GDPR Support - Magento 2
This Magento 2 extension will add GDPR COMPLIANCE support to Magento 2 stores
- Allows customer to delete his account
- Allows customer to export his all data including his personal information, addresses, quotes, wishlist, reviews
- Adds cookie notification bar requesting ‘express consent’ from your website visitors
|Compatibility (CE & EE)||2.1.x, 2.2.x, 2.3.x|
- Quality Code
- Free Installation
- Lifetime Free Support
- Quick Response
Overview - GDPR Support Magento 2 Extension
GDPR stands for General Data Protection Regulation. It’s the EU’s new data protection legislation. The main objectives of GDPR are to give individuals back control of their personal data. This rule doesn't apply to merchants from Europe but it applies to all merchants who deal with personal of Europe citizens.
We developed this extension to add some key features to Magento store in order to compile with GDPR.
- Customer can delete his account: Customer can initiate account deletion process by clicking "Delete My Account" button at section "Account Information" in his account. Once the button is clicked customer will receive a link to his email to permanently delete his account. As soon as the link is clicked the customer will be deleted from the database completely if he hasn't placed any order on store else his all data will be anonymized.
- Customer can export his data: Customer can initiate data export process by clicking "Export My Data" button at section "Account Information" in his account. Once the button is clicked customer will receive a ZIP file on his email containing individual CSV files for below data
- a) Personal Information
- b) Addresses
- c) Wishlist
- d) Quotes
- e) Reviews
- Customer email verification: If customer update email address in his account then the email address will be only changed if he confirms the new email address.
- Cookie Notification Popup requesting ‘express consent’ from your website visitors upon entering your website.
What is unique about the extension?
We have especially taken care of security while developing all these features to avoid the data breach, which can be crucial if happens. The below points describe what it means
- Account Deletion: We ask for the current password before receiving deletion request so that only authorized customer can generate the request. Along with it, the account will not be deleted immediately instead an email will be sent to the customer with a URL to delete the account permanently as a final step. This will ensure that only customer can delete his account..
- Data Export: Similar to account deletion, we ask for the current password before receiving the request and the data will not be downloaded immediately. Instead, it will be sent as a ZIP attachment to customer's email address.
- Email Verification If a customer tries to update the email address of his account then an email will be sent to the customer to verify his new email address before the email address gets changed.