Magento GDPR

Magento GDPR extension makes your Magento stores comply with EU's GDPR rules and regulations using.

Table of Content

Upload or copy all folders in the zip package to your Magento root folder. It doesn’t overwrite any existing files but just adds new files to the folder structure.
Once done, log in your Magento admin panel, go to System > Cache Management, select all caches and refresh.
Navigate to System > Configuration, if you can see the extension tab, it is installed properly.
If you get Access denied error, you need to log out admin panel and log in again.

Configuration
To configure the extension, log in to Magento backend, move to System > Configuration > GDPR where you can find various settings to configure the extension.

Personal Data Download Settings
To configure the settings for personal data download section, follow these settings as shown in the figure.

Account Deletion Settings
Configure the following settings for adding the account deletion section:

Title: Add title for the delete section in My Account.
Delete Confirmation Notice Text: Set delete confirmation notice text.
Description: Add information to show how delete account works.
Email Sender: Select the Email Sender from the drop-down list.
Email Template: Select Email template for delete confirmation Email from the drop-down.

Account Anonymization Settings
To configure the account anonymization section, follow the below steps:

Title: Add title for the anonymization section in My Account.
Anonymization Confirmation Notice Text: Set anonymization confirmation notice text.
Description: Add information to show how the anonymization actually works.
Email Sender: Select Email sender for anonymization confirmation mail.
Email Template: Select Email template for anonymization confirmation mail.

Consent Request Mail Settings
For requesting the customers to grant the consent to access personal data, an Email for the same.

Privacy Checkbox Settings
Configure the following settings to display the privacy settings checkbox in the frontend.

Display At Checkout: Set YES to show privacy checkbox at checkout.
Display At Registration: Set YES to show privacy checkbox at registration.
Privacy Notice Text: Set the privacy notice text in the text box.
Show Privacy Policy: Set option from the drop-down, where you want to show privacy policy.
Privacy Policy Content Page: Select page from the drop-down list, to show privacy policy content.

Cookie Notice Settings
GDPR demands cookie consent and thus it is must to configure the following settings:

Notice Display Type: Select Notice Display Type from the drop-down.
Bar Position: Select bar or popup position.
When User Closes the Notice: Select the event from drop-down to perform when the user closes the notice.
Auto Hide Cookie Notice After (In Seconds): Enter the number of seconds after which the cookie notice will hide.
Accept Cookies Automatically After X Seconds: Enter the number of seconds after which the cookies will be auto-accepted.
Expire Cookie Agreement After (Days): Enter the number of days after which the cookie agreement will expire.
Accept Cookie On Scroll: Set YES to accept a cookie on page scroll.
Content settings:
- Notice Type: Select notice type either from default or custom.
- Privacy Policy Redirect Information Page: Select page to redirect users to read the privacy policy.
Container Display Settings: Here you can setup all the options to make your cookie notice container look well. The settings here contain font type, text align, size and color of the container background, font and buttons etc.

Cookie Notice in Frontend
The cookie notice bar is displayed in frontend with Accept, Decline and Read our Privacy Policy button. Users, when visit your site, have to provide consent regarding cookie use and they can read privacy policy to know more about cookie use.

Privacy Policy Check box on the registration page
A checkbox for users to agree with the privacy policy is displayed on the registration page as shown in the figure below. They cannot register without accepting the privacy policy.

Privacy Policy Checkbox on the Checkout page
The checkbox for users to agree with privacy policy is displayed on the frontend of the checkout page. Without accepting the privacy policy, users cannot place an order.

Privacy Policy in My Account
The tab “Privacy Policy” in My Account section shows three buttons namely Download to download the personal data in CSV file format stored in the website, Submit Request to request for account deletion along with all the order and personal data and Proceed to submit account anonymization request to anonymize the personal data stored in the website.

Consent Disapprovals
The list of disapproved consent from users is listed under Customers > GDPR > Consent Disapprovals. As shown in the figure, admin can send consent approval request Email to the customers.

Consent Request Email
Once admin sends consent approval request Email to users, they get a link to accept privacy policy by clicking it.

Consent Approvals
The list of users who have granted their consent to privacy policy are listed under Customers > GDPR > Consent Approvals.

Consent Activity Log
The list of all consent related activities of users saved under Customers > GDPR > Consent Activity Log.

Account Anonymization Confirmation Email
Once users request to anonymize their personal data, they get an Email on registered ID prior to anonymization having Email ID and password to log in even after the data is anonymized.

Account Deletion Confirmation Email
Once users request to delete their customer account, they get a confirmation Email on their registered ID to confirm and agree to deletion. Once they click to delete and agree, the account data cannot be recovered.

Deleted Accounts in Backend
All the customers who have deleted their account are listed in backend under Customers > GDPR > Deleted Accounts.