We do as much as possible to simplify GDPR compliance and configure as much a possible. That said, we highly recommend you review the final configuration and documents with an attorney. 

Below we've compiled a list of documents and configurations we create for you.

Legal Documents

Your store comes with GDPR compliant Terms and Conditions, Privacy Policy and Cookie Policy pages. 

  • Terms and Conditions: standard terms required by law in most jurisdictions. It's a regular page. 
  • Privacy Policy: the page is selected under Privacy in WordPress Settings menu. There are sections for Analytics, Behavioral Remarketing, and Payments that need to be reviewed. Remove what you're not using (like Google Analytics or Facebook Ads).
  • Cookie Policy: the page is selected under Cookies Policy & Notification in WordPress Settings menu. You can edit the notification text on this page as well.
  • Cookies Table: this is a separate page that is then included in the Cookie Policy page. There is a section about Google Analytics that needs to be removed if you're not using it. This is also where you should add any third-party cookie information.

Consent 

Your store comes preconfigured with consent notification and checkboxes.

  • Cookies Consent*: the notification is shown to all visitors. The text can be edited on the Cookies Policy & Notification in WordPress Settings menu. 
  • Checkout Consent: two checkboxes for agreeing to the Terms and Conditions, and Privacy Policy are added to the checkout page. Customers with accounts need to confirm it only on the first order. Guest checkouts need to confirm it on every order. 
  • Contact Form Consent: a checkbox for agreeing to the Privacy Policy is added to the contact form.

 * For full GDPR compliance, you need to allow visitors to deny non-essential cookies. If you wish to do so, follow our guide for GDPR cookie consents.

Data Retention

The WooCommerce Data Retention settings under Accounts & Privacy menu is configured as shown below.

This Data Retention policy is explained in the Privacy Policy.

Data Export and Removal Requests

The WooCommerce Erasure Requests settings under Privacy & Accounts menu is configured as shown below.

When you receive a data export or removal request use the Personal Data tools under the WordPress Tools menu.

Did this answer your question?