GDPR – Wishlist Hero for Shopify

General Data Protection Regulation (GDPR) / EU-DSGVO

We’ve put together an overview of the GDPR and Revamp Consulting, and answered your questions to help you work within the new regulations. This post is to assist you in using all Revamp Apps for Shopify, but should not be regarded as legal advice. If you have questions on how the GDPR will affect your business we recommend you seek legal advice.  

What is the GDPR?

On May 25, 2018, a new EU privacy regulation will come into effect called the General Data Protection Regulation (GDPR). It imposes tougher obligations on businesses with regards to how they collect, store and manage personal data of EU citizens, regardless of whether the data processing takes place in the EU or not.  

Does the GDPR affect Revamp customers?

The GDPR will affect anyone who stores personally identifiable information of any EU citizen. Personally identifiable information can be a name, email, address, date of birth, personal interests, unique identifiers, digital footprints and more.  

What is Revamp doing to prepare for the GDPR?

We’re committed to your data security and privacy. In light of the GDPR we have reviewed our data processes and practices to ensure we’re fully compliant by May 25, 2018. For example we are:

  • Updating our Privacy Policy to ensure our compliance in respect of the data we hold about you.
  • Reviewing all Revamp Apps functionality to consider whether we can make any improvements that make them more efficient for users who are subject to the GDPR.

 

A helping hand with compliance

GDPR emphasis on respecting your customer’s data and processing only the data that you need. We already have features in place to help you manage your customer’s data correctly. Here are some suggestions to help you with compliance:

Deleting data permanently

You may wish to remove data that is no longer being used for its original purposes before May 25. Also, under the GDPR there is emphasis on the right to be forgotten, enabling an individual to request that their data be deleted. You can delete a single entry and also delete a list of entries. These deleted records are permanently deleted.  

External Resources

If you’re looking to understand more about GDPR, we suggest you review the advice given by the UK Information Commission Office (ICO), they are responsible for implementing the GDPR legislation in the UK. They provide practical advice such as an overview including key areas for Data Controllers to consider and get in place for May 2018, along with their 12 steps to take now. Please email us if you have any questions and we’ll be happy to answer.