EN IT

Compliance with Open2b

Open2b provides several features that help you comply with the European privacy directive 2016/679, commonly called GDPR:

Note

This documentation is written for informational purposes only and does not constitute legal advice. Please contact your legal counsel to receive adequate legal advice.

Define processing

Open2b allows you to define, in the admin under Settings > Privacy > Processing, which processing you perform on customers' personal data.

Processing is divided by personal data category: customer records, orders, and quotes. For each of these data categories you can define different processing and for each indicate the legal basis of processing, the privacy notice to present to the customer at the time of data collection (title, description, and detail page), and whether consent is required.

Show the privacy notice

Processing with their privacy notices will be shown to the customer at the time of personal data collection. Processing on customer records will be shown on the site registration page, processing on orders will be shown on the addresses page when completing an order, and processing on quotes will be shown on the quote request page.

If processing is based on consent, the customer will also be shown a checkbox that they can select to give consent. If consent is mandatory, they will not be able to proceed with registration, order, or quote if consent is not given.

In addition, once the customer logs in, they can view the notices on their personal data page and grant or revoke consent if they wish. They can also, for each order and quote, see which consents they have given with the ability to grant and revoke them.

Request consent

Depending on the legal basis of processing, it may be necessary to ask the customer for consent in order to process their personal data. For processing based on consent you can indicate whether consent is mandatory or optional.

For example, it might be mandatory to give consent in order to register on the site but optional to receive commercial communications.

Manage consents

Open2b tracks all consents granted by customers and for each consent keeps the time, the IP number of the device, and the title and description of the processing as read by the customer. This information will help you in case of checks to prove you have the customer's consent for processing.

Consents granted by customers can be viewed in customer records, orders, and quotes. You can also revoke consents and grant others, for example because you received such a request from the customer.

Anonymize abandoned carts

Abandoned carts are carts that customers can no longer access and therefore can no longer complete the order. If these carts contain billing and shipping addresses, under privacy regulations you must have a legal basis to process these personal data even if the processing consists only in keeping them.

Open2b lets you decide, in the admin under Settings > Privacy > Abandoned carts, what to do with the personal data present in abandoned carts:

Anonymizing and deleting the cart can be tied to a consent given or not given by the customer.

Data portability

Customers have the right to receive from you their personal data in a structured format readable by an automated device. From a customer record in the admin you can export the customer's personal data and you can send an address to the customer from which, once logged in to the site, they can download a file with the data that concerns them.

At the time of export you can choose which data to export.

Automated management via API

Through Open2b you collect and process your customers' personal data, but you may perform other processing through third-party systems such as other management systems or newsletter services. In these cases you would want to carry out these other processing as long as you have consent from the customer and you would want to stop processing when the customer revokes consent.

Open2b, through the APIs for managing processing and consents allows you to automate these procedures.