Subject Access Requests (SARs)
By default the module will display bullet pointed information about what is known about them inside Magento. Where appropriate, this information hyperlinks the customer to the place elsewhere in their customer account pages where that information is detailed.
The module will display some, or all, of the following information depending on what is displayed.
- When the account was created:
You have had an account on this site since 01/01/2018.
- How many addresses are stored in their address book:
You store 4 of your addresses.
- If they are assigned to a customer group other than the Magento default group, or for Enterprise/Commerce Edition customers where the customer is a member of one or more segments:
We categorise your customer account based upon who you are, which may be used to target unique content or provide you unique pricing or promotional offers.
- If they are subscribed to the newsletter:
Your email address firstname.lastname@example.org is currently opted-in to our promotional mailing.
- If they have placed orders:
We have order details for 10 orders between 01/01/2018 and 01/03/2018.
- If they have items currently in their cart:
We know what items you currently have in your shopping cart.
- If the persistent shopping cart feature is enabled in Magento:
We store a cookie in your browser to recognise you the next time you return.
- If they have products stored in their wishlist:
We are storing 10 items in your wishlist.
- If they have products stored in the product comparison feature:
We are storing 5 items in your product comparison list.
- If they have purchased downloadable products:
We are storing information about 3 downloadable products that you have purchased from our site.
- If they have any payment tokens stored using the Magento Vault functionality:
We are storing details of 2 credit cards you have used on our site.
- If they have made product reviews:
You have reviewed 4 of our products.
- If they have billing agreements set up:
You have 2 billing agreements.
Displaying data outside of Magento
Magento will not be the only place where customer data is hold. Most organisations have multiple systems that might store various information.
GDPR Compliance Manager helps you with this reality. You can set up a workflow of steps that must be followed within your organisation in order to collate all of the necessary information about a customer.
You can create as many steps in that workflow as you want. If workflow steps are enabled, then the customer will see this...
If the customer then clicks on the 'Request my data' button this creates a 'Subject Access Request' inside GDPR Compliance Manager. The above information then changes to...
In this example, there are three workflow steps shown to the customer. Each step has a definable name (e.g. 'Emails', 'CRM data' and 'Other information').
Until you have provided the information for each step to this customer, each step will display 'We are currently finding this data'.
As the SAR is progressed by your company and you provide information to the customer, their view of their request changes as you add it. Once you have completed everything in the workflow steps defined, then the customer might see, for example...
... whereupon it states 'The above information represents all the information we hold about you'.
At this point the SAR has been fulfilled.
This request stays in Magento, and the customer can, at any time, request an updated view of their data by again clicking on the 'Request my data' button on the Privacy page.
Deletion Requests (DRs)
The customer's Privacy page has a button called 'Delete my data'. This allows the customer to request for the data held about them to be deleted or anonymised. Please note, the customer does not have to have requested their data previously, they can simply come to their Privacy page and request the deletion.
Just as Workflow steps can be created for Subject Access Requests, you can also define steps for Deletion Requests. These steps are independent of the SAR steps because you may have more things to do in order to delete or anonymise the data, compared to simply collating it.
When the customer clicks on 'Delete my data', then two things can have:
- If no Deletion workflow steps are defined, then their Magento data is marked for deletion/anonymise. It will then be automatically deleted/anonymise within 24 hours.
- Or, if there are Deletion workflow steps, then the customer will see the following...
The 0% relates to the number of deletion workflow steps that have been completed. As steps are completed, then the percentage increases. When it reaches 100%, their Magento data is marked for deletion/anonymisation, and this will then be automatically deleted/anonymised within 24 hours.
The 'Cancel delete request' link allows the customer to cancel the DR. They can create future DRs in the same way as before.
As the deletion workflow steps are completed in the admin panel, the % value increases. Please note, the customer does not see the actual steps in their Privacy page. They only see the % complete.
Eventually, when all the DR steps are completed in the admin panel the customer will see...
At this point, there is a scheduled task that runs daily and will delete all the data held in Magento for the customer. For information about what gets deleted or anonymised, please read this article.