X-Cart: shopping cart software

X-Cart forums (https://forum.x-cart.com/index.php)
-   News and Announcements (https://forum.x-cart.com/forumdisplay.php?f=28)
-   -   Gdpr - upcoming law for European merchants (https://forum.x-cart.com/showthread.php?t=75544)

chamberinternet 05-29-2018 02:17 AM

Re: Gdpr - upcoming law for European merchants
 
There seems to be an issue with the GDPR Module on XC Stores that are using the X-Cart Mobile module. (In my case I installed it on v4.6.6)

Firstly - The Cookie Popup appears to reload every time you visit a page.
Secondly - Clicking on the 'Learn More' link goes to a 404 page.

XC - Are you able to look into this?

kevinrm 05-31-2018 08:01 AM

Re: Gdpr - upcoming law for European merchants
 
And so it begins….

"Name: xyzzy
Email: xyz@gmail.com
Subject: EU

As a US citizen why is it mandatory that I concur with EU requirements in order to process my order from Japan?"

ITVV 05-31-2018 08:08 AM

Re: Gdpr - upcoming law for European merchants
 
@kevinrm

Hi,

Use GEoIP to only display GDPR to EU customers :-) :-) :-)

Regards

ITVV

PhilJ 05-31-2018 02:10 PM

Re: Gdpr - upcoming law for European merchants
 
https://www.express.co.uk/news/world/967585/gdpr-eu-personal-data-hack-leak-personal-data-brussels

:grin: ...Obviously I wouldn't advise ignoring the legislation.

kevinrm 05-31-2018 10:11 PM

Re: Gdpr - upcoming law for European merchants
 
Quote:

Originally Posted by ITVV
@kevinrm

Hi,

Use GEoIP to only display GDPR to EU customers :-) :-) :-)

Regards

ITVV



I don't believe the module allows for that, you have to show it to everyone, no?

ITVV 05-31-2018 11:28 PM

Re: Gdpr - upcoming law for European merchants
 
Hi kevinrm,

I do not use x-cart 5 but I am sure I have seen a screenshot somewhere on the forums of an EU GEoIP setting for x-cart 5?

Regards

ITVV

cflsystems 06-01-2018 04:52 AM

Re: Gdpr - upcoming law for European merchants
 
Quote:

Originally Posted by kevinrm
I don't believe the module allows for that, you have to show it to everyone, no?


It does allow. You have to install the Geolocation module though.

GDPR applies to EU only. You are not required to show it to anyone else although you can.

You can adjust the policy text to cover everyone however non-EU customers may feel forced to something they don't want in the first place.

kevinrm 06-01-2018 05:28 AM

Re: Gdpr - upcoming law for European merchants
 
I have Geolocation module, I do not see anywhere in XC5 where you can turn off the GDPR checkbox at the checkout. I see how you can disable the *pop-up*, but at checkout the checkbox for that remains for non-EU countries.

cflsystems 06-01-2018 05:37 AM

Re: Gdpr - upcoming law for European merchants
 
Oh that's for the checkbox. Sorry. I don't think you can turn this off. The Geolocation is for the popup only.

ITVV 06-01-2018 05:41 AM

Re: Gdpr - upcoming law for European merchants
 
One would *assume* that if the cookie popup is disabled then the cookie would not set the GDPR checkout boxes - that's how it works in x-cart 4.6.6

Regards

ITVV

cflsystems 06-01-2018 05:47 AM

Re: Gdpr - upcoming law for European merchants
 
The issue here is the checkbox shows for everyone regardless where or who they are. GDPR applies to EU only. Anyone living/residing/shipping to any other part of the worlds should not be required to agree to this in order to purchase.
It doesn't matter if this is your first visit to the site or not.

ITVV 06-01-2018 05:54 AM

Re: Gdpr - upcoming law for European merchants
 
@cflsystems - not sure what you mean Steve?

Here is some code from GDPR Module for x-cart 4.6.6

Code:

// disable module for non-EU customers
if (
    !defined('DEVELOPMENT_MODE') && !defined('XC_DEBUG_EU_COOKIE_LAW') // EU_GDPR
    && !in_array(func_constant('AREA_TYPE'), array('A','P'))
    && function_exists('geoip_continent_code_by_name')
    && in_array(geoip_continent_code_by_name($CLIENT_IP), array('AF','AN','AS','NA','OC','SA'))
    && !empty($CLIENT_IP) && !empty($smarty)
) {
    unset($active_modules['EU_Cookie_Law']);
    $smarty->assign('active_modules', $active_modules);
}


With GEoIP set the above code would immediately disable GDPR notice / cookie for any visit.

This works fine and disables any form of GDPR notice / checkout requirements

Regards

ITVV

cflsystems 06-01-2018 05:58 AM

Re: Gdpr - upcoming law for European merchants
 
That's what I saw on XC4 installing on few client's sites as well yes.
Not sure XC5 is the same though.

I was just pointing out what Kevin's issue is - the box shows for everyone regardless of their location and he has the Geolocation module active.

@Kevin - do you have a box to select countries the GDPR applies to in the module's settings? If not then you need to install the geoip on the server - it is a PHP extension. Without it the service won't work, at least this is how XC4 module works.

ITVV 06-01-2018 06:46 AM

Re: Gdpr - upcoming law for European merchants
 
1 Attachment(s)
Hi Guys,

The attached is a shot from x-cart main site referring to x-cart 5 GDPR

Looks like you have some degree of control over GDPR?

Regards

ITVV

Triple A Racing 06-03-2018 12:01 AM

Re: Gdpr - upcoming law for European merchants
 
Quote:

Originally Posted by ITVV
...Looks like you have some degree of control over GDPR?

That XC5 module screen grab image is self-explanatory. It's for the pop-up box only and says that clearly.
It's NOT for the GDPR checkbox at checkout, which is the issue @kevinrm currently has...

@PhilJ posted THIS which tells you a little 'more' about GDPR :wink:

ITVV 06-03-2018 12:07 AM

Re: Gdpr - upcoming law for European merchants
 
@TripleARacing

If you disable the pop-up (via GEoIP) then you disable the cookie setting which enables the GDPR checkbox at checkout. That's how it works on x-cart 4.6.6

I would have thought that the logic would be the same on x-cart 5?

Regards

ITVV

Triple A Racing 06-03-2018 12:38 AM

Re: Gdpr - upcoming law for European merchants
 
Quote:

Originally Posted by ITVV
One would *assume* that if the cookie popup is disabled then the cookie would not set the GDPR checkout boxes - that's how it works in x-cart 4.6.6

@kevinrm says not:
Quote:

Originally Posted by kevinrm
I have Geolocation module, I do not see anywhere in XC5 where you can turn off the GDPR checkbox at the checkout. I see how you can disable the *pop-up*, but at checkout the checkbox for that remains for non-EU countries.

and @cflsystems post appears to agree:
Quote:

Originally Posted by cflsystems
....Sorry. I don't think you can turn this off. The Geolocation is for the popup only.

There's an answer due from @kevinrm to the last question (in this post #133) by @cflsystems.
The answer to that should makes things clearer for anybody following this possible issue

ITVV 06-03-2018 01:00 AM

Re: Gdpr - upcoming law for European merchants
 
@TripleARacing

You are a big user / custom dev of x-cart 5 - how is the GDPR Module working for you? Do you have geoip active?

I believe that "Geolocation module" IS NOT geoip PHP extension. Perhaps that is why it is not working for @kevinrm?

Once again I have it working for x-cart 4.6.6 8O 8O 8O

My 2 cents - I'll get my coat...

Regards

ITVV

Triple A Racing 06-03-2018 01:19 AM

Re: Gdpr - upcoming law for European merchants
 
Quote:

Originally Posted by ITVV
...how is the GDPR Module working for you? Do you have geoip active?

Two short answers
1) There any many ways to skin a cat :D Using a default XC GDPR Module is one way, yes. There are plenty of others...
2) Running an XC GeoIP Module is a waste of time in our opinion (and current setup). VPN and/or IP spoofing totally negates its use, in terms of trying to accurately deal with XC customer data. If we want to do anything with IP addresses, then we can do this at server level, outside of XC

ITVV 06-03-2018 01:35 AM

Re: Gdpr - upcoming law for European merchants
 
Quote:

Originally Posted by Triple A Racing
Two short answers
1) There any many ways to skin a cat :D Using a default XC GDPR Module is one way, yes. There are plenty of others...
2) Running an XC GeoIP Module is a waste of time in our opinion (and current setup). VPN and/or IP spoofing totally negates its use, in terms of trying to accurately deal with XC customer data. If we want to do anything with IP addresses, then we can do this at server level, outside of XC

One short query - So you are not using GDPR Module then 8O 8O 8O

Using GeoIP will get you the answer 98% of the time. Agree that perhaps 2% use VPN / Spoof but it is very limited. Most customers just browse for the products they want.

cflsystems 06-03-2018 05:56 AM

Re: Gdpr - upcoming law for European merchants
 
Geolocation module for XC5 uses MaxMind GeoLite database - as mentioned in the module description. It uses static file supplied with the module which means - it can be inaccurate in many cases.
For this module to show accurate results the GeoLite database must be downloaded on a regular bases however this may require subscription with MaxMind.

The XC4 module uses geoip PHP extension.

Completely different approach for the GDPR module. In XC4 I believe ITVV is correct that in XC4 if you are not coming from EU the checkbox will not show - the code is tied to the geoip and turns off the module in this case. With module off nothing from it will work.

I am not sure if this is the case with XC5 version of the module.

PhilJ 06-03-2018 02:08 PM

Re: Gdpr - upcoming law for European merchants
 
Quote:

@PhilJ posted THIS which tells you a little 'more' about GDPR :wink:
Don't bring me into it, was just an observation.

I voted to stay in the EU btw.

Triple A Racing 06-04-2018 01:56 AM

Re: Gdpr - upcoming law for European merchants
 
Quote:

Originally Posted by ITVV
...So you are not using GDPR Module then

We have one GDPR module installed in one of our Dev Stores for reference, but we don't have any GeoIP modules installed anywhere as stated previously. That's why somebody who does have both modules installed, needs to answer the previous question about that possible issue
Quote:

Originally Posted by ITVV
Using GeoIP will get you the answer 98% of the time. Agree that perhaps 2% use VPN / Spoof but it is very limited. Most customers just browse for the products they want

It's not just 2% VPN usage in our case, but all XC5 stores are different / offer different things, so what works for one XC5 store owner may not be suitable for others, as their respective customers may also be different :wink:

aim 06-04-2018 05:12 AM

Re: Gdpr - upcoming law for European merchants
 
1 Attachment(s)
Hello,

I have reuploaded the modules.
The fixed bug affects all the stores located in the root and having clean URLs enabled.

A patch has been attached.

Thank you.

Triple A Racing 06-04-2018 08:08 AM

Re: Gdpr - upcoming law for European merchants
 
Quote:

Originally Posted by ITVV
So you are not using GDPR Module then....

See our previous post in answer to this but...meantime...interesting :wink: We were further investigating the GDPR module that we have in our dev store (latest release 5.3.0.6) However... when utilised with Crisp White Skin (latest release 5.3.5.5 and with lots of our own mods too) it doesn't seem to function correctly. The cookie pop-up basic on/off switch within the module settings has no effect at all. The cookie pop-up is permanently switched on.

Fortunately, as we have created all our own CWS mods within a custom module, we can switch that off and test again, just to see if it was the cause of this failure, but it isn't. It's exactly the same result with or without our own custom module enabled. Anyone else who is currently using this XC5 GDPR module release noticed this?

ITVV 06-05-2018 11:02 PM

Re: Gdpr - upcoming law for European merchants
 
@TripleARacing

Glad to see that you are taking steps to become compliant - better late than never :lol: :lol: :lol:

Quote:

Originally Posted by Triple A Racing
...but we don't have any GeoIP modules installed anywhere...

if you are not using GeoIP modules how do you see the GDPR module working? Perhaps always on :o :o :o

Regards

ITVV

Triple A Racing 06-06-2018 12:43 AM

Re: Gdpr - upcoming law for European merchants
 
Quote:

Originally Posted by ITVV
Glad to see that you are taking steps to become compliant - better late than never :lol: :lol: :lol:

As we stated previously, there are many ways to skin a cat. The XC GDPR module is NOT the only way to satisfy the requirements of GDPR when using XC5. It is relatively easy to install, it is a free and lots of work has already been done on it in order to satisfy those requirements, which means, that most store owners will probably therefore, use it. Is it the best way? In our opinion no :wink: which is why it's in our dev store.
Quote:

Originally Posted by ITVV
if you are not using GeoIP modules how do you see the GDPR module working? Perhaps always on :o :o :o

If you must use Module A just to make Module B work, that's a clear example of why Module A is far from ideal and could be better prepared surely? :mrgreen:

cflsystems 06-06-2018 05:51 AM

Re: Gdpr - upcoming law for European merchants
 
GeoIP is PHP module. There is nothing wrong with using what's out there already coded for the framework/language XC is built on. It is actually something you better do - why reinvent the wheel in this. case. But the GeoIP applies to XC4 only.
XC5 uses the GeoLocation module which is another XC5 module based on data provided by MaxMind. So in this case the Module A/B remark can be used.

ITVV 06-06-2018 05:59 AM

Re: Gdpr - upcoming law for European merchants
 
Quote:

Originally Posted by Triple A Racing
If you must use Module A just to make Module B work, that's a clear example of why Module A is far from ideal and could be better prepared surely? :mrgreen:

Car Battery (Module A) must be used to make Motor Car Engine (Module B) work :lol: :lol: :lol: :lol:

Regards

ITVV

Triple A Racing 06-06-2018 10:23 PM

Re: Gdpr - upcoming law for European merchants
 
Quote:

Originally Posted by ITVV
Car Battery (Module A) must be used to make Motor Car Engine (Module B) work :lol:

Your analogy is Right Tent / Wrong Desert. Hmmmm It's an Electric Car (Self Sufficient aka Module A only) It's not a "...Windows XP Powered Hybrid Transportation Device" (Heavily over-hyped marketing for an inefficient product aka Module A + Module B and occasionally + Module C to fix it :wink: )

Triple A Racing 06-07-2018 05:31 AM

Re: Gdpr - upcoming law for European merchants
 
After some more testing in our Dev Store, what's become clear (to us anyway) is this:

1) The free XC5 GDPR Module will work when installed on its own yes, but... it has compromised functionality. A little reminiscent of a Chocolate Fireguard...

2) Using just the XC5 GDPR Module, the cookie-pop up on/off switch in settings is ineffective i.e. It serves no purpose whatsoever, because it does not function. Cookie pop-ups are always displayed regardless.

3) If the XC5 GDPR Module is installed AND the free XC Geolocation Module is installed, then the XC5 GDPR Module cookie-pop up on/off switch in settings does (finally) begin to function-ish

4) However, this is subject to: a) ensuring that the Display location select widget is switched on in the settings section of the XC5 Geolocation Module AND b) selecting each country that a cookie pop-up is desired for (otherwise cookie pop-ups will not be displayed at anytime, regardless of the cookie-pop up on/off switch in settings of the XC5 GDPR Module in our example testing...

Further to 4) above, Obviously, it is only Countries that are enabled as "live" within XC Admin (Countries, states, zones) that physically appear within the widget provided drop down box and are then selectable for Yes to a cookie-pop up status... The normal GDPR notifications / tick boxes are applied to any country by default by the XC5 GDPR Module at present unfortunately...with no way of altering that at all, within settings in the XC5 GDPR Module.

This is effectively what we referred too when we previously said "...If you must use Module A just to make Module B work, that's a clear example of why Module A is far from ideal and could be better prepared surely?" and to which @cflsystems commented on in POST #148 in this very thread.

We don't have XC4 anymore, so can't accurately comment on what the GDPR setup is like there, but from posts in this thread where people are using it, it does appear to be a lot more configurable when used on it's own and...is not dependent on additional XC4 'add-ons' in order to function correctly (It appears to be PHP module dependent yes, but that's easy by comparison and free...)

Our current feeling is that XC5 GDPR Module is not finished yet and/or suitable for accurate configuration by XC5 Admin in it's current state. It is dependent on the XC Geolocation Module being installed (which is a major own-goal we think) and this additional module is pure comedy (we think) when the costs of maintaining/updating the module's accuracy are also factored in. Have a quick look at these COSTS from Maxmind... Really? :roll: That's feeling like the aforementioned Module C to us :mrgreen:

Disappointing that XC5 appears to be way behind XC4 in making this functionality available, easily configurable and fit for purpose via a solo "add-on". Maybe this particular module can be re-designed soon, so that all those XC5 storeowners who have no need or desire to run any additional, cash-cow-style modules, just to achieve functionality, will have free choice not to do so? Harsh but fair we think 8)

KevTheIrish 06-08-2018 07:51 PM

Re: Gdpr - upcoming law for European merchants
 
perhaps a better way of doing the checkbox would be once a customer selects an EU country as their shipping or billing address, then the consent box appears?

Triple A Racing 06-08-2018 09:25 PM

Re: Gdpr - upcoming law for European merchants
 
Quote:

Originally Posted by KevTheIrish
perhaps a better way of doing the checkbox would be once a customer selects an EU country as their shipping or billing address, then the consent box appears?

Is not as simple as that :lol:

If the 'customer' is from an EU country, but, creates an account, using ONLY their e-mail address and a password (which is the default XC5 setup and does work well) then (technically) GDPR has already been compromised, if..... all the correct consent notifications / get out of jail free cards with regard to cookies, have not already been provided to that customer. Would love to see a successful court case on that issue; The EU V XC5 and its unidentifiable visitor... but technically it is a '...failure to comply'

This is why when using the XC GDPR module on its own, there is no way to switch off the cookies pop-up warning (see our previous post and more below) It's a #Scattergun #CoverAll approach which is, in theory GDPR compliant, in terms of advance consent notifications / get out of jail free cards for cookies. It's explained (but in poor English unfortunately but...) on THIS XC blog page, as follows (extract):

3) The cookie popup
The addon settings allow disabling the cookie popup at all or showing it only for customers from particular countries only. You’ll need the Geolocation addon for it.


Which equates to; the customer's physical "country" is unknown at that point, so unless there is some form of tandem ID tracing (e.g. GeoIP) or some other source of ID / location verification, it's just a pure guess at to which country they are from and so by default, the cookies pop-up can't be switched off...

Your suggestion of the consent notifications / get out of jail free cards etc being dependent on the country that is specified as part of the customer's checkout process is a good one for customers that do place orders. The irony is that XC are clever enough to have done that from the off, but instead, we have the current dogs breakfast / dual module offering, which is what we have summarised in our previous post.

We'll post (and other should) suggestions for a revised module as opposed to any more fault finding of the existing ones shortly.

Triple A Racing 06-09-2018 03:09 AM

Re: Gdpr - upcoming law for European merchants
 
:arrow: XC Team

Here is our suggested "Re-Work" of the free XC5 GDPR Module
It's easier, fully complaint (we think :wink: ) and is more user friendly / easily configurable than the current module / modules combination that's offered

This is a stand alone module and must NOT be dependent on other modules or third party plug-in items
A chargeable version of this module could offer these interactions c/w greater configurability. That's not within the scope of this 'suggestion' post however


Cookie Pop-Up Warning / Consent Note

1) The cookie pop-up warning / consent note option, must function directly from the on/off choice, made in settings by the XC5 store owner's administrator

2) Assuming that this a single module (see above) then this setting can only be generic i.e. not country specific in the free module version. Country specific options could be offered in the chargeable version if the correct interactions are applied with another module / third party source

3) The cookie pop-up pop-up warning / consent note must be an easily identified XC5 label, which the XC5 store owner's administrator, can edit themselves within XC5 (like other labels)


Account Warning / Consent Note

1) Assuming that this a single module (see above) then this setting can only be generic i.e. not country specific in the free module version. Country specific options could be offered in the chargeable version if the correct interactions are applied with another module / third party source

2) The account warning / consent note wording must be an easily identified XC5 label, which the XC5 store owner's administrator, can edit themselves within XC5 (like other labels)

3) The account warning / consent note MUST be a different warning / consent note than the warning / consent note utilised at checkout. That means TWO different XC5 labels are required. These two areas are not the same (actions carried out within them may not be the same) so the notes must be separate and different than each other, hence the requirement for two tables not one shared label, as is currently provided

4) The delete note / forget me note however (the one that is displayed, once the warning / consent note has been accepted) CAN be the same and can be used for both Account and Checkout areas. The required wording can be generic and easy to apply to both. This must also be an easily identified XC5 label, which the XC5 store owner's administrator, can edit themselves within XC5 (like other labels)


Checkout Warning / Consent Note

1) Assuming that this a single module (see above) then this setting must be country specific by default

2) The single module checkout warning / consent note, can be made country specific site without needing an additional module or IP checks or any other third party plug-ins

3) XC5 customers must choose a country (i.e. a "live" country in XC5 admin terms) as part of their order's delivery address requirements. Obviously this is a mandatory choice and not just an option. All "live" countries are provided within a drop down list in XC5 and customers must choose from this list or they cannot submit an order. This is a customer selected country from a defined list. It is not automatic IP address location query return. The two are different

4) The single module checkout warning / consent note, can be made country specific, by deriving it's display option (Yes or No) directly from the current list of countries, that have been deemed as "Live" and appropriately setup previously, by the XC5 store owner's administrator (see 2 above). In simple terms, When the customer chooses a country for their delivery address, their selection will (or will not - depending on both the country and the XC5 storeowners advance administrative work!) force the display of the checkout warning / consent note BEFORE the order can proceed or not proceed (if for example the customer refuses to tick the box adjacent to the checkout warning / consent note. It's a similar process to the dynamic shipping integration that already exists in XC5

The setting for checkout warning / consent note (Yes or No) can be made via a drop down box / multi selectable XC5 widget, very similar to the one already provided when using the two current, separate XC5 modules, but in that case it's used for country specific cookie pop-up selection only (by IP) in XC5

That's it. It's simple, effective, compliant but easy to customise and use. Queue a long list of XC objections / faults / corrections / additions / reasons why it can't be done :mrgreen: But it is what is is. For XC5 storeowners who want even more bells & whistles and/or even more customisation options, then a chargeable module alternative would be the real world option. If you are one of these, then get involved with XC soon and share your ideas / preferences with them

The current XC5 free GDPR module has already been assessed (previous posts). The suggestions in this post are only in relation to a re-worked XC5 free GDPR single module. This post is not about any future additional XC5 chargeable GDPR single module or modules and does not relate to XC4 at all.

cflsystems 06-09-2018 05:23 AM

Re: Gdpr - upcoming law for European merchants
 
So GDPR says you have to get consent from EU customers. If you use any way of identifying where any customer is coming from (country specific based on IP location) without first asking this customer if it is ok to do that - isn't this technically a breach?

The fact is in order to show message/save cookies for particular group of customers only you have to identify them first. While the IP may not be consider personal info it is still something that is tied to particular customer or his/her location.

This basically forces every site to show consent yes/no to all customers in order to get permission for any further cookies/tracking.

At least this is how it looks like to me

Triple A Racing 06-09-2018 06:33 PM

Re: Gdpr - upcoming law for European merchants
 
Quote:

Originally Posted by cflsystems
So GDPR says you have to get consent from EU customers. If you use any way of identifying where any customer is coming from (country specific based on IP location) without first asking this customer if it is ok to do that - isn't this technically a breach?

Another reason why we posted our testing review on the current free XC5 GDPR Module (aka the dog's breakfast) and why IP location plays no part whatsoever within the suggestions that we then posted for a re-worked version of the free XC5 GDPR Module
Quote:

Originally Posted by cflsystems
The fact is in order to show message/save cookies for particular group of customers only you have to identify them first. While the IP may not be consider personal info it is still something that is tied to particular customer or his/her location. This basically forces every site to show consent yes/no to all customers in order to get permission for any further cookies/tracking

Yep, we've included this factor within the suggestions we posted. i.e. by default, the cookie pop-up warning / consent note is shown to all visitors BUT it can be completely switched off by XC admin (unlike with the current free XC5 GDPR Module when used on its own...)

There still has to be this freedom of choice for store owners and their approach. It's NOT an Orwellian XC1984 that we're all using :D/

kevinrm 06-10-2018 09:26 PM

Re: Gdpr - upcoming law for European merchants
 
I changed the wording to sound a bit less invasive to this:

"I consent to the collection and processing of my personal data (Name, address, email, IP address, etc)."

So far it hasn't affected sales and everyone, EU or wherever, sees it and has to click on the box. So far outside of one customer no one seems to cares and it doesn't seem to be affecting our USA sales. Basically, it's not turning out to be much of a big deal.

Of course who knows what their next step will be…

Triple A Racing 06-10-2018 10:13 PM

Re: Gdpr - upcoming law for European merchants
 
Quote:

Originally Posted by kevinrm
....Of course who knows what their next step will be…

As an XC5 storeowner having tested / used it and presumably, having had the same test (or in your case test and live) results as we have, plus having read all the previous posts in this thread from both us and others, do you think the current free XC5 GDPR Module when used on its own (i.e. without having to use the additional free XC Geolocation Module as well...) is good enough / fit for purpose / doesn't need re-working? Like ours, this would only be an opinion, but it would be good to read it :D/

kevinrm 06-11-2018 12:27 AM

Re: Gdpr - upcoming law for European merchants
 
The only thing I don't like about it is that it shows up for USA residents when it's unnecessary to show that to them. I have the Geolocation module installed because it works with the multi currency module and that is very important for us. It has no effect with the GDPR module on our installation except for the pop-up, but at checkout EVERYONE has to check that stupid box whether they are in Europe or not. Supposedly there is a php geo module, I looked into installing it and it was a headache and gave up on that.

So outside of having it show up for EU only, I'm fine with the module as it is.

Triple A Racing 06-11-2018 01:54 AM

Re: Gdpr - upcoming law for European merchants
 
Quote:

Originally Posted by kevinrm
....So outside of having it show up for EU only, I'm fine with the module as it is.

Thanks @kevinrm for posting your opinion

FWIW We think it's badly designed, poorly thought out and not fit for purpose as a stand-alone module. Being dependent on another module to be of any real use (and allow useful self-configuration) still equates to our 'dogs breakfast' analogy in our opinion. Sledgehammer to crack a nut etc

Good for you that you already have (and use/need elsewhere) the additional free XC Geolocation Module because without that, currently, on it's own, the the XC GDPR module is pointless. Other XC5 storeowners have no need or desire for this additional module, other than having to use it alongside the XC GDPR module... All of which, XC seem to have conveniently ignored / by passed / placed in the 'too hard' pile... 8O

Again FWIW, as far as we're aware, there is no 'compliant' way round the cookie pop-up warning for any visitor, regardless of country (e.g. see @cflsystems previous post) but there should be the ability to turn that OFF without needing another module to do so. In our re-work suggestion, we've covered that settings change already

On your final point, the inability to remove the mandatory warning / consent notice at check out for non-affected counties. Yep, it's pure comedy and underlines the lack planning / sufficient effort that's very clear on this module's "functionality". We have also covered this particular shortfall too, in our re-work suggestions, which you may have noticed and without banging the drum for too long, the re-worked module will work, entirely on it's own and... provide the answers to all of these queries / nags / bugs / errors / lack of planning / poor interaction etc It just needs providing - soon!

XC Team step up and be counted please. This module needs a re-work ASAP 8)


All times are GMT -8. The time now is 04:24 PM.

Powered by vBulletin Version 3.5.4
Copyright ©2000 - 2021, Jelsoft Enterprises Ltd.