- This topic has 1 reply, 2 voices, and was last updated 6 years, 6 months ago by
.
-
Posts
-
Hi,
I already read the few posts here that mention the GDPR, but didn’t see anything that directly addressed my question.
I have a product that I sell via eStore. When they purchase, they are subscribed to a MailChimp mailing list. From that list, I send them a welcome email and then followup with other emails about my business.
That subscription process involves the transfer of the customer’s information to another organization.
From my understanding of the GDPR (and granted, I’m not a lawyer), it would seem that I would need to obtain explicit permission from the customer to transfer their data in this regard. Especially when it’s not absolutely necessary to do so in order to deliver the product they purchased (ie, I could send them what they need in the “purchase confirmation email” that estore sends).
So, I guess my question is this: Do we need to completely turn off the integration between eStore and Mailchimp in order to be GDPR-compliant? Or are you guys coming out with something that will give us some options here? I’m just not sure what action I should take at this point and could use some input.
Use the terms and conditions for this to get their permission. So in your terms and conditions, you can add an extra section that explains, what happens after the purchase and how they can delete the data if they want to at a later time. This ensures that they have to agree to your terms if they want to purchase from your site.
You can obviously disable that integration but then you lose the functionality. So you have to make a decision in terms of what functionality you want and then get consent from the customer (when you need to).
The following post has a good summary:
https://support.tipsandtricks-hq.com/forums/topic/gdpr-compliance-summary-for-our-plugins
- You must be logged in to reply to this topic.