GDPR Module for Magento 2

---

This module aims to set Magento 2 GDPR ready and compliant.
It allows the customers to delete, and/or anonymize, and/or export their personal data.

• GDPR Compliance Scope
• Setup
• Features
• Community
  • Authors & Contributors
  • Similar Magento 2 GDPR Module
• Support

GDPR Compliance Scope

Users, guest and customer can:

• Art. 16 GDPR Edit their personal data (native in vanilla)

• Art. 17 GDPR

  • Customers can use their ‘right to be forgotten’. Account deletion and anonymization can be done in ‘My Account > Privacy Settings’. The password is required to ensure the customer legibility. The account will be erased within 1 hour, or as specified in configuration. The customer can undo the action in this time span.
  • Guest users can use their ‘right to be forgotten’. Account deletion and anonymization can be done in the order view, they must fill the guest form first to show their order. The data will be erased within 1 hour, or as specified in the configuration. The guest can undo the action is this time spare.
  • The customers and guests will be erased after a configurable idle time.
  • The sales information are locked within a configurable time. These information are automatically erased after this period.

  As a merchant you can easily manage which type of entity must to be delete or anonymize. In the last case, the module allows to define which attribute must to be anonymize, and how it is.

Times are configurable too, you can define the period of cancellation for the erasure, the idle time for the users before they are erase, and the sales information lifetime.

• Art. 20 GDPR
  • Customers can export their data in .zip archive containing file, .html (many others are available), with personal data. Personal data export can be done in ‘My Account > Privacy Settings’.
  • Guest users can export their data in .zip archive containing file, .html (many others are available), with personal data. Personal data export can be done in the order view, they must fill the guest form first to show their order.
• Cookie Policy in a disclosure popup are shown at the first time customer visit.

Details:

• Erasure: delete or anonymize specific data thanks to configurable settings in admin ui.
• Configure which order can be erased, regarding their state and life time.
• Privacy data will be automatically erased after a delay.
• Sales data are safely keeped till the preservation delay expired.
• Choose the file name and the format of your choice for the privacy data export.
• Choose which data is interpreted as privacy data and will be exported.
• Actions related to the GDPR compliance are reported in the admin ui.
• Merchants can execute and keep an eye on the performed actions from the admin ui.
• Choose the CMS static block to show on the storefront by scope and features.
• Enable or disable features for the storefront.
• Notify the user when a GDPR action is performed, configure the template and sending settings.
• Display the cookie disclosure pop-in and edit its content as you want.

Community

This module could not exists without you (and the GDPR law).

Authors & Contributors

• Opengento Community - Lead -
• Thomas Klein - Maintainer -
• Contributors - Contributor -

Similar Magento 2 GDPR Module

• https://github.com/mageplaza/magento-2-gdpr
• https://github.com/staempfli/magento2-module-gdpr
• https://github.com/flurrybox/enhanced-privacy

Settings

The configuration for this module is available in ‘Stores > Configuration > GDPR Compliance’.

Support

Raise a new request to the issue tracker.
Please provide your Magento 2 version and the module version. Explain how to reproduce your issue and what’s expected.

Authors

• Opengento Community - Lead -
• Thomas Klein - Maintainer -
• Contributors - Contributor -

License

This project is licensed under the MIT License - see the LICENSE details.

That’s all folks!