PrestaShop GDPR Compliance Pro - 2022 Enhanced Edition 2.1.21

This is the first and most sold GDPR module for Prestashop! This is the only module that offers your store and your business full GDPR compliance. Complete adherence to the European Cookies Law and the most recent GDPR amendments

It ensures that the individual about whom information is held can exercise their rights under the Act of GDPR. On May 4, 2020, the European Data Protection Board (EDPB) adopted guidelines on valid consent under GDPR.

including the right:-

• to be informed that processing is being undertaken
• to prevent processing in specific circumstances
• to correct, rectify, block or erase information which is regarded as incorrect information of access to personal information
• to erasure
• to portability where applicable

By preventing the installation of cookies until the user gives their explicit consent, this module enables your store to completely comply with the requirements of the European Cookies Law and the most recent revisions to the GDPR.

As a Shop owner, you need to find a way to give the Visitor an option to Opt-out from any Cookies the site uses. We made sure that by a simple selection from the module list, you could offer the options to the client.

The module allows the client to opt-out from Facebook Pixel, Google Tag Manager, Google Ad words Tracking, Standard Prestashop Tracking, and all other cookies. It doesn't just block cookies used by the direct script but will block entire tracking modules. There is no more straightforward way to have the cookies blocked than by the options offered by us!

Assures compliance with the GDPR legislation allowing the store to operate legally, avoiding fines of up to 20 million euros or 4% of the global annual turnover.

Art. 7 GDPRConditions for consent

Consent must be "freely given, specific, informed and unambiguous."

• Requests for consent must be "clearly distinguishable from the other matters" and presented in "clear and plain language."
• A simple popup that presents a message about the cookies used is not enough.
• Cookies are considered personal data under the General Data Protection Regulations (GDPR); thus, the consent must be freely given, informed, precise, and unambiguous.
• It is insufficient to convey permission in a communication. Before installing cookies, consent must be given clearly, and explicitly.
• Be aware of a module which displays only simple messages as the fines for not being GDPR compliant can be overwhelming for a small business. When cookies are already present on a user's computer without their permission, it makes little sense to notify them about their installation.
• The EDPB guidelines clarify that scrolling or continued browsing on a website does not constitute valid consent, and that cookie banners are not allowed to have pre-ticked checkboxes.

Blocking all cookies

• We've been the first GDPR module, and we've been serving over ten thousand companies for being GDPR complaints.
• This module, in contrast to the others, enables you to prevent the installation of cookies unless the client offers explicit consent. You can select which modules install cookies from the module settings, and the module will automatically prevent cookie installation until the client agrees.
• We divided cookies, as the law requires, into 4 categories.
• Obligatory cookies, without which the shop can't work correctly.
• Preferences cookies, which include cookies in regards to the shop language, currency as well cart;
• Marketing Cookies: This section includes all platforms that you use for Marketing Purposes, like Google Adwords, Facebook Pixel, Bing Advertising, Twitter, Instagram etc
• Statistical cookies: Google Analytics, Clarity, Hotjar, Inspectlet, crazy Egg. All those cookies gather information about your customer but won't directly advertise to them.
• Each level of consent from the client can be given independently.

The Right to Buy

• The module is built so that it will allow customers to use the site even if all Adv. Cookies are blocked. This regulation is known as "The Right to Buy" - as important as GDPR, as you need to ensure that all your clients can place an order, even though they won't accept a single cookie from the site.

The Right to correct, rectify or withdraw the consent given.

• Data subjects can withdraw previously given consent whenever they want, and you must honour their decision. You can't simply change the legal basis of the processing to one of the other justifications.
• Children under 13 can only give consent with permission from their parents.
• The module keeps documentary evidence of consent.
• The module settings are easily editable for each user at any given time, ensuring they can check and change what they have chosen.

The Right of access to personal information

The General Data Protection clearly states that each client needs easy access to check what personal information is held by the shop owner. Beyond this, all personal data about them can be requested in an easily digestible format at any given time.

The module creates two different options inside the customer account, which allow the customer to request their personal data through email and their personal data deletion.

Without these 2 options, none of the businesses can be fully GDPR compliant. Don'tDon't take any necessary risks; make sure you're covered.

Blocking only the cookies is not ENOUGH!

Shop owners or data protection officers can be quickly notified if anyone requests the erasure of their data and act on this request in the shortest time possible.

The GDPR module allows adding detailed descriptions about what personal data is needed and for what purposes it is used, ensuring that customers can make an informed decision when activating other modules on the site.

Portability of Data where applicable

We made sure that all clients can't just access their data, but the data are sent through them through email, or it can be downloaded from their client account at any given time, in an easily digestible table approach making sure the data can be copied over, offering a high portability option.

Anonimyze – The Right for Data Deletion.

According to any European country's financial institution, it is illegal to delete any data concerning Client Invoices or orders. These need to be held and presented as evidence in case some institution asks for it.

This is why we made sure you're fully compliant and don't accidentally delete crucial adat. We invented the anonymize option, which keeps the client's order/invoices; however it deletes (changes) all personal related data to him, including the IP!

If you're uncertain how to set the module up, our team is happy to implement the module for free.

• Make sure you stay on top of the GDPR by choosing Prestashop'sPrestashop's best Selling GDPR module.