Skip to content

GDPR Compliance Manager

Description

OnTap GDPR Compliance Manager



GDPR Compliance Manager enhances Magento 2 with functionality that makes your GDPR compliance easier to attain. Our module adds a comprehensive set of functions that allow you to manage your GDPR responsibilities.



  • For your customers, it allows them to see a summary of the data you hold about them (Subject Access Requests).

  • For your customers, it also allows them to delete or anonymise the data you hold about them

  • For you, it provides an SLA-based approach to deal with Subject Access Requests and Deletion Requests, with proactive alerting regarding SLA breach

  • For you, it provides a dashboard to easily check the overall status of your GDPR request handling.

Video Guide

Features

  • Handle Subject Access Requests

  • Handle Deletion Requests

  • Create a workflow that defines what other information outside of Magento you must obtain to satisfy the requests

  • Compliance Dashboard

  • Configurable SLAs

  • Email alert notifications for SLA breach/near-breach

Installation Guide

GDPR Compliance Manager can be obtained from:

Both Composer and ZIP archive installations are supported.

Make a backup!

Direct installation of Magento extensions onto your production web site is not recommended or supported. We advise you to install this on a development version of your web site first to ensure correct operation with your particular Magento installation.

In addition, we advise you to make a complete backup of your Magento system (application files and database) before proceeding.

Version Compatibility

GDPR Compliance Manager is compatible with the following Magento platforms:

Community Edition (Open Source) Enterprise Edition (Commerce) Cloud Edition
2.1.0 - 2.4.* 2.1.0 - 2.4.* 2.1.0 - 2.4.*

Change Log

Version Release Date Changes
1.2.0 20th July 2020 Improvement: Better 2.3.x compatibility
1.1.0 16th May 2018 Change: Removed the mandatory option from the workflow steps.
Improvement: Changed the text that displays in the 'Request my data' block if the customer has previously made a SAR.
Improvement: Added an option so customer data can be to anonymised or deleted.
1.0.0 1st March 2018 Initial Release

Customer Journey

GDPR Compliance Manager adds a new page to a logged-in customer's account pages. This is labeled 'Privacy' in the left column. This then shows a page, as follows:

OnTap GDPR Compliance Manager)

The page header and informational text paragraphs on this page can be changed in the configuration page.

Subject Access Requests (SARs)

By default, the module will display bullet pointed information about what is known about the customer inside Magento. Where appropriate, this information hyperlinks the customer to the place elsewhere in their customer account pages where that information is detailed.

The module will display some, or all, of the following information depending on what is displayed.

  1. When the account was created: You have had an account on this site since 01/01/2018.

  2. How many addresses are stored in their address book: You store 4 of your addresses.

  3. If they are assigned to a customer group other than the Magento default group, or for Enterprise/Commerce Edition customers where the customer is a member of one or more segments: We categorise your customer account based upon who you are, which may be used to target unique content or provide you unique pricing or promotional offers.

  4. If they are subscribed to the newsletter: Your email address [email protected] is currently opted-in to our promotional mailing.

  5. If they have placed orders: We have order details for 50 orders between 01/01/2018 and 01/03/2021.

  6. If they have items currently in their cart: We know what items you currently have in your shopping cart.

  7. If the persistent shopping cart feature is enabled in Magento: We store a cookie in your browser to recognise you the next time you return.

  8. If they have products stored in their wishlist: We are storing 10 items in your wishlist.

  9. If they have products stored in the product comparison feature: We are storing 5 items in your product comparison list.

  10. If they have purchased downloadable products: We are storing information about 3 downloadable products that you have purchased from our site.

  11. If they have any payment tokens stored using the Magento Vault functionality: We are storing details of 2 credit cards you have used on our site.

  12. If they have made product reviews: You have reviewed 4 of our products.

  13. If they have billing agreements set up: You have 2 billing agreements.

Displaying Data Outside of Magento

Magento will not be the only place where customer data is hold. Most organisations have multiple systems that might store various information.

GDPR Compliance Manager helps you with this reality. You can set up a workflow of steps that must be followed within your organisation in order to collate all of the necessary information about a customer.

You can create as many steps in that workflow as you want. If workflow steps are enabled, then the customer will see this:

OnTap GDPR Compliance Manager)

If the customer then clicks on the Request my data button, this creates a Subject Access Request inside the GDPR Compliance Manager. The above information then changes to:

OnTap GDPR Compliance Manager)

In this example, there are three workflow steps shown to the customer. Each step has a definable name (e.g. Emails, CRM data and Other information).

Until you have provided the information for each step to this customer, each step will display We are currently finding this data.

Processing SARs

If you want to see how SARs are processed in the admin panel, please check this page.

As the SAR is progressed by your company and you provide information to the customer, their view of their request changes as you add it. Once you have completed everything in the workflow steps defined, then the customer might see, for example:

OnTap GDPR Compliance Manager)

At this point the SAR has been fulfilled.

This request stays in Magento, and the customer can, at any time, request an updated view of their data by again clicking on the Request my data button on the Privacy page.

Deletion Requests (DRs)

The customer's Privacy page has a button called 'Delete my data'.

OnTap GDPR Compliance Manager)

This allows the customer to request for the data held about them to be deleted or anonymised. Please note, the customer does not have to have requested their data previously, they can simply come to their Privacy page and request the deletion.

Just as Workflow steps can be created for Subject Access Requests, you can also define steps for Deletion Requests. These steps are independent of the SAR steps because you may have more things to do in order to delete or anonymise the data, compared to simply collating it.

When the customer clicks on Delete my data, then two things can have:

  • If no Deletion workflow steps are defined, then their Magento data is marked for deletion/anonymise. It will then be automatically deleted/anonymise within 24 hours.

  • If there are Deletion workflow steps, then the customer will see the following:

OnTap GDPR Compliance Manager)

The 0% relates to the number of deletion workflow steps that have been completed. As steps are completed, then the percentage increases. Please note, the customer does not see the actual steps in their Privacy page. They only see the % complete.

The Cancel delete request link allows the customer to cancel the DR. They can create future DRs in the same way as before.

Processing DRs

If you want to see how DRs are processed in the admin panel, please check this page.

When it reaches 100%, their Magento data is marked for deletion/anonymisation, and this will then be automatically deleted/anonymised within 24 hours. The customer will see this:

OnTap GDPR Compliance Manager)

At this point, there is a scheduled task that runs daily and will delete all the data held in Magento for the customer. For information about what gets deleted or anonymised, please read this article.

Using GDPR Compliance Manager

Extension Configuration

To access the configuration of the module, select Stores → Configuration → On Tap → GDPR from within the admin panel.

On this workspace you'll find 2 tabs:

Frontend Customer Account Presentation

OnTap GDPR Compliance Manager)

These options are as follows:

Privacy Title When a customer logs into their Magento account, they see the Privacy tab that this module adds. On the resulting page, the page title is whatever is configured in this field.

Privacy Introduction On the customer's Privacy page, under the title, the Privacy introduction text is displayed. This is your opportunity to describe your GDPR processes and what the customer can expect from your organisation.

Default information This text is designed to allow you to inform your customer about all of the other places you might hold data about them that is outside of Magento. For example, email systems, CRM platforms, paper records, etc.

Text to display for in-progress requests

This is the text displayed to customers once they have requested an SAR.

Text to display for completed requests This is the text displayed to customers once you have provided responses for all of the workflow steps for their SAR.

Compliance

OnTap GDPR Compliance Manager)

Compliance type dropdown dictates how the data is handled to comply with GDPR. Can be set to either Delete data or Anonymise data. The first option will delete all data held on the customer once a delete request is processed. The second will Randomise/Anonymise all data so that it cannot be used to identify an individual but the data can be used for reporting/analysis.

Prevent workflow step removal? In Customers → GDPR → Workflow steps, each step has a 'Remove' option. If you have a live system where SARs and/or DRs already exist, then removing a step causes the data held for customers to be unavailable. You should ideally set this option to Yes once you have defined your workflow steps to prevent any of your admin users from accidentally deleting steps.

The Request to delete behaviour setting allows you to define whether customers who make DRs are shown Workflow steps, or whether their request is Immediately processed. In the case that this is set to Immediate (or when all workflow steps are complete for a DR), it actually takes up to 24 hours to delete the data held in Magento. Please refer to this section of the manual for more information.

The Request SLA (days) setting specifies the time in days to comply with your service level agreement for a subject access request.

The Deletion SLA (days) setting specifies the time in days to comply with your service level agreement for a deletion request.

The Send daily SLA report allows an SLA report to be sent on a daily basis to the email address specified in the SLA report email address(es) field. You can use comma to put several emails here.

The SLA report transactional template dropdown contains a list of all transactional email templates to choose from.

Limiting access to GDPR

You can limit access to prevent admin users from either accessing functionality, or to change the configuration. Please open you backend panel and go to System → Permissions → User Roles.

Please note that when you decide to edit or create the new role, the Resource Access setting should be switched to Custom:

OnTap GDPR Compliance Manager)

Then in the Stores section there is an option called OnTap GDPR:

OnTap GDPR Compliance Manager)

In case this setting is unselected (as in the example above), then any user who has this role defined will not be able to access the Stores → Configuration → On Tap → GDPR page.

You can also observe the Privacy folder inside Customers section:

OnTap GDPR Compliance Manager)

These options allow you to control who has access to the backend panel functionality.

If you require assistance in setting up roles, please refer to the Magento documentation about this.

Workflow Steps

Both Subject Access Requests (SAR) and Deletion Requests (DR) can be subject to workflow steps. These allow you to define internal steps that must be done in order to fulfil a request - this is in the knowledge that your organisation probably holds information about your customers outside of Magento as well.

Each step has the following attributes:

  • Either an SAR or DR step
  • Name
  • Which website(s) the step relates to
  • Whether to show it to the customer or not.

For Subject Access Requests, each workflow step is displayed to the customer in their account page. Ideally, you create a step for each system and/or department in your organisation that might hold data about a customer in Magento.

For Deletion Request, the workflow steps are independent from the SAR steps. This is because there are often more steps involved in deleting data, compared to those required to collate and provide the information to the customer.

Unlike SAR steps, the DR workflow steps are not displayed to the customer in their account page.

Editing Workflow Steps

In the backend panel, go to Customers → GDPR → Workflow:

OnTap GDPR Compliance Manager)

From here, you will be able to define the steps you wish to offer for your website(s) customers. Each row is dragable, so that you can define the order in which they appear on the frontend.

Data Protection

If you use the Remove link on any step, then any data held about that step for any SARs or DRs will no longer be accessible. There is a configuration page option that prevents users from using this Remove option in order to protect from accidental removal of steps.

SLAs

The GDPR legislation defines its own limits on the amount of time you have to respond to SARs and DRs. However, GDPR Compliance Manager allows you to define your own Service Level Agreements (SLAs), ideally fast than the legislation, so that you can manage to fulfil requests in good time.

You can define SLAs individually for SARs and DRs in the module's configuration page, where we have these configurations:

OnTap GDPR Compliance Manager)

SLA State

The SLA state for each request is shown in various places within the module:

These states are:

  • Expired / SLA breach- meaning the request has passed the date by which the SLA defined it should have been completed on.
  • Warning / Near SLA breach- meaning the request is within 7 days of being expired/breached.
  • OK - meaning the request still has good time for you to process it.

SLA report email

The module can optionally send one or more users a daily email containing a report of the current requests being processed. This is defined in the module's configuration page, where we have these configurations:

OnTap GDPR Compliance Manager)

Each website can have its own settings.

The email sent contains a list of the customers whose SARs or DRs are either:

  • Near SLA breach

  • SLA breach

Request Processing

Subject Access Requests (SARs)

When a customer requests a copy of the data you hold about them, an SAR is created.

Creating SARs

A Subject Access Request (SAR) can be created in two ways:

  1. By a logged-in customer in the Privacy page of their customer account. This process is documented here.

  2. By an admin user in the admin panel on behalf of a customer.

Creating them via the backend panel is necessary for several use cases:

  • An existing Magento customer contacts you and requests their data without doing that themselves in their customer account pages;
  • A non-Magento customer contacts you to request their data.

In the case where you need to create an SAR for a non-Magento customer, then you first do need to create a customer account for them. This is documented in the Magento User Guide.

After the user is created, click the GDPR option in the Customers Information tab:

OnTap GDPR Compliance Manager)

From here, you will see all existing SARs and DRs for the customer. Clicking the Create new SAR button will result in a new Subject Access Request being created. The workspace will update:

OnTap GDPR Compliance Manager)

The View link opens the specific SAR. Please note, this will list all SARs made by/for the customer - there can be multiple.

Processing SARs

These can be viewed in Customers → GDPR → Subject Access Requests:

OnTap GDPR Compliance Manager)

Each row in the grid shows you:

  • Customer name
  • The date and time that the SAR was requested
  • Current status:
    • Not started - means it is brand new SAR that has no data attached to it yet
    • In progress - means that some data is attached, but not all
    • Complete - means that all data is attached and all steps are marked as Completed
  • SLA. This has various states that are defined here.
  • Edit link

Clicking Edit will show you that individual DR:

OnTap GDPR Compliance Manager)

This page gives you:

  • Customer's name, with a hyperlink to their account
  • The date and time that the SAR was requested
  • The text that is displayed to the customer at the front-end in their Privacy page.
  • Workflow data, for you to populate.

In order for an SAR to be considered 'Complete', it must have:

  • Data entered in every Step Data field.
  • All Completed checkboxes must be ticked.

You are not advised to include the actual customer data in the Step Data fields. Instead, any customer data should be linked to at some other secure location.

Deletion Requests (DRs)

When a customer requests to delete the data you hold about them, a DR is created.

Creating DRs

A Deletion Request (DR) can be created in two ways:

  1. By a logged-in customer in the Privacy page of their customer account. This process is documented here.

  2. By an admin user in the admin panel on behalf of a customer.

Creating them via the backend panel is necessary for several use cases:

  • An existing Magento customer contacts you and requests the deletion without doing that themselves in their customer account pages;
  • A non-Magento customer contacts you to request their data is deleted.

In the case where you need to create a DR for a non-Magento customer, then you first do need to create a customer account for them. This is documented in the Magento User Guide.

After the user is created, click the GDPR option in the Customers Information tab:

OnTap GDPR Compliance Manager)

From here, you will see all existing SARs and DRs for the customer. Clicking the Create new DR button will result in a new Deletion Request being created. The workspace will update:

OnTap GDPR Compliance Manager)

The View link opens the specific DR. There will only ever be one DR listed per customer.

Creating DRs for Guest Orders

To create Delete Request for Guest orders,

  1. Admin user first needs to know the email address associated with the Guest Order.

  2. Then admin has to create the customer account with the same email address from the admin panel: OnTap GDPR Compliance Manager)

  3. Once account created, Delete request can be created from Customer Information → GDPR tab.

  4. Now when the DR request has been created, the customer can log in and go to the Pivacy tab of the customer account: OnTap GDPR Compliance Manager)

Processing DRs

These can be viewed in Customers → GDPR → Delete Requests:

OnTap GDPR Compliance Manager)

Each row in the grid shows you:

  • Customer name
  • The date and time that the DR was requested
  • Current status:
    • Not started - means it is brand new DR that has no data attached to it yet
    • In progress - means that some data is attached, but not all
    • Complete - means that all data is attached and all steps are marked as Completed
  • SLA. This has various states that are defined here.
  • Edit link

Clicking Edit will show you that individual SAR:

OnTap GDPR Compliance Manager)

This page gives you:

  • Customer's name, with a hyperlink to their account
  • The date and time that the DR was requested
  • The text that is displayed to the customer at the front-end in their Privacy page.
  • Workflow data, for you to populate.

In order for an SAR to be considered 'Complete', it must have:

  • All Completed checkboxes must be ticked.

Please note, unlike for SARs, the contents of the Step Data are not displayed to the customer in their Privacy page. However, you are still not advised to include the actual customer data in the Step Data fields. Instead, any customer data should be linked to at some other secure location.

What Gets Deleted and What Doesn't?

Deletion

This will only apply if the module configured so that personal data in Admin → Store → Configuration → On Tap → GDPR → Compliance Type is deleted. For other option (Anonymised Data), click here

GDPR Compliance Manager is only natively aware of certain data within Magento. Therefore, it will only be able to delete the following data types:

  • Customer record
  • Orders
  • Order comments
  • Newsletter subscription
  • Shipments
  • Shipment comments
  • Quotes
  • Invoices
  • Invoice comments
  • Credit Memos
  • Credit memo comments
  • Wishlists
  • Product comparison lists

If you are using Magento Enterprise/Commerce edition, then the following additional information is deleted:

  • RMAs
  • RMA comments
  • Archived orders
  • Archived invoices
  • Archived shipments
  • Archived credit memos

Generally speaking, it is still your responsibility to ensure that all data is deleted from Magento, and any other systems, even if our module is supposed to delete it. Data for a customer could still be held in Magento if:

  • You use additional third-party modules that store customer details
  • You use additional third-party services that synchronise data back into Magento (via the native Magento APIs or their own private APIs provided by a module)
  • Magento's core 'delete' functionality does not remove the necessary data (we rely on these core functions to work as described)
  • You have somehow customised Magento in a way that generally prevents the deletion.
Customer Data

Both the SAR and DR created by a customer does not get deleted themselves when their other Magento data does. It is important that when you populate the workflow steps of both the SAR and DR, that you do not paste any customer data directly into these fields.

In line with our EULA for GDPR Compliance Manager, On Tap makes no warranty about the absolute deletion of any customer data.

Anonymised Data

Anonymization

This will only apply if the module configured so that personal data in Admin → Store → Configuration → On Tap → GDPR → Compliance Type is anonymized. For other option (Anonymised Data), click here

OnTap GDPR Compliance Manager)

The example of the customer details on the Customers Grid

OnTap GDPR Compliance Manager)

The example of the customer details on the Order Workspace

Request Reporting

Compliance Dashboard

The Compliance Dashboard shows you the current state, in graphical form, of all your SARs and DRs.

To see this dashboard, go to Customers → GDPR → Compliance Dashboard:

OnTap GDPR Compliance Manager)

In this page, you will see:

  • SLA states of SARs - showing the proportion of SARs where the SLA period is either OK, Warning or Expired. The states status is defined here
  • SLA states of DRs
  • Button to jump straight to the SAR grid.
  • Button to jump straight to the DR grid.
  • Graph showing the number of SARs and DRs over time for the past year.

Scheduled functionality

GDPR Compliance Manager features several scheduled (Cron) tasks.

Data Deletion

This task runs at 00:00 each morning and its job is to find Deletion Requests that have reached the necessary state to trigger the deletion of a customer's data in Magento. This state can occur in two ways:

  • In the Compliance configuration, if the Request to delete behaviour is set to Immediate, then the customer's request to delete their data is processed.

  • In the Compliance configuration, if the Request to delete behaviour' is set to Workflow steps AND the necessary steps have been completed in Customers → GDPR → Delete Requests, then the customer's request to delete their data is processed.

Schedule

These tasks run daily at midnight. So if, for example, if one of the states is achieved at 23:59 then the data will be deleted one minute later. However, if the state is achieved at 00:01. then the data will be deleted almost 24 hours later.

SLA report

The SLA report emails are sent out at midnight. If you want to disable these emails, you can set the Send daily SLA report setting to No in the Compliance configuration section.

Frequently Asked Questions

Which version of Magento is required?

GDPR Compliance Manager has been tested with versions 2.1.0 to 2.4.* inclusive of the following:

  • Magento Open Source (Community Edition)
  • Magento Commerce (Enterprise Edition)
  • Magento Cloud Edition
How much does it cost?

Pricing is the same regardless of which Magento edition you have. However, if you want us to install the module for you, we charge extra for that.

It is licensed per server, so if you have multiple Magento instances, then you’ll need to purchase multiple licenses.

Is it easy to install?

Yes. The extension is delivered as a Magento module that can be very easily installed. The process should only take minutes. Alternatively, we can install it for you.

Is the source code encrypted?

No. The source code is not encrypted so can be modified.

Is support available?

The extension is fully supported by On Tap. You are eligible for technical support and product updates for 365 days from the point of purchase. You can extend this, for additional cost, after it expires to ensure that you continue to receive support and upgrades.

Bug fixes are included within the lifetime of your use of the product regardless of whether you have technical support/product updates. As long as we can replicate the bug in our extension on a clean version of Magento (using a version that is supported by your version of the extension), then we’ll fix it free of charge.

Issues and Support

If you experience any issues with the extension, please do the following:

  • Document in detail what has happened.
  • Include screenshots and error messages.
  • Visit: www.ontapgroup.com/customer/account/ and create a new account (if you do not already have one).
  • Once logged in, click on MY SUPPORT TICKETS, and then the Submit a Ticket button to create a new support ticket.