The intention of this article is to recommend a set of actions for your eCommerce business that will make your website General Data Protection Regulation (GDPR) compliant. We suggest all store owners read through and contact our NetSuite eCommerce if you need assistance on any of the points stated below.
GDPR stands for General Data Protection Regulation and is no more than a set of rules on how EU customer’s data must be managed. It’s applicable to large and small-sized businesses that offer products or services that manipulate EU citizen information. This means that if your store is open for them, then, you will be required to be GDPR compliant, no matter if you are located in Europe, North America, or any other part of the world.
GDPR regulation is a large document valid since 2018, and as many regulations have many vague points, we want to keep it simple for you and point out a practical checklist of to-do’s (now, if you want to dive into the source, be our guest!).
Convey your customers that your site requires cookies for a better experience. Clicking the “Accept” button on the banner allows cookies to work, and therefore to track and store your user’s data. It is recommended as well to have a link to your Privacy Policy within the bar, so shoppers can learn more about your intentions and even deactivate cookies from this page. See how to integrate your cookie consent bar with GTM.
Tools such as Google Analytics, Google AdWords, Facebook, Mail Chimp, Bronto, and others are well aware of the new policy and expect to have their business GDPR compliant by the 25th of this month. Nevertheless, your integrations must be manipulated, and moving all your third-party code within the Google Tag Manager is the best choice, so when your customers give their consent all your tracking codes will be centralized and activated at once.
Allow your users to be able to “unsubscribe” either by presenting a link on My Account or on your email communications. Also, do not assume what your users want – as an example, avoid pre-ticked boxes or fine print consenting things.
Collect only the necessary information from your users throughout the shopping experience. If you really need to collect specific data, be clear on what you need it for. No sneaky stuff is allowed!
Your Privacy Policy and Terms & Conditions pages are the best place to accurately inform your customers on how your business manages their personal data in regards to the GDPR compliance. Here is a list of things you could consider to communicate:
Protect your user’s personal data and tell them you are doing so. Make sure information is encrypted (NetSuite is taking care of that) and indicate so on your website. Add that you support data protection, buyer protection, and SSL encryption. Displaying a certification badge on your homepage footer or email template could be a good idea.
Email marketing has proved to be a very effective channel for eCommerce businesses of all… Read More
B2B eCommerce is a field that has been growing with incredible speed, especially since the… Read More
Choosing a SuiteCommerce Advanced Theme is more than picking a nice-looking template. Here's what you… Read More
It has been studied that Enterprise Resource Planning (ERP) system implementation led to business process… Read More
Timing is everything. At least when we talk about email marketing. The time your email… Read More
If you’re reading this, you may be starting a business or just thinking about doing… Read More