Introduction- Magento Mobile App GDPR Support
Magento Mobile App GDPR Support means that the Magento Mobile app is GDPR compliant. That keeps the data of the customer safe and secure. Now, the basic question arriving is What is GDPR?
GDPR- General Data Protection Regulation is meant for data regulation of the citizens in the European Union (EU) countries. The GDPR sets a benchmark for customer rights with regard to customer data.
GDPR was adopted by the European Union on April 2016 and came into effect on 25th May 2018.
The act also exercises the right to forget the data. That means the organization must delete the personal data of the customer on their demand to do so.
The organization if found guilty, in any case, have to pay a heavy penalty.
Image source- http://www.artribune.com
Magento 2 Company ? Find out More
Components Of GDPR
There are three bodies in the case of the management of data, which have been given specific names. They are-
- The Subject- The customer/client, user guide, employee- anyone providing personal data.
- The Data Controller- The organization that is offering goods or services that will be saving the data and informing the customer of the reason for the storage of data. The organization will be responsible for the safety of data.
- The Data Processor- These are the third party involved in the businesses such as payment gateway, shipping, and other places in case of e-commerce.
How To Be GDPR Complaint?
The Apps/Website can be easily turned into GDPR complaints by following a few of the below points-
- Right To Be Forgotten- Under GDPR the customer has got the full right to ask the organization to erase the personal data. Even a customer can prevent further publication of their data and forbid its processing by a third-party service.
- Permission- The organization which is in storing the data must ask for the constant of saving the data. The customer can even withdraw the data saved with ease.
- Data Privacy and security- Only the data which is necessary must be asked by the organization(in the app- while registering, and in other places). It should be secured enough not to be published or hacked. The organization must not utilize the data to provide harm to the customer.
- DPO- The Data Protection Officers (DPOs) are appointed by GDPR, who are managing the data protection among the organizations.
GDPR In Big Data
The GDPR will reverse the big data trend where companies were keeping a huge amount of data saved for analysis. The GDPR regulation will restrict the publication of such data which will share the personal details of a customer.
The analysis part can still be done but with limited data and in such a way that the data of the customer is not shared publically.
GDRP In E-commerce
E-commerce websites/apps are the ones that collect the personal data of the customers in large numbers. This
All the website/mobile app needs to GDPR complaint which deals with the customer of EU. Ignoring the regulation can cause a heavy penalty of €20 million or 4% of annual revenue(whichever is greater) if a data breach occurs.
Major Points to make Mobile app GDPR Complaint
Mobikul offers applications that are GDPR complaint they follow the rules as per the regulation. They give the customers of the EU the confidence of being secure and the data control is in their hands.
Mobikul and GDPR
The major reasons that create Mobikul Mobile apps GDPR compliant are-
- Transparency- In the app, the data of the data controller(app owner) must inform the subject about the saving of data. It must involve the consent of the subject. The transfer of data with a third party must even involve the consent of the customer.
- Security- The security of personal data is the most vital component. In case of any data breach, the data controller needs to inform the subject party involved and DPO.
Thus, giving the subject(customer) assurance and a secure feel.
- No Pre-filled Checkboxes-The term and condition acceptance are having a checkbox that is not pre-checked. This gives the subject an assurance of no clarity.
GDPR In Magento App
Mobikul has implemented GDPR in Mobikul Mobile App Builder for Magento is a native app that allows multiple customers to create their account under an app that is GDPR complaint.
In the backend, under Mobikul Configuration,
Enable the GDPR in the mobile app.
Enter the terms and conditions on various pages-
- Sign Up page
- Account Information Page
- Address Page
- Shipping Page
- Payment Page
- Review Page.
GDPR On Frontend- Magento App
The GDPR forms are visible on the front end of the app, the customer can view the same to approve or disapprove of the Terms and conditions.
Sign Up Page- The app user can view and needs to check the checkbox to agree to the Terms and Conditions.
Account Information Page-The Account Page contains various personal details of the client which requires acceptance of Terms and Conditions. The customer can even download the data of Account information.
My Address Page-The customer on Address page can accept the terms and conditions stating the GDPR. The customers can even download the address details submitted on Address page.
Checkout Page-The billing address, shipping method, and payment information page will also have a Terms and condition page as it saves the personal details of the customer. Only when the customers accept the terms and conditions they can move ahead.
Review Page- The customer needs to read and accept the terms and conditions on this page also.
Further Actions In GDPR
We can make enhance a few more functionalities to implement the GDPR more effectively.
- Deletion Request Page- The app can have a page that will have a deletion page. This page will contain the request option to delete the product.
- General CMS Page- A page having terms and conditions that will state that the app has GDPR support.