The intention of this article is to recommend a set of actions for your eCommerce business that will make your website GDPR compliant. We suggest all store owners read through and contact us if you need assistance on any of the points stated below.
GDPR stands for General Data Protection Regulation and is no more than a set of rules on how EU customers data must be managed. It becomes effective May 25th,2018 worldwide and it’s applicable to large and small-sized businesses that offer products or services that manipulate EU citizen information. This means that if your store is open for them, then, you will be required to be GDPR compliant, no matter if you are located in Europe, North America or any other part of the world.
GDPR regulation is an 88 pages document, which as many regulation have many vague points, so we want to keep it simple to you and point out a practical checklist of to-do’s (now, if you want to dive into the source, be our guest!).
Convey your customers that your site requires cookies for a better experience. Clicking the “Accept” button on the banner allows cookies to work, and therefore to track and store your user’s data. It is recommended as well to have a link to your Privacy Policy within the bar, so shoppers can learn more about your intentions and even deactivate cookies from this page. See how to integrate your cookie consent bar with GTM.
Tools such as Google Analytics, Google AdWords, Facebook, Mail Chimp, Bronto and others are well aware of the new policy and expect to have their business GDPR compliant by the 25th of this month. Nevertheless, your integrations must be manipulated and moving all your third-party code within the Google Tag Manager is the best choice, so when your customers give their consent all your tracking codes will be centralized and activated at once.
Allow your users to be able to “unsubscribe” either presenting a link on My Account or on your email communications. Also, do not assume what your users want – as an example, avoid pre-ticked boxes or fine print consenting things.
Collect only the necessary information from your users throughout the shopping experience. If you really need to collect specific data, be clear on what you need it for. No sneaky stuff is allowed!
Your Privacy Policy and Terms & Conditions pages are the best place to accurately inform your customers on how your business manage their personal data in regards to the GDPR compliance. Here is a list of things you could consider to communicate:
Protect your users personal data and tell them you are doing so. Make sure information is encrypted (NetSuite is taking care of that) and indicate so in your website. Add that you support data protection, buyer protection and SSL encryption. Displaying a certification badge on your homepage footer or email template could be a good idea.
At SuiteWorld 2018 NetSuite presented a GDPR related session (ppt here, need to be logged into SuiteAnswers), although I was not able to attend, I understand that NetSuite is responsible for making the platform GDPR compliant and it is. For specifics on how NetSuite complies with GDPR we recommend that you contact your Account Manager.
And surely no one told you about. Enjoy the following lorem ipsum that I'm going… Read More
Upgrading your eCommerce UX is a great way to refresh your site without too much… Read More
Growth hacking? You read that right. Follow these tips and your eCommerce will soon be… Read More
Using FAQs to boost product sales is easier than you think! Use them to help… Read More
You might think you're ready. But let me tell you, you're probably missing something. Lucky… Read More
