Jump to content
russell.huffer

Customer records

Recommended Posts

We are being told that we have to protect customer data and also that we should only retain it for a few months, my customer list gos back to 2006 is there any way to purge this and also is there a way to set up an automatic purge after say 4 months.

 

Thanks

 

Russell.

Share this post


Link to post
Share on other sites

Who said you need to and what country are you trading from? This will vary depending on a number of things. 

Disclaimer: I'm not a privacy expert. 

Share this post


Link to post
Share on other sites

I would argue for a process where you copy your database every six months (mid-term and at the end of your fiscal year) just so that you have evidence of your income sources should anyone have a legal need to know who bought what ten years ago.

Not only is there the CubeCart_customer and CubeCart_addressbook database tables, there is also the CubeCart_order_summary table that holds customer data. Trimming the Order Summary list removes important sales data - unless you have that in some other form of bookkeeping.

I have a customization that adds checkboxes to the list of customers similar in function to that seen in the list of orders.

Share this post


Link to post
Share on other sites

Trading from the UK it is a European thing called GDPR all about protecting peoples data that you have on file and includes retention times, hence the question of could i clear down after a set period of time, certainly as i stand with transactions going back to the year 2006 I do need to do something.

 

Kind regards

Russell.

Share this post


Link to post
Share on other sites

I don't know much about this but I would suggest using UK only hosting to help make sure you comply with ICO rules. Working with companies that have to adhere to the same rules is important. 

Share this post


Link to post
Share on other sites

I can see GDPR being a right pain in the backside.

The Act does not set out any specific minimum or maximum periods for retaining personal data. Instead, it says that:

Personal data processed for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes.

This is the fifth data protection principle. In practice, it means that you will need to:

  • review the length of time you keep personal data;
  • consider the purpose or purposes you hold the information for in deciding whether (and for how long) to retain it;
  • securely delete information that is no longer needed for this purpose or these purposes; and
  • update, archive or securely delete information if it goes out of date.

 

 

We send customers regualr emails and catalogues, so I could argue, that I need to retain this data for the next 100 years.

here's just one prime example.

Look at the dates these orders were placed.

17-08-01        
16-07-30             
14-11-11        
12-10-21

At what point do I determine that we should not retain this customers data.

 

Share this post


Link to post
Share on other sites
On 1/29/2018 at 11:19 PM, Al Brookbanks said:

I don't know much about this but I would suggest using UK only hosting to help make sure you comply with ICO rules. Working with companies that have to adhere to the same rules is important. 

While I would always agree with European stores only hosting with European hosting companies, the GDPR isnt about the hosting companies but is primarily about data retention and the customers right to access their data and also to require that it is deleted.  Most software applications are looking at what can be added to help owners comply with these requirements.

55 minutes ago, keat said:

I can see GDPR being a right pain in the backside.

We send customers regualr emails and catalogues, so I could argue, that I need to retain this data for the next 100 years.

At what point do I determine that we should not retain this customers data.

Yep !  Good intentions and everyone worldwide has to comply with the European directives if they are dealing with data from European citizens but will that ever be enforced except with the very largest global companies.  Based on that data, I believe you could easily argue that customer data should be retained, however all European businesses need to be able to provide to customers, details of what data is held on them and provide a means for it to be deleted

Share this post


Link to post
Share on other sites

I look after quite a few ecommerce sites (mostly not using Cube Cart) and I have been watching the approach of these GDPR regulations with some scepticism. The cookie warning has mandatory for years, but that rule is mostly ignored. 

I don't see it as a data retention issue - customers may want to log in and see their order history for years ahead, so there is good reason to keep it. I find ebay's deletion after a couple of years very irritating: some things I buy less frequently than that.

I think the issue will be the very occasional customer who will want to see a copy of what data is held about them, and possibly a small percentage of those will request deletion of their entire account record. My guess is that an SQL script for each is all that will be needed.

Share this post


Link to post
Share on other sites

In all our years in business I had one customer ask that all data about them be scrubbed. I did it manually via the database. I agree that an easily available query would be nice to have.

Share this post


Link to post
Share on other sites

The admin can delete a customer, but only if that customer has not made any orders (at any status).

If no orders exist for that customer, then if seleting the record from CubeCart_customer is successful, then the addressbook, group memberships, and newsletter subscriber records are deleted.

I think instead of disallowing customer data from being deleted if orders exist for that customer, that the identifying data in CubeCart_order_summary be redacted. So, make an UPDATE query that X's out just a few columns of data, and sets the customer_id to '0'.

This keeps the sales data in case the tax man wants some historical calculations.

Share this post


Link to post
Share on other sites

GDPR is about SO much more than this !  (This is by no means a complete list and is not given with any warranty of legal correctness)

1) Anyone, anywhere in the world, processing personal data for any individual based in the EU needs to comply with GDPR. In theory, this covers pretty much any website anywhere in the world but unless you are based within the EU or are a larger company, there are questions over how it will be enforced but if information is disclosed illegally, for example via a hack, and you arent complying or even attempting to comply with the provisions, then the fines are likely to be much higher.

2) Each Processor has to decide under what legal basis (https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/lawful-basis-for-processing/) they are collecting and using the data.  This basis cannot easily be changed and dramatically affects what information needs to be given to users providing their personal data and also what rights they have concerning that data. ie information collected for analytics purposes is different to information for email marketing which is different to information required to execute a contract (ie a sale) and they will have a different legal basis and attached user rights. This affects data retention for example.

3) You also need to specify and comply with restrictions about disclosing personal information to any third parties (this includes for analytics purposes, accounting and even payment processors !) and also be able to categorically state what information is held on any individual (by that individual and the provision of that information can be charged for) and importantly exactly where that information is stored.  Storing personal information on Europeans outside of Europe adds many complications (so people using hosting companies outside of Europe) and also if you use cloud services that also makes it more complicated - many cloud companies still cannot categorically state that data will be stored in a certain location 100% of the time.

The functionality of applications such as CubeCart may need to be enhanced in order to help users comply with some of the GDPR provisions such as access to information and the right to be forgotten - however, these rights are dependent on what legal basis the information is stored. CubeCart already has a tick box (so that informed consent can be given for the collection of the data - this fact does need to be stored against the customer record) for agreeing to Terms and Conditions and if that and the associated Privacy Policy Document are written correctly, then many areas are covered (that is obviously a BIG if though !). 

New functionality in core CubeCart to be able to search for information based on an entered email address or a person's name and then print out a nicely formatted report showing what information is held which could then be sent to an enquirer, would be very useful as this is a legal requirement.

I also believe that a double opt-in system when signing up for a newsletter (https://features.cubecart.com/topic/add-newsletter-signup-email-verification) is now required for GDPR in addition to it being a legal requirement in most locations already anyway.  Plus, as I have just added to the "Feature" request, I believe that this should also be a requirement before an account is created.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×