Jump to content
Latest News: (loading..)
14steve14

Who in the EU has heard of GDPR and will it affect you

Recommended Posts

Im taking a more proactive / drastic approach on this....

I intend unsubscribing everyone at a database level, then sending the email informing them that if they want to receive newsletters then to re-subscribe. I will also include a link to our revised privacy policy and a link to the account deletion page.


Now running on a fully modded, Mobile Friendly 2.3.4 Store with the Excellent MTS installed - See my profile for the mods installed ..... So much thanks for all the help given along the way by forum members.

Share this post


Link to post
Share on other sites
Posted (edited)
14 minutes ago, burt said:

Be aware (that by *my* understanding), you also need to email out all of customers (whether they agreed or not) to let them know of Policy Updates. 

I did quite some extensive research and asked a few other entrepreneurs (who work with data as their core-business) and as far as I understood it is NOT necsessary to mail all customers for Policy Updates and ask their consent.  I am not a lawyer and not an expert - but for me it makes sense. They may as well never return to the shop again... Maybe a good idea to anonimize those customers automatically after a certain period (period for our shop would be long beacuse of our Guarantee Policy - customers can ask for guarantees 3 Years - some extended to 5 Years).

It COULD however be good practice to notify on the website for existing customers who log in.  Some popup "Please be advised we changed our Privacy Policy according to the new GDPR rules. Please agree to our new policy" ....

 @burt  If you have time to code something like this ... I am sure a bunch of shop-owners would be willing to pay for the development (?)   .... I WOULD :biggrin:

Edited by azpro
typo

Share this post


Link to post
Share on other sites
21 minutes ago, azpro said:

I did quite some extensive research and asked a few other entrepreneurs (who work with data as their core-business) and as far as I understood it is NOT necessary to mail all customers for Policy Updates and ask their consent.

This seems to agree with this. Field Fisher are a large London law firm.

https://privacylawblog.fieldfisher.com/2017/re-consenting-to-marketing-under-gdpr

Share this post


Link to post
Share on other sites

I have not had any emails from osCommers regarding data held by the forum? :smile:

Also not one of the large utility company I use has contacted me or sent any new policy agreement! The only one I have had so far has been a large internet company and they said either agree to this exception or lose all access to your account , we need your data to continue providing our service!

 

Can you imagine if the utility company's and others like Sky or BT had to give customers the ability to check the data they hold and delete accounts. Anyone who has ever tried to leave Sky will know what I mean.:biggrin:


 

Share this post


Link to post
Share on other sites

:blink:
osCommerce based shop owner with minimal design and focused on background works. When the less is more.
Email managment with tracking pixel, package managment for shipping, stock management, warehouse managment with bar code reader, parcel shops management on 3000 pickup points without local store.

Share this post


Link to post
Share on other sites

@tgely : very interesting approach



Regards
-----------------------------------------
Loïc

Contact me by skype for business
Contact me @gyakutsuki for an answer on the forum

Tuto for 2.4 :
- How to Display a new page with app
- How to make Header Tags under app APP
- How to make a
boostrap modal with external element
- My fork based on Osc 2.4

 

Share this post


Link to post
Share on other sites
Posted (edited)

@tgely

I suppose is not yet finished, it must have on the website a popup to accept or not the element ? Is it you idea at the end ?

Edited by Gyakutsuki


Regards
-----------------------------------------
Loïc

Contact me by skype for business
Contact me @gyakutsuki for an answer on the forum

Tuto for 2.4 :
- How to Display a new page with app
- How to make Header Tags under app APP
- How to make a
boostrap modal with external element
- My fork based on Osc 2.4

 

Share this post


Link to post
Share on other sites

:blink:
osCommerce based shop owner with minimal design and focused on background works. When the less is more.
Email managment with tracking pixel, package managment for shipping, stock management, warehouse managment with bar code reader, parcel shops management on 3000 pickup points without local store.

Share this post


Link to post
Share on other sites
Posted (edited)

the forum motor is intresting ...

There are not need accept popup. Only need a cookie information popup line with links to GDPR and cookie usage
If I know this is an exist module at this moment. Only text information need edit

 

Edited by tgely

:blink:
osCommerce based shop owner with minimal design and focused on background works. When the less is more.
Email managment with tracking pixel, package managment for shipping, stock management, warehouse managment with bar code reader, parcel shops management on 3000 pickup points without local store.

Share this post


Link to post
Share on other sites
Posted (edited)
3 minutes ago, tgely said:

There are not need accept popup. Only need a cookie information popup line with links to GDPR and cookie usage

?? ... Could you explain a bit more?  ... Do you mean activate popup by clicking some text like "read about cookie - click here" ?? Is it not (longer) neccessary to show the cookie message to the customer when entering the site?

Maybe you can post an image?

Edited by azpro
Addition

Share this post


Link to post
Share on other sites

Is not served into CE version the cookie consent ht module?
https://cookieconsent.insites.com/

Its surprised me

 


:blink:
osCommerce based shop owner with minimal design and focused on background works. When the less is more.
Email managment with tracking pixel, package managment for shipping, stock management, warehouse managment with bar code reader, parcel shops management on 3000 pickup points without local store.

Share this post


Link to post
Share on other sites

:blink:
osCommerce based shop owner with minimal design and focused on background works. When the less is more.
Email managment with tracking pixel, package managment for shipping, stock management, warehouse managment with bar code reader, parcel shops management on 3000 pickup points without local store.

Share this post


Link to post
Share on other sites

The informastion text will be changed
 

Quote

'This website uses cookies to improve your experience. By continuing, you agree to the usage as per our'

to something like this:
 

Quote

'This website uses cookies to improve your experience. Look at cookie usage and GDPR links.

 


:blink:
osCommerce based shop owner with minimal design and focused on background works. When the less is more.
Email managment with tracking pixel, package managment for shipping, stock management, warehouse managment with bar code reader, parcel shops management on 3000 pickup points without local store.

Share this post


Link to post
Share on other sites

One tip I see in practice. Cookie usage information page is implemented on a cookiless domain. This could be a subdomain place


:blink:
osCommerce based shop owner with minimal design and focused on background works. When the less is more.
Email managment with tracking pixel, package managment for shipping, stock management, warehouse managment with bar code reader, parcel shops management on 3000 pickup points without local store.

Share this post


Link to post
Share on other sites

Thanks! I will give it a try .. But I think it needs wrapping up in a complete addon with documentation .... Maybe @frankl  could help here.

Share this post


Link to post
Share on other sites

One intresting rule I have found that GDPR versions need list by version dates so this rule requires a document managment. The best way could be a static page with html links


:blink:
osCommerce based shop owner with minimal design and focused on background works. When the less is more.
Email managment with tracking pixel, package managment for shipping, stock management, warehouse managment with bar code reader, parcel shops management on 3000 pickup points without local store.

Share this post


Link to post
Share on other sites
Posted (edited)

Dinamyc document managments has a risk that somebody can owerwrite it which is danger. If shop GDPR rules will be changed then you have to ensure the static safety content day by day.
And by this way you can do notifications if need.

PDF format is developed for it.

Edited by tgely

:blink:
osCommerce based shop owner with minimal design and focused on background works. When the less is more.
Email managment with tracking pixel, package managment for shipping, stock management, warehouse managment with bar code reader, parcel shops management on 3000 pickup points without local store.

Share this post


Link to post
Share on other sites
Posted (edited)

 @tgely  I have got it working - but in classes/osc_template.php  line 23 gives an error:

var $_expiration = 365*24*60*60;

probably should be :

var $_expiration = '365*24*60*60';

Did not yet test fully .. but I have the feeling there is a slowdown in pageload. Even when footer module cm_cookie_consent is DISABLED ...  Is that possible?

Furthermore ... For consistency reasons .. Wouldn't it be better to have a separate class file for the cookie adjustments now done in osc_template.php ?

Edited by azpro
Addition

Share this post


Link to post
Share on other sites

For

var $_expiration = 365*24*60*60;

I had to change it to below - otherwise cookie lifetime is not properly set:

var $_expiration = 31536000; //365*24*60*60; // one year

 

The cookie oscConsent  is set as

[\"True|ht_grid_list_view\"]

If I read out cookie in Firefox  - privacy it reads content as

%5B%22True%7Cht_grid_list_view%22%5D

Is that okay or is it a mixup of json_encode ?

Share this post


Link to post
Share on other sites

@azpro

Thank you for testing. Yes with this solution the core will be slover. (more function more time) I can not do more service with timeless running.
osc_template is the most closest solution at this moment regards to template modules. If we use separated class then we have to reopen all installed modules again so this was non-logic step which was skipped. I tried to do my best with speed optimatization so you can see this code change now.

$_expiration declaration could be cause troubles but I dont know what system do you use. Could you post here the system report result?

System report: https://yourdomain/youradmin/server_info.php?action=export


:blink:
osCommerce based shop owner with minimal design and focused on background works. When the less is more.
Email managment with tracking pixel, package managment for shipping, stock management, warehouse managment with bar code reader, parcel shops management on 3000 pickup points without local store.

Share this post


Link to post
Share on other sites

@tgely  @wHiTeHaT   Better aproach in my opinion! I don't like to extend / change the osc_template.php ....  I would really prefer a separate Cookie class

Share this post


Link to post
Share on other sites

@tgely

Quote

[oscommerce]
version = 2.3.4

[system]
date = 2018-05-13 13:10:49 +0200 CEST
os = Linux
kernel = 3.13.0-105-generic
uptime =  13:10:49 up 520 days, 13:21,  0 users,  load average: 0.17, 0.20, 0.16
http_server = Apache

[mysql]
version = 5.5.59-0ubuntu0.14.04.1
date = 2018-05-13 13:10:49


version = 5.5.9-1ubuntu4.24
zend = 2.5.0
sapi = apache2handler
int_size = 8
safe_mode = 0
open_basedir = 0
memory_limit = 256M
error_reporting = 6135
display_errors = 1
allow_url_fopen = 1
allow_url_include = 0
file_uploads = 1
upload_max_filesize = 64M
post_max_size = 64M
disable_functions = pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,
disable_classes =
enable_dl = 0
magic_quotes_gpc = 0
register_globals = 0
filter.default = unsafe_raw
zend.ze1_compatibility_mode = 0
unicode.semantics = 0
zend_thread_safty = 0
extensions = Core,date,ereg,libxml,openssl,pcre,zlib,bcmath,bz2,calendar,ctype,dba,dom,hash,fileinfo,filter,ftp,gettext,SPL,iconv,mbstring,session,posix,Reflection,standard,shmop,SimpleXML,soap,sockets,Phar,exif,sysvmsg,sysvsem,sysvshm,tokenizer,wddx,xml,xmlreader,xmlwriter,zip,apache2handler,PDO,curl,gd,imap,json,ldap,mcrypt,mysql,mysqli,pdo_mysql,pdo_sqlite,pspell,readline,sqlite3,xmlrpc,xsl,mhash,Zend OPcache

 

 

Share this post


Link to post
Share on other sites

@tgely  Another thing ... the cookie of Cookieconsent  https://cookieconsent.insites.com/download/   which is cookieconsent_status I want to set as strict ... but the code now only differs between Functional and Strict ... I would say this cookie must allways be set by a website visitor (deny/dismiss/allow) but he should not be able to delete - so it must be strict (??).

Furthermore I would like to add the OPT-OUT function ... but I don't understand how to implement. That is to say .. the way it should be handled depends on the full functionality of you app.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×