Jump to content
thirty bees forum

New General Data Protection Regulation 2018-05-25

zimmer-media

By zimmer-media
in English

 Share

Recommended Posts

  • Replies 166
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

lesley Newbie

lesley

Posted
Posted

If they read the general terms of the site they know its saved. Its really just common sense and being over thought. This law as a whole has so many flaws in it that nothing is ever going to be 100% compatible.

Case in point, you fill out a form on my site, it stores the form contents, then notifies me through Gmail. Now I have just shared your information with a 3rd party. Do you also need a notice to cover the notification of personal data being sent to you?

Link to comment
Share on other sites
lesley Newbie

lesley

Posted
Posted

Good luck with that, from what I have seen the EU just admitted they do not have the resources to actually enforce it. https://www.reuters.com/article/us-europe-privacy-analysis/european-regulators-were-not-ready-for-new-privacy-law-idUSKBN1I915X

Link to comment
Share on other sites
toplakd Contributor

toplakd

Posted
Posted

A solved the contact form on my current PS store with extending the original customerprivacy block, so I realy hope TB will have that option included, or at least that one can manualy add needed hooks and overrides to the contact form. Common sense is what Lesley says, but as email is considered as personal data, user should know (and thick that he know - even if he didn't read it like 99%) whatfor his email that was provided into the contact form will be used for :)

You all know that common sens does not always wins over stupidity :)

Link to comment
Share on other sites
30knees Rising Star

30knees

Posted
Posted

@lesley said in New General Data Protection Regulation 2018-05-25:

I personally do not think a contact form needs a consent. A user knows what they are doing when they trigger that form. They know emails are stored.

Quite right, no tick box needed. Two possible legal bases here: 1) Consent, which is indicated by contacting you. 2) In order to take steps at the request of the customer prior to entering into a contract.

A lot of people think consent is something the GDPR requires. That's a huge misunderstanding. It's one of a couple of legal bases for any processing.

Link to comment
Share on other sites
DRMasterChief Contributor

DRMasterChief

Posted
Posted

Would it be possible to remove the tickbox - but leave the text- from - Block customer privacy (module) - checkout last step (i agree to terms and conditons....)

because customers must not be forced to tick any of these. They just have to read it. This is why the text (with link) should be there, but no tickbox.

Would this be possible with the tb GDPR module?

Link to comment
Share on other sites
DRMasterChief Contributor

DRMasterChief

Posted
Posted

@lesley i know it sounds crazy, but it is. The law says, that the terms and conditions of the online merchant will then become part of the contract with the customer if the customer has been made aware of them by an explicit and explicit reference to the contract and when he was able to take note of the terms and conditions under reasonable circumstances. It is not necessary that the customer expressly agrees to the terms and conditions by a tickbox. This is the regulation for the checkout (here in Germany) and a lot of newer judges go the way that no tickbox would be better.

Therefore, it could be better when we clearly indicate our terms and conditions and provide them to customers with the text content of the terms and conditions, for example, by linking the term "terms and conditions" in the checkout.

The same applies to the privacy policy and the cancellation policy as well as other, similar information. In each case, it is not required by law that the customer expressly confirms the knowledge of this information. We just have to declare it with an link at the appropriate place. And this is the recommended thing for GDPR (a lot of lawyers recommend definitely NO TICKBOX FOR GDPR).

I am afraid we have to see what will come in the next months. My question was if this would be possible as a choice in the module in BO? So everyone can decide if he will use a tickbox or not.

@mdekker yes this is also recommended, but it must not be directly below the sign-in for newsletter (but hey... why not). I know this is maybe also a weird information, but in Germany (with the strict rules) we have not discussed it until yet that the sign-out has to be that public. It has to be in each newsletter-mail and in customer account, if the customer has one. And there should be the hint for unsubscr. near the sign-in, as i asked here: https://forum.thirtybees.com/topic/1651/hint-in-newsletter-block-for-revoke-at-any-time-gdpr

Link to comment
Share on other sites
DRMasterChief Contributor

DRMasterChief

Posted
Posted

You talk about problems with a payment service and disputed orders and so on? Good point, but i am not sure with the GDPR, which says that customer must not forced to accept anything, they just have to be informed. The acceptance is then automatically given when customer finish the order.

Link to comment
Share on other sites
Viklemagi Newbie

Viklemagi

Posted
Posted

Thank you for making this and for trying to fit it all within a module. Very much appreciated! The fact that TB isn't being greedy and charging for this (like PS does) really makes TB unique and amazing!

I've read till my eyes bled, so I may have missed it: With the cookie consent, will you also be adding a "click to forget me" feature? That enables users to clean out all cookies from our shops with just a click?

As for the disabling of modules and such that require cookies until consent is given, maybe a checklist in the configurations so that we can choose which modules to turn off until cookie consent is given?

And finally, this is just a wish for a feature that would be amazing, but not strictly necessary: Being able to slightly blur the background of the page until a user has chosen to either give cookie consent or deny it. I know I've made a mental filter by now to where I don't even really notice the cookie boxes anymore, haha.

Link to comment
Share on other sites
30knees Rising Star

30knees

Posted
Posted

@drmasterchief said in New General Data Protection Regulation 2018-05-25:

Would it be possible to remove the tickbox - but leave the text- from - Block customer privacy (module) - checkout last step (i agree to terms and conditons....)

because customers must not be forced to tick any of these. They just have to read it. This is why the text (with link) should be there, but no tickbox.

Would this be possible with the tb GDPR module?

Agree - no tickbox needed from a data protection perspective. The information just needs to be there.

Link to comment
Share on other sites
lesley Newbie

lesley

Posted
Posted

@DRMasterChief I think you are misunderstanding the terms of service. It is not forcing anyone to accept a data collection policy, which is what GDPR is about. It has nothing to do with data at all. You are forcing someone to accept your shops terms of sale before they buy. That is a totally separate idea than GDPR.

Link to comment
Share on other sites
DRMasterChief Contributor

DRMasterChief

Posted
Posted

@lesley i understand the difference between GDPR and ToS, believe. But, yes, there is no tickbox needed for both, but the information needs to be there with a link (for ToS, for revocation and for GDPR). The user agrees to this with the last button "buy", but he should not be forced to agree to something with this tickbox (i know this must be sound weired for some people)....

Link to comment
Share on other sites
lesley Newbie

lesley

Posted
Posted

That is simply not true. Legally? Maybe you do not need a checkbox. But if you look at the ToS of your payment gateway, to fight charge backs you do. There is no difference from a GDPR perspective in having a ToS checkbox and a gift wrapped check box. They are two totally separate entities and GDPR does not cover a sale terms checkbox, it only covers DATA.

Link to comment
Share on other sites
DRMasterChief Contributor

DRMasterChief

Posted
Posted

OK i have written my question about the tickboxes here in the GDPR topic, i thought we can combine this as the text for GDPR should be in the same sentence as the text for ToS and revocation. Is the problem that i have written this in the same topic? Should i open a new topic for the tickbox for ToS and revocation? I think this would not change the point of view. Honestly, i will write it again, there are more and more lawyers and judges in the last months which says no tickbox would be better. This is some of the newest point here in Germany, i dont know for other countries. And if this is given by law the payment providers have to respect this.

I can search for the legal basis for this and translate it in English, but at the moment i am very busy and a lot of things must be done here in the office, in our garden and in my life :)

Maybe we should finish this here. But it would be really great to have the GDPR text without tickbox, eyes roll to 30knees, see above.

Link to comment
Share on other sites
lesley Newbie

lesley

Posted
Posted

There is no legal basis, you are confusing two very different things. GDPR has to do with data. The ToS has to do with something totally different and does need a checkbox. Think about it this way. Does agreeing to GDPR mean that you agree to my shop not allowing returns? Or to me charging you a restocking fee on your purchase? Or to me selling you used goods? Those are things covered in a ToS. Data policy is not and should not be covered in a ToS. This is why a ToS needs a checkbox.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...