Magento 1.x GDPR Customer data removal module

Description

What is GDPR?

The GDPR is the EU’s new legislation that introduces substantial and specific changes to existing data protection laws to expand the scope of data protection. In particular, the new rules impact how companies that do business in the EU may collect and handle personal information.

The GDPR regulation goes into effect on May 25, 2018

Why do I need this extension?

This extension removes customer data from your store after a specified amount of days (the amount of days is customisable).

Under GDPR rules you are allowed to retain customer data, usually up until the warranty period of the product you sell or for the length of time you usually have an ongoing relationship in relation to the product your selling. For most retailers this is simply the warranty period.

As an added benefit, it reduces the opportunity for data breaches and fines. As the the data footprint is reduced automatically on a continuous basis.

Is Magento 1.x GDPR compliant today?

Yes, but it does not give you the tools to be compliant because it’s impossible to delete an order from the admin area without additional extensions, and it would be difficult to keep on top of removing old data. This extension helps by automatically removing old data.

How does the module work?

Once you’ve installed the extension, you can configure the amount of days after which data is removed and wether to also delete the customer account.

Once enabled it will automatically run on a scheduled job to purge old data.