Jump to content



Photo
- - - - -

Who in the EU has heard of GDPR and will it affect you


  • Please log in to reply
14 replies to this topic

#1   14steve14

14steve14
  • Members
  • 4,385 posts
  • Real Name:Steve
  • Gender:Male
  • Location:Dorset UK

Posted 16 March 2017 - 09:52

On the 25th May 2018 the updated General Data Protection Regulations comes into force. Well who knew anything about that. It would appear that the EU has or is about to change the way that people collect and store others data. This apparently supersedes the Data Protection Act in the UK. It has also been mentioned that when we leave the EU we will still need to comply with the regulations as the EU has made it worldwide somehow.

 

Has any store owner seen a sensible easy to understand website that explains how this may affect store owners, or like me have you never heard about this until now.


REMEMBER BACKUP, BACKUP AND BACKUP

 

Find information about the bootstrap community version here

 

Make it idiot proof and someone will make a better idiot.


#2   burt

burt

    I drink and I know things

  • Community Team
  • 12,492 posts
  • Real Name:G Burton
  • Gender:Male
  • Location:UK/DEV/on

Posted 16 March 2017 - 10:09

Never heard of it. No doubt more EU-Bulldust dreamed up by men in suits who have nothing better to do.

Not in the EU...the answer for many small businesses; don't sell to EU citizens. That takes away a whole layer of Bulldust.

https://en.wikipedia...tion_Regulation

Edited by burt, 16 March 2017 - 10:14.

This is a signature that appears on all my posts.  It is not specifically aimed at you.

 

IF YOU MAKE A POST REQUESTING HELP...please state the exact version of osCommerce that you are using. THANKS
 
If you are still on the old style osCommerce, it is time to move to Responsive.

 


#3   Dan Cole

Dan Cole
  • Community Sponsor
  • 1,677 posts
  • Real Name:Dan Cole
  • Gender:Male
  • Location:Ontario, Canada

Posted 16 March 2017 - 11:49

Thankfully I'm not in the EU and don't sell into the EU but...

 

E.U.'s New Data Protection Law Affects Companies Worldwide

 

Dan



#4   MrPhil

MrPhil
  • Members
  • 7,014 posts
  • Real Name:Phil
  • Gender:Male

Posted 16 March 2017 - 12:30

when we leave the EU we will still need to comply with the regulations as the EU has made it worldwide somehow.

 
Easy there! If you do business in the EU, and therefore handle the data of EU citizens, this applies to you. If you are located outside the EU, and are dealing with non-EU citizens' data, it doesn't apply to you. If you need to implement anything new to meet GDPR, it should be a superset of data-protection requirements anywhere else in the world, and you can handle everything the same way. Now, if you're physically located outside the EU, I doubt they'll have much leverage with you, even when dealing with EU citizens. If you're a small shop, and make a reasonable effort to protect personal data, frankly I doubt they'll bother coming after you. They've got bigger fish to fry with Amazon, Google, etc.
 

Has any store owner seen a sensible easy to understand website that explains how this may affect store owners, or like me have you never heard about this until now.


From a very quick scan of the Wikipedia article, it sounds like mostly common-sense data protections. I don't see anything that says the Data Protection Officer has to be a discrete person -- it can be another hat you wear (president, web guru, shipping clerk, bottle washer, DPO,...). People can request that their data be moved to another system, which is not applicable if you don't run elsewhere (what are they trying to accomplish here?). People can request to be forgotten (you erase their account information upon request, where that doesn't conflict with statutory data retention requirements or good accounting principles). Data breaches have to be reported to the appropriate authority. Customers have to explicitly consent to having data collected (it should be enough to add "By providing this information, you are consenting to our collecting it" to registration and PWA pages), and there are restrictions on collecting information from children. There are some privacy provisions which anyone handling personal data should already be implementing, at least for the type of data an online shop would hold. There may be some extra i-dotting and t-crossing to be done, but what else is new?



#5   14steve14

14steve14
  • Members
  • 4,385 posts
  • Real Name:Steve
  • Gender:Male
  • Location:Dorset UK

Posted 16 March 2017 - 14:06

@MrPhil

 

Thats pretty how I read everything. I already get asked to remove customers which I always do unless they have bought something then I need to keep the information. Nothing on my site is pre selected as that was something that was implemented when the last lot of data Protection rules were changed and people had to opt in rather than opt out. The only thing I think that really needs sorting with regards to the webshop is something to say that a customer has given consent to store information. I suppose this could be something like a check box with the result stored in the database when creating an account, something along the line of the newsletter bit of the create account form.

 

Luckily all that I store is customer contact details, and order details so nothing too serious to be concerned about. I do also remove lots of old customers after a few years if they have never bought anything so thats sort of complying in that I dont keep data longer than I need. I also have unsubscribe links in the newsletters that are sent and mailchimp sorts all that out.


REMEMBER BACKUP, BACKUP AND BACKUP

 

Find information about the bootstrap community version here

 

Make it idiot proof and someone will make a better idiot.


#6   Gergely

Gergely

    Json Juggler

  • Community Team
  • 2,125 posts
  • Real Name:Gergely Tóth
  • Gender:Male
  • Location:Budapest

Posted 16 March 2017 - 16:41

Thanks for this tread.


We should ensure personal data deletion and GDPR confirmation in the registration where customer comes from EU.

 

 

In the official core need EU customer's delete option directly from the account and an administration delete mechanism after time periods.

 

The question is which data should be destroy?

 

I suppose transfer user to anonim user and never delete the orders data.

Sensitive data are Customer's name, Street Address, Birthday and Email Address. Another data are not connectable but need for stats.

Customers name should be anonim or nickname from the reviews.

So only the relations should be destroy when customer want delete registration.

I dont understand that why only personal data is sensitive and why not company is...

This law makes different effect to webshops. Some shop will offer partner programs to keep account in live and some not where orders are unique.


Next PHP changes will kill the current codes on the following years. We should do programing for the future and never stick in the present.

My addons: Conversion Tools::Hungarian Translation::Email Templates::URL redirection
 
Development Works: Setup Languages::Email Templates::Languages from ini files::Parcel Shops::Facebook App
 
What core codes have been complained?

In orders table payment_methods value would be better if payment class name used than payment's language name.
In the orders class we found order status does not contains $order->info['orders_status'] but instead there is $order->info['orders_status_name'], and that property is language dependant.
We can not identify in order the customer language.


#7   Gergely

Gergely

    Json Juggler

  • Community Team
  • 2,125 posts
  • Real Name:Gergely Tóth
  • Gender:Male
  • Location:Budapest

Posted 16 March 2017 - 17:05

Was it an UK joke to EU?

https://ico.org.uk/f...tection-reform/


Next PHP changes will kill the current codes on the following years. We should do programing for the future and never stick in the present.

My addons: Conversion Tools::Hungarian Translation::Email Templates::URL redirection
 
Development Works: Setup Languages::Email Templates::Languages from ini files::Parcel Shops::Facebook App
 
What core codes have been complained?

In orders table payment_methods value would be better if payment class name used than payment's language name.
In the orders class we found order status does not contains $order->info['orders_status'] but instead there is $order->info['orders_status_name'], and that property is language dependant.
We can not identify in order the customer language.


#8   mcmannehan

mcmannehan
  • Members
  • 136 posts
  • Real Name:Manfred Wedel
  • Gender:Male
  • Location:Thailand

Posted 20 March 2017 - 12:35

Never heard of it. No doubt more EU-Bulldust dreamed up by men in suits who have nothing better to do.

Not in the EU...the answer for many small businesses; don't sell to EU citizens. That takes away a whole layer of Bulldust.

https://en.wikipedia...tion_Regulation

 

@burt Many small buissnesses can surive, to sell to EU it's a bigger market than the small UK. Why you so rude about that?


- The clever one learn from everything and from everybody.

- The normal one learn from his experience.

- The silly one knows everything better.

[Socrates, 412 before Christ]

 

Computers help us with the problems we wouldn't have without them!
My programmed add-ons: WDW EasyTabs 1.0.3, WDW Facebook Like 1.0.0


#9   mcmannehan

mcmannehan
  • Members
  • 136 posts
  • Real Name:Manfred Wedel
  • Gender:Male
  • Location:Thailand

Posted 20 March 2017 - 12:39

Thanks for this tread.

We should ensure personal data deletion and GDPR confirmation in the registration where customer comes from EU.

 

 

In the official core need EU customer's delete option directly from the account and an administration delete mechanism after time periods.

 

The question is which data should be destroy?

 

I suppose transfer user to anonim user and never delete the orders data.

Sensitive data are Customer's name, Street Address, Birthday and Email Address. Another data are not connectable but need for stats.

Customers name should be anonim or nickname from the reviews.

So only the relations should be destroy when customer want delete registration.

I dont understand that why only personal data is sensitive and why not company is...

This law makes different effect to webshops. Some shop will offer partner programs to keep account in live and some not where orders are unique.

 

The data for the bookkeeping have to destroy after 10 years in some EU contry longer, in some EU country shorther.

I did recommand already that osC have to consider the EU law in every new version. I know some people don't like that, but i have a 100% EU law suitable version. The community know already it's my pimp version. The link you can find in my profil.

 

And this new law have to be suitable for every EU country, this will need long time too.

 

Here is the text of the law: http://ec.europa.eu/...ation_oj_en.pdf


Edited by mcmannehan, 20 March 2017 - 12:42.

- The clever one learn from everything and from everybody.

- The normal one learn from his experience.

- The silly one knows everything better.

[Socrates, 412 before Christ]

 

Computers help us with the problems we wouldn't have without them!
My programmed add-ons: WDW EasyTabs 1.0.3, WDW Facebook Like 1.0.0


#10   14steve14

14steve14
  • Members
  • 4,385 posts
  • Real Name:Steve
  • Gender:Male
  • Location:Dorset UK

Posted 20 March 2017 - 12:42

@burt Many small buissnesses can surive, to sell to EU it's a bigger market than the small UK. Why you so rude about that?

 

Because the EU is full of un-elected bureaucrats that have nothing better to do all day apart from make up complicated legislation that affects everyone, and makes their life so much harder.


REMEMBER BACKUP, BACKUP AND BACKUP

 

Find information about the bootstrap community version here

 

Make it idiot proof and someone will make a better idiot.


#11   MrPhil

MrPhil
  • Members
  • 7,014 posts
  • Real Name:Phil
  • Gender:Male

Posted 20 March 2017 - 12:49

Sure, bureaucrats can spend the day fantasizing new rules in order to justify their existence (big complaint here, too, which is a major reason President Doofus, er, Trump, is in the White House). If you're a small business, do those things which are common sense and practical and fair, and ignore the rest which are an unreasonable burden to you. If you're small enough, they probably won't bother you. If they do, you can get a lot of public sympathy and support by pointing out that you are being quite reasonable -- and they're not.



#12   mcmannehan

mcmannehan
  • Members
  • 136 posts
  • Real Name:Manfred Wedel
  • Gender:Male
  • Location:Thailand

Posted 20 March 2017 - 12:51

Because the EU is full of un-elected bureaucrats that have nothing better to do all day apart from make up complicated legislation that affects everyone, and makes their life so much harder.

 

Thats why the UK is out of the EU. That will things much more complicated for the UK in future. :D


Edited by mcmannehan, 20 March 2017 - 13:02.

- The clever one learn from everything and from everybody.

- The normal one learn from his experience.

- The silly one knows everything better.

[Socrates, 412 before Christ]

 

Computers help us with the problems we wouldn't have without them!
My programmed add-ons: WDW EasyTabs 1.0.3, WDW Facebook Like 1.0.0


#13   mcmannehan

mcmannehan
  • Members
  • 136 posts
  • Real Name:Manfred Wedel
  • Gender:Male
  • Location:Thailand

Posted 20 March 2017 - 13:00

Thankfully I'm not in the EU and don't sell into the EU but...

 

E.U.'s New Data Protection Law Affects Companies Worldwide

 

Dan

 

Yes, this will effect the data protection worldwide. May be the result will be: That worldwide the data protection is more respected and more controlled. Everybody like to have his own data protected, if they in the wrong hand, very fast some people can take over the online identity and more. I appreciate the new law.


Edited by mcmannehan, 20 March 2017 - 13:01.

- The clever one learn from everything and from everybody.

- The normal one learn from his experience.

- The silly one knows everything better.

[Socrates, 412 before Christ]

 

Computers help us with the problems we wouldn't have without them!
My programmed add-ons: WDW EasyTabs 1.0.3, WDW Facebook Like 1.0.0


#14   burt

burt

    I drink and I know things

  • Community Team
  • 12,492 posts
  • Real Name:G Burton
  • Gender:Male
  • Location:UK/DEV/on

Posted 20 March 2017 - 23:56

I don't want to get into a political debate on the rights or wrongs of the EU and the UKs decision to perform a Brexit.  If anyone really wants that discussion, go find a political forum and mass debate it.

 

In a ecommerce context, discussion here is most welcome;

 

As for the option of a non-EU shop NOT selling to EU Citizens...that's an option some shopowners might like to take.  


Edited by burt, 20 March 2017 - 23:57.

This is a signature that appears on all my posts.  It is not specifically aimed at you.

 

IF YOU MAKE A POST REQUESTING HELP...please state the exact version of osCommerce that you are using. THANKS
 
If you are still on the old style osCommerce, it is time to move to Responsive.

 


#15   14steve14

14steve14
  • Members
  • 4,385 posts
  • Real Name:Steve
  • Gender:Male
  • Location:Dorset UK

Posted 21 March 2017 - 15:47

I don't want to get into a political debate on the rights or wrongs of the EU and the UKs decision to perform a Brexit.  If anyone really wants that discussion, go find a political forum and mass debate it.

 

In a ecommerce context, discussion here is most welcome;

 

As for the option of a non-EU shop NOT selling to EU Citizens...that's an option some shopowners might like to take.  

 

 

I did the opposite and stopped selling some products ie electronic services to customers within the EU. It was a very simple mod if you remember Gary, so it must be possible to do something similar for other countries.


REMEMBER BACKUP, BACKUP AND BACKUP

 

Find information about the bootstrap community version here

 

Make it idiot proof and someone will make a better idiot.