This ingenious tool provides the complete tool set required to help websites comply with the latest GDPR regulations in a secure way.
OverviewBack to top
Manage Account with (Delete, Download & Erase action)
The admin can configure each of this requests processing immediate, awaiting admin approval or auto mode as described above after sensing the right need.
According to EU's GDPR, the customer should have the option to delete an account permanently. This GDPR M2 extension, empowers customers to delete an account from the new "My Account > Manage Account" page. The request is handled securely by sending out the request mail to the customer ensures action is taken by an authorized user only.
Download Personal Data
In order to comply with the EU's right to access rule, the extension allows the customer to make a download request from "My Account > Manage Account" page. This will export all customer's own personal info, sales history, invoicing etc. into the machine-readable format (ATM its CSV only). Once the download is ready, a downloadable attachment link will be sent to the customer's verified email address.
Erase/Anonymise Account Data
To comply right to be forgotten, the GDPR extension adds an option to erase/anonymise customer data which replaces customer personal data, sales history with placeholder text in the database which hides customer’s information.
Each of these data-related requests (delete, erase & download) allows 3 modes of servicing enhancing the flexibility and security:
- By the customer
- By the admin
In by the customer mode, when the request is raised by the customer, a mail will be received by the customer through whom they can take action either to delete or access their data.
In auto mode when a request is raised by the customer & completes email verification, all received requests will then be automatically serviced based on cron setting done by admin and email will be sent out to respective customers who then take control through the mail received.
In by the admin mode, when the request is raised by the customer, admin receives the entire request on his dashboard and when the admin approves the request, then a mail is sent out to the customer who then takes a relevant action to complete the request. This method is used to ensure more security.
Privacy Consent Management
GDPR plugin also sets cronjob to automatically truncate abandoned carts from quote table periodically. Admin can set this frequency on the back end via cron settings.
The admin will be presented two separate customer consent grids loading customers who accepted consent & customers pending privacy consent. The admin can reset previously recorded customers consent to run through new privacy terms. The customer then has to give their consent again with a new privacy update.
Our M2 GDPR extension allows the customer to offer cookie consent with the customized pop-up at the top or bottom of the screen.
Download Account Data Configuration
This configuration helps you allow customers download their personal data. You can select whether the request is to be handled in the auto, by the customer or admin mode. You can also set the notification related setting along with the email of the sender for the notification.
Erase Anonymous Personal Data Configuration
This configuration helps you allow customers to erase their personal data. You can select whether the request is to be handled in the auto, by the customer or admin mode. You can also set the notification related setting along with the email of the sender for the notification.
Delete Account Configuration
This configuration helps you allow customers delete their complete account permanently. You can select whether the request is to be handled in the auto, by the customer or admin mode. You can also set the notification related setting along with the email of the sender for the notification.
Cookie Consent configuration
This section enables the cookie consent settings with regards to the cookie information and also the positioning of the cookie consent request.
Privacy Consent configuration
This handles the cron-settings in terms of when the request servicing should take place in cases where the request is set in the auto mode.
Erase Unwanted Data Configuration
There are some unwanted data that gets stored sometimes this configuration enables the deletion of these data.
- Core GDPR compliance rules account deletion, anonymization, and personal data export can be done in 'My Account > Manage Account'
- Email verification & admin moderation, to handle request made by customer requires email verification & admin moderation to protect against data theft & fraudulent activities
- Privacy consent will be requested & appear on registration & checkout page. Can also be updated on Account > Privacy setting page
- Customer consent grids, to give track of all customers accepted consent & yet to accept configured privacy consent
- Cookie compliance with customizing cookie consent pop-up with top & bottom style position
- Auto deletes unwanted data, like abandoned cart following admin configuration
This module designed with the best of our knowledge & understanding of the GDPR regulation to help merchants comply Magento 2 based stores with GDPR regulation. However, please consult your lawyer to confirm GDPR compliance accordingly.
Release NotesBack to top
- Compatible with Open Source (CE) : 2.2
- Stability: Stable Build
+ Core GDPR compliance rules Account deletion, anonymization, and personal data export can be done in 'My Account > Manage Account'
+ Email Verification & Admin moderation, to handle request made by customer requires email verification & admin moderation to protect against data theft & fraudulent activities
+ Privacy Consent will be requested & appear on registration & checkout page. Can also be updated on Account > Privacy setting page.
+ Customer Consent grids, to give track of all customers accepted consent & yet to accept configured privacy consent
+ Cookie Compliance with customizing cookie consent popup with top & bottom style position
+ Auto Delete Unwanted Data, like abandoned cart following admin configuration
+ Consent Reset when policy update & added 2 new grid for consent visibility
+ Popup appearing when customer get the login for update consent