Suggestion: Ability for customers to delete their account

[30knees]

I think customers should have the ability to delete their account. This would mean that any past purchases made by the customer become guest purchases and that they customer can create a new account with the same email address going forward.

For one, I think this is a basic sign of respect towards a customer. For another, it will reduce customer errands for merchants, as customers do have the right to have their account deleted. This right will be only become more acute with the upcoming EU General Data Protection Regulation.

[dynambee]

I understand that this may become a requirement under EU law, but I still find it quite strange.

Businesses have to keep records. For tax reasons I must keep records of all sales for 7 years. It doesn't matter if it's a guest checkout, an account checkout or a deleted account checkout, I must keep that information on file and have it available if requested. (And the Japanese tax office audits all companies every few years.)

So I understand that it's a feature that 30bz may need to provide, and I can kind of understand why some customers may wish to delete their account, but I don't really see what this actually changes as far as keeping records is concerned.

[30knees]

Exactly. All the retention requirements remain unaffected. The only data that would get deleted when the customer clicks "Close my account" would be their login data. Their past purchases would remain in the system.

[30knees]

Would this permit the customer to re-register with the same email address? If so, that is indeed all that's needed. They shouldn't be able to see their past purchases, however.

[dynambee]

@mdekker said in Suggestion: Ability for customers to delete their account:

I think the only thing that can be changed is, set the customer status to deleted = 1 and remove the password. The other fields should indeed be kept for 7 years I believe.

Which really makes me wonder why this option exists at all? What does the customer gain by being able to "delete" their account when in actual fact the only thing that changes is that they can no longer log in?

[Havouza]

The customer does not know that. It is the same problem with guest checkout. All info is still saved and I dont like that

[lesley]

@30knees It would not.

[lesley]

I think the main thing is the right to be forgotten, which from my understanding is only about things in the public realm, but I could be wrong. The legislation was written by cave men who do not understand how technology works, that is a shame.

On another note I think it would be funny to try to evade taxes with the argument that you could not see how much tax was collected because the order was deleted.

[30knees]

The right to be forgotten applies to any entity collecting and controlling data. Basically, the right says: Delete all data on me that you're not legally obliged to keep.

If you think of Facebook and wanting to close down your account there, it makes sense. You don't want them to keep your photos and likes forever. With a shop, if you only collect the necessary information to process the order, it doesn't make that much sense. If you profile your customers, however, it does, because the customer will want the data/profile deleted.

For us small shop owners and thirty bees, it basically boils down to the understandable wish of: I don't want to have a login at your shop anymore. It doesn't have anything to do with orders per se.

However, what it does mean, and this applies to guest orders equally, is that after you are no longer legally obliged to keep the order data, eg for tax purposes, you must delete it. With a customer account you could argue that the data may be kept as long as the customer has an account, as the customer will have an interest in seeing their order history. But once the account has been deleted, or where it never existed because the orders were places as guest orders, the data may *generally speaking) only be kept as long as you are legally obliged to keep it.

[MockoB]

According GDPR which will be reality on 25 may 2018 for EU, the customer has the right to be forgotten. We (thirty bees) should be prepared for the regulation I believe before that date.

[lesley]

I think a great point could be made where all the data has to be retained. If I removed customer information and put them in as a guest, then I have no record of them any more. It would make it impossible to follow other eu laws. For instance what happens if they want to return a product for a warranty? I would not have their data any more, just generalized order data. I could refuse their return saying I cannot be sure if you were the original purchaser, the warranty was not transferable At the same time, if the government accused me of lying about where the shipments were going and said you did not really ship this many shipments out of this higher tax zone I would have no way to defend myself. I could not give them verifiable people that purchased the goods.

[30knees]

@MockoB This right is not absolute. Please re-read my post above.

We don't even need a "Close my account" button. It's only a nice to have. Customers can always write the shop owner and the owner can then manually delete their account from the backend and check the option that the customer can re-register with the same email address. (Question: This doesn't delete all past orders, right?)

[lesley]

This seems to think the RTBF does noe apply to ecommerce companies, http://cyberlaw.stanford.edu/blog/2015/12/final-draft-europes-right-be-forgotten-law

[MockoB]

The regulation is clear enough, if customer asks we should remove his data. Other thing is that we must keep history of the orders, invoices etc. which basically keeps customers' data ... I think the information we should remove if needed is personal information like: gender, age, address, phone number, order history. But aren't we able to that at the moment also ?

[lesley]

The regulation is not clear enough. From my reading the legislation was drafted for front end information, like if your site posted recent sales of products or reviews. Then those have the right to be forgotten. Ecommerce data is generally considered bookkeeping data and from my reading that is not covered. I think what is needed is someone to post a definitive link or article on the matter from an ecommerce perspective.

[30knees]

@MockoB is correct in so far that any data that we are not forced to keep legally or for which we have no real purpose must be deleted.

@lesley It's not only for front end information. It regulates the whole data life cycle and also data processing activities that go on behind the scenes, so to speak.

The legislation itself can be read here: http://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX%3A32016R0679

[lesley]

Can you say that you are not legally forced to keep customer data involving orders? I think you are.

[30knees]

It depends on the jurisdiction, but for example in some countries you are legally obliged to keep all information that is necessary to understand a business transaction for X years. I would argue that this includes the “order” in the shop, which is why the customer’s request to delete their data is really only as outlined above.

[Traumflug]

A few additional datasets not subject to legal obligations come to mind:

• Newsletter subscriptions, maybe it happened by accident or a customer changed his mind.
• Files uploaded for customized products.

Maybe a good strategy would be to keep just copies of the emails sent out during the order (order confirmation, payment confirmation, invoice) offline and delete everything stored in the shop software. This way, the public server is indeed free of any personal data, thus email and payment information can't be hacked, merchants are more safe against eventual database failures, still it's not too much work to reconstruct a purchase years later (just search that mailbox with copies).