Jump to content
Latest News: (loading..)
14steve14

Who in the EU has heard of GDPR and will it affect you

Recommended Posts

Posted (edited)

They are 3 things to take in consideration.

One for the customer account, it can be included inside the core and to be modular

Second out of the customer account, in this case, it's better to have an add-on could be downloaded because it can be some consideration to take. use google analytics or not, Facebook ..... Every Thing is specific. for every shop. I make a contribution available on the forum tarteauxcitrons and recommended by the French CNIL. This script could be interesting.

3 Allow the administrator to satisfy a customer request.

 

Edited by Gyakutsuki


Regards
-----------------------------------------
Loïc

Contact me by skype for business
Contact me @gyakutsuki for an answer on the forum

Tuto for 2.4 :
- How to Display a new page with app
- How to make Header Tags under app APP
- How to make a
boostrap modal with external element
 

 

Share this post


Link to post
Share on other sites
On 8/14/2018 at 10:54 AM, burt said:

I really hope some people are saying things "for effect" rather than for real.

It's all down to interpretation of the law and until its challenged in court everyone will be taking a different approach.   I doubt if the average small business is going to be able to afforded legal council like some of the big boy's. So advice will be on the safe side just to cover there behinds as always. 

It's interesting to note that many of the big corporate business have taken a more subtle  and low key approach. Many are simply displaying a simple message on the main page like this.

"This site uses cookies to deliver our services and to show you relevant information and product listings. By using our site, you acknowledge that you have read and understand our Cookie Policy, Privacy Policy, and our Terms of Service. Your use of “Company Name” Products and Services, including the “Company Name” website, is subject to these policies and terms."

and not festooning the sites with tick boxes or warnings.


 

Share this post


Link to post
Share on other sites

By using our site, ... you have read and understand

I see a lot of that too, but I'm willing to bet someone will challenge that in court as not being explicit permission to gather and store personal information. It's entirely possible that courts will rule that an explicit action (ticking a box, pressing a button, dancing the hootchiecoo) will need to be taken to prove that the shopper accepts the conditions.


If you are running the "official" osC 2.3.4 or 2.3.4.1 download, your installation is obsolete! Get the latest community-supported responsive "Edge" release

Share this post


Link to post
Share on other sites

True but it's likely to interpreted differently in each country and most courts will take a sensible and pragmatic approach to this.

One site I visited recently shows how silly some people are in it's interpretation 😂 a simple blog/news site which use to be fine to surf, now you are faced with a blurred homepage and a modal saying you must accept our terms and conditions  to use our site!! and unless to accept you simply can go no further. Talk about ruining a businesses. I wonder how much they paid for that expert advice. 🤣

Like all these issues there will be a happy middle ground that most will adopt. I have checked with most of the business large or small, both private and government that I deal with, and so far all have opted to take the softly softly approach, for now I'm sticking with that approach.    


 

Share this post


Link to post
Share on other sites

My point of view based on limited research! So happy to take (documented) feedback in this matter ...

I have stated before - this all crumbles down to common sense. If I take a look at the big players in the Netherlands they did not really change anything major. Some smaller adjustments to Privacy statements but that's about it ... Re-marketing maybe even stronger than before! Using YouTube for video's - Engange through Facebook etc. ... And none of the Big players even bother to give a warning message what-so-ever .. Indeed only the known "By using our site, ... you have read and understand " ... Even consent for the Privacy Statement or T&C is not explicitely asked.

There will always be a small group (privacy-activists?) that will question the law - but I doubt they will ever really challenge.

My approach up till now: Implemented @burt modules - off course signed some papers of contractors like Server provider - shipping company etc. - Looked at who uses / has access to our data. But that's about it ... Business as usual.

Share this post


Link to post
Share on other sites

Well just booked some tickets for a small vacation  and found this on the site 😂 I think if the big boys are happy with this approach then I'm in good company.

Its just a display with no need to press accept, you can just ignore and carry on using the website. It pops up on a number of pages but again no need to do anything you just carry on using site.

image.thumb.png.1e2f6998c73cb52c63b20efd38c653bd.png


 

Share this post


Link to post
Share on other sites
On 8/16/2018 at 7:08 AM, JcMagpie said:

Its just a display with no need to press accept, you can just ignore and carry on using the website. It pops up on a number of pages but again no need to do anything you just carry on using site.

Just a dummy "I accept" button? How long can they get away with this before someone claims in court that this does not, in fact, constitute acceptance of the terms? (they never consented to having their personal information collected) Are you sure that this button has no effect? You've been able to enter personal data, and it's been stored?


If you are running the "official" osC 2.3.4 or 2.3.4.1 download, your installation is obsolete! Get the latest community-supported responsive "Edge" release

Share this post


Link to post
Share on other sites
55 minutes ago, MrPhil said:

Just a dummy "I accept" button? How long can they get away with this before someone claims in court that this does not, in fact, constitute acceptance of the terms? (they never consented to having their personal information collected) Are you sure that this button has no effect? You've been able to enter personal data, and it's been stored?

Well no I think you can press the button, but you dont have to and I didnt and still placed my order without pressing anything or ticking anythig. I think BA's leagle team are better than anything I could muster so I'm sure they have done there homework.


 

Share this post


Link to post
Share on other sites

 

Did you know that the phone number and IP can not be stored? The IP only Temporarily and only in conjunction with order yes, but the phone number is taboo for general merchants. Unless you have a delivery service.

Share this post


Link to post
Share on other sites

@Yepi

1 hour ago, Yepi said:

Did you know that the phone number and IP can not be stored? The IP only Temporarily and only in conjunction with order yes, but the phone number is taboo for general merchants. Unless you have a delivery service.

Source?


If you are running the "official" osC 2.3.4 or 2.3.4.1 download, your installation is obsolete! Get the latest community-supported responsive "Edge" release here

Share this post


Link to post
Share on other sites
7 hours ago, Yepi said:

 

Did you know that the phone number and IP can not be stored? The IP only Temporarily and only in conjunction with order yes, but the phone number is taboo for general merchants. Unless you have a delivery service.

GDPR does not mean that you cannot keep personal data. It means that you have to explain why you need to keep it, how you will keep it, how it will be used, and how long you will keep it. There is also another silly bit of EU rules about VAT MOSS and electronic services, which says that an IP address can be used as one piece of non conflicting proof to show a customers location at the time of ordering, so you must be allowed to store and keep it. Again the phone number can be used if it is a fixed landline. I think those requirements are that information is kept for 6 years. GDPR is all about protecting peoples personal data, and transparency about what a business does with that data, which has to be a good thing.

Its not just the silly warnings on the first page load that is GDPR, its all the changes to the T&Cs and the privacy policy that are needed. Processes within the business have to be applied in how data is stored, what will happen if there is a data breach, and much more. How many people have checked that their hosts are compliant, as they have access and store to all of your data? I bet not many, as many will just assume that they are. How many of us store owners have the facility to contact all of our customers should a data breach occur. Again not many. Most could use the inbuilt email system, but again how many would get past their hosts email limits and know which ones sent, and which ones didnt.

Gary made many modules to help a business with these rules and regulations, and if you have not purchased them yet, get in touch with @burt

Just as an aside, I got a GDPR email earlier in the week, as the business had just found out about the rules, and they were notifying me about the change in conditions and policies, and also whether I wanted to remain on their mailing list. Only a few months late.

For those that are reading this post, and have yet to fully read about it, there is a shed load and a half of information here. UK site ICO GDPR pages

There will be similar sites for most other countries all you have to do is to find them.

Sorry for the long reply, but some still dont get it.


REMEMBER BACKUP, BACKUP AND BACKUP

Before installing the official version of oscommerce first look at a responsive version here

It's very easy to over complicate what are simple things in life

Share this post


Link to post
Share on other sites
3 hours ago, 14steve14 said:

some still dont get it.

Exactly what Steve said.

Just in case, anyone doesn't still realise;

Our german friends have stringent extra data/privacy/info rules that were in place prior to GDPR and they
don't seem to understand that the rest of Europe does not have these same rules.   

Put as simple as I can;

  • GDPR rules and regs apply to all. 
  • German rules and regs do not apply to all.

This is a signature that appears on all my posts.  
IF YOU MAKE A POST REQUESTING HELP...please state the exact version
of osCommerce that you are using. THANKS

 
Get the latest current code (community-supported responsive 2.3.4.1BS Edge) here

 

Share this post


Link to post
Share on other sites
Posted (edited)
14 hours ago, MrPhil said:

Enron had pretty sharp legal and financial teams, too.

😄Not sure why you bring up Enron! What's a morally corrupted company run by crooks has to do with this is anyone’s guess. Those types of company’s will still exist with or without GDPR.

All I can say is after having visited almost all my main site such as Phone, Bank, Cable etc. All are taking the soft approach as shown with BA, Only one (Phone company) has chosen to have a must agree option before they let you use the site. Even that had nothing to do with GDPR it was about allowing them to show ad’s 😄

 

Edited by JcMagpie

 

Share this post


Link to post
Share on other sites

Those messages are not a lot to do with GDPR, they are more to do with the EU cookie regulations, which were brought in 2011. They gave people the right to choose whether they accepted cookies from the site being placed on their computer. You do not need explicit consent to place cookies on a computer which is why you can just ignore the tick box and it will go away. By using the site you are agreeing to their use. There is no way that you can find a persons identity from a cookie, unless it is a bad cookie. If you were concerned about them, you would click the policy details and read what cookies are placed on your computer. I take it everyone here knows that you have to list all the cookies that are used on your site in your privacy or cookie policy.

GDPR is a totally different thing, but does sort of encompass a bit about cookies and their use.

 


REMEMBER BACKUP, BACKUP AND BACKUP

Before installing the official version of oscommerce first look at a responsive version here

It's very easy to over complicate what are simple things in life

Share this post


Link to post
Share on other sites
2 hours ago, JcMagpie said:

Not sure why you bring up Enron!

They are an example of a corporation that thought it had really bright advisors in the legal and financial realm. They thought they could be Masters of the Universe and get away with anything while making boatloads of money. In this one case, they didn't get away with it.


If you are running the "official" osC 2.3.4 or 2.3.4.1 download, your installation is obsolete! Get the latest community-supported responsive "Edge" release

Share this post


Link to post
Share on other sites

Still totally irreverent to this subject but never mind, this subject is best left alone now. Time to move on to other issues. 😊

 


 

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×