view the date when a request was submitted, customer name and email, and quantity of completed and pending orders. Next, the module provides the ability to approve or deny account removal requests in bulk just as shown below:
To improve the monitoring of customers’ actions, the module provides the Action Log grid. It includes all the activity of your website visitors related to GDPR. The grid shows a customer ID, name, and IP address, as well as action and its date. Anonymous users are displayed encrypted.
As you can see, Amasty provides a more complex backend section with multiple additional grids that simplify backend processes related to the GDPR management. Let’s proceed to the frontend section of each module.
Magento 2 GDPR Extensions: Frontend
Below, we explore how both Magento 2 GDPR extensions change the appearance of your store according to the new requirements.
Popup for existing customers
Note that previously registered users will be asked to provide the consent on the dedicated popup as soon as they log in. The popup looks as follows:
The GDPR extension by Aheadworks adds an enhanced tab to a customer account. Thus, registered customers can request data access and data erasure or delete their account in the ‘Account Information’ section.
Amasty offers similar opportunities. Let’s take a look at the same sections.
As you can see, the GSPR module by Amasty also adds a checkbox and a link to the private police to the registration form.
The Magento 2 GDPR module enhances a customer account area with a new section – Privacy Settings. It provides customers with the ability to:
- download personal details via CSV;
- anonymize personal data;
- send requests to delete the account.
The critical difference between the two modules is anonymization of personal data. Amasty allows customers to change how it looks among the account information. The extension replaces customer’s contact and address details with the random sequence of symbols. The same sequence is displayed in the backend section of your store.
Magento 2 GDPR Extensions: Price
Now, we should compare the prices of both modules. You can purchase GDPR for Magento 2 by Aheadworks for $199. Amasty charges the same rate for its Magento 2 GDPR module.
If neither Amasty nor AheadWorks satisfy your business needs regarding GDPR, there is one more reliable extension we’d like to draw your attention to. Meet the Mageplaza GDPR Magento 2 extension. Below, we highlight its core features and then return to the comparison.
Delete accounts. The Mageplaza GDPR Magento 2 extension provides one of the required frontend improvements. After installing the module, you let your customers ask you to delete their accounts. It is required by GDPR, and you can get the missing functionality right after the plugin is installed. All related information including private data will be completely wiped out along with customers’ accounts. Thus, the customers’ data is completely protected if they want to delete an account.
Delete default addresses. Another vital feature of the Mageplaza GDPR Magento 2 extension is the ability to delete default addresses including Billing and Shipping information. Both are considered private data according to GDPR. Thus, by allowing buyers to delete this information, you prove that your store is a safe place where users are protected from data exploitation. The process is performed in just a few easy and clear steps.
Manage billing information. In addition to the ability to delete billing data, the Mageplaza GDPR Magento 2 extension provides customers with the ability to edit it including information featured in customers’ orders, invoices, credit memos, and shipments. Your online shoppers can manage it themselves. Furthermore, it is possible to anonymize it. They can hide names, phone numbers, or addresses. The data is replaced by a random string. The same behavior is possible for information regarding subscribing requests and abandoned carts.
Cookie restriction. Chances are, your e-commerce store incorporates cookies to enhance customer experience. Since a customer can be identified due to this improvement, you need to concern about that point. With the Mageplaza GDPR module, store admins can create the cookie message via HTML and specify its position on a page. Also, note that Cookie can be restricted in specific countries. You can specify corresponding settings in the backend.
The price of the module is $99 and you can get it here:
Magento 2 GDPR Extensions Comparison (Aheadworks vs. Amasty)
|Confirmation emails and notifications||+||+|
|Multiple privacy policies||–||+|
|Geo IP Functionality||–||+|
|Consent request emails||–||+|
|Registration Page enhancement||+||+|
|Checkout page enhancement||+||+|
|Popup with request||+||–|
As you can see, both extensions have the same price. $200 is quite a budget-friendly price tag when you want to make your e-commerce store GDPR-compatible. If you want a more simple and intuitive tool, choose GDPR for Magento 2 by Aheadworks. If you need some additional features and extra backend control, than Amasty’s Magento 2 GDPR extension will satisfy your needs.'