♥Gyakutsuki Posted August 14, 2018 Share Posted August 14, 2018 They are 3 things to take in consideration. One for the customer account, it can be included inside the core and to be modular Second out of the customer account, in this case, it's better to have an add-on could be downloaded because it can be some consideration to take. use google analytics or not, Facebook ..... Every Thing is specific. for every shop. I make a contribution available on the forum tarteauxcitrons and recommended by the French CNIL. This script could be interesting. 3 Allow the administrator to satisfy a customer request. Regards ----------------------------------------- Loïc Contact me by skype for business Contact me @gyakutsuki for an answer on the forum Link to comment Share on other sites More sharing options...
♥JcMagpie Posted August 15, 2018 Share Posted August 15, 2018 On 8/14/2018 at 10:54 AM, burt said: I really hope some people are saying things "for effect" rather than for real. It's all down to interpretation of the law and until its challenged in court everyone will be taking a different approach. I doubt if the average small business is going to be able to afforded legal council like some of the big boy's. So advice will be on the safe side just to cover there behinds as always. It's interesting to note that many of the big corporate business have taken a more subtle and low key approach. Many are simply displaying a simple message on the main page like this. "This site uses cookies to deliver our services and to show you relevant information and product listings. By using our site, you acknowledge that you have read and understand our Cookie Policy, Privacy Policy, and our Terms of Service. Your use of “Company Name” Products and Services, including the “Company Name” website, is subject to these policies and terms." and not festooning the sites with tick boxes or warnings. Link to comment Share on other sites More sharing options...
MrPhil Posted August 15, 2018 Share Posted August 15, 2018 By using our site, ... you have read and understand I see a lot of that too, but I'm willing to bet someone will challenge that in court as not being explicit permission to gather and store personal information. It's entirely possible that courts will rule that an explicit action (ticking a box, pressing a button, dancing the hootchiecoo) will need to be taken to prove that the shopper accepts the conditions. Link to comment Share on other sites More sharing options...
♥JcMagpie Posted August 15, 2018 Share Posted August 15, 2018 True but it's likely to interpreted differently in each country and most courts will take a sensible and pragmatic approach to this. One site I visited recently shows how silly some people are in it's interpretation 😂 a simple blog/news site which use to be fine to surf, now you are faced with a blurred homepage and a modal saying you must accept our terms and conditions to use our site!! and unless to accept you simply can go no further. Talk about ruining a businesses. I wonder how much they paid for that expert advice. 🤣 Like all these issues there will be a happy middle ground that most will adopt. I have checked with most of the business large or small, both private and government that I deal with, and so far all have opted to take the softly softly approach, for now I'm sticking with that approach. Link to comment Share on other sites More sharing options...
azpro Posted August 15, 2018 Share Posted August 15, 2018 My point of view based on limited research! So happy to take (documented) feedback in this matter ... I have stated before - this all crumbles down to common sense. If I take a look at the big players in the Netherlands they did not really change anything major. Some smaller adjustments to Privacy statements but that's about it ... Re-marketing maybe even stronger than before! Using YouTube for video's - Engange through Facebook etc. ... And none of the Big players even bother to give a warning message what-so-ever .. Indeed only the known "By using our site, ... you have read and understand " ... Even consent for the Privacy Statement or T&C is not explicitely asked. There will always be a small group (privacy-activists?) that will question the law - but I doubt they will ever really challenge. My approach up till now: Implemented @burt modules - off course signed some papers of contractors like Server provider - shipping company etc. - Looked at who uses / has access to our data. But that's about it ... Business as usual. Link to comment Share on other sites More sharing options...
♥JcMagpie Posted August 16, 2018 Share Posted August 16, 2018 Well just booked some tickets for a small vacation and found this on the site 😂 I think if the big boys are happy with this approach then I'm in good company. Its just a display with no need to press accept, you can just ignore and carry on using the website. It pops up on a number of pages but again no need to do anything you just carry on using site. Link to comment Share on other sites More sharing options...
MrPhil Posted August 17, 2018 Share Posted August 17, 2018 On 8/16/2018 at 7:08 AM, JcMagpie said: Its just a display with no need to press accept, you can just ignore and carry on using the website. It pops up on a number of pages but again no need to do anything you just carry on using site. Just a dummy "I accept" button? How long can they get away with this before someone claims in court that this does not, in fact, constitute acceptance of the terms? (they never consented to having their personal information collected) Are you sure that this button has no effect? You've been able to enter personal data, and it's been stored? Link to comment Share on other sites More sharing options...
♥JcMagpie Posted August 17, 2018 Share Posted August 17, 2018 55 minutes ago, MrPhil said: Just a dummy "I accept" button? How long can they get away with this before someone claims in court that this does not, in fact, constitute acceptance of the terms? (they never consented to having their personal information collected) Are you sure that this button has no effect? You've been able to enter personal data, and it's been stored? Well no I think you can press the button, but you dont have to and I didnt and still placed my order without pressing anything or ticking anythig. I think BA's leagle team are better than anything I could muster so I'm sure they have done there homework. Link to comment Share on other sites More sharing options...
MrPhil Posted August 17, 2018 Share Posted August 17, 2018 Enron had pretty sharp legal and financial teams, too. It's also entirely possible the system is broken, and they intended for the button to work. Link to comment Share on other sites More sharing options...
YePix Posted August 17, 2018 Share Posted August 17, 2018 Did you know that the phone number and IP can not be stored? The IP only Temporarily and only in conjunction with order yes, but the phone number is taboo for general merchants. Unless you have a delivery service. Link to comment Share on other sites More sharing options...
ArtcoInc Posted August 18, 2018 Share Posted August 18, 2018 @Yepi 1 hour ago, Yepi said: Did you know that the phone number and IP can not be stored? The IP only Temporarily and only in conjunction with order yes, but the phone number is taboo for general merchants. Unless you have a delivery service. Source? Link to comment Share on other sites More sharing options...
YePix Posted August 18, 2018 Share Posted August 18, 2018 Only in german https://www.datenschutz.org/telefonnummer/ https://www.datenschutz.org/eu-datenschutzgrundverordnung/ Link to comment Share on other sites More sharing options...
♥14steve14 Posted August 18, 2018 Author Share Posted August 18, 2018 7 hours ago, Yepi said: Did you know that the phone number and IP can not be stored? The IP only Temporarily and only in conjunction with order yes, but the phone number is taboo for general merchants. Unless you have a delivery service. GDPR does not mean that you cannot keep personal data. It means that you have to explain why you need to keep it, how you will keep it, how it will be used, and how long you will keep it. There is also another silly bit of EU rules about VAT MOSS and electronic services, which says that an IP address can be used as one piece of non conflicting proof to show a customers location at the time of ordering, so you must be allowed to store and keep it. Again the phone number can be used if it is a fixed landline. I think those requirements are that information is kept for 6 years. GDPR is all about protecting peoples personal data, and transparency about what a business does with that data, which has to be a good thing. Its not just the silly warnings on the first page load that is GDPR, its all the changes to the T&Cs and the privacy policy that are needed. Processes within the business have to be applied in how data is stored, what will happen if there is a data breach, and much more. How many people have checked that their hosts are compliant, as they have access and store to all of your data? I bet not many, as many will just assume that they are. How many of us store owners have the facility to contact all of our customers should a data breach occur. Again not many. Most could use the inbuilt email system, but again how many would get past their hosts email limits and know which ones sent, and which ones didnt. Gary made many modules to help a business with these rules and regulations, and if you have not purchased them yet, get in touch with @burt Just as an aside, I got a GDPR email earlier in the week, as the business had just found out about the rules, and they were notifying me about the change in conditions and policies, and also whether I wanted to remain on their mailing list. Only a few months late. For those that are reading this post, and have yet to fully read about it, there is a shed load and a half of information here. UK site ICO GDPR pages There will be similar sites for most other countries all you have to do is to find them. Sorry for the long reply, but some still dont get it. REMEMBER BACKUP, BACKUP AND BACKUP Link to comment Share on other sites More sharing options...
burt Posted August 18, 2018 Share Posted August 18, 2018 3 hours ago, 14steve14 said: some still dont get it. Exactly what Steve said. Just in case, anyone doesn't still realise; Our german friends have stringent extra data/privacy/info rules that were in place prior to GDPR and they don't seem to understand that the rest of Europe does not have these same rules. Put as simple as I can; GDPR rules and regs apply to all. German rules and regs do not apply to all. Link to comment Share on other sites More sharing options...
♥JcMagpie Posted August 18, 2018 Share Posted August 18, 2018 14 hours ago, MrPhil said: Enron had pretty sharp legal and financial teams, too. 😄Not sure why you bring up Enron! What's a morally corrupted company run by crooks has to do with this is anyone’s guess. Those types of company’s will still exist with or without GDPR. All I can say is after having visited almost all my main site such as Phone, Bank, Cable etc. All are taking the soft approach as shown with BA, Only one (Phone company) has chosen to have a must agree option before they let you use the site. Even that had nothing to do with GDPR it was about allowing them to show ad’s 😄 Link to comment Share on other sites More sharing options...
♥14steve14 Posted August 18, 2018 Author Share Posted August 18, 2018 Those messages are not a lot to do with GDPR, they are more to do with the EU cookie regulations, which were brought in 2011. They gave people the right to choose whether they accepted cookies from the site being placed on their computer. You do not need explicit consent to place cookies on a computer which is why you can just ignore the tick box and it will go away. By using the site you are agreeing to their use. There is no way that you can find a persons identity from a cookie, unless it is a bad cookie. If you were concerned about them, you would click the policy details and read what cookies are placed on your computer. I take it everyone here knows that you have to list all the cookies that are used on your site in your privacy or cookie policy. GDPR is a totally different thing, but does sort of encompass a bit about cookies and their use. REMEMBER BACKUP, BACKUP AND BACKUP Link to comment Share on other sites More sharing options...
MrPhil Posted August 18, 2018 Share Posted August 18, 2018 2 hours ago, JcMagpie said: Not sure why you bring up Enron! They are an example of a corporation that thought it had really bright advisors in the legal and financial realm. They thought they could be Masters of the Universe and get away with anything while making boatloads of money. In this one case, they didn't get away with it. Link to comment Share on other sites More sharing options...
♥JcMagpie Posted August 18, 2018 Share Posted August 18, 2018 Still totally irreverent to this subject but never mind, this subject is best left alone now. Time to move on to other issues. 😊 Link to comment Share on other sites More sharing options...
MrPhil Posted November 12, 2018 Share Posted November 12, 2018 Seen on the 'net. Sing along! He's making a list, He's checking it twice, He's gonna find out who's naughty or nice, Santa Claus is -- in contravention of article 4 of the General Data Protection Regulation (EU) 2016/679. Link to comment Share on other sites More sharing options...
ArtcoInc Posted November 12, 2018 Share Posted November 12, 2018 Did you see the segment on 60 Minutes last night? M Link to comment Share on other sites More sharing options...
MrPhil Posted November 13, 2018 Share Posted November 13, 2018 I watched it online after you mentioned it. Nothing really new to us, but a look at the young lawyer who drove this thing through, with a discussion of "whose data is it?". Not GDPR-related, but covering a lot of issues in ecommerce, was a segment yesterday on "Marketplace" (marketplace.org for 2018-11-12) starting at 08:36 and running 4 minutes. 70% of shopping carts are abandoned being hit with unexpected fees late in the process is a big killer need to create an account turns off many shoppers (want guest checkout) many shoppers are so lazy that they can't be bothered to fish out a credit card, and would like to use something like ApplePay, available with one click shoppers want simplified information gathering -- three fields for the phone number is so much work, compared to a single phone field stores need to encourage impulse buying, or most shoppers won't be excited enough to complete the purchase if anticipated delivery time exceeds 48 hours, many shoppers will say "forget it" many online shoppers are not serious about making a purchase, but are in it for the experience suggests a need to discourage coupon use (?? that would seem to discourage buying even further) Amazon Prime effect: need to divert marketing budget from coupons to lower cost/free shipping to attract customers End Times, anyone? Link to comment Share on other sites More sharing options...
ArtcoInc Posted February 9, 2019 Share Posted February 9, 2019 For what it's worth ... https://uk.pcmag.com/news-analysis/119560/over-10000-gdpr-breaches-in-uk-says-law-firm Link to comment Share on other sites More sharing options...
♥JcMagpie Posted February 10, 2019 Share Posted February 10, 2019 Intresting artical, did not know PCmag was still around! As many suspected this was never going to protect people from those that are determined to abuse privacy laws and many still do. Spam is as strong as ever, cold calling continues apace and marketing company's have found and exploited loop holes in the regulations. The number of complaints are a drop in the ocean. Compare the 60k complaints to the billions of data interactions taking place on the internet alone each day. I’m not sure a 44m fine will make much of an impact on how Google works! A few less bean bags maybe? The data genie is out of the box and too many people rely on this for generating profits, they will not give up this cash cow just because the EU makes a few regulations. I imagine they will be spending a lot more that 44m in finding ways to get around the regulations. You may ask the question Is GDPR a farce? https://www.thepotentmix.co.uk/blog/the-farce-that-is-gdpr Link to comment Share on other sites More sharing options...
René H4 Posted February 10, 2019 Share Posted February 10, 2019 How can I adjust the settings on this forum so I see the newest reply on top? I cannot find! Sorry, completely Off-Topic. Link to comment Share on other sites More sharing options...
♥JcMagpie Posted February 10, 2019 Share Posted February 10, 2019 😊 yes a bit off topic but never mind. I normaly just go to unread content and then click on activity this shows you the latest responces in time order Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.