It seems that even after 2 years GDPR is still a huge mystery for everyone. And I was wondering who has done the research to find what app makes shopify the most compliant with GDPR (as full compatibility is probably not possible as I am reading through different threads). Per my understanding, the most Important things with being GDPR compliant are these:
1) no data collecting prior to consent
2) Information transparency (all details on what and who is collecting data and for what purposes)
3) clear visual cookie consent banner with same visibility of accept/select preferences and so on buttons...
4) Ability to easily provide/delete collected data from customer if requested
Has anyone found an app that can truly handle the complexity of GDPR, mainly to disable scripts/cookies groups that were not given consent or cookie management would not cause any pain of developing something ourselves?
Also an answer that you can modify something in your theme files to meet your requirements is not a valid answer, as it is not our requirements, it is GDPR requirements
I'm Richard - CRO Expert of PageFly.
It's not an easy question to answer and I am wondering you just asked any apps or a special app related to a field.
However, you can check the PageFly - page builder app.
Here is the document about How PageFly complies with GDPR. For PageFly, we worked hard to prepare for GDPR, to ensure that we fulfill its obligations and maintain our transparency about customer messaging and how we use data. We’ve now completed our GDPR readiness program.
I hope through our documentation, you can have more thoughts or any ideas raised, just let me know.
Richard - PageFly
for sure GDPR/CCPA compliance is not an easy task. We have one of the most popular apps about GDPR/CCPA GDPR Cookie Bar +ePrivacy Page which is the result of 3 years work that is still in progress as we work to make it even more powerful and add more features and options. We have integrated Shopify's Consent API in order to make it work better and we believe that it's a work in progress for any store as merchants needs to be careful anytime they add new apps or external scripts on their theme files in order to let their policy content know about new cookies and verify that everything works properly.
An important aspect here is that we see most of the times that merchants are not 100% aware of what GDPR or CCPA is and what are their obligations there. Most of them believe that is just to have a banner and nothing more than that. We have new clients that are complaining why after enabling GDPR option from their store preferences their google analytics is not working. Last but not least they are not aware that they need to provide a way to accept Data Subject Requests not only from customers that have an account but also from guest customers. We have tried hard to cover all these case and we still work close to our clients help them proceed with that.
I am building my store at the moment and have exactly the same question. How do I make sure my shop is GDPR compliant? Seems like there has been an ongoing discussion for years but I can't find a clear solution or answer from Shopify.