Menu
Cart
Your shopping cart is empty!
Blog

GDPR Notice Module

Introduction

The GDPR Notice module in VentoCart helps you ensure that your store complies with the General Data Protection Regulation (GDPR) by displaying a pop-up notice to inform users about cookie usage and give them control over their cookie preferences. It specifically gives users the ability to decline tracking cookies while ensuring that essential cookies (necessary for the store’s functionality) are always accepted.

This module integrates seamlessly with tracking services like Google Analytics and other custom JavaScript tags. If the user declines tracking cookies, these services are disabled, ensuring no cookies are set by them. This also impacts functionality like abandoned cart tracking for guests.

 

Installation & Configuration

Step 1: Set up Legal Articles

Before enabling the GDPR Notice module, you need to have privacy policy and cookie management articles set up on your store.

  1. Go to Admin > System > Settings > Site > Legal.
  2. Create two or one articles related to your privacy policy and cookie management.
    • If you haven’t written these articles yet, you can create them under Admin > Catalog > Information.

Step 2: Enable the GDPR Notice Module

  1. Go to Admin > Extensions > Modules > GDPR Notice.
  2. Enable the module by toggling the status to "Enabled".
  3. Click the blue pencil (edit) icon to configure the settings.

Module Options

1. Status

  • Purpose: Controls whether the GDPR Notice is active on your store.
  • If enabled, the notice will appear, and the user can either accept or decline the cookies.
  • Effect on Tracking: If the user declines tracking cookies, modules like Google Analytics and Custom JavaScript tags will not run. This ensures that no tracking cookies are set for the user. Additionally, the abandoned cart feature will be disabled for guests who decline tracking cookies.

2. Force Accept All

  • Purpose: Determines whether the user must accept all cookies or leave the site.
  • On: If enabled, the user can either accept all cookies (both essential and tracking cookies) or be forced to leave the site (redirecting to a European government site about cookies).
  • Off: If disabled, the user can choose which cookies to accept or decline (tracking cookies), but essential cookies will always be accepted since they are necessary for the site to function.

3. Notice Message

  • Purpose: Customize the message displayed in the GDPR notice pop-up.
  • You can edit the text of the notice to suit your store's tone and legal requirements. The message allows for dynamic insertion of article links where:
    • %s represents the first article you set in Admin > System > Settings > Site > Legal.
    • If two articles are set, you can use two %s placeholders for each article.
  • Example:
    • Message: "By using our site, you agree to our %s and %s."
    • If your first article is titled "Privacy Policy" and the second article is titled "Cookie Policy," it would render as: "By using our site, you agree to our Privacy Policy and Cookie Policy."

 

 

Functionality Overview

Essential Cookies

Essential cookies are required for basic site functionality (such as session management and shopping cart functionality). These cookies cannot be disabled by users.

Tracking Cookies

Tracking cookies are used for analytics and marketing purposes. Users can decline these cookies if they do not wish to be tracked. If the user denies tracking cookies:

  • Google Analytics, custom JavaScript tags, and other tracking services will be disabled.
  • The abandoned cart feature for guests will also be disabled.

User Flow

  • If "Force Accept All" is enabled:
    • The user must either accept all cookies or leave the site (with a redirect to a European government page about cookies).
  • If "Force Accept All" is disabled:
    • Users can uncheck tracking cookies, effectively disabling analytics and marketing modules.
    • Essential cookies are always accepted.

Developers

To ensure your own custom code is also legally compliant, before setting up cookies of tracking nature, you can check if `$this->request->cookie['accept-tracking']` is set and verify that the module is enabled by checking if `$this->config->get('module_gdpr_status')` is set to `true`.

You can set tracking cookies only If both are true or if module_gdpr_status alone is disabled or not set.