The arrival of General Data Protection Regulation in Europe complicated matters – not only for Europe-based sellers. E-commerce stores cannot afford to ignore this law, for this can result in massive fines.
What is the aim of GDPR?
The general premise of GDPR was to handle the data protection of European citizens in a better way than up to now. Although the goal is noble, e-commerce stores might find it difficult to comply. During the first year after the GDPR started being enforced, there were about 145,000 queries and complaints, as well as nearly 90,000 notifications of data breaches.
GDPR is expected to be enforced by all businesses operating in European Union, even if they are based outside it. Failure to live up to the obligations of the directive might result in hefty fines that already became legendary. And the reason isn’t always that easy to understand. For example, a Polish insurer got punished for sending an e-mail with personal data to the wrong person – even though it was the client who provided an incorrect address.
How to check if e-store is compliant with GDPR?
A simple way to perform the check is to browse the e-commerce website and stop for a moment each time you’re asked for any data (i.e. name, e-mail, or phone number).
The answers to these questions should help you in determining the state of GDPR compliance in your e-store.
How to make sure that you have the consent to process the data?
It’s actually pretty straightforward. Don’t use pre-ticked boxes or pre-selected choices. The user has to voluntarily and consciously choose to share their data with you. Even if they signed up for the newsletter, they still have to confirm the willingness to receive it.
Of course, this makes sense, as someone else could sign them up to spam their inbox, but as you have probably noticed by now, many of the data protection measures might increase the rate of customers’ disinterest. Large pop-ups informing about the data processing that needs to be closed before moving forward with any action, extra steps to confirm everything, etc.
– in a fast-paced world this might discourage users to shop in your e-store. That’s why, although GDPR compliance is a necessity, you also should think carefully about how to implement it without decreasing the quality of user experience.