Open2b is the only e-commerce platform that ships with built-in features to help merchants comply with the new General Data Protection Regulation (GDPR), in force across Europe since May 25, 2018. It minimizes the risk of mistakes or incomplete information and helps avoid heavy penalties.
Depending on the legal basis for processing, you may need to ask customers for consent to process their personal data. For consent-based processing, the Open2b e-commerce platform lets you create consents and specify whether they are mandatory or optional. For example, consent can be required to register on the site but optional for receiving marketing communications. Consents granted by customers can be reviewed in the Open2b e-commerce management panel in a clear, simple, and transparent way.
GDPR protects both citizens' personal data and the right or duty of companies and professionals to process personal data to perform their activities or comply with regulations.
You must process personal data:
When someone provides you with their personal data, you must provide a notice that summarizes all required information and the rights the customer has over their data.
The Open2b e-commerce platform lets you create one or more privacy notice pages indicating the purpose of the processing, shown to customers as they use your site, specifically during registration, ordering, and quote requests.
The Open2b e-commerce platform tracks all consents granted over time and stores, for each consent, the timestamp, the device IP address, the processing title, and the description as read by the customer at the time of consent. This information helps in audits to prove you obtained consent. You can also revoke consents and grant new ones, for example after a customer request.
The Open2b e-commerce platform automatically records all carts created by customers, regardless of whether they become orders. This lets registered customers find their cart as they left it if they decide to complete the purchase later. It also gives merchants statistical insight into cart-to-order conversion, helping define strategies to improve it, for example by contacting customers through other channels such as newsletters and outbound calls to encourage the sale.
If the cart does not convert into an order, however, the new GDPR requires processing data only for the time strictly necessary. If the customer has not given compatible consent, for example for other purposes like receiving marketing communications, this information must be:
The Open2b e-commerce platform is designed to perform both actions, letting you decide whether to keep data, delete it, or anonymize it.
Customers have the right to receive their personal data from you in a structured, machine-readable format. From a customer profile in the management panel you can export the customer's personal data and send them a link from which, after logging in, they can download a file containing their data. The Open2b e-commerce platform also lets customers update their personal details on their own and grant or revoke consents.
With the Open2b e-commerce platform you collect and process your customers' personal data, but you may also process data through third-party systems such as ERPs or newsletter tools by automating procedures. Once an integration is set up, you may need to update consents or stop processing if a customer revokes consent.