What You Need To Know, What You Need To Do,
When You Need To Do It

OK... let's get the disclaimer out of the way for starters. We are not lawyers, we are ecommerce specialists. And so, nothing on this page represents legal advice in any way - if you need any legal advice please consult a lawyer.

We are sharing the information on this page in order to:

  • check
    alert you to how important GDPR is and when it comes into effect
  • check
    give you a "plain English" outline of what GDPR is all about
  • check
    tell you of a FREE plugin/app/extension that will make complying with GDPR on your ecommerce store infinitely easier
  • check
    point you in the direction of other information online places that will help you to understand the implications of GDPR and what you need to do in greater detail than we cover here

What Is GDPR?

When Does GDPR Come Into Effect?

What Are The Potential Penalties For Non-Compliance

Does It Affect My Store?  We're Located In The European Union

Does It Affect My Store?  We're Located Outside The European Union (e.g. in the US)

Does GDPR Cover Data Held Online or Offline?

What Do I Need To Do?

Storage of personal data

You need to review all of the personal data that you hold about your customers and the visitors to your website.

That's all data - online and offline.

You need to decide whether there are good reasons for collecting all of it and remove the collection of anything that is not essential and/or justifiable.

You need to look at how you store the data securely, who has access to it, and how and when you destroy it (also securely).

You need documented procedures for all of this... and also documented procedures of what you will do in the event of a data breach.


If you use cookies in any way that could identify users on your store then you're going to need to change the way that you handle them.

No longer is the "by continuing to use this page you accept all of our cookies" message going to cut it (and in truth it never should have done anyway).

You need to make it as easy to withdraw consent to cookies as you to get that consent.

And you have to allow people to change their mind too, so it must be easy for them to change their consents should they wish to whenever they visit your store in the future.

It's tricky... to put it mildly.  We needed to find a solution for our ecommerce stores but we wouldn't.  So we've created our own and we're sharing it with you...

These lists are by no means exhaustive but they do cover the essence of what GDPR demands.  

There's a huge amount of information available online about GDPR but much of it is contradictory, interpretations and/or opinions... or trying to sell you a service!

In truth, very few people to be 100% certain as to exactly how GDPR will pan out so the important thing is that you make sure that you are taking the steps that, from your reading of the information, you believe that you are required to take.

Many of the requirements are common-sense and best-practice and so, although they involve some work up front, they will stand you in good stead in the long-term.

Malcare WordPress Security