Posted May 25, 20187 yr Hi, thank you for implementing all the GDPR Features. I noticed that for the new download function, not all data from comerce are added to the xml file. I miss purchases and invoices. Could you add them? Best regards Hans-Joachim
May 29, 20187 yr Community Expert Management Are they personal data though? The export contains stored email addresses, credit cards and customer data in the XML. I wouldn't consider data such as: invoice_id: 12345 invoice_total: 12.00 As data required in the export.
May 29, 20187 yr Author @Matt I think about adresses. Are they only stored once as a master date? Or are invoice an delivery addresses stored for each invoice/transaction? If yes, this is a personal data. Same is with custom fields for transactions. I can request personal data with custom fields. They need to be included in the download as well. I did not check custom profile fields. Are they in the XML? But thank you very much for your efforts regarding GDPR compliance. edit: Additional: I am not sure if the purchase/ invoice itself is considered a personal data. I guess yes, because I can tell which product a specific user had purchased in the past. Edited May 29, 20187 yr by hjmaier
May 30, 20187 yr Community Expert Management We add all the addresses currently on file in the XML, which I think should cover the PI requirement.
May 30, 20187 yr 22 hours ago, hjmaier said: Additional: I am not sure if the purchase/ invoice itself is considered a personal data. I guess yes, because I can tell which product a specific user had purchased in the past. PII covers data that can be used to identify a person - an invoice (absent other data about the person) can't really be used to identify them.
Archived
This topic is now archived and is closed to further replies.