Magento 2 GDPR, LGPD, and CCPA extensions add the Data Privacy Center page to your store, allowing your website visitors to manage personal data in one place. For example, order history, addresses, reviews, and other personal information collected by your website can be downloaded or deleted in a few clicks, which becomes an easy and painless process for a customer.
How Customers Can Download Personal Data
A user can download personal data in CSV format right from the Data Privacy Center:
- In Privacy Center, go to the Download your Data section.
- Click Download My Data and provide an account password to confirm the identity.
- Open the downloaded file in Microsoft Excel, Google Sheets, or other similar services.
How Customers Can Request a Data Removal
- In Privacy Center, go to the Delete your Account section.
- Click Delete My Account, and provide your account password to confirm the deletion.
Please note that it takes up to 24 hours for the system to delete the data permanently. However, if a user logs in again within this time, the data removal is automatically canceled. Additionally, customers can contact the Data Protection Officer and ask to cancel the request. In this case, a website admin cancels the request from the backend in the Data Removal Requests grid.
How to Contact the GDPR Data Protection Officer
The GDPR requires eCommerce store owners to assign a Data Protection Officer and let customers easily contact them.
A customer can email the Data Protection Officer right from the Data Privacy Center by clicking the corresponding tab. Please note that you have to set the email address of a contact person from the backend.
Are you interested in how Data Privacy Center works? Check the article for more details!