As a Shopify seller in any EU countries, you should prepare your store to comply with the GDPR (General Data Protection Regulation).
How to comply?
In 2018, the European Union General Data Protection Regulation provides a new approach to give personal data control. It will change how data should be handled and identify a person directly or indirectly.
It would include:
A person’s name
A person’s photo
An email address
A mailing address
Users IP address
This coming May 25, 2018, GDPR is enforcing the rule to online businesses. Giving them two years to transition.
There are three areas you should think about:
1. Get consent – the user must agree to receive marketing information from you.
2. Provide adequate protection – you must protect the user’s personal data.
3. Delete, correct, or restrict when asked – If the user requests you delete, correct, or restrict the personal data you acquired, you must comply.
Who does it apply to?
It applies to collecting information from EU citizens and residents wherever your business is located.
Why should you comply?
European customers will like you more if you are a GDPR compliant. It’s not a threat to your business but an opportunity you should adopt. Not complying with GDPR fines you up to €10 million or up to 2% of the annual worldwide turnover for the previous year.
Data privacy is important not just to EU citizens and residents. It applies to people all over the world.
How to prepare your Shopify store for GDPR?
Here are some ideas to guide you on what to do to comply with GDPR:
1. Get immediate consent from the user sending promotional emails:
As a store owner, collecting user emails in different areas of your store. In those areas, you need to take active consent from the users to send promotional emails.
In order for it to be valid, a customer must actively confirm their consent. Customers must have an option to check or uncheck an opt-in. Pre-checked boxes to assume consent are not valid under GDPR.
I. On the register or sign up page, it looks like this:
II. On the checkout page:
Keep the opt-in box unchecked under the email input box to comply with active consent.
III. There is a need for consent for additional email sign up.
It would include the following:
a) All the emails the user may receive.
b) From whom (the company name) they will receive it
c) How the user can revoke the consent.
IV. Reconfirm subscription from your current contacts.
To comply with GDPR, you need to send a campaign to your existing contacts or list to opt-in to your current marketing strategy.
V. Respect the consent
Make sure your list is tag properly. Create segments depending upon the consent and send emails accordingly.
2. Get consent for storing cookies
The EU directive for setting up the cookies comes down to three basic steps:
a) Use cookie audit to work on what your site uses it for.
c) Take consent from EU users by using Shopify Apps like EU Cookie Bar by Booster Apps
Protecting users data are one of the ways to look out for their personal interest. EU GDPR has taken the steps to ensure that personal information should be kept confidential. Asking for consent is one way to start online regulations. Hopefully, other countries will follow and adopt this type of policy.
source: Shopify News