News:

You may pay someone to create your store, or you visit our seminar and become a professional yourself with the silver certification

Main Menu

GDPR

Started by stawebnice, April 23, 2018, 15:18:14 PM

Previous topic - Next topic

servlet

Quote from: stawebnice on April 26, 2018, 10:10:52 AM
well, the purpose of this post was to raise discussion what needs to be implemented in VM - not discussing the actual content of the GDPR terms and internal policy of handling the data inside the company, those are supposed to be handled by the vendor

:)


When a programmer starts identifying himself as a lawyer ... not long after, the developer will hire a lawyer.

She is right

And if each of you consults a lawyer competent in the matter, he will get a reply that there should be 2 checkboxes. Everything else is pure laziness that will lead to sanctions sooner or later.
Он-лайн магазин за фототапети http://mishelfoster.com

AH

Servlet

VM supports the creation of multiple checkboxes which may be used for whatever purpose you deem relevant.

QuoteAnd if each of you consults a lawyer competent in the matter, he will get a reply that there should be 2 checkboxes. Everything else is pure laziness that will lead to sanctions sooner or later.


My statement still stands - I think it unwise to expect definitive legal answers here.

Regards
A

Joomla 4.4.5
php 8.1

vaskern

Maybe the thread can be split up in two? I see no wrong with discussing legal matters of GDPR, but better in its own thread I suppose

servlet

Well
What happen in ask a question pop up?
There is no one check box for TOS or I am missing something...
This information is not stored in website DB but it is stored in e-mail servers an it is visible to every one which open the e-mail...
By the low name + e-mail is personal data.
Он-лайн магазин за фототапети http://mishelfoster.com

jenkinhill

Quote from: servlet on May 25, 2018, 14:16:22 PM
What happen in ask a question pop up?
There is no one check box for TOS or I am missing something...

Can be covered in the site privacy statement which should include the policy for email sent to the store.
Kelvyn
Lowestoft, Suffolk, UK

Retired from forum life November 2023

Please mention your VirtueMart, Joomla and PHP versions when asking a question in this forum

servlet

If you are registered user it is OK. But if you are not registered you have to check YES.

How many of you have read the new law?
When users provide personal data, they must agree to processing this information.
It is not enough just to have rules and text some were in you your site.
Every shop should have check boxes in every form.
Он-лайн магазин за фототапети http://mishelfoster.com

jenkinhill

The plugin I have been using for cookie information & refusal/acceptance records the IP of those accepting. The wording is used to suit the site. Nothing new.
Kelvyn
Lowestoft, Suffolk, UK

Retired from forum life November 2023

Please mention your VirtueMart, Joomla and PHP versions when asking a question in this forum

AH

QuoteWhen users provide personal data, they must agree to processing this information.

Yes I wondered about this rule, especially for emails they send to you rather than data you collect via a web form.

In such an instance there is no chance of agreement and you cannot prevent them sending you personal information (email of course and whatever else the add to it )

What happens when you advertise and people send you an email asking you lots of questions or providing you with lots of information. You will definitely be storing it in your mail servers :-)

Regards
A

Joomla 4.4.5
php 8.1

servlet

Quote from: AH on May 25, 2018, 16:52:20 PM
What happens when you advertise and people send you an email asking you lots of questions or providing you with lots of information. You will definitely be storing it in your mail servers :-)

If you want to be fully sure you have to be operator of personal data - you can register in your local government...

By the low user who send you information can request data deletion - you will delete his e-mail after all...

So you have to add link with TOS and PP in your signature at the bottom of e-mail.

Он-лайн магазин за фототапети http://mishelfoster.com

jjk

Quote from: servlet on May 25, 2018, 16:58:24 PM
So you have to add link with TOS and PP in your signature at the bottom of e-mail.

One of the current problems with the GDPR is that many people interpret things into the law that are not intended by the legislator.  ;)

Non-English Shops: Are your language files up to date?
http://virtuemart.net/community/translations

servlet

Quote from: jenkinhill on May 25, 2018, 15:37:50 PM
The plugin I have been using for cookie information & refusal/acceptance records the IP of those accepting. The wording is used to suit the site. Nothing new.

Read the low
cookie information & refusal/acceptance was acceptable until 25.05.2018
From 25.05.2018 it is very different.
You have to add in your site
TOS - has to be included with check box in checkout, registration, and other from where you have relation with user.
Privacy policy - has to be included with check box in each form where user fill personal data.
Cookie policy - you can use current plugin

If this is missing on the site, someone can report and you will have a lot of trouble and big fines.

You have to give user info about his personal data every time he wants, to change or delete info or profile... There are new extensions give user options to do this himself. Look at JED for this extensions. I am using one of them.
Он-лайн магазин за фототапети http://mishelfoster.com

jjk

Quote from: servlet on May 27, 2018, 08:42:20 AM
You have to add in your site
TOS - has to be included with check box in checkout, registration, and other from where you have relation with user.
Privacy policy - has to be included with check box in each form where user fill personal data.

Can you tell the paragraph in GDPR which tells you that this is mandatory? (I doubt that you can)  ;)
Non-English Shops: Are your language files up to date?
http://virtuemart.net/community/translations

jenkinhill

The text is here:  https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679

Member states may choose to ignore/change some or all of the rules.
Kelvyn
Lowestoft, Suffolk, UK

Retired from forum life November 2023

Please mention your VirtueMart, Joomla and PHP versions when asking a question in this forum

AjaD

So can the moderators or those of you who work on Virtuemart development tell the rest of us what you plan to do to make Virtuemart compliant with GDPR?
What features do you plan to implement and when?

Thank you,

jjk

I wouldn't make it more complicated than it is. For my shop I simply wrote my own 'Privacy Policy' into a Joomla article, which is linked in the template footer position.
There are quite a lot of sample GDPR texts for a 'Privacy Policy', which you can find through Google. There are also some online GDPR text generators, but those are usually provided by lawyers who insist on links to their site or ask for the right to contact you for marketing their service in their terms of trade.

It's up to you to decide what you want to include in your privacy policy. I stripped everything which I think is legal junk, not applicable or not required by the law and ended up with 190 words (Last week I've even seen a shorter one on the website of a data privacy expert). But you can easily find privacy statements that are more than 6000 words long.
:)
Non-English Shops: Are your language files up to date?
http://virtuemart.net/community/translations