WooCommerce has recently released an update that includes tools for compliance with General Data Protection Regulation (GDPR). The GDPR, which was recently approved and adopted by the European Union, is designed to strengthen data protection for all residents of Europe.
WooCommerce 3.4 features GDPR compliance tools such as data export, anonymization, and erasure as well as settings for enabling auto data cleanup or removal. It also includes recently-rolled out customer settings for the checkout fields as well as policy notices found on the Checkout page.
The following are some of the updates in the latest version of the popular eCommerce integration plugin for WordPress:
GDPR Compliance Tool 1: Data Exporter
In WordPress 4.9.6, users can export personal data which is related to an email address to a HTML file. In WooCommerce 3.4, a generated export file is added that exports data such as customer address or account information, orders that were associated with the particular email address, and download permissions associated with said email address.
GDPR Compliance Tool 2: Personal Data Eraser
Similar to the Data Exporter, this tool enables WooCommerce users to verify if requests are legit before taking action on them. It also uses the same system for verification, email, and requests as the exporter.
WooCommerce says that it has also made some of its erasure routines optional to benefit online stores which may need to keep information for other legitimate reasons like tax compliance.
Moreover, manual deletion of user profiles has become more robust as the system can automatically remove data such as addresses, payment tokens, and orders.
GDPR Compliance Tool 3: Data Retention
In WooCommerce 3.4, users can set how long they want to retain data no longer useful for order processing. This would help in minimizing the amount of personal details stored in the system.