PL
DE
UK
Are regulations related to RODO on e-commerce sites being respected? The 2021 “RODO in e-commerce” report took a look at areas such as. Privacy policy, cookies, newsletters sent, website contact forms and store rules. Check out the most common e-commerce data breaches.
The report prepared by DaVinci Studio analyzes 300 online stores. Building an e-commerce business involves many challenges, among which the issue of personal data is an important one. Legal regulations and changing telecommunications laws make it necessary for e-commerce owners to stay abreast of all changes in order to fully respect customer rights. The good news is that entrepreneurs increasingly understand the role of digital business and 94% of SME companies report an increase in data security after moving data to the cloud.
Data protection: mistakes
What are the most common e-commerce data breach mistakes?
Privacy Policy
This is a document that collects all the information that is important from your point of view regarding the protection of your privacy (in Articles 13 and 14 of the RODO.). Although not mandatory, it is a convenient tool for the customer. Unfortunately, often e-commerce owners post ready-made templates that lack:
- Contact information for the administrator (mandatory!),
- purposes of data processing,
- data processing period,
- It is also a mistake not to provide a retention period for personal data in the privacy policy.
Cookies
Online stores mostly support cookies on their portals, which contain various information, including browsing history and the history of other sites visited by the user. The cookies in some way enable tracking of the user. Under Article 173 of the Telecommunications Law, users’ consent is required for the use of cookies. E-commerce sites post information about cookies, but often there is no way for users to consent to them. The solution is to insert a box with said consent.
Newsletter and form
Most of the surveyed e-stores do not include a form on their sites. In contrast, 60% of them offer a newsletter sign-up option. For the option to sign up for a newsletter or consent to receive other marketing content, e-shops should include the information required under RODO or a checkbox (which may not be checked by default) linking to the privacy policy. Unfortunately, 74% do not include this box.
Terms and conditions of the online store
The most errors are recorded in the terms and conditions of online stores. Admittedly, as many as 98% of stores post terms and conditions on the site, but often incomplete. What should they contain?
- types and scope of services provided electronically,
- terms and conditions of provision, including: technical requirements necessary for cooperation with the ICT system, the prohibition on the provision of unlawful content by the recipient of the service, the conditions for the conclusion and termination of contracts, and the procedure for complaints.
What elements are most often missing? The report points to the provision of information to the consumer about the right to withdraw from the contract and a model withdrawal form. The latter is not granted by as many as 47 percent of stores. This is a mandatory issue, and also very convenient for the customer.
RODO is an ongoing process
Protecting consumer privacy is also part of relationship marketing. Implementing RODO in an online store is actually an ongoing process. In e-commerce, security, customer data protection and processing, as well as store policies, are priorities. It is worth keeping abreast of the changing regulations in this area.