adexos / module-gdpr
Gdpr Compliance Module for Magento 2
Installs: 2
Dependents: 0
Suggesters: 0
Security: 0
Stars: 0
Watchers: 3
Forks: 39
Type:magento2-module
Requires
- ext-zip: *
- magento/framework: >=100.1.0
- magento/module-backend: >=100.0.0
- magento/module-config: >=100.0.2
- magento/module-customer: >=100.0.2
- magento/module-email: >=100.0.0
- magento/module-newsletter: >=100.0.2
- magento/module-quote: >=100.0.0
- magento/module-review: >=100.0.0
- magento/module-sales: >=100.0.2
- mikehaertl/phpwkhtmltopdf: ^2.3.1
Requires (Dev)
- magento/marketplace-eqp: ^1.0.0
- roave/security-advisories: dev-master
This package is auto-updated.
Last update: 2024-11-22 02:55:41 UTC
README
This extension allows customers to delete, anonymize, and export their personal data.
Setup
Magento 2 Open Source or Commerce edition is required.
The Version 3.x
is compliant with Magento 2.3.x
.
The Version 2.x
is compliant with Magento 2.2.x
.
The Version 1.x
is compliant with Magento 2.1.x
.
This module does not support Magento 2.0.x
, as this version is not anymore maintained.
Get the package
Zip Package:
Unzip the package in app/code/Opengento/Gdpr.
Composer Package:
composer require opengento/module-gdpr
Install the module
Then, run the following magento command:
bin/magento setup:upgrade
If you are in production mode, do not forget to recompile and redeploy the static resources.
Usage
- Art. 17 GDPR
- Account deletion and anonymization can be done in 'My Account > Privacy Settings'.
- Customers can use their 'right to be forgotten'. The password is required to ensure the customer legibility. The account will be erased within 1 hour, or as specified in configuration. The customer can undo the action in this time span.
- Art. 20 GDPR
- Personal data export can be done in 'My Account > Privacy Settings'.
- Customers can export their data in
.zip
archive containing file,.html
(many others are available), with personal data.
- Cookie Policy in a disclosure popup are shown at the first time customer visit.
Settings
The configuration for this module is located in 'Stores > Configuration > Customers > Customer Configuration > Privacy (GDPR)'.
The settings are divided as following:
- General Settings
- Enable the module
- GDPR Information CMS Page
- GDPR Information CMS Block
- Erasure Settings
- Enable the feature
- Erasure Strategy (Anonymize or Delete)
- Erasure Time Laps
- Cron Scheduler
- Right to Erasure Information CMS Block
- Anonymization Information CMS Block
- Remove Customer if no Orders
- Apply Deletion Strategy to specific components
- Export Settings
- Enable the feature
- Export Personal Data Information CMS Block
- Export Renderer option
- Customer Attributes to export
- Customer Address Attributes to export
- Cookie Settings
- Enable the cookie disclosure
- Cookie Policy Information CMS Block
Developers
The following documentation explains how to add your own processors to the workflow.
Extends Export
In order to export your custom component, you must create a new processor.
To create a new processor, you must implement the following interface: \Opengento\Gdpr\Service\Export\ProcessorInterface
.
Then, register your processor to the following pool \Opengento\Gdpr\Service\Export\ProcessorPool
, as described:
<type name="Opengento\Gdpr\Service\Export\ProcessorPool"> <arguments> <argument name="array" xsi:type="array"> <item name="my_component" xsi:type="string">\Vendor\Module\ExportProcessor</item> </argument> </arguments> </type>
You can also create your custom export renderer to make it as be like you want to be.
To achieve this, you must implement the following interface: \Opengento\Gdpr\Service\Export\RendererInterface
Then, register your renderer to the following pool \Opengento\Gdpr\Service\Export\RendererPool
, as described:
<type name="Opengento\Gdpr\Service\Export\RendererPool"> <arguments> <argument name="array" xsi:type="array"> <item name="my_renderer" xsi:type="string">\Vendor\Module\ExportRenderer</item> </argument> </arguments> </type>
Extends Deletion
In order to delete your custom component, you must create a new processor.
To create a new processor, you must implement the following interface: \Opengento\Gdpr\Service\Delete\ProcessorInterface
.
Then, register your processor to the following pool \Opengento\Gdpr\Service\Delete\ProcessorPool
, as described:
<type name="Opengento\Gdpr\Service\Delete\ProcessorPool"> <arguments> <argument name="array" xsi:type="array"> <item name="my_component" xsi:type="string">\Vendor\Module\DeleteProcessor</item> </argument> </arguments> </type>
Extends Anonymization
In order to anonymize your custom component, you must create a new processor.
To create a new processor, you must implement the following interface: \Opengento\Gdpr\Service\Anonymize\ProcessorInterface
.
Then, register your processor to the following pool \Opengento\Gdpr\Service\Anonymize\ProcessorPool
, as described:
<type name="Opengento\Gdpr\Service\Anonymize\ProcessorPool"> <arguments> <argument name="array" xsi:type="array"> <item name="my_component" xsi:type="string">\Vendor\Module\AnonymizeProcessor</item> </argument> </arguments> </type>
Erasure Strategy
This module allows you to define the strategy to apply for the different processors.
You can configure it thanks to the admin system configuration, but you can also cheat and
define the strategy to apply for them via the etc/di.xml
file. Be careful, the settings from the configuration
are always checked in top priority. To make it via the code, add your preferences as following:
<type name="Opengento\Gdpr\Model\Config\ErasureComponentStrategy"> <arguments> <argument name="componentsStrategies" xsi:type="array"> <item name="component_name_1" xsi:type="const">Opengento\Gdpr\Service\ErasureStrategy::STRATEGY_ANONYMIZE</item> <item name="component_name_2" xsi:type="const">Opengento\Gdpr\Service\ErasureStrategy::STRATEGY_DELETE</item> <item name="component_name_3" xsi:type="string">custom_strategy_code</item> </argument> </arguments> </type>
Warning, if you want to implement your own strategy type, you must create your own strategy class object, but you will be able to use the Opengento\Gdpr\Model\Config\ErasureComponentStrategy
to serve your components by strategy.
Do not forget to use the right services managers, but you are free to use yours:
Opengento\Gdpr\Service\AnonymizeManagement
Opengento\Gdpr\Service\DeleteManagement
How to override class and methods
Plugins and preferences are not needed here to override and extends the GDPR module core code.
Actually, you should apply patterns to achieve it.
The pool pattern already allows you to override the class of your choice.
However you wont be able to extends the existing class, because of the "final" keyword. Indeed, you need to create your
own class which implements the same interface. Then, simply add the class you want to "extends" as a composition. You will be able to
exploit the result and override it in your method.
Eg:
interface I { public function execute(array $data): array; } final class A implements I { public function execute(array $data): array { //process $data } } final class B implements I { private $a; public function __construct(A $a) { $this->a = $a; } public function execute(array $data): array { $resultA = $this->a->execute($data); $resultB = $resultA; // transform $resultA return $resultB; } }
Then:
<type name="Pool"> <arguments> <argument name="array" xsi:type="array"> <argument name="a" xsi:type="string">A</argument> </argument> </arguments> </type>
Override by:
<type name="Pool"> <arguments> <argument name="array" xsi:type="array"> <argument name="a" xsi:type="string">B</argument> </argument> </arguments> </type>
Congrats! You have overridden class A without extending it!
Support
Raise a new request to the issue tracker.
Please provide your Magento 2 version and the module version. Explain how to reproduce your issue and what's expected.
Authors
- Initial Inspiration -
Cookie PopUp
sources - flurrybox - Opengento Community - Lead - They're awesome!
- Contributors - Contributor - Many thanks!
Similar Magento 2 GDPR Module
- https://github.com/AdFabConnect/magento2gdpr
- https://github.com/mageplaza/magento-2-gdpr
- https://github.com/staempfli/magento2-module-gdpr
- https://github.com/flurrybox/enhanced-privacy
License
This project is licensed under the MIT License - see the LICENSE details.
That's all folks!