Magento and GDPR. What You Need to Know
The General Data Protection Regulation, known as GDPR, goes into effect on May 25th, 2018. It’s a sweeping set of laws by the European Union, but you don’t have to be in the EU to feel its impact, it may affect all online stores. GDPR is designed to protect the data of EU users and so it applies to any organization that handles data in Europe, regardless of where the organization itself is located. So if your company touches the data of even a single individual from European Union, it’s up to you to have proper protections in place.
GDPR covers protection of personal data
Under the regulations, any information that could be used to identify a visitor in any way, even indirectly, is covered. That means names, email addresses, photos, phone numbers, and financial info are all included.
For example, companies can store or process affected data only when the associated individual explicitly authorizes it—and even then, GDPR puts firm limits on the length of time the data can be kept.
Magento 2 GDPR Extension
With the Magento 2 GDPR extension, you can store and process customer data in the most effective way that fully complies with the data protection and GDPR regulation terms.
Collect data protection policy
Provide separate privacy policies
Distribute customer groups
Allow customers to delete their accounts