The purpose of this page is to inform your visitors about how their data is being handled. This page should be accessible for your visitors and kept in plain and readable language.
Cookies usually are the trickiest part of making your store compliant with regulations for privacy and data protection.
Most of the other data collection activities going on in connection to your store are both static and visible. The contact form or newsletter form only changes if you actively make changes to it, and the user is aware of giving personal information when they chose to fill them out.
Cookies, on the other hand, operate in the background. They are quietly dropped on the user’s computer and in more detail in the browser without the user being aware of what is going on. Sometimes this can be done also even without the knowledge of the store owner.
After that, the cookies can collect a lot of different types of data for any given length of time and send this data out to the origin script vendors.
Something very interesting is that cookies are numerous and dynamic, and they tend to change often.
The General Data Protection Regulation (GDPR) requires that communication about the use of data is both specific and accurate.
Pandectes GDPR Compliance app performs scans of your store, giving a complete overview of the cookies in use.
This tool has no cost to use it. It provides the following policy generators:
- Refund policy
- Terms of service policy
The steps that you need to follow are the following:
- Visit the free tool page
- Enter your email and company information
- Customize your policy based on the suggestions provided
If you already have a store account you can just visit your online store settings page.
There you can click the policies box.
You can create your own legal pages, or create them from templates and customize them. The templates aren’t legal advice and need to be customized for your store. Among them, you will see a button for template generation to the already-mentioned pages.
When you add your store policies, they are automatically linked in the footer of your checkout pages. Customers might need to see your policies before they check out, so it’s a good idea to link those pages in your store navigation.
In order to add one or more of these legal pages to your store you will need from the admin page to access the online store option on the left menu and then the navigation option. After you select the menu in which you want to add the appropriate legal page you will select the drop-down privacy option.
Examples of Store Privacy Policies
What Personal Information is Collected
For example, you can mention that your store is collecting:
- account information such as username, name, email, phone number, address
- other contact information
- location information
- demographic information such as postcode, preferences, and interests
- other information collected by third parties (ex. Facebook, Instagram, Google, ads)
- search terms
- browser information, browser language, browser type
- any personal information may be collected by tracking technologies you use in your store
How Personal Information is Used
Here you can use a bullet point list to explain how you use the information you collect from your customers. The list is thorough but jargon-free:
- to provide services that a customer requests
- to respond to inquiries you receive from a user or in connection with a transaction the user initiated
- to analyze, manage and improve the store pages and user experience
- to segment your customers for marketing purposes
- to generate members lists for offers and discounts
If Information is Shared with Third Parties
You need to make it clear that the store never sells information to third parties for marketing purposes. This statement is easy to understand and will help to build trust with the store’s consumers. The store is also clear that the only scenario where personal information is disclosed is if the law requires it to be. This is very important especially when we have to do with ad platforms.
How Long Information is Stored For
How Personal Information is Protected
How Payments are Processed
In this section, you can provide a bullet point list of customer rights, which includes the right to delete data and to update or correct any incorrect data. These are also called data subject requests.
Pandectes GDPR Compliance app provides the e-privacy page from where customers or even guest users can make such requests and you as a store owner can fulfill their requests automatically. These requests contain personal information that why the app is not storing any such information and all the processes take place on your store side.
Privacy Policies are also a great way of building trust with your customer base, as well as providing your shop with a legal safety net should a dispute arise.