Thank you.
Professional OpenCart extensions, support and custom work.
Contact me via email or Skype by support@thekrotek.com
This GDPR makes opencart, as it is now and without any payed plugins installed, unusable if you want to have no stress that your firm will be sanctioned....
If you need to do that in OpenCart, I would suggest giving the customer a link where they can e-mail the request to you. You can then just delete it from the admin panel. That's probably more cost effective than creating an actual front-end function for them to do it themselves, though that would possible. You'd probably have to hire someone to write a custom modification for you, since I doubt that feature will make it into OpenCart soon (though I could be wrong, it's up to Daniel).
If you need to find a developer, you should post a request in the OpenCart "Commercial Support" forum, which is checked by a number of OpenCart developers. You can also try checking out the OpenCart "Partners" area.
There are many tabels in db that store data about the customer....even if the delete account only alters 4 or 5 of them....
There is a paid plugin for export but it sends the info via email and that is not secure in my opinion...and that plugin doesn't cover the cookies and delete options(i hope i'm not wrong).
Suppliers Module - XML, CSV, XLS Product Feed Import and Update
Rich Snippets | Facebook Open Graph Meta Tags | WebP Images
I understand now. Well I'll wait then to see if opencart will be made to respect the new GDRP law...
Thank you all.
For me, the fact that you must load cookies only after the user accepts them, is the thing that can affect SEO and can make the websites look as adult websites, with popup asking for cookie accept....MrPhil wrote: ↑Tue Apr 10, 2018 2:22 amA customer should be able to request that their data be taken offline, but as has been pointed out, there may be statutory requirements that the store keep it around for some period. The GDPR law is not well thought-out, and though it is founded on good intentions, it practice it is going to be a nightmare.
Dedication and passion goes to those who are able to push and merge a project.
Regards,
Straightlight
Programmer / Opencart Tester
Not true. Temporary cookies required for basic function do not need permission. Long-term cookies that invade privacy (beacons, tracking cookies) are what the law is supposed to require you to ask permission for. If the bureaucrats start dinging you for session cookies, it's time to disconnect the EU from the Internet. Let them go back to the Stone Age.marius-ciclistu wrote: ↑Tue Apr 10, 2018 2:51 amFor me, the fact that you must load cookies only after the user accepts them,
quote from https://www.itgovernance.eu/blog/en/how ... -policies/MrPhil wrote: ↑Wed Apr 11, 2018 12:06 amNot true. Temporary cookies required for basic function do not need permission. Long-term cookies that invade privacy (beacons, tracking cookies) are what the law is supposed to require you to ask permission for. If the bureaucrats start dinging you for session cookies, it's time to disconnect the EU from the Internet. Let them go back to the Stone Age.marius-ciclistu wrote: ↑Tue Apr 10, 2018 2:51 amFor me, the fact that you must load cookies only after the user accepts them,
Cookies are mentioned only once in the EU General Data Protection Regulation (GDPR), but the repercussions are significant for any organisation that uses them to track users’ browsing activity.
Recital 30 of the GDPR states:
Natural persons may be associated with online identifiers […] such as internet protocol addresses, cookie identifiers or other identifiers […]. This may leave traces which, in particular when combined with unique identifiers and other information received by the servers, may be used to create profiles of the natural persons and identify them.
In short: when cookies can identify an individual via their device, it is considered personal data.
Now please give your opinion about the default cookie, PHPSESSID cookie, currency cookie and language cookie that opencart uses.
What about it?PHPSESSID cookie
Nothing to declare. Otherwise, I wouldn't imagine the database transaction intensity regarding the management of the currencies multiplied by the mount of users visiting the site.currency cookie
Not much security issue to be concerned about since it is a language parameter being applied with a POST method from the TPL / TWIG files over their relative controllers (by default). The only concern to wonder about are regarding the orders and the downloads wish I already cover on this topic: viewtopic.php?f=24&t=203124language cookie
As far as I am concerned with the use of cookies from Opencart over the GDPR compliance policy, there isn't much obstacle politically happening on that end.
Dedication and passion goes to those who are able to push and merge a project.
Regards,
Straightlight
Programmer / Opencart Tester
The problem is, the law enforcement people are not php developers......
I saw your mods. Nice, thank you.
The goal of presenting the Opencart platform to the public, mainly, is for people to understand that no programming skills are required in order to use the OC admin and the store-front end interface. If PHP skills were specifically required, then providing its services over the forums or from site support would be totally useless. Which is why, the forum has been ... 'integrated' (rather than built?) so to provide services to the users who seeks for help with the platform.The problem is, the law enforcement people are not php developers......
Dedication and passion goes to those who are able to push and merge a project.
Regards,
Straightlight
Programmer / Opencart Tester
In 3.x there are only OCSESSID, currency and language.
This analogy would be incorrect. The PHPSESS function is server-based and does not require user approval to provide a generic session ID to the user.If you ask me, at least the PHPSESSIS enters under the GDPR terms and must me loaded only after acceptance
Source: https://stackoverflow.com/questions/137 ... -phpsessidPHP uses one of two methods to keep track of sessions. If cookies are enabled, like in your case, it uses them.
If cookies are disabled, it uses the URL. Although this can be done securely, it's harder and it often, well, isn't. See, e.g., session fixation.
Google for it, you will get lots of SEO advice. The conventional wisdom is that you should use the cookies, but php will keep track of the session either way.
Dedication and passion goes to those who are able to push and merge a project.
Regards,
Straightlight
Programmer / Opencart Tester
Dedication and passion goes to those who are able to push and merge a project.
Regards,
Straightlight
Programmer / Opencart Tester
The only concern with the GDPR compliancy would be with those users who rather defines the adaptor configuration by file rather than the database. That's a question I will have to ask on Github.
Dedication and passion goes to those who are able to push and merge a project.
Regards,
Straightlight
Programmer / Opencart Tester
Users browsing this forum: No registered users and 172 guests