>Share this post<
by Irina Ciutaco
April 21, 2022
The EU data privacy law which appeared on 25th May 2018 is designed to allow people to control how their data is being used and protected online. It also allows organisations to use and secure personal data that is collected from other individuals, including the obligatory use of technical safeguards, such as encryption and higher legal thresholds. The organizations that do not follow these regulations will need to pay penalties of up to 4% out of their global revenue or €20 million.
The eCommerce GDPR compliance guarantees protection and control over personal data in case it is collected, used or sold. Needless to say that the purpose of GDPR is to offer protection to visitors' data belonging to European citizens. Moreover, the GDPR law applies to organizations that hold this kind of data, whether these organizations are in Europe or not. This is also known as the “ extra-territorial” effect.
Furthermore, the GDPR compliance for SaaS companies requires that the users are 100% in charge of their data. In their designs, companies are called “dark-patterns¨ and get more than 90% of users to click the “accept” button while the stats are showing that just 3% are willing to agree. To counteract this behaviour, Noyb launched the second round of their movements, as a follow-up to their first instalment, which went live on May 2021. Other 270 draft complaints have been sent to website operators whose banners are not fully complying with the GDPR. Since Noyb offered guidelines for companies, more and more eCommerce brands implemented compliant banners and improved their status.
What you should do:
As a GDPR compliance eCommerce to-do task, you should advise your customers about the purpose of your cookies and trackers before managing something else apart from the mandatory cookies.
Nevertheless, GDPR compliance for eCommerce is being proven through a landing page that forces customers to either approve or decline your request to use their data. Most retailers are “all or nothing”- either they approve of every way that you store and use their data, or they decline. In case they approve, the shopper will go back to use your complete site. If they decline, they will be blocked.
For example, on the Kooomo website, you can discover the GDPR landing page, and find more information regarding the way we store the data of our customers.
As a traditional way of gathering information by eCommerce businesses, there are no strict regulations on how to properly manage this procedure. Our recommendation is to follow the email service provider´s indications.
5. Opt-In Forms
As we have seen above, GDPR compliance in eCommerce requires a lot of knowledge and preparation. Kooomo facilitates this whole process and provides you with 100% GDPR compliant software.
More to explore
In the next few years, we are foreseeing an impressive increase for the global retail industry. While this can be beneficial for the global eCommerce industry, it also means that there will be more competition, as well.
European Data Protection rules were launched back in 2018, to protect the confidentiality of our personal data but even four years later, there is still a lack of understanding among companies and consumers about how to comply with the best practices. Big tech companies, like Google or Amazon, usually refer to the acronym GDPR, to explain the rules that verify the data, so it is not used inappropriately, but to add details to create confusion.