For more details see the GDPR extension page.
Make your store compliant with the latest EU's GDPR and other legislative requirements. Create and manage privacy policy documentation, add consent checkbox to the registration and checkout pages, and send email consent requests.
To configure the extension, please, go to System → Configuration → Amasty Extensions → GDPR.
Forbid a customer's personal data anonymization for orders in certain statuses — enable this option to forbid the anonymization process for certain order statuses;
Order Statuses — select order statuses to forbid the anonymization action when the order is in certain statuses.
In the Enable or Disable the Privacy Settings Section you can adjust which privacy settings should be available to customers.
Don`t Sell My Personal Information - if disabled, a customer will not be able to give consent to sell personal data.
Download Personal Data - set to Yes to allow users to download all their data in CSV spreadsheet.
Anonymize Personal Data - set this option to Yes to enable users to anonymize their data.
Delete Account - set to Yes to allow registered customers to create a request to delete their profile via a personal account.
Anonymize Personal Data for Guest Users - set to Yes to enable order data anonymization for Guest users.
Email Sender — specify the email sender for the anonymization notifications.
Email Reply To — fill in the email address where all replies will be sent, or leave blank to use the sender address by the default.
Email Template — select the appropriate email template.
Notify Administrator Each Time User Requests to Delete Account — enable this option by setting it to Yes to notify the admin via email, when a new request to delete an account is created.
Send Email To — select the administrator user to send the notification to.
Email Template for Administrator — select the email template that will be used for Admin's notifications.
Approve Notification Email Sender for Сustomers — specify the email sender.
Approve Email Reply To — fill in the email address where all replies will be sent, or leave blank to use the sender address by the default.
Approve Notification Email Template for Сustomers — select the suitable email template.
Deny Notification Email Sender for Сustomers — specify the email sender.
Deny Email Reply To — fill in the email address where all replies will be sent, or leave blank to use the sender address by the default.
Deny Notification Email Template for Сustomers — select the appropriate email template.
Email Sender — specify the email sender.
Email Reply To — fill in the email address where all replies will be sent, or leave blank to use the sender address by the default.
Email Template — select the suitable email template.
Display Only for EEA Countries — enable this options to display a privacy policy consent checkbox only for users from the European Union countries. When the field is enabled, you can multi-select the needed countries manually.
Consent Text — specify the consent text that will be displayed after the checkbox. You can use the HTML to add links or other custom info.
Display at Registration — set to Yes to add a privacy policy consent checkbox to the registration page.
Display at Checkout — Yes to enable a privacy policy consent checkbox to the checkout page.
Display at Newsletter Subscription — change to Yes to enable a privacy policy consent checkbox to the subscription form;
Display at Contact Us — set to Yes to add a privacy policy consent checkbox to the contact us page.
Enable Cookie Policy Bar — choose Yes to enable the cookie policy bar for users on the frontend pages:
Cookie Policy Text — specify the cookie policy text or provide a link to the separate cookie policy page.
Cookies to Exclude — specify cookies to exclude when a customer rejects the cookie policy. This option is designed to work with the Confirmation Bar style of Cookie Policy Bar.
Cookie Policy Bar Location - Place a cookies consent pop-up at the top (Top) or button (Footer) of the page.
In the section below, you can adjust various cookie bar colours to your needs or store design theme. Set custom colours for:
To see the record of all GDPR-related actions customers have taken, please, go to Customers → GDPR → Action Log.
On the grid, you can see all actions performed by store users regarding privacy policy consents and the GDPR-related account management. Such actions include: giving the consent, data anonymization, delete requests, etc. It is highly helpful, as the module also tracks the IP address and date and time of action to help you timely catch fraudulent activities.
On the Manage Customers grid you can view and filter all customers by their consent to sell personal info or not. The extra 'Don`t Sell My Personal Information' column is added to the grid by the extension.
To see the list of all customers that gave their consent, navigate to Customers → GDPR → Customers With Consent.
On this grid, you can see all existing customers who agreed to the privacy policy and the version of the policy for which the consent was received.
Via Actions dropdown menu, you can email Consent Request to the selected customers. In that case, they will receive an email request to agree to the latest privacy policy version.
Next, proceed to Customers → GDPR → Customers Without Consent.
On this grid, you can see the list of customers who didn't agree to the provided privacy policy or never given consent.
Using the Actions dropdown menu you can email consent request to the selected customers. In that case, they will receive an email request to agree to the latest privacy policy version.
You can take a look at the current progress of the email sending by navigating to Customers → GDPR → Customer Consents Email Queue.
When a customer sends a request for account removal, the request appears on the special grid. Please, go to Customers → GDPR → Delete Requests.
On the grid, you can see all incoming requests. You can approve or deny any request:
To manage the privacy policy documentation, please, go to Customers → GDPR → Privacy Policy.
Hit the Add New button to create a new privacy policy document.
Comment — specify the privacy policy title;
Policy Version — set the privacy policy version;
Policy Status — change the privacy policy status;
Policy Content — fill in the privacy policy text.
When the privacy policy document is ready, hit the Save button to return to the grid.
On the grid you can manage the existing privacy policy documents: create, update, clone and delete them.
When you need to duplicate the existing disabled privacy policy document and edit it, click the Clone button. Now, you can edit and save the document.
To install the GeoIP database, go to System → Configuration → Amasty Extensions → GeoIP Data.
You can get the databases automatically or import your own data.
Hit the Download and Import button to make the extension download the updated CSV dump file and import it into your database automatically.
To import the files from your own source, use the Import option. Path to the files should look like this (the part 'var/amasty' should be replaced with your folders’ names):
var/amasty/geoip/GeoLite2-City-Blocks-IPv4.csv var/amasty/geoip/GeoLite2-City-Blocks-IPv6.csv var/amasty/geoip/GeoLite2-City-Locations-en.csv
With the GDPR extension for Magento, one can add privacy policy consent checkbox to the registration and checkout pages (see this section for details).
This is how the Privacy Policy checkbox looks at the checkout page.
Also, the Privacy Policy checkbox can be added to the Contact Us form:
To help you collect consents while subscribing to a newsletter, a Privacy Policy checkbox can be added. It looks like this:
This is how the privacy policy document looks for store visitors:
In the customer's account the new tab called Privacy Settings is added:
From this page, customers can:
After customers select any option, they will be required to enter the account password to prove the identity. Such an option is designed to prevent account deletion or anonymization by accident.