General Data Protection Rules GDPR

[giancalr]

Hi we have installed the GDPR tools, but the pop up you should open with the code: <script type = "text / javascript">
<! -
function gdpr_decline () {
window.location = "<? php echo zen_href_link (FILENAME_DEFAULT);?>"
}
// ->
</ Script>

It does not work there is some reference to the function that does not go.
has anyone made changes or already installed? Thank you

[Ryk]

Thanks for identifying the define issue - we'll get a corrected version uploaded as oon as we can. As you'll appreciate, it's a bit manic as most people have totally ignored GDPR for the past 2 years!

The email is only sent when a user requests that their account is deleted, not just because they decline the policy.

Readers may find this useful/interesting/comforting as appropriate lol ... take a few moments to visit http://www.bbc.co.uk/news/business-44208456 , watch the video and read the briefing, which can be summarised as:

"Small businesses should not panic but there will be no grace period - the rules will be fully enforced from 25 May (today).

Firms that aren't compliant need to get their action plan sorted quickly"

[fix_metal]

Thanks for identifying the define issue - we'll get a corrected version uploaded as soon as we can. As you'll appreciate, it's a bit manic as most people have totally ignored GDPR for the past 2 years!

The email is only sent when a user requests that their account is deleted, not just because they decline the policy.

Readers may find this useful/interesting/comforting as appropriate lol ... take a few moments to visit http://www.bbc.co.uk/news/business-44208456 , watch the video and read the briefing, which can be summarised as:

"Small businesses should not panic but there will be no grace period - the rules will be fully enforced from 25 May (today).

Firms that aren't compliant need to get their action plan sorted quickly"

ehehe I agree.
I however confirm that no mails are getting out from the Delete my account module. I see the zen_mail row. Should that function return something? I don't see php errors nor any log that states that something went wrong about it...

[Ryk]

@giancdr - the popup isn't part of this free version and that snippet wasn't supposed to be included.

During our own testing on our own servers with vanilla 155f, php 7, all went smoothly, but during the last few days over many installations, we have of course come across a few issues because of individual configurations - as well as a couple of our own.

The current version has the email fix, redirect fix, errant code removed and admin extra_datafile fixed

Can be downloaded from http://jsweb.uk/gdpr_service/gdpr4zc.zip

[fix_metal]

@giancdr - the popup isn't part of this free version and that snippet wasn't supposed to be included.

During our own testing on our own servers with vanilla 155f, php 7, all went smoothly, but during the last few days over many installations, we have of course come across a few issues because of individual configurations - as well as a couple of our own.

The current version has the email fix, redirect fix, errant code removed and admin extra_datafile fixed

Can be downloaded from http://jsweb.uk/gdpr_service/gdpr4zc.zip

Great, I've just installed it and it works like a charm.
Thanks again.
Just 2 things that I'd like to point out:
1) this ZIP is full of hateful apple .DS_Store files ;)
2) I think that a target="_blank" into the "Privacy Notice" at the end of the "Create account" section is better than just opening the page

Best Regards and thanks again

[adb34]

I have been sent this link from Tech Pro Research. Might help

[delia]

So - COWOA. Contrary to the name (checkout without account) it does create a customer account in the database - can create multiple accounts if you buy that way. There's no way for the customer to log in to request deletion. This looks to me to be a big nightmare. I'm guessing that best would be to address what a COWOA account is and state they need to contact the site owner to have it deleted - it or all of them. That sounds like a really big hassle on a large site though. I've always liked COWOA because it speeds up checkout and remains a simple way to do that without a lot of extra code like the FEC. I can see websites turning it off to avoid the hassle now. Anybody thinking along this line with coding? I'm thinking a delete that is based on email address and deletes all occurrences. Would necessitate a new delete button in admin?

Thanks to JSWeb for the mod. Note that us idiot Americans do need to look at your verbiage for Americanization and some specific things are written in (such as specified time to keep orders) that will differ from company to company. Your sample privacy page really did help though to make it clearer what transparency means in this case. My rewriting for my clients resulted in this http://deliatest.com/index.php?main_page=privacy. Feel free to use it as you wish. Disclaimer: course I'm no lawyer either but I took some liberties that may lessen the transparency as intended by GDPR, partially in an effort to match all my clients needs and partially because I'm thinking American companies will have trouble with the order retention part of this. We don't have a 7 year requirement to fall back on.

I looked at chargeback time limits - max seems to be maybe 180 days and as far as I know there is no requirements to keep the info anyway. I am resisting the idea of deleting those transactions at all as a website may not have any other way to track the sales or information. Since Zen Cart does not lend itself to integrating with other accounting platforms (or vice versa) most of my clients use the website only for keeping track of sales and statistics. Canada does have specific requirements and I'm hearing those in the know aren't worrying about this. I do have one UK client so got to get this right!

[Ryk]

@fix_metal

1. Well aware of it but was in a hurry ...and annoying as they are, they don't harm anyone.

2. Two schools of thought here.

a. Opening another window frequently leads to people to getting lost...and if they click the back button on the new window, either the one in the page or the browser, they have nowhere to go back to. On the plus side, it does at least mean the details you've already typed in on your original window will still be there, whereas...

b. Opening the privacy page at the end of the create account process is actually not as good an idea as we thought and we've moved the Privacy fieldset back to its original place at the beginning of the Create Account process because Zencart does not retain the details you just typed in - so anyone actually reading the privacy page is going to be mightily upset when they return which is a good reason to go with the new window approach.

However, by putting it back to the beginning where the original ZCDevTeam had it means that if people don't want to accept your privacy statement, you shouldn't annoy them any further by making them fill in all their details and then go to check the Privacy.

But we uploaded this fileset expecting people with a bit of knowledge to be implementing it, so feel free to modify! We won't be offended.

And I was in so much of a rush earlier that I forgot to add the readme ...so an updated version is in place (with DS store files removed ;-)

http://jsweb.uk/gdpr_service/gdpr4zc.zip

[giancalr]

ok Thanks You, but in the new tool package there is the file footer.php in the tamplate, but what is the purpose, what is the change made? because my file is very complex and I can not replace it with the default one. Thanks It would be advisable to insert in the readme the changes made to the individual files that have overdrive.

[Ryk]

@glancalr

As explained previously, we haven't time at the moment to be dealing with the details as one normally would if we were offering a supported plugin via the downloads section, so this is why there are no detailed instructions or listings of changed files, edits etc. The only advice we are able to give is to "compare and merge"

I'm sorry about that but we have to give our clients priority, and right now our developers are very busy. My understanding is that the tpl_footer.php is necessary for the redirects from the privacy review page to work, but compare our tpl_footer,php against a vanilla one form your Zc version.