@lesley said in New General Data Protection Regulation 2018-05-25:
One thing I have noticed, you can even notice it with this thread, is the regulations are only problems for the Germans. These are German changes, not EU changes. 70% of thirty bees shops are EU companies, the Germans are the only people that seem to be having these issues.
@Lesly you are not right, those are not just German or EU changes. Those changes are concerning every merchant who is aiming the EU market. It is explained in the regulation. Other thing you are wrong is that Germany hates e-commerce, it's not Germany the greedy lawyers in Germany hate it, and the greedy competition as well! And Germany is the biggest ecommerce market in Europe you should not underestimate that, in fact I believe the online market in Germany is bigger than the rest of the EU together (excluding the island which soon will be out of EU).
The ability to remove old carts from a certain date back that do not have an order affiliated with them. This can be made into a module rather easily, it is a text field, a button, and two queries.
That is easy I believe, I followed @nemos' or vekias' blog for my current 1.5 shop and it was easy implementation.
From that I read so far about GDPR, it is mostly concerning big companies like facebook, google etc. In Bulgaria there is government institution which is dealing with the data protection, to process user data (to have an e-store) I must register as data processing operator and comply with all the government regulations which are almost same as the new regulation. When the GDPR regulation is out I don't even have to register as operator, I just have to fill some documents and keep them with me. Of course there are few more obligations I have to deal with in the documents than before.
Two things to think of about the regulations for me are:
1. I have to provide the customers all the data I got about them when they need it. It is possible every registered customer to view it in his user panel, but what about guest orders? Should I give access to the back office to every customer who needs that information, or should I copy/paste it in other document to provide the information ....
2. Second and the most complicated issue which is mostly concerning online merchants is "the right to be forgotten". Sure you will make module for deleting orders (and everything connected with the orders including user data, carts, invoices, etc.) which I find great feature! There is ability already to delete customers, but that is against other law. The law says that you don't have to delete any financial data and it is crime at least in Bulgaria to hide taxes and deceive the government by deleting orders and in the whole world as well ... Which law you think we have to comply with, keeping financial history or delete user data? I believe the greedy lawyers in Germany are eager to launch lawsuits against merchants because they perfectly know we don't have the answer to that question.
All other things concerning the new regulation is enough to be mentioned in the privacy policy.