{"id":7150,"date":"2018-04-24T13:20:49","date_gmt":"2018-04-24T10:20:49","guid":{"rendered":"http:\/\/blog.cs-cart.com\/?p=7150"},"modified":"2025-08-07T14:18:14","modified_gmt":"2025-08-07T10:18:14","slug":"upcoming-gdpr-support-in-cs-cart-and-multi-vendor","status":"publish","type":"post","link":"https:\/\/www.cs-cart.com\/blog\/upcoming-gdpr-support-in-cs-cart-and-multi-vendor\/","title":{"rendered":"Upcoming GDPR Support in CS-Cart and Multi-Vendor"},"content":{"rendered":"\n<figure class=\"wp-block-image\"><img data-recalc-dims=\"1\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/www.cs-cart.com\/blog\/wp-content\/uploads\/image1.png?w=800&#038;ssl=1\" alt=\"\"\/><\/figure>\n\n\n\n<p>On 25 May 2018 the <b>General Data Protection Regulation<\/b> of the European Union will become enforceable. It means that organizations could be fined for non-compliance. CS-Cart and Multi-Vendor 4.7.4 (to be released in the first half of May) will have the tools to help you comply with the regulation.<\/p>\n\n\n\n<!--more-->\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"What_is_GDPR_and_How_Does_It_Affect_E-Commerce\"><\/span>What is GDPR and How Does It Affect E-Commerce?<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>The GDPR (General Data Protection Regulation) describes how you can acquire, store, and process personal data of EU citizens and residents. You and your lawyers have probably familiarized yourselves with it already, but here is <a href=\"https:\/\/eur-lex.europa.eu\/legal-content\/EN\/TXT\/?uri=uriserv:OJ.L_.2016.119.01.0001.01.ENG&amp;toc=OJ:L:2016:119:TOC\" target=\"_blank\" rel=\"noopener\">the full text of the GDPR<\/a> just in case. It&#8217;s a long read, so we\u2019ve listed some of the important points with references to GDPR articles:<\/p>\n\n\n\n<ul>\n<li>In most cases (<i>Article 6<\/i>) you&#8217;ll need an explicit permission to collect and use someone&#8217;s personal data. You&#8217;ll also need proof that such permission was given (<i>Article 7<\/i>).<\/li>\n<\/ul>\n\n\n\n<ul>\n<li>When you collect personal data, you need to inform people who you are, why you need the data, how you&#8217;ll use it, and more (<i>Article 13<\/i>).<\/li>\n<\/ul>\n\n\n\n<ul>\n<li>People have the right to withdraw their consent at any time (<i>Article 7<\/i>), to request a copy of their personal data (<i>Article 20<\/i>), and &#8220;to be forgotten&#8221; (<i>Article 17<\/i><i>).<\/i><\/li>\n<\/ul>\n\n\n\n<ul>\n<li>Fines for non-compliance can be up to \u20ac20,000,000 or 4% of the company&#8217;s total worldwide annual turnover (<i>Article 83<\/i>).<\/li>\n<\/ul>\n\n\n\n<ul>\n<li>The regulation applies outside of the European Union as well, as long as you process personal data of EU citizens and residents (<i>Article 3<\/i>).<\/li>\n<\/ul>\n\n\n\n<p>We don\u2019t claim to have summarized an 80-page law in one article. But as you can see, these points do affect online stores. For example, when a customer gives you an email address for account registration or newsletter subscription, that counts as personal data processing too. That\u2019s why your online store may need some changes.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"How_Are_CS-Cart_and_Multi-Vendor_Prepared_for_GDPR\"><\/span>How Are CS-Cart and Multi-Vendor Prepared for GDPR?<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>CS-Cart and Multi-Vendor 4.7.4 (to be released in the first half of May) will include an add-on called <b>GDPR Compliance (EU)<\/b>. Currently the add-on is available for testing at <a href=\"https:\/\/dev.demo.cs-cart.com\" target=\"_blank\" rel=\"noopener\">dev.demo.cs-cart.com<\/a>.<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img data-recalc-dims=\"1\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/www.cs-cart.com\/blog\/wp-content\/uploads\/image32.png?w=800&#038;ssl=1\" alt=\"\"\/><\/figure>\n\n\n\n<p>Normally we don\u2019t port new functionality to older versions. But we understand the importance of GDPR compliance. That\u2019s why our support staff can offer guidance to those who use older versions; for a small fee we can even adapt the <b>GDPR Compliance (EU)<\/b> add-on from 4.7.4 for your store.<\/p>\n\n\n\n<p>If you have extensive customizations (such as a custom theme) or won&#8217;t be able to upgrade to version 4.7.4 for some other reason, you\u2019re welcome to <a href=\"https:\/\/helpdesk.cs-cart.com\/\" target=\"_blank\" rel=\"noopener\">contact our technical support via Help Desk<\/a>.<\/p>\n\n\n\n<p>The add-on will provide the tools to:<\/p>\n\n\n\n<ul>\n<li><b>Ask for consent.<\/b> Add optional checkboxes to the standard places where personal data is collected (such as checkout, registration, newsletter subscription, etc.). These checkboxes are accompanied by notices about personal data processing. The text of every notice can be edited separately.<br \/><figure><img data-recalc-dims=\"1\" decoding=\"async\"  src=\"https:\/\/i0.wp.com\/www.cs-cart.com\/blog\/wp-content\/uploads\/image41.png?w=700&#038;ssl=1\"\/><\/figure><br \/><\/li>\n<\/ul>\n\n\n\n<ul>\n<li><b>Keep consent history.<\/b> Keep the log of everyone and everything that they have consented to. This history is only accessible via the database (in the <i>cscart_gdpr_user_agreements<\/i> table) and includes the texts of personal data notices as they were at the time when consent was given.<\/li>\n<\/ul>\n\n\n\n<ul>\n<li><b>Manage personal data.<\/b> View all the personal data of a customer in the Administration panel in a separate tab on the customer editing page. If customers contact you by email, export all their personal data to XML files or anonymize customers on request.<br \/><figure><img data-recalc-dims=\"1\" decoding=\"async\"  src=\"https:\/\/i0.wp.com\/www.cs-cart.com\/blog\/wp-content\/uploads\/image2.png?w=700&#038;ssl=1\"\/><\/figure><br \/><\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Is_There_Anything_Else_That_Should_Be_Done\"><\/span>Is There Anything Else That Should Be Done?<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>Yes. <b>The add-on alone won\u2019t make you GDPR-compliant.<\/b> After you get the add-on (either with version 4.7.4, or for your older version via Help Desk), there are some things that you should do.<\/p>\n\n\n\n<ul>\n<li><b>Check all the places where you collect personal data.<\/b> Make sure that the notices about data processing are there, that they adhere to the GDPR and reflect how <i>your organization<\/i> handles personal data.<\/li>\n<\/ul>\n\n\n\n<ul>\n<li><b>Test the workflow of granting and withdrawing consent.<\/b> Register as a new customer and give consent for personal data processing in various places. Then, as an administrator, check the consent logs, export personal data, and anonymize the customer.<\/li>\n<\/ul>\n\n\n\n<ul>\n<li><b>Review and update your legal documents.<\/b> Once you have figured out what data you collect and how you use it, address the requirements of the GDPR in your legal documents. For your online store those documents could be:<br \/><ul style=\"list-style-type: disc; padding-left: 15px; text-indent: 0; text-align: left;\"><br \/><li><b>Privacy Policy.<\/b> It exists by default under <b>Website \u2192 Pages<\/b> in the Administration panel, unless you have deleted it. You can edit it like any other content page in your store.<\/li><br \/><\/ul><p>\u00a0<\/p>\n<ul>\n<li><b>Terms of Service.<\/b> They appear at checkout if you <i>Ask customers to agree with terms &amp; conditions during checkout<\/i> under <b>Settings \u2192 Checkout<\/b>. The text can be edited under <b>Administration \u2192 Languages \u2192 Translations<\/b> in the following language variable: <i>terms_and_conditions_content<\/i>.<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n\n\n\n<p>You\u2019re welcome to discuss CS-Cart and <a href=\"https:\/\/www.cs-cart.com\/multivendor\" title=\"\">Multi-Vendor<\/a> GDPR compliance and the new add-on in the comments or on our <a href=\"https:\/\/forum.cs-cart.com\/t\/gdpr-compliance-in-cs-cart-and-multi-vendor\/56054\" target=\"_blank\" rel=\"noopener\">forum<\/a>.<\/p>\n\n\n\n<p><b>UPD: CS-Cart and Multi-Vendor 4.7.4 with GDPR support were released. <a href=\"https:\/\/www.cs-cart.com\/blog\/meet-cs-cart-and-multi-vendor-4-7-4-with-gdpr-support\/\" target=\"_blank\" rel=\"noopener\">Read the article<\/a> to find out about how to make your online store compliant with the new regulation.<\/b><\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<p>Don&#8217;t forget to subscribe to the CS-Cart <a title=\"CS-Cart on Facebook\" href=\"https:\/\/www.facebook.com\/cscart.official\" target=\"_blank\" rel=\"noopener\">Facebook<\/a> and <a title=\"CS-Cart on Twitter\" href=\"https:\/\/twitter.com\/cscart\" target=\"_blank\" rel=\"noopener\">Twitter<\/a> pages. We announce news there, too.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>On 25 May 2018 the General Data Protection Regulation of the European Union will become enforceable. It means that organizations<\/p>\n","protected":false},"author":31003,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[1],"tags":[],"aioseo_notices":[],"jetpack_sharing_enabled":true,"jetpack_featured_media_url":"","amp_enabled":true,"_links":{"self":[{"href":"https:\/\/www.cs-cart.com\/blog\/wp-json\/wp\/v2\/posts\/7150"}],"collection":[{"href":"https:\/\/www.cs-cart.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.cs-cart.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.cs-cart.com\/blog\/wp-json\/wp\/v2\/users\/31003"}],"replies":[{"embeddable":true,"href":"https:\/\/www.cs-cart.com\/blog\/wp-json\/wp\/v2\/comments?post=7150"}],"version-history":[{"count":1,"href":"https:\/\/www.cs-cart.com\/blog\/wp-json\/wp\/v2\/posts\/7150\/revisions"}],"predecessor-version":[{"id":19785,"href":"https:\/\/www.cs-cart.com\/blog\/wp-json\/wp\/v2\/posts\/7150\/revisions\/19785"}],"wp:attachment":[{"href":"https:\/\/www.cs-cart.com\/blog\/wp-json\/wp\/v2\/media?parent=7150"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.cs-cart.com\/blog\/wp-json\/wp\/v2\/categories?post=7150"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.cs-cart.com\/blog\/wp-json\/wp\/v2\/tags?post=7150"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}