GDPR/CCPA Setup Guide - Part 1

You have already installed the GDPR/CCPA + Cookie Management app and now what? In this article, we will take a look at the first three steps of our setup guide that you should follow in order to make your store GDPR/CCPA compliant.

Step1: Enable for Specific Regions

This feature allows you to choose the specific region you are interested in being compliant for. You can select between three options: 

  • Enable Only For EU/EEA Visitors (GDPR) + Brazil (LGPD)

  • Enable Only For California Visitors (CCPA)

  • Enable for EU/EEA + Brazil and California Visitors (GDPR+CCPA) 

Below you can see how to enable this feature:

  1. Navigate to the Global Settings tab

  2. Locate the Enable for Specific Regions option

  3. Select the region

Enable Only For EU/EEA Visitors (GDPR) + Brazil (LGPD)

Enable Only For California Visitors (CCPA)

Enable for EU/EEA + Brazil and California Visitors (GDPR+CCPA)

If you are using a premium plan you can enable the app for all the countries from the Enable For All Countries option: 

Note: Enabling this will disregard the Enable for Specific Regions option.

Step 2: Setup the Privacy Policy page

The Privacy Policy page should be up to date. Keep in mind that you will need to update it manually. In case your store doesn't have a Privacy Policy page yet, please follow the instructions below:

  1. From your Shopify admin, go to Settings > Legal.

  2. Enter your store policies, or click Create from template to enter the default template.

  3. Review your policies and make/add changes where needed.

  4. Click Save to add your policies.

After you add your policy, it will be automatically linked in the footer of your store.

Depending on the regulations of your region you will need to describe these transparency requirements on your Privacy Policy page:

The GDPR requires that you tell customers:

  • What your business does

  • How they can contact you

  • Why you are processing personal data

  • What types of data you collect and how long you will store it

  • Disclosure of where data is being shared

The CCPA requires that you tell customers:

  • What types of information you are collecting

  • For what purpose you are collecting data

  • Specifics of what is being collected

  • Disclosure of where data is being shared

When your Privacy Policy page is done make sure to link it in your store navigation so your customers can see it. You can do this by navigating to Online Store > Navigation > Choose on which menu Main or Footer you want to add the Privacy Policy page.

Step3: Configure the Cookie Management section

This section is located under the Cookie Consent Bar tab.

The configuration depends on what cookies you want to be pre-selected or unchecked in the Preferences popup. Here are the options that you can choose from:

  • Keep all store cookies until the visitor opts-out - this means that all of the cookies are enabled by default and will stay active until the customer decides to uncheck them and confirm his choice through the Preferences popup.

All store cookies enabled in the Preferences popup

  • Block marketing cookies until the visitor opts-in - if you choose this option the marketing and retargeting cookies will be blocked (unchecked) until the customers decide to enable them by themselves.

Marketing and retargeting cookies are disabled

  • Block analytics cookies until visitor opts-in - by selecting this option all of the cookies will be enabled except the analytics ones. They will be blocked until the customers decide to enable them.

Analytics and Statistics cookies are disabled

  • Block functionality cookies until visitor opts-in - with this configuration all the functionality cookies will be disabled. The customers can enable them only if they want to.

Functionality cookies disabled in the Preferences popup

Keep in mind that if you run your business in Germany you will need to set up an Accept All button on the Cookie Consent Bar. In order to do that, please follow the steps below: 

  1. Navigate to the Cookie Consent Bar tab

  2. Go to Accept Button Text field and rename the button from Accept > Accept All 

  3. Then go to Regard the Initial State Of The Cookie Consent Bar field and select No

This is how the button should look like on your Cookie Consent Bar.

If you have any specific questions, do not hesitate to contact us via chat or email. You can also check our FAQ page.

For more details you can check our dedicated YouTube playlist and the How to set up the GDPR/CCPA app - video tutorials blog post.

In the next blogpost we will dive into the next 3 steps of the setup guide, so stay tuned for the sequel.




Join 11,000+ subscribers receiving actionable E-commerce advice

* Unsubscribe any time

Trending blogs

comments powered by Disqus