There’s a good chance upcoming regulations will catch many eCommerce store owners by surprise next month. With the possibility of getting slammed with a penalty of 4% of annual revenue, now is the time to start preparing for the new requirements.
GDPR, which can be seen as a ‘suite’ of privacy regulations from the EU, will go into effect May 25, 2018. If you don’t sell any products to customers in the EU, congratulations, you don’t have to worry about compliance with GDPR. However, it should be noted that many of the requirements are generally consumer-friendly privacy practices that you may want to consider nevertheless.
For a quick overview of GDPR, here’s one place to start. As it currently stands, specific recommendations from third parties can be contradictory at times and there’s quite a bit of confusion.
With the effective date closing in, store owners using WooCommerce and Easy Digital Downloads are at the will of the platforms to implement functionality that will make their sites GDPR-compliant.
WooCommerce GDPR compliance
WooCommerce will be providing a bevy of GDPR-related features in version 3.4, slated to be released next month.
“Some of these features include:
- Ability to add privacy policy text to checkout and account pages
- Integration with the exporter coming in WordPress core (soon)
- Tools to clean up (trash) and anonymize old orders which don’t need processing.
- Tools to remove fields some optional fields from the checkout.”
Easy Digital Downloads GDPR compliance
The EDD development team has been working on compliance features. Discussions about EDD + GDPR have been taking place on a Github Issue.
Currently, there is a test version of their compliance addon. This will integrate with the WP GDPR Core plugin to give customers the ability to view, update, and download their personal information related to EDD.
Using version 2.9.1, released on April 20th, site owners can now add a Privacy Policy checkbox to their checkout page. You can start configuring this now.
EDD has not announced any ETA for the stable version of their GDPR addon, but there has been quite a bit of development activity and the most likely release date would be before May 25th O:)
Getting your shop ready
Beyond updating WooCommerce or installing the EDD GDPR addon when they’re widely available, you can start preparing your site in many other ways:
- Review (or create!) your Terms & Conditions and Privacy Policy to ensure they are up-to-date and follow GDPR requirements
- Ensure marketing signup checkboxes are unchecked by default
- If you’re using other eCommerce plugins or addons, check with their developers to ensure they have a timeline for GDPR compliance
- Officially document (aka type out) your steps towards GDPR compliance
- Appoint a Data Protection Officer – this can be someone that already works at your company and has other obligations
- Research more about the obligations for your company presented by GDPR
There’s no clear indication of how much scrutiny small eCommerce shops may face from the EU, but it’s better safe than sorry and your customers may also begin inquiring about your compliance once the due date hits. Also, that 4% penalty is nothing to scoff at! Start preparing today… the clock is ticking.
**Nothing in this post constitutes legal advice and should not be your sole source of information for compliance. Consult a lawyer for legal advice regarding GDPR.