1. Extending Oracle Commerce
  2. Manage the Use of Personal Data

32 Manage the Use of Personal Data

The European Union General Data Protection Regulation (GDPR) enacts a set of legal requirements designed to control the collection and storage of personal data.

To address GDPR requirements, you may need to observe various practices regarding the handling of shopper information on your Oracle Commerce sites. This regulation is designed to protect the data privacy of all EU citizens and may require website customization.

Important: Consult legal counsel for professional guidance if you believe your websites and commerce operations may be subject to the GDPR. It is your responsibility to assess the legal and operational implications of the GDPR on your business and implement changes to any websites as necessary. For detailed information and guidelines on the European Union General Data Protection Regulation, refer to https://gdpr.eu.

This chapter discusses tools Commerce provides to help you address two key aspects of the GDPR, consent and right to erasure:

  • Consent is the right of a shopper to allow, or disallow, the collection or processing of personal data. For information on setting up consent, refer to Configure consent requests.
  • Right to erasure requires you to delete data about a shopper on your sites if the shopper requests it. For information on deleting shopper data, refer to Delete shopper information.

California Consumer Privacy Act

A privacy initiative similar to the GDPR, the California Consumer Privacy Act (CCPA), went into effect in the state of California on January 1, 2020. You can use the tools described in this chapter and in the Manage Access to Shopper Data chapter to help your sites meet the requirements of this act. Note that although the GDPR and the CCPA are similar in some ways, they are not identical. Consult legal counsel for professional guidance if you believe your websites and commerce operations may be subject to the CCPA. For information about the CCPA, see https://oag.ca.gov/privacy/ccpa. For additional information about Oracle Commerce and CCPA compliance, see https://cloudcustomerconnect.oracle.com/posts/bd10639220.