In this article, you will find answers to all frequently asked questions for developers on Magento 2 GDPR extension.
What Personal Data is Deleted by GDPR Extension
When customers submit Data Deletion Requests, the following data can be processed, depending on customer actions on site:
Registered Customers | Guests | |
Address | delete | – |
Price and Stock Alerts Subscription | delete | – |
Store Credit Balance (Magento Commerce) | delete | – |
Product Compare | delete | – |
Customer Account | delete | – |
Newsletter Subscriber | delete | delete |
Invitation (Magento Commerce) | delete | – |
Gift Registry (Magento Commerce) | delete | – |
Orders | Anonymize: customer_email customer_firstname customer_lastname customer_dob customer_middlename customer_prefix customer_suffix customer_taxvat remote_ip customer_gender customer_is_guest customer_id customer_group_id | Anonymize: customer_email customer_firstname customer_lastname customer_dob customer_middlename customer_prefix customer_suffix customer_taxvat remote_ip customer_gender customer_is_guest customer_id customer_group_id |
Quote (Products in Cart) | delete | delete |
Reviews | delete | – |
Reward Points (Magento Commerce) | delete | – |
Rma (Magento Commerce) | Anonymize: customer_name | – |
Wishlist | delete | – |
Archive Grids (Magento Commerce) | Anonymize: shipping_name billing_name billing_address shipping_address customer_email customer_name | – |
What Data and Magento Tables are Affected by GDPR Extension
During download, deletion or anonymization process, the following database tables are affected:
Magento 2.x Community Edition (CE) | Magento 2.x Enterprise Edition (EE) |
---|---|
customer_entity customer_entity_* customer_grid_flat customer_address_entity customer_address_entity_* email_contact email_review email_automation email_campaign sales_order sales_order_item sales_order_address sales_order_payment sales_order_grid sales_shipment_grid sales_invoice_grid sales_creditmemo_grid mage_quote mage_quote_address product_alert_price product_stock_alert wishlist review_detail catalog_compare_item newsletter_subscriber plumrocket_gdpr_consents_log plumrocket_gdpr_export_log plumrocket_gdpr_removal_requests | customer_entity customer_entity_* customer_grid_flat customer_address_entity customer_address_entity_* email_contact email_review email_automation email_campaign sales_order sales_order_item sales_order_address sales_order_payment sales_order_grid sales_shipment_grid sales_invoice_grid sales_creditmemo_grid mage_quote mage_quote_address product_alert_price product_stock_alert wishlist review_detail catalog_compare_item newsletter_subscriber magento_customerbalance magento_reward magento_rma magento_rma_grid magento_invitation plumrocket_gdpr_consents_log plumrocket_gdpr_export_log plumrocket_gdpr_removal_requests magento_giftregistry_entity magento_giftregistry_person magento_sales_order_grid_archive magento_sales_creditmemo_grid_archive magento_sales_invoice_grid_archive magento_sales_shipment_grid_archive |
See Magento DevDocs for more information about the Magento 2.x GDPR compliance and data storage.
Can I Anonymize All Data Instead of Deleting It
Yes, you can. Follow these steps:
a) Describe all data that should be anonymized in file di.xml
<type name="PlumrocketGDPRModelAccountProcessorsCustomerData">
<arguments>
<argument name="dataExport" xsi:type="array">
……. Data export Fields
</argument>
<argument name="dataAnonymize" xsi:type="array">
<item name="prefix" xsi:type="null"/>
<item name="firstname" xsi:type="string">anonymousString</item>
…. And other fields
</argument>
</arguments>
</type>
b) Edit model Plumrocket\GDPR\Model\Account\Processors\CustomerData
and replace the contents of function delete() with the following code:
public function delete(CustomerInterface $customer)
{
$this->anonymize($customer);
}
Edit function anonymize() and add the following code:
public function anonymize(CustomerInterface $customer)
{
$customerId = $customer->getId();
$customer = $this->customer->load($customerId);
$dataAnonymized = $this->customerData->getDataAnonymized(
$this->dataAnonymize, $customerId);
if (!empty($dataAnonymized) && $customer) {
$customer->setDataToAll($dataAnonymized)->save();
}
}
I Have Implemented the GDPR Support in My Third-Party Extension, Can I Share It With You
Yes, absolutely. We can add the built-in support of the third-party extension to our GDPR module after we review your code. Please contact our tech support and submit your request.