Gdpr - upcoming law for European merchants

cflsystems · #**131** 06-01-2018, 05:47 AM

The issue here is the checkbox shows for everyone regardless where or who they are. GDPR applies to EU only. Anyone living/residing/shipping to any other part of the worlds should not be required to agree to this in order to purchase.
It doesn't matter if this is your first visit to the site or not.

ITVV · #**132** 06-01-2018, 05:54 AM

@cflsystems - not sure what you mean Steve?

Here is some code from GDPR Module for x-cart 4.6.6

Code:

// disable module for non-EU customers
if (
    !defined('DEVELOPMENT_MODE') && !defined('XC_DEBUG_EU_COOKIE_LAW') // EU_GDPR
    && !in_array(func_constant('AREA_TYPE'), array('A','P'))
    && function_exists('geoip_continent_code_by_name')
    && in_array(geoip_continent_code_by_name($CLIENT_IP), array('AF','AN','AS','NA','OC','SA'))
    && !empty($CLIENT_IP) && !empty($smarty)
) {
    unset($active_modules['EU_Cookie_Law']);
    $smarty->assign('active_modules', $active_modules);
}

With GEoIP set the above code would immediately disable GDPR notice / cookie for any visit.

This works fine and disables any form of GDPR notice / checkout requirements

Regards

ITVV

cflsystems · #**133** 06-01-2018, 05:58 AM

That's what I saw on XC4 installing on few client's sites as well yes.
Not sure XC5 is the same though.

I was just pointing out what Kevin's issue is - the box shows for everyone regardless of their location and he has the Geolocation module active.

@Kevin - do you have a box to select countries the GDPR applies to in the module's settings? If not then you need to install the geoip on the server - it is a PHP extension. Without it the service won't work, at least this is how XC4 module works.

ITVV · #**134** 06-01-2018, 06:46 AM

Hi Guys,

The attached is a shot from x-cart main site referring to x-cart 5 GDPR

Looks like you have some degree of control over GDPR?

Regards

ITVV

Triple A Racing · #**135** 06-03-2018, 12:01 AM

Quote:

Originally Posted by ITVV

...Looks like you have some degree of control over GDPR?

That XC5 module screen grab image is self-explanatory. It's for the pop-up box only and says that clearly.
It's NOT for the GDPR checkbox at checkout, which is the issue @kevinrm currently has...

@PhilJ posted THIS which tells you a little 'more' about GDPR

ITVV · #**136** 06-03-2018, 12:07 AM

@TripleARacing

If you disable the pop-up (via GEoIP) then you disable the cookie setting which enables the GDPR checkbox at checkout. That's how it works on x-cart 4.6.6

I would have thought that the logic would be the same on x-cart 5?

Regards

ITVV

Triple A Racing · #**137** 06-03-2018, 12:38 AM

Quote:

Originally Posted by ITVV

One would *assume* that if the cookie popup is disabled then the cookie would not set the GDPR checkout boxes - that's how it works in x-cart 4.6.6

@kevinrm says not:

Quote:

Originally Posted by kevinrm

I have Geolocation module, I do not see anywhere in XC5 where you can turn off the GDPR checkbox at the checkout. I see how you can disable the *pop-up*, but at checkout the checkbox for that remains for non-EU countries.

and @cflsystems post appears to agree:

Quote:

Originally Posted by cflsystems

....Sorry. I don't think you can turn this off. The Geolocation is for the popup only.

There's an answer due from @kevinrm to the last question (in this post #133) by @cflsystems.
The answer to that should makes things clearer for anybody following this possible issue

ITVV · #**138** 06-03-2018, 01:00 AM

@TripleARacing

You are a big user / custom dev of x-cart 5 - how is the GDPR Module working for you? Do you have geoip active?

I believe that "Geolocation module" IS NOT geoip PHP extension. Perhaps that is why it is not working for @kevinrm?

Once again I have it working for x-cart 4.6.6

My 2 cents - I'll get my coat...

Regards

ITVV

Triple A Racing · #**139** 06-03-2018, 01:19 AM

Quote:

Originally Posted by ITVV

...how is the GDPR Module working for you? Do you have geoip active?

Two short answers
1) There any many ways to skin a cat

Using a default XC GDPR Module is one way, yes. There are plenty of others...
2) Running an XC GeoIP Module is a waste of time in our opinion (and current setup). VPN and/or IP spoofing totally negates its use, in terms of trying to accurately deal with XC customer data. If we want to do anything with IP addresses, then we can do this at server level, outside of XC

ITVV · #**140** 06-03-2018, 01:35 AM

Quote:

Originally Posted by Triple A Racing

Two short answers
1) There any many ways to skin a cat

Using a default XC GDPR Module is one way, yes. There are plenty of others...
2) Running an XC GeoIP Module is a waste of time in our opinion (and current setup). VPN and/or IP spoofing totally negates its use, in terms of trying to accurately deal with XC customer data. If we want to do anything with IP addresses, then we can do this at server level, outside of XC

One short query - So you are not using GDPR Module then

Using GeoIP will get you the answer 98% of the time. Agree that perhaps 2% use VPN / Spoof but it is very limited. Most customers just browse for the products they want.