GDPR compliance – very urgent!

  • Resolved cutu234

    (@cutu234)


    11 months ago

    We have a major problem with a customer who threatens to sue us. He claims that his email was given to a third party (You!) which is not compliant with GDPR. Honestly, he is not totally wrong, since it is not transparent which data are used by whom.

    Could you please clarify this? Do you store customer emails on your server?

    • This topic was modified 11 months ago by cutu234.
Viewing 5 replies - 1 through 5 (of 5 total)
  • Plugin Support pistachio6321

    (@pistachio6321)

    11 months ago

    Thanks for using our plugin!

    Could you please let me know what is your setting for the “Verified reviews” option on the “Review Reminders” tab of the plugin’s settings?

    Thread Starter cutu234

    (@cutu234)

    11 months ago

    Thank you very much for the prompt reply. The setting is set to “Independently verified”.

    Plugin Support pistachio6321

    (@pistachio6321)

    11 months ago

    Thanks for providing additional information.

    If you selected that setting, review invitations will be sent by CusRev on behalf of your shop. According to the GDPR terminology, you are a data controller and CusRev is a data processor. We’re fully compliant with the GDPR directives and handle personal data of customers that you share with us for sending a review invitation accordingly. Personal data is automatically deleted after 3 months. You can find further information about GDPR in the terms and conditions that you accepted when activated the “Independently verified” setting.

    Could you please confirm that you have obtained a consent from your customer to send them a review reminder?

    Thread Starter cutu234

    (@cutu234)

    11 months ago

    To make things clear: I did not mean to blame YOU for anything. I just needed some information for the customer. His reaction is way over the top, in my opinion. 🙂

    Could you please confirm that you have obtained a consent from your customer to send them a review reminder?

    Good question. I’m not quite sure how I would do this. I was hired as the admin for the shop 3 years ago. The customer reviews system had already been set up. Honestly, I’ve never thought about how the emails would be processed.

    Couldn’t we just switch to “no verification”? All reviews are verified per se, since only customers can receive an email. We don’t need any third party involved.

    • This reply was modified 11 months ago by cutu234.
    Plugin Support pistachio6321

    (@pistachio6321)

    11 months ago

    Yes, you can switch the setting to “No verification”. However, you must still obtain a consent from customers before triggering a review reminder to them. It must be in the Privacy Policy or Terms and Conditions of your website.

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘GDPR compliance – very urgent!’ is closed to new replies.