Jump to content

Customer records


Recommended Posts

I would argue for a process where you copy your database every six months (mid-term and at the end of your fiscal year) just so that you have evidence of your income sources should anyone have a legal need to know who bought what ten years ago.

Not only is there the CubeCart_customer and CubeCart_addressbook database tables, there is also the CubeCart_order_summary table that holds customer data. Trimming the Order Summary list removes important sales data - unless you have that in some other form of bookkeeping.

I have a customization that adds checkboxes to the list of customers similar in function to that seen in the list of orders.

Link to comment
Share on other sites

Trading from the UK it is a European thing called GDPR all about protecting peoples data that you have on file and includes retention times, hence the question of could i clear down after a set period of time, certainly as i stand with transactions going back to the year 2006 I do need to do something.


Kind regards


Link to comment
Share on other sites

I can see GDPR being a right pain in the backside.

The Act does not set out any specific minimum or maximum periods for retaining personal data. Instead, it says that:

Personal data processed for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes.

This is the fifth data protection principle. In practice, it means that you will need to:

  • review the length of time you keep personal data;
  • consider the purpose or purposes you hold the information for in deciding whether (and for how long) to retain it;
  • securely delete information that is no longer needed for this purpose or these purposes; and
  • update, archive or securely delete information if it goes out of date.



We send customers regualr emails and catalogues, so I could argue, that I need to retain this data for the next 100 years.

here's just one prime example.

Look at the dates these orders were placed.


At what point do I determine that we should not retain this customers data.


Link to comment
Share on other sites

On 1/29/2018 at 11:19 PM, Al Brookbanks said:

I don't know much about this but I would suggest using UK only hosting to help make sure you comply with ICO rules. Working with companies that have to adhere to the same rules is important. 

While I would always agree with European stores only hosting with European hosting companies, the GDPR isnt about the hosting companies but is primarily about data retention and the customers right to access their data and also to require that it is deleted.  Most software applications are looking at what can be added to help owners comply with these requirements.

55 minutes ago, keat said:

I can see GDPR being a right pain in the backside.

We send customers regualr emails and catalogues, so I could argue, that I need to retain this data for the next 100 years.

At what point do I determine that we should not retain this customers data.

Yep !  Good intentions and everyone worldwide has to comply with the European directives if they are dealing with data from European citizens but will that ever be enforced except with the very largest global companies.  Based on that data, I believe you could easily argue that customer data should be retained, however all European businesses need to be able to provide to customers, details of what data is held on them and provide a means for it to be deleted

Link to comment
Share on other sites

I look after quite a few ecommerce sites (mostly not using Cube Cart) and I have been watching the approach of these GDPR regulations with some scepticism. The cookie warning has mandatory for years, but that rule is mostly ignored. 

I don't see it as a data retention issue - customers may want to log in and see their order history for years ahead, so there is good reason to keep it. I find ebay's deletion after a couple of years very irritating: some things I buy less frequently than that.

I think the issue will be the very occasional customer who will want to see a copy of what data is held about them, and possibly a small percentage of those will request deletion of their entire account record. My guess is that an SQL script for each is all that will be needed.

Link to comment
Share on other sites

The admin can delete a customer, but only if that customer has not made any orders (at any status).

If no orders exist for that customer, then if seleting the record from CubeCart_customer is successful, then the addressbook, group memberships, and newsletter subscriber records are deleted.

I think instead of disallowing customer data from being deleted if orders exist for that customer, that the identifying data in CubeCart_order_summary be redacted. So, make an UPDATE query that X's out just a few columns of data, and sets the customer_id to '0'.

This keeps the sales data in case the tax man wants some historical calculations.

Link to comment
Share on other sites

GDPR is about SO much more than this !  (This is by no means a complete list and is not given with any warranty of legal correctness)

1) Anyone, anywhere in the world, processing personal data for any individual based in the EU needs to comply with GDPR. In theory, this covers pretty much any website anywhere in the world but unless you are based within the EU or are a larger company, there are questions over how it will be enforced but if information is disclosed illegally, for example via a hack, and you arent complying or even attempting to comply with the provisions, then the fines are likely to be much higher.

2) Each Processor has to decide under what legal basis (https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/lawful-basis-for-processing/) they are collecting and using the data.  This basis cannot easily be changed and dramatically affects what information needs to be given to users providing their personal data and also what rights they have concerning that data. ie information collected for analytics purposes is different to information for email marketing which is different to information required to execute a contract (ie a sale) and they will have a different legal basis and attached user rights. This affects data retention for example.

3) You also need to specify and comply with restrictions about disclosing personal information to any third parties (this includes for analytics purposes, accounting and even payment processors !) and also be able to categorically state what information is held on any individual (by that individual and the provision of that information can be charged for) and importantly exactly where that information is stored.  Storing personal information on Europeans outside of Europe adds many complications (so people using hosting companies outside of Europe) and also if you use cloud services that also makes it more complicated - many cloud companies still cannot categorically state that data will be stored in a certain location 100% of the time.

The functionality of applications such as CubeCart may need to be enhanced in order to help users comply with some of the GDPR provisions such as access to information and the right to be forgotten - however, these rights are dependent on what legal basis the information is stored. CubeCart already has a tick box (so that informed consent can be given for the collection of the data - this fact does need to be stored against the customer record) for agreeing to Terms and Conditions and if that and the associated Privacy Policy Document are written correctly, then many areas are covered (that is obviously a BIG if though !). 

New functionality in core CubeCart to be able to search for information based on an entered email address or a person's name and then print out a nicely formatted report showing what information is held which could then be sent to an enquirer, would be very useful as this is a legal requirement.

I also believe that a double opt-in system when signing up for a newsletter (https://features.cubecart.com/topic/add-newsletter-signup-email-verification) is now required for GDPR in addition to it being a legal requirement in most locations already anyway.  Plus, as I have just added to the "Feature" request, I believe that this should also be a requirement before an account is created.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Create New...