Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Understanding GDPR in the context of WooCommerce

287 views

Published on

If you run, manage, or develop WooCommerce stores, then you should be prepping for GDPR. In this presentation we lay out the places and things you should be thinking about.

Published in: Technology
  • Be the first to comment

Understanding GDPR in the context of WooCommerce

  1. 1. GDPR for WOOCOMMERCE STORESCHRIS LEMA, LIQUID WEB
  2. 2. You know all those emails You’ve been getting about Privacy policies? GDPR 25% FACEBOOK 60% Huh? 15%
  3. 3. It’s BECAUSE OF GDPR, not FACEBOOK. People feeling unprepared People who feel totally ready (but don’t know the extent of how unready they actually are) MAY 25
  4. 4. WHAT DOES GDPR STAND FOR? GENERAL DATA PROTECTION REGULATION
  5. 5. I AM NOT A LAWYER. THE GOOD NEWS IS THAT I AM NOT GOING TO BE GIVING YOU LEGAL ADVICE. NEED A LAWYER? CHECK OUT HTTPS://KINNEYFIRM.COM/
  6. 6. WHO DOES IT APPLY TO? DO YOU SELL ITEMS TO PEOPLE BUYING FROM THE EU? PROBABLY YOU.
  7. 7. THE DATA RIGHTS OF YOUR CUSTOMERS RIGHT TO BE INFORMED THE RIGHT TO KNOW IN PLAIN LANGUAGE WHAT DATA IS BEING COLLECTED & HOW IT’S BEING USED YOU CAN READ MORE ABOUT THIS IN ARTICLES 12-14 RIGHTS TO ACCESS YOUR DATA & FIX IT THE RIGHT TO SEE WHAT DATA HAS BEEN COLLECTED ABOUT YOU & THE ABILITY TO CORRECT IT YOU CAN READ MORE ABOUT THIS IN ARTICLES 15 & 16 Right to BE FORGOTTEN/ERASURE THE RIGHT TO WITHDRAW YOUR CONSENT AND HAVE YOUR DATA REMOVED / DELETED YOU CAN READ MORE ABOUT THIS IN ARTICLE 17
  8. 8. One 2017 study had 90% of Respondents eager to query Companies to see their data
  9. 9. THE DATA RIGHTS OF YOUR CUSTOMERS RIGHT TO DATA PORTABILITY THE RIGHT TO get my own personal data or have it Transferred elsewhere YOU CAN READ MORE ABOUT THIS IN ARTICLE 20 RIGHT TO OBJECT TO PROCESSING PERSONAL DATA THE RIGHT TO object to any processing of Personal data for Direct Marketing/Profiling YOU CAN READ MORE ABOUT THIS IN ARTICLE 21 Right to BE INFORMED OF BREACHES THE RIGHT TO BE TOLD without delay when personal data breaches have occurred YOU CAN READ MORE ABOUT THIS IN ARTICLE 34
  10. 10. A 2018 study by SENZING found that SMB Companies Store data across an average of 18 Databases. For larger companies, the Number goes up to 43. Data portability & Removal Requests Will have a cost.
  11. 11. Questions in AN ECOMMERCE context Prospect visits your store Prospect adds something to their cart Collecting emails? Profiling? Prospect goes to pay / check out too much data? Customer gets order receipt via email PARTNERS? Customer VISITS MY ACCOUNT CONSENT?
  12. 12. LET’S TALK ABOUT CONSENT 1. FREELY GIVEN 2. SPECIFIC 3. INFORMED 4. UNAMBIGUOUS 5. AFFIRMATIVE ACTION
  13. 13. SITUATIONS TO CONSIDER Product reviews Have you made it only available to verified owners so that you already have consent? Cart abandonment / recommendation emails Are you getting consent to use email to send abandonment & recommendation emails? Privacy PolicY Is your data collection, processing and storage really clear to customers? Terms & Conditions Page Does your T&C page have a link to your Privacy policy?
  14. 14. SITUATIONS TO CONSIDER ONLINE LEARNING ARE YOU USING SENSEI COURSE PROGRESS? TRACKING STUDENT Progress? Saving it? External Reporting Do you have a way to delete/anonymize customer data in external reporting systems? Comments Do you have Privacy Policy & Cookie Opt-Ins before people comment? Customer Accounts Are you reviewing the data you collect to see if you need it?
  15. 15. LET’s TALK ABOUT APIs CONTROLLERS & PROCESSORS You need to know What’s going on With your partners
  16. 16. What we’ve been working on… https://github.com/liquidweb/liquidweb-woocommerce-gdpr
  17. 17. What we’ve been working on…
  18. 18. What we’ve been working on…
  19. 19. Other GDPR Plugins… REMINDER No plugin will automatically make your store GDPR compliant! GDPR for WordPress https://www.gdprwp.com/ WP GDPR https://wordpress.org/plugins/wp-gdpr-core/#description WP GDPR COMPLIANCE https://wordpress.org/plugins/wp-gdpr-compliance/
  20. 20. CAN they really come after me? Let’s wrap up with This little thought Experiment…
  21. 21. CHRIS LEMA LIQUID WEB @chrislema

×