In today’s digital age, it’s crucial to understand the importance of GDPR compliance for your webshop. But worry not, even if you’re not tech-savvy, this quick guide will help you ensure that your webshop is following the necessary regulations.
What is GDPR?
The General Data Protection Regulation (GDPR) is a European Union (EU) law designed to protect the personal data of EU citizens. It imposes various obligations on companies, regardless of their location, that offer goods or services to EU citizens or monitor their behaviors.
1. Privacy Policy and Terms & Conditions
- Check: Ensure your webshop has an easily accessible and understandable privacy policy and terms & conditions.
- Action: Regularly update these documents to reflect any changes in how you handle data. Make sure they detail:
- What personal data you collect
- Why you collect it
- How you use it
- How long you store it
- How customers can access, modify, or delete their data
2. Active Consent
- Check: Before collecting any personal data, especially during the checkout or account creation process, ensure you ask for explicit consent.
- Action: Implement checkboxes (that aren’t pre-ticked) or other clear methods for customers to opt-in. Always make sure that the language used is clear, concise, and easily understandable.
How to Check Active Consent Compliance:
Using Meta Pixel Helper to Check If It’s Sending Data to Meta Before Giving Consent:
Meta Pixel Helper is a browser extension that allows you to validate and troubleshoot Meta Pixel implementation on your website.
a. Setting Up:
- Install the “Meta Pixel Helper” extension for your browser (it’s available for both Chrome and Firefox).
- Once installed, you’ll see the Pixel Helper icon in your browser’s toolbar.
b. Checking for Data Transmission:
- Navigate to your webshop.
- Click on the Meta Pixel Helper icon.
- The helper will display the number of pixels found on the page. Click on the dropdown to view detailed information about each pixel.
- Before giving consent, you should not see any events (like “PageView”, “AddToCart”, etc.) being fired or data being sent to Meta.
- If you see any events firing without user consent, this indicates that data is being sent to Meta platforms before obtaining the user’s explicit consent, which is a GDPR violation.
In this example you see that two PageView events were sent to Meta Pixels before any consent was given.
Checking Which Cookies Are Set in the Browser Before Giving Consent:
a. Using Chrome:
- Navigate to your webshop.
- Right-click anywhere on the page and select “Inspect” from the dropdown menu.
- Navigate to the “Application” tab in the inspection panel.
- In the left sidebar, under “Storage,” you’ll see “Cookies.” Click on it to expand the dropdown.
- Select your website’s name from the list to view all cookies associated with your webshop.
- Initially, before any consent is given, you should ideally only see essential cookies and not any related to marketing, tracking, etc.
For example if your Application/Cookies is set like this before giving consent:
Then the Facebook _fbp cookie was set without consent and it’s a violation of GDPR.
b. Using Firefox:
- Navigate to your webshop.
- Right-click anywhere on the page and select “Inspect Element.”
- Click on the “Storage” tab in the inspection panel.
- In the left sidebar, you’ll see “Cookies.” Click on it to expand and select your website from the list.
- Just as with Chrome, check the cookies present before any user consent.
Important Note: Always ensure that you’re conducting these checks in an “Incognito” or “Private Browsing” mode to ensure that any previously stored cookies or cached data don’t interfere with your verification process.
By following these steps, you’ll be able to effectively check for GDPR compliance related to active consent on your webshop.
Do you need audit of your webshop or a proper setup of tracking pixels? Contact us