Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Who in the EU has heard of GDPR and will it affect you


14steve14

Recommended Posts

It looks like oscommerce need a self cookie managment base. I dont see this could be a simple header tag. We can not include another header tag variables if we implement tarteaucitron.
 

:blink:
osCommerce based shop owner with minimal design and focused on background works. When the less is more.
Email managment with tracking pixel, package managment for shipping, stock management, warehouse managment with bar code reader, parcel shops management on 3000 pickup points without local store.

Link to comment
Share on other sites

  • Replies 279
  • Created
  • Last Reply

Yes, you have right but most common used is implemented in tarteuacitron. Sent you a zip to test


Regards
-----------------------------------------
Loïc

Contact me by skype for business
Contact me @gyakutsuki for an answer on the forum

 

Link to comment
Share on other sites

I found a solution inside the header tags. It's possible to call a hooks with the specific script options
In this case the header_tags about google analytics is included inside the hooks and the configuration is managed by the Citron ! header tag.

For Citron, I think use 90% of all user use inside their shop.

        if (MODULE_HEADER_TAGS_GDPR_TARTE_AU_CITRON_PLUGIN_GOOGLE_ANALYTICS_GA == 'True') {
          $google_analytics_ga = $OSCOM_Hooks->output('HeaderTags', 'GDPRGoogleAnalyticsGa');
//          $google_analytics_ga = '<script type="text/javascript">tarteaucitron.user.gajsUa = \'' . MODULE_HEADER_TAGS_GDPR_TARTE_AU_CITRON_PLUGIN_GOOGLE_ANALYTICS_GA_ACCOUNT_ID .'\';tarteaucitron.user.gajsMore = function () { /* add here your optionnal _ga.push() */ };(tarteaucitron.job = tarteaucitron.job || []).push(\'gajs\');</script>';
        }

 

like you can see, the script does'nt take option (too specific),
That's why inside a hooks it's possible to create differents function and after display information $this->getOption()

$output = '<script type="text/javascript">tarteaucitron.user.gajsUa = \'' . MODULE_HEADER_TAGS_GDPR_TARTE_AU_CITRON_PLUGIN_GOOGLE_ANALYTICS_GA_ACCOUNT_ID .'\';tarteaucitron.user.gajsMore = function () { ' . $this->getOption() . ' };(tarteaucitron.job = tarteaucitron.job || []).push(\'gajs\');</script>';

Now it's possible to create the hooks in consequence.

Advantage,
The headertags code is not surchaged

Inconvenient : All is not automatics but if the hook is not included inside, it's not a problem, you can create a hook and include in the directory later and it's automaticly use (if the element exists inside the header tag of course)

It's possible to manage the social network more easily and display it on the good page for most of them (not again tested)

Now all could be managed by one script, it's a good thing, I don't know, but in all the case it will be difficult to manage these elements with some script everywhere and to be correct with the GDPR.

 

ex.png


Regards
-----------------------------------------
Loïc

Contact me by skype for business
Contact me @gyakutsuki for an answer on the forum

 

Link to comment
Share on other sites

@Gyakutsuki

I prefer to see codes on github where we can commit fixes, solutions or advices. We need more cooperation to step forward. I dont mind if something wrong or missed. This should not be backend work only.

Hooks could be a solution to this problem but I would be more glad to see the codebase on open chanel.

:blink:
osCommerce based shop owner with minimal design and focused on background works. When the less is more.
Email managment with tracking pixel, package managment for shipping, stock management, warehouse managment with bar code reader, parcel shops management on 3000 pickup points without local store.

Link to comment
Share on other sites

@tgely

I push the development on github: Note it works only on 2.4 . If someone want to update for 2.3, it will be cool

https://github.com/Oscommerce24/ht_gdpr_tarte_au_citron

 


Regards
-----------------------------------------
Loïc

Contact me by skype for business
Contact me @gyakutsuki for an answer on the forum

 

Link to comment
Share on other sites

Thanks @Gyakutsuki !

 

I am thinking about a lot and my opinion that we should use the oscommerce core ability for this. Tarteaucitron give us a good example how we can do it, but we have to use an ajax vendor. PHP can do the same without any javascript. Bootstrap model popup with POST action form can do the same.

Your solution require hooks. Just presented ht modules have to drop out from the core and need a tarteaucitron hook models. I think that rebuild ht modules and add a cookie addiction into the header tag modules would be better solution.

Dont forget something with Hooks. How do you config Hooks? Probably have to add an admin configuration page and we can get the same as header tag can do.

So I suggest a consent cookie where GDPR sensitive modules can be managed. Programatically this is the same as tarteaucitron cookie.

This would be better if it be a built in option as osCid handling in application_top
We should accept GDPR rules so more close this have to be a core built-in service.

:blink:
osCommerce based shop owner with minimal design and focused on background works. When the less is more.
Email managment with tracking pixel, package managment for shipping, stock management, warehouse managment with bar code reader, parcel shops management on 3000 pickup points without local store.

Link to comment
Share on other sites

No Pb @tgely

Lot of thing has been made on GDPR but not open to community at this moment. Also, than I read on the forum, the catalog is not taken.
I am looking on github some script with GDPR and Citron seems to be good in the approach. Also, this script is made all inside. That's weakness in my opinion, doesn't let the people to create in function of their need but 80% use by users is inside for the free solution.
I integrated lot of thing of this element maybe too for a test.

If we think to integrated GDPR in the core, in this case, we must have something very modular and updated in function the different page
- For all pages
- For a specific page like products info
 

Citron is a good approach to see the work. We have all elements with this script.

About my approach :
Yes Ii integrated a hooks because some ht module has a customization like google analytics. The ht citron is very long with all configuration, that's why I had thought to use hook for a specific configuration. After if you want to modify the hook and add option it's easy to customize. But it's manual.

Now it's possible to create an admin page and manage all of that and write inside the db or to use a specific module.

Other coders can let their opinion of the orientation must take for that.

 


 

 


 

 



 


Regards
-----------------------------------------
Loïc

Contact me by skype for business
Contact me @gyakutsuki for an answer on the forum

 

Link to comment
Share on other sites

@Gyakutsuki

Let me more time to demonstrate something and we could compare the solutions.

:blink:
osCommerce based shop owner with minimal design and focused on background works. When the less is more.
Email managment with tracking pixel, package managment for shipping, stock management, warehouse managment with bar code reader, parcel shops management on 3000 pickup points without local store.

Link to comment
Share on other sites

@tgely

Let me more time to demonstrate something == I don't know ! :) Waiting

 

 

 


Regards
-----------------------------------------
Loïc

Contact me by skype for business
Contact me @gyakutsuki for an answer on the forum

 

Link to comment
Share on other sites

I have just found this blog post that explains what to do to a woocommerce site to comply with GDPR It can all be transferred to oscommerce sites easily.

 

https://businessbloomer.com/how-to-make-a-woocommerce-website-gdpr-compliant-12-steps/?ck_subscriber_id=125262429

REMEMBER BACKUP, BACKUP AND BACKUP

Link to comment
Share on other sites

I have just installed all the GDPR modules from this years 28 days of code from @burt, and they work faultlessly. If you havent yet bought the package these modules are worth the money alone. Contact @burt to buy the whole set plus lots more.

REMEMBER BACKUP, BACKUP AND BACKUP

Link to comment
Share on other sites

Here in the States, we have laws regarding handicap access in public places. Some less-than-scrupulous people have taken advantage of this, going around suing business if the facilities are not in 100% compliance. This has nothing to do with helping the handicapped, but rather a way to use the system to steal from people.

In addition to the discussions here in the forum, I am getting emails almost daily spouting the need to become GDPR compliant, warning about the "risk of high fines".

Am I the only one that is concerned that there will be some less-than-scrupulous people surfing the web, looking for sites that are not in PERFECT COMPLIANCE, and either threaten legal action, or actually take it?

Link to comment
Share on other sites

@ArtcoInc I dont doubt it for a minute. There are already hundreds of so called GDPR specialists offering help to businesses. Half of the people I know who run similar websites to mine are taking no action other than altering their privacy policy as thats all they have been told to do. One even paid just over 500GBP to be told that he wasnt compliant and that the company would sort it all out for him for more money.

With the help of Garys modules I have done most of it myself. The biggest cost is having a solicitor check over the policy updates to make sure that they are legal, but not necessary compliant.

REMEMBER BACKUP, BACKUP AND BACKUP

Link to comment
Share on other sites

  • 2 weeks later...

Regarding Privacy Policies, I was sent an email by a co....interestingly it has "before" (aka now) and "after" (gdpr). 
aybe have a look and see if you can get inspiration from it;

BEFORE (in force now):
https://www.fasthosts.co.uk/terms/privacy-policy

AFTER (in force from 05/25):
https://www.fasthosts.co.uk/terms/privacy-notice

To my mind the gdpr version is a lot more clear, and is all common sense.  Looks good I think.

 

Link to comment
Share on other sites

Consent Cookies Managment are testing now so this could be used later in the official core. I have tried as close as possible to oscTemplate class and later this could be pull into oscTemplate.

What core changes need?

  1. Cookie sensitive modules need a built in public array variable where defined the cookie consent group and apply the settings from oscConsent cookie and module have to use cookie managment logic
  2. oscTemplate class rebuild for cookie managments (next step now I use cooki_consent separated class)
  3. The best would be one footer modal module for user settings or cookie consent managment user page.
  4. Introduce oscConsent cookie

 

All modules could listing on consent setting page as Strict, Functional and 3.parties when cookie consent group variable is declared in self class body

Functional cookies in generally from javascripts or 3. parties cookies deleted automatically when user switch off them so this will be GDPR complaint.
If you have non cookie consent logic follow modules then you could change it later as developer implements this logic but this is not a big work.

I will push cookie consent introduce commit at this weekend and we will be able to discuss oscTemplate implementations on next week.

:blink:
osCommerce based shop owner with minimal design and focused on background works. When the less is more.
Email managment with tracking pixel, package managment for shipping, stock management, warehouse managment with bar code reader, parcel shops management on 3000 pickup points without local store.

Link to comment
Share on other sites

On 5/8/2018 at 5:02 AM, burt said:

Regarding Privacy Policies, I was sent an email by a co....interestingly it has "before" (aka now) and "after" (gdpr). 
aybe have a look and see if you can get inspiration from it;

To my mind the gdpr version is a lot more clear, and is all common sense.  Looks good I think.

Well... the new one (GDPR) is written in a "friendlier" manner than before, which makes it hard to say which improvements are due to GDPR and which are just the new tone.

Link to comment
Share on other sites

I guess we are al going to have to cease using Recover Carts Modules?

Now running on a fully modded, Mobile Friendly 2.3.4 Store with the Excellent MTS installed - See my profile for the mods installed ..... So much thanks for all the help given along the way by forum members.

Link to comment
Share on other sites

@Mort-lemur Heather I have no idea about that. I have read somewhere that you can still use them, but I cant find it now. I think they did mention that in your terms and conditions or privacy policy that customers must agree to when creating an account, you can mention that you may collect data when using a recover cart module, but I may be wrong.

REMEMBER BACKUP, BACKUP AND BACKUP

Link to comment
Share on other sites

Another scenario that I have been considering is that when a customer places an order by phone - we then enter his details on our site......

Im considering having a printed statement to read out to them regarding data collection etc.

Now running on a fully modded, Mobile Friendly 2.3.4 Store with the Excellent MTS installed - See my profile for the mods installed ..... So much thanks for all the help given along the way by forum members.

Link to comment
Share on other sites

TWO WEEKS TODAY PEOPLE.

 

BTW, I have not yet received any emails from any osCommerce shopowners, and I know my details exist on 1000s of shops (for installation/testing).  Part of the GDPR is that all data owners need to email their existing clients to let them know of change to Policies.  Again, I have not heard from ANY osCommerce shopowners yet...I hope I will before the 25th!

Link to comment
Share on other sites

13 minutes ago, burt said:

TWO WEEKS TODAY PEOPLE.

 

BTW, I have not yet received any emails from any osCommerce shopowners, and I know my details exist on 1000s of shops (for installation/testing).  Part of the GDPR is that all data owners need to email their existing clients to let them know of change to Policies.  Again, I have not heard from ANY osCommerce shopowners yet...I hope I will before the 25th!

@burt Gary, I deleted you as a customer ages ago, as I think you you asked me to after doing some testing and work on my site. You are not even in my mailchimp mailing list which is an addon that we installed and tested.

I have emailed all my newsletter subscribers and am sending out a second reminder this weekend for them to either unsubscribe or confirm their details. I have got some really good responses from customers, but also some bad ones where people are fed up of receiving the opt in or opt out emails when they were nor required. even after I had pre warned everyone that it was going to happen weeks before.

I see so many of my competitors have not done anything yet, so I hope they are just waiting a few weeks.

REMEMBER BACKUP, BACKUP AND BACKUP

Link to comment
Share on other sites

7 minutes ago, 14steve14 said:

@burt Gary, I deleted you as a customer ages ago, as I think you you asked me to after doing some testing and work on my site. You are not even in my mailchimp mailing list which is an addon that we installed and tested.

I have emailed all my newsletter subscribers and am sending out a second reminder this weekend for them to either unsubscribe or confirm their details. I have got some really good responses from customers, but also some bad ones where people are fed up of receiving the opt in or opt out emails when they were nor required. even after I had pre warned everyone that it was going to happen weeks before.

I see so many of my competitors have not done anything yet, so I hope they are just waiting a few weeks.

Excellent Steve, nice one.  I do tend to delete myself from Mailchimps to save a subscriber (per the 2000 limit for free)...
Be aware (that by *my* understanding), you also need to email out all of customers (whether they agreed or not) to let them know of Policy Updates.  

Here is a footer of an email (re GDPR) I received yesterday;

Quote

Note: This email is a required legal notice; it is not a marketing or promotional email. That is why this email does not contain an unsubscribe link and why you are receiving this email even though you may have unsubscribed from XYZ marketing emails.

 

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...