A: “Personal data” means any data that can be used to identify an individual, including:
Name
Address(es)
Email
IP address
Cookie ID
Credit card number
Order number
Social media account
Please note that “Personal data” does not include any financial information and therefore cannot be linked to an individual, such as:
How many times a specific product has been sold
How much revenue your store has made
Q: I’m a Shopify merchant outside of EU. Why does it apply to me?
A: The GDPR rules apply to any organization that is offering goods or services to people in the EU irrespective of being based in the EU or outside. All corporations falling under this category will have to comply with the new GDPR rules and should be working on a compliance strategy.
Q: How does Easy GDPR help your Shopify store to achieve GDPR compliance?
A: GDPR compliance requires all merchants to provide 8 basic rights to all potential customers. Easy GDPR makes your Shopify store compliant with 4 of these rights and there are plans for 3 more modules to be added in the near future.
Following is the list of all 8 of these basic rights
GDPR Rights
GDPR Buster Compliance
The right of access
Yes
The right to rectification
Yes
The right to erasure
Yes
The right to data portability
Yes
The right to be informed (Privacy policy + Consent + Cookie bar)
Coming Soon
The right to restrict processing (Customer account disable)
Coming Soon
The right to object (Newsletter unsubscribe)
Coming Soon
Rights in relation to automated decision making and profiling
Coming Soon
Q: How does Easy GDPR help your Shopify store to achieve GDPR compliance?
A: All information collected through your store is being secured in an encrypted database which requires charges to be made. This information is made available to you at any time during an event like a GDPR audit which requires you to prove unambiguous, active consent from all your users.
Uninstallation
Once you have uninstalled GDPR Buster – all information, consent history will be deleted following a grace period as required by GDPR rules.