opengento/module-gdpr

Gdpr Compliance Module for Magento 2

Installs: 1 578

Dependents: 0

Suggesters: 0

Stars: 34

Watchers: 17

Forks: 12

Open Issues: 8

Type:magento2-module

2.0.0-beta5 2018-09-25 18:38 UTC

README

Latest Stable Version License: MIT Packagist Packagist

This extension fullfill the GDPR requirements for Magento 2.

Setup

Magento 2 Open Source or Commerce edition is required.

Composer installation

Run the following composer command:

composer require opengento/module-gdpr

Setup the module

Run the following magento command:

bin/magento setup:upgrade

If you are in production mode, do not forget to recompile and redeploy the static resources.

Features

Users, guest and customer can:

  • Art. 16 GDPR Edit their personal data (native in vanilla)

  • Art. 17 GDPR

    • Customers can use their 'right to be forgotten'. Account deletion and anonymization can be done in 'My Account > Privacy Settings'. The password is required to ensure the customer legibility. The account will be erased within 1 hour, or as specified in configuration. The customer can undo the action in this time span.
    • Guest users can use their 'right to be forgotten'. Account deletion and anonymization can be done in the order view, they must fill the guest form first to show their order. The data will be erased within 1 hour, or as specified in the configuration. The guest can undo the action is this time spare.
    • The customers and guests will be erased after a configurable idle time.
    • The sales information are locked within a configurable time. These information are automatically erased after this period.

    As a merchant you can easily manage which type of entity must to be delete or anonymize. In the last case, the module allows to define which attribute must to be anonymize, and how it is.

Times are configurable too, you can define the period of cancellation for the erasure, the idle time for the users before they are erase, and the sales information lifetime.

  • Art. 20 GDPR
    • Customers can export their data in .zip archive containing file, .html (many others are available), with personal data. Personal data export can be done in 'My Account > Privacy Settings'.
    • Guest users can export their data in .zip archive containing file, .html (many others are available), with personal data. Personal data export can be done in the order view, they must fill the guest form first to show their order.
  • Cookie Policy in a disclosure popup are shown at the first time customer visit.

Details:

  • Erasure: delete or anonymize specific data thanks to configurable settings in admin ui.
  • Configure which order can be erased, regarding their state and life time.
  • Privacy data will be automatically erased after a delay.
  • Sales data are safely keeped till the preservation delay expired.
  • Choose the file name and the format of your choice for the privacy data export.
  • Choose which data is interpreted as privacy data and will be exported.
  • Actions related to the GDPR compliance are reported in the admin ui.
  • Merchants can execute and keep an eye on the performed actions from the admin ui.
  • Choose the CMS static block to show on the storefront by scope and features.
  • Enable or disable features for the storefront.
  • Notify the user when a GDPR action is performed, configure the template and sending settings.
  • Display the cookie disclosure pop-in and edit its content as you want.

Settings

The configuration for this module is available in 'Stores > Configuration > Customers > Customer Configuration > Privacy (GDPR)'.

Documentation

The documentation is available here.

Support

Raise a new request to the issue tracker.

Authors

  • Opengento Community - Lead - Twitter Follow
  • Thomas Klein - Maintainer - GitHub followers
  • Contributors - Contributor - GitHub contributors

License

This project is licensed under the MIT License - see the LICENSE details.

That's all folks!