As I ported my plugins to the next version of NopCommerce, version 4.1, I couldn't help but noticing that it seems there is no support for the GDPR/AVG legislation.
I was expecting as least the following functionality:
1. The possibility for a customer to self-initiate a 'to be forgotten' command that should delete or set all his personal properties to empty or a default. Inclusing email, phone, address, name
2. During checkout, the customer is only presented the option 'I agree with the terms of service and I adhere to them unconditionally (read)'. For GDPR this is no longer sufficient. The website must ask the following:
"I agree that webshop MMMM may store my personal information for NN weeks or until the product is delivered"
"I agree that my personal information may be stored offline for tax referral for a period of 7 years"
NopCommerce should store the questions as well as the answer in a readable text format accessible through the admin.
The NopCommerce API should expose this information too as backoffice ERP/Accounting software also needs this information.
3. A schedule task that will delete the customer's properties after a certain period of time, thereby adhering to the GDPR legislation that only allows a company to keep customer data for the period necessary to fulfill the order only.
GDPR / AVG support in Nop 4.1
- 174
- 1361
- 4/14/2011
- Ukraine
"3. A schedule task that will delete the customer's properties after a certain period of time ..."
Let me add a thought to this, according to the GDPR it is definitely not enough to have the 'IsDeleted' field set to TRUE in the SQL database, as it is how any 'Delete' function handled in Nopcommerce currently.
According to GDPR delete means delete, ie. it must be a non-restorable data deletion. Further to that it is also definitely not enough to delete a customer from the 'Customer' table alone, all tables containing any personal information must be affected also. Just one example, that comes to my mind first: there is a table called 'QueuedEmail' with all the outgoing emails's full text containing all the user personal data and order history. So it is not a trivial operation to delete all traces of user activity containing any personal data from all the hundred related SQL tables.
I think there should be a 'Forget Customer' button somewhere in the admin area that will do all this for us, it has to be thought over carefully to delete all traces, it is manually not solvable.
I would suggest for the developers to indroduce a dummy 'John Doe' user with dummy data, and simply overwrite any deleted customer's data, so all other database relations, like sales lists, shop statistics, etc. could be left consistent and correct.
My great worry that May 25th is coming sooner than version 4.1, I don't know about other countries in the EU, (in the UK it is not so critical), but in Germany where we run some shops, are lawyers already standing by with their 'Abmahnung's
(FYI: Abmahnung: kind of a legal racketing technique widespread in Germany bribing out up to many thousands Euros for the smallest mistake a shop makes. There are many f.cking German lawyers make their living searching for errors and also provoking these as trial users/buyers in the internet. This GDPR sh.t gave them a very powerful weapon now.)
I think, this is a much more serious issue, than it is handled now by the Nopcommerce team.
Let me add a thought to this, according to the GDPR it is definitely not enough to have the 'IsDeleted' field set to TRUE in the SQL database, as it is how any 'Delete' function handled in Nopcommerce currently.
According to GDPR delete means delete, ie. it must be a non-restorable data deletion. Further to that it is also definitely not enough to delete a customer from the 'Customer' table alone, all tables containing any personal information must be affected also. Just one example, that comes to my mind first: there is a table called 'QueuedEmail' with all the outgoing emails's full text containing all the user personal data and order history. So it is not a trivial operation to delete all traces of user activity containing any personal data from all the hundred related SQL tables.
I think there should be a 'Forget Customer' button somewhere in the admin area that will do all this for us, it has to be thought over carefully to delete all traces, it is manually not solvable.
I would suggest for the developers to indroduce a dummy 'John Doe' user with dummy data, and simply overwrite any deleted customer's data, so all other database relations, like sales lists, shop statistics, etc. could be left consistent and correct.
My great worry that May 25th is coming sooner than version 4.1, I don't know about other countries in the EU, (in the UK it is not so critical), but in Germany where we run some shops, are lawyers already standing by with their 'Abmahnung's
(FYI: Abmahnung: kind of a legal racketing technique widespread in Germany bribing out up to many thousands Euros for the smallest mistake a shop makes. There are many f.cking German lawyers make their living searching for errors and also provoking these as trial users/buyers in the internet. This GDPR sh.t gave them a very powerful weapon now.)
I think, this is a much more serious issue, than it is handled now by the Nopcommerce team.
Team Member
- 16615
- 155890
- 10/22/2008
- Armenia
We plan to support GDPR in version 4.10 out of the box. But please note that it's not released yet and we do not recommend to use it in production enviromnent.
But for the current version (4.00) we recommend to use this free plugin from our partner TMotions
But for the current version (4.00) we recommend to use this free plugin from our partner TMotions
- 174
- 1361
- 4/14/2011
- Ukraine
Thank you Andrei,
This is promising. We will try to get along in the meantime.
But please don't overreact this either, we still have to keep our selling records for the bookkeeping independently of this GDPR-hysterics, and I would prefer not to do it on paper, but be able to export a valid sales list anytime from Nopcommerce. if I got it right a local SQL database with no internet connection would satisfy the GDPR. Anyway it is still not clear for me.
This is promising. We will try to get along in the meantime.
But please don't overreact this either, we still have to keep our selling records for the bookkeeping independently of this GDPR-hysterics, and I would prefer not to do it on paper, but be able to export a valid sales list anytime from Nopcommerce. if I got it right a local SQL database with no internet connection would satisfy the GDPR. Anyway it is still not clear for me.
- 263
- 2403
- 7/5/2014
- Netherlands
About the 'IsDeleted' flag. What I do is run a scheduled task on all nopcommerce databases that will anonimize the columns of customers with that flag set to true.
However in my situation all customer data is uploaded to our financial software every 10 minutes but when NopCommerce is your only financial proof then deleting a record is not an option.
However in my situation all customer data is uploaded to our financial software every 10 minutes but when NopCommerce is your only financial proof then deleting a record is not an option.
- 174
- 1361
- 4/14/2011
- Ukraine
That's a good idea, but don't forget about loosely related other tables also, like the QueuedEmails in my example, those may also contain personal data. but no IsDeleted flag present.
GDPR requires us also to have all data deleted we have forwarded to third parties, like shipping companies, payment processors, etc. I cannot even imagine how this is feasible if you strictly want to follow the rules.
Uploading financial data is also what I am doing with some programming, but it also involves some manual operation at us, so I tend to do it less frequently (I envy your shop having a traffic you have to do it every 10 minutes :-) I will work it out to do it fully automatically.
What I don't understand is that GDPR makes no excuse for a database named bookkeeping2018.mdb, there is even no distinction between data kept online and offline in the law. So even if your database is kept offline the net (although I cannot imagine it would be practical anywhere except Fort Knox's Entry Controller or a Nuclear Station's Control Room software), GDPR just simply does not allow to keep any personal data.
Sorry, I might seem to be overworried, but I have been some times in a situation already when I was told 'Take it easy, act like what the law was meant to say and not what the words actually mean. But we will fine/prosecute you for every word not obeyed in the meaning we will do up anytime we want'
GDPR requires us also to have all data deleted we have forwarded to third parties, like shipping companies, payment processors, etc. I cannot even imagine how this is feasible if you strictly want to follow the rules.
Uploading financial data is also what I am doing with some programming, but it also involves some manual operation at us, so I tend to do it less frequently (I envy your shop having a traffic you have to do it every 10 minutes :-) I will work it out to do it fully automatically.
What I don't understand is that GDPR makes no excuse for a database named bookkeeping2018.mdb, there is even no distinction between data kept online and offline in the law. So even if your database is kept offline the net (although I cannot imagine it would be practical anywhere except Fort Knox's Entry Controller or a Nuclear Station's Control Room software), GDPR just simply does not allow to keep any personal data.
Sorry, I might seem to be overworried, but I have been some times in a situation already when I was told 'Take it easy, act like what the law was meant to say and not what the words actually mean. But we will fine/prosecute you for every word not obeyed in the meaning we will do up anytime we want'
- 174
- 1361
- 4/14/2011
- Ukraine
I am just beginning to realize what a serious issue this is to us in practice.
We have ~25k customers, 5 years of sales data, >100k sales records. Some days ago as a preliminary test we have sent out emails to a small subset of our customers asking their consent what to do with their data and order history.
We are getting a very low reply rate so far. Am I right we are supposed to destroy up to 90% of this database by May 25th if we don't get their consent by then ?
Is it exactly the millions of webshops are doing right now all over Europe? I think there should be more hassle about this in the news. I tried to look for some clues in the internet, on forums, etc. But everywhere I am stucking into the 'ask your GDPR advisor' smart advice only. What is this bullshit? do all Fred-in-the-Shed-webshops selling five boxes of cat-litter daily hire a law-firm for 5000 EUR for this? Is this law meant to decimate small companies?
Just another question comes to my mind, How am I supposed to handle the multiple accounts from the same user who have registered in our shop, (we have plenty of these, at a certain time period we made the registration easy, so it was easier for them to register a new account each time than to remember their old password and username, and we were forcing the usage of usernames because we had a Forum along the webshop where we didn't want our customer's real email addresses to be shown to protect their privacy. This privacy issue hit back at us now.
So if John Doe, with a shipping address Dummy str. 12 has registered with 'username-alpha' is he the same person as John Doe supposedly living at the same address with 'username-beta' ? If username-alpha gives the consent, is it valid for his other accounts also? How do I handle it with 25k user names?
I would appreciate anyone helping me out with a simple list or link to DO-s and DON'T DO-s regarding this GDPR thing. I am sorry for being off-topic here, it is only partly related to Nopcommerce, however the actual solution has to be programmed into it some time, I think.
Currently I tend towards deleting all past data from our online server (after saving it to a USB drive well encrypted and dig it into the ground in a nearby forest, just in case a got it all wrong and another law will require me to have all this data still available)
...and begin a brand new shop database requiring all customers first to sign a 700-page user agreement allowing me to do whatever I want with their data, as it is usually done nowadays by large companies.
It is however horrible to think about how would it affect our sales results.
We have ~25k customers, 5 years of sales data, >100k sales records. Some days ago as a preliminary test we have sent out emails to a small subset of our customers asking their consent what to do with their data and order history.
We are getting a very low reply rate so far. Am I right we are supposed to destroy up to 90% of this database by May 25th if we don't get their consent by then ?
Is it exactly the millions of webshops are doing right now all over Europe? I think there should be more hassle about this in the news. I tried to look for some clues in the internet, on forums, etc. But everywhere I am stucking into the 'ask your GDPR advisor' smart advice only. What is this bullshit? do all Fred-in-the-Shed-webshops selling five boxes of cat-litter daily hire a law-firm for 5000 EUR for this? Is this law meant to decimate small companies?
Just another question comes to my mind, How am I supposed to handle the multiple accounts from the same user who have registered in our shop, (we have plenty of these, at a certain time period we made the registration easy, so it was easier for them to register a new account each time than to remember their old password and username, and we were forcing the usage of usernames because we had a Forum along the webshop where we didn't want our customer's real email addresses to be shown to protect their privacy. This privacy issue hit back at us now.
So if John Doe, with a shipping address Dummy str. 12 has registered with 'username-alpha' is he the same person as John Doe supposedly living at the same address with 'username-beta' ? If username-alpha gives the consent, is it valid for his other accounts also? How do I handle it with 25k user names?
I would appreciate anyone helping me out with a simple list or link to DO-s and DON'T DO-s regarding this GDPR thing. I am sorry for being off-topic here, it is only partly related to Nopcommerce, however the actual solution has to be programmed into it some time, I think.
Currently I tend towards deleting all past data from our online server (after saving it to a USB drive well encrypted and dig it into the ground in a nearby forest, just in case a got it all wrong and another law will require me to have all this data still available)
...and begin a brand new shop database requiring all customers first to sign a 700-page user agreement allowing me to do whatever I want with their data, as it is usually done nowadays by large companies.
It is however horrible to think about how would it affect our sales results.
Silver Solution Partner
- 419
- 3409
- 9/30/2012
- Germany
a.m. wrote:
Hi Andrei,
will the GDPR be implemented in version 4.10? I have the current version 4.10 code installed. But I can not find any implementation. What is being implemented. Can you please give a list. Thank you
Best regards
We plan to support GDPR in version 4.10 out of the box. But please note that it's not released yet and we do not recommend to use it in production enviromnent.
But for the current version (4.00) we recommend to use this free plugin from our partner TMotions
But for the current version (4.00) we recommend to use this free plugin from our partner TMotions
Hi Andrei,
will the GDPR be implemented in version 4.10? I have the current version 4.10 code installed. But I can not find any implementation. What is being implemented. Can you please give a list. Thank you
Best regards