Knowband Blog | Ecommerce Modules

Prestashop GDPR Module – Right to access and data portability

1.0.0 Introduction

The General Data Protection Regulation (GDPR) is a replacement for the European Union Data Protection Directive which will be enforced on May 25, 2018. The new directives have been passed, as per the new technologies and business advances; a new approach to protection of the personal data has been introduced.

The Prestashop GDPR Module – Right to access and data portability helps the store admin to manage the data access and data portability requests of the customers. By using the Prestashop GDPR Module by Knowband admin can provide an interface to the customers so that they can request for their personal information and if the required customer can also download the data as a CSV file.

Note: Knowband has also released the Prestashop GDPR Module – Rights of the Individual which helps the store admin to provide more rights to the customers as mentioned in the GDPR directives. Please click here to check the details.

1.1.0 Installation of Prestashop GDPR Module:

To enable the GDPR Rights for the customers, download the zip file of the module from the Downloads section of your Knowband account.

1) GDPR.zip (source code of the module)

2) User Manual

In order to install the extension in your Prestashop store follow the below-mentioned steps:

1) Unzip the gdpr.zip file.

2) Copy the entire content, that is, the files and folders of the unzipped folder. Paste the same into the “Modules” folder of your store’s directory. Follow the below-mentioned address path – Root Directory/modules/.

3) The Prestashop GDPR plugin is all set to be installed in the store. Go to the Store Admin and then to ‘Modules and Services’.

4) Click on the “Install” button just next to your module. It would show a pop-up for your confirmation. Click on “Proceed with the installation” option. This step will install the module and show notification – “Module(s) installed successfully”.

5) Once the installation is complete, you will get the access to the admin interface of the module by clicking on the “Configure” button.

1.2.0 Front-end interface of the Prestashop GDPR Module:

Customers will be able to access the GDPR rights by navigating to the My account section. Here, a separate tab GDPR will be visible to the customers. By using the GDPR tab customers can access their GDPR rights – Right to access and Right to data portability.

On clicking the GDPR tab the customer will be redirected to the GDPR tools page, from here customer can request for their personal data and also download their personal details like personal information, addresses and orders.

The Prestashop GDPR Module – Right of access and data portability, allows the store admin to enable the GDPR settings for the guest users so that guest users can also request for the details of their personal data. If the GDPR rights are enabled for the guest user then it will appear in the header section. Please refer to the attached screenshot.

1.3.0 Admin Interface of Prestashop GDPR Addon – Right to access and data portability:

The admin section of the Prestashop GDPR addon has the following options:

1) GDPR Settings

2) GDPR Data Portability

3) GDPR Personal Data Request

4) GDPR Email Templates

1.3.1 GDPR Settings:

The GDPR Settings tab of the Prestashop GDPR Addon – Rights to access and data portability has the following options. Please refer to the attached screenshot below:

a) Enable the Plugin:

Admin can enable the customer rights by using the Enable the plugin toggle button.

b) Maximum request per day:

Admin has the options to set the max limit for the Personal data request.

c) Enable Right of access to personal data:

The right of access to personal data allows the customers to request for the personal data. Admin has the option to display the report immediately or admin can enable the setting to send the GDPR Personal data report over email.

d) Send Personal report via email:

If this setting is enabled then the Personal data report will be sent via the email. Steps for the request for the personal data are listed below:

Step-1:

Request for the GDPR Personal Data report – Prestashop GDPR Addon

Step: 2

Confirm the GDPR Request.

Step: 3

As soon as the customer will confirm the GDPR Personal Data Request, an email with the customer details will be sent to the customer.

If the Send Personal Report via Email setting is disabled then the personal data report will be displayed immediately. Please refer to the attached screenshot.

e) Enable Right to Data Portability:

Right to data portability allows the customers to download their personal information which they have provided to the data controller.

The Prestashop GDPR addon – Right to access and data portability allows the store admin to provide an interface to the customers so that they can easily download their data like personal details, addresses and orders.

In case the customer is logged in then he/she can directly download the report. For the guest users, it is mandatory to verify the data download request only after successful verification the guest user will be able to download the data.

Personal Information Report example:

f) Enable Store Policy Acceptance:

If a customer would like to raise a request under GDPR rights then admin can add the condition to accept the Terms and Conditions before requesting for the GDPR request for the Personal Data. The admin interface of the Prestashop GDPR addon allows the store admin to enable the setting so that for each request customer need to accept the terms and policy.

g) Store Policy Page:

Admin can add the URL of the page on which all the Terms and Conditions are listed.

h) Services/ Other locations where you store customer data:

Admin can list all the third-party service providers’ details to share the details with the customer.

i) Physical locations of servers where you host your website and other data:

Admin can define the physical server location of the server where the data has been stored.

j) Display Header Menu:

If the admin would like to enable the GDPR rights for the guest users then admin can enable the Display Header Menu setting. Admin has the choice to update the text for the GDPR rights, this text will be visible in the header section of the website and customers can access their rights by using this interface.

k) Header Menu Text:

Admin can define the text for the Header Menu.

1.3.2 GDPR Data Portability

The Prestashop GDPR Module – Right to access and data portability, keeps the log of all the GDPR data portability requests processed.

1.3.3 GDPR Personal Data Report Request

The Prestashop GDPR Addon – Right to access and data portability, keeps a log of all the personal data requests processed.

1.3.4 GDPR Email Templates

The Prestashop GDPR Addon by Knowband allows the admin to send following emails to the customer on raising a request under the GDPR.

Note: The purpose of these features is to help you to meet the GDPR requirements. Installing this module only does not guarantee merchant sites’ compliance with the new obligations imposed by the GDPR. It is your responsibility to put in place all the necessary measures to ensure you comply.