GDPR compliance with OXID eShop version 6.0.2

As of May 25th 2018 the European Data Protection Regulation (GDPR) will be applicable in all member states in order to harmonize data privacy acts across Europe. As all of you know, this Regulation (EU) 2016/679 (General Data Protection Regulation) is a package every European company has to face (with only a few exceptions). And of course – you already guessed it – you as Online merchants are affected.

That’s why we put our heads together with the lawyers of RESMEDIA and came up with the following solution for you guys. Additionally, we initiated an extraordinary release OXID eShop 6.0.2 (antedating from the regular schedule at the end of April) in order to give you a proper amount of time to make the necessary alterations to your shop installations.

To enable your OXID eShop 6 installations for GDPR compliancy, we implemented the following features into the core:

  • You, as a shop administrator, can decide whether you want to allow a user the deletion of his own account or not.
  • You, as a shop administrator, can decide whether you want to allow a user to manage his product reviews or not.
    DSGVO OXID eShop Kontoeinstellungen

 

  • A registered user of your shop can now delete his own delivery addresses.
    GDPR OXID Lieferanschrift löschen

 

  • You, as a shop administrator, can now configure if you want to use the “Tell-a-friend” functionality (inform an acquaintance via e-mail about a product) or not.
    DSGVO OXID Empfehlungen erlauben

 

Additionally we deliver a module for your user’s acceptance to store certain data via check boxes in the storefront:

  • for storing delivery addresses,
  • for storing contact form data (delete or keep for statistical reasons),
  • for storing registration data,
  • for storing product recommendations.

DSGVO OXID Empfehlungen erlauben

 


And what about the OXID eShop versions 4.10.x and 5.3.x? Of course, we will also provide a GDPR compliance solution for these versions in a few days but there’s a little different implementation: the part that was built in the core for OXID eShop 6 will be released as a module for versions 4.10.x and 5.3.x. You may find the modules here at GitHub:

If you use a custom template, please think of adapting the according template changes that can be found inside the modules.


Relying on only these changes doesn’t make you safe: we strongly advise to get deeper in all aspects of this regulation. In case of doubts, please contact your lawyer.

Please note that still changes can happen within the next time as there is no practical case yet. We have the assumption that there soon court decisions might come up, and some points of the GDPR will become more specific.

Is my company GDPR compliant with this update?

  • Nope: for legally compliant statements please consult your lawyer.
  • OXID provided functionality to prepare the standard software for GDPR. It depends on your business model which feature has to be used.

How to deal with own individual templates?

  • For OXID eShop 6, these template changes have to be done.
  • For OXID eShop versions 5.3.x and 4.10.x please see the template changes in the modules GDPR-base und GDPR-optin.

 

In case of any questions, please feel free to comment on this blog post in our accompanying forum thread.

(Dieser Blogpost zur DSGVO steht auch auf Deutsch zur Verfügung.)

 

5.00 avg. rating (87% score) - 1 vote


Replies

  1. The GDPR modules base and opt-in are now available for OXID eShop series 4.10 and 5.3 as well. Please find the links in the blog post :wink:

  2. I found a little mistake in the blogpost.

    There is no opt-in for product recommendations, but rather for product reviews. The recommendations can be (de)activated by the base module as well as the 6.0.2 functionality - opt-in isn’t intended for that feature.

    Best regards
    Steven

Continue the discussion at --> OXID forums

Participants