X-Cart: shopping cart software

X-Cart forums (https://forum.x-cart.com/index.php)
-   News and Announcements (https://forum.x-cart.com/forumdisplay.php?f=28)
-   -   Gdpr - upcoming law for European merchants (https://forum.x-cart.com/showthread.php?t=75544)

xim 07-27-2017 10:40 PM

Gdpr - upcoming law for European merchants
 
Hello!

My question is for europian merchants.

http://www.eugdpr.org/gdpr-faqs.html
http://www.itpro.co.uk/it-legislation/27814/what-is-gdpr-everything-you-need-to-know-5/page/0/1
http://www.itpro.co.uk/security/27563/how-to-get-ready-for-gdpr-2018-data-protection-changes-2/page/0/2
http://www.privacycheq.com/?page_id=36352
https://blog.kaspersky.com/gdpr-poll/16926/

What do you think about this law?
How is it important to compliant it?
How will business work with orders where buyers send a request to delete personal data?

chamberinternet 10-24-2017 04:32 AM

Re: Gdpr - upcoming law for European merchants
 
I believe it's very important to be compliant and it applies to any company that deals with customers/businesses within Europe (So not only European Merchants)
Article for the US companies - http://www.ibtimes.com/eus-gdpr-what-will-american-companies-have-do-comply-2573002

Quote:

How will business work with orders where buyers send a request to delete personal data?

I'm not 100% entirety sure on this. Perhaps have a link on the website for a customer to request to remove their data from the website and offline systems?

What does anyone else think?

Best Regards

Shafiq

elmirage001 10-24-2017 07:29 AM

Re: Gdpr - upcoming law for European merchants
 
Quote:

Originally Posted by chamberinternet
I believe it's very important to be compliant and it applies to any company that deals with customers/businesses within Europe (So not only European Merchants)
Article for the US companies - http://www.ibtimes.com/eus-gdpr-what-will-american-companies-have-do-comply-2573002



I'm not 100% entirety sure on this. Perhaps have a link on the website for a customer to request to remove their data from the website and offline systems?

What does anyone else think?

Best Regards

Shafiq



Hi Shafiq,

Thank you for your post. I skipped over this in July because I'm in the US and didn't think it applied to me. But it does...

Paul

chamberinternet 10-24-2017 07:33 AM

Re: Gdpr - upcoming law for European merchants
 
No Problem Paul...

Our company is looking into this right now.

Myself, manager and company secretary are spearheading this.
Quite a bit to take into consideration.

I'm looking after the marketing side of things - In terms of assuring all our contacts have given consent to receive newsletters and promotions from us.

Best Regards

Shafiq

pauldodman 02-19-2018 02:30 AM

Re: Gdpr - upcoming law for European merchants
 
As the deadline for this starts to move into view, wondering if there are any actual solutions planned, particularly regarding changes in X-Cart for compliance?

voodoo1967 03-21-2018 05:03 AM

Re: Gdpr - upcoming law for European merchants
 
GDPR affects everyone, if you sell into the UK, if you sell from the UK, what information do you hold on customers, do you need to be holding that information, have you informed them what you are holding - and why ?.

Have all your staff been on GDPR training ? - can you prove it ?
Have you had a pen test?, can you prove it ?
Are you secure ?
Where is your data held ?, is it secure?, can you prove it ?

This is a massive area, which huge implications for everyone

So what has everyone done about it ?

kevinrm 03-26-2018 10:25 AM

Re: Gdpr - upcoming law for European merchants
 
Although I sell to Europe, I don't live in Europe. I'm not doing squat about it, mainly because I think it's arrogant the EU thinks it can tell people outside of Europe how to operate their businesses. I mean, if they find a way to block my goods from entering the EU then perhaps I will start to care but this nonsense about them fining us tens of thousands of dollars in countries where they have absolutely no jurisdiction is ridiculous. Seriously, people need to resist this where possible.

voodoo1967 03-26-2018 11:11 AM

Re: Gdpr - upcoming law for European merchants
 
I dont think it quite works like that. Sure if you dont sell into the EU and you sell within the US, then I wouldnt pay much attention. The US patriot act is in direct opposition to GDPR.

The EU puts countries into 3 categories
1. EU countries - Spain, Germany, UK (for the time being)
2. EU countries they have trade deals with - like Canada
3. Every other country not in groups 1 or 2. Which is the US

For the UK - the trouble being post Brexit we maybe in group 3 - which makes it very difficult for the UK. The UK is bringing in it's own act of Parliament The DPB (Data Protection Bill) - which aims to be even stringer than GDPR - in the hope that if UK companies are DPB compliant then defacto they will be GDPR compliant.

It's meant to protect who can keep data on you, why they keep data on you. You need to prove you need that data and that your customers know about it. You also need to prove you have kept that data secure.

So no longer can large corps have a data breach and blame it on a technical error, or hold info without you knowing about it.

If FaceBook , Google and any other large corp want to do business in the EU - they will need to comply. The old argument of we are 'just a platform' will no longer exist.

cflsystems 03-26-2018 11:30 AM

Re: Gdpr - upcoming law for European merchants
 
Quote:

Originally Posted by voodoo1967
If FaceBook , Google and any other large corp want to do business in the EU - they will need to comply. The old argument of we are 'just a platform' will no longer exist.


Doing business "in" and doing business "with" are 2 different terms.

Not that I oppose either way but I think it is pretty obvious a business which ships good will need and have your name, address, phone, etc in order to run the order and you do know about it because you provided this info at time of checkout.

Not to defend the big corporations which totally use and abuse customer info (refer to recent FB findings) but I also think EU is going a little bit too far with this.

I really do not see it small businesses trying to comply with this. The most they will do is to have some page with info what they have, do, etc. with some data. In most cases these small businesses don't; even know what kind of data they have for customers.

voodoo1967 03-26-2018 12:22 PM

Re: Gdpr - upcoming law for European merchants
 
Taking information for shipping is fine, holding that information for years and years is not fine under GDPR, unless of course you have informed the customer what you are holding and how long for and then giving customers the option of deleting all that data.

And on top of that - is that data secure, and can you prove it.

Basically the EU wants the customer to be able to know who holds data on them, what the data is and for the that data to be deleted on request. Saying sorry I didnt update a dodgy wordpress plugin is no longer an excuse.

There will definitely be a few test cases coming soon I think


All times are GMT -8. The time now is 12:54 AM.

Powered by vBulletin Version 3.5.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.