General Data Protection Regulation (GDPR)

Documentation Commerce Security and compliance

Last update: Fri Apr 21 2023 00:00:00 GMT+0000 (Coordinated Universal Time)

Topics:
Security

CREATED FOR:

Experienced
Admin
Developer

NOTE

This is one in a series of topics to help Adobe Commerce and Magento Open Source merchants and developers understand the implications of the General Data Protection Regulation (GDPR). The information is intended for informational purposes only and should not be construed as legal advice. Consult with your legal counsel to determine whether and how your business should comply with any legal obligations.

The European Union (EU) enacted General Data Protection Regulation (GDPR) to give its citizens more control over their personal data. GDPR applies to any organization operating within the EU. It also applies to organizations outside of the EU that offer goods or services to customers or businesses in the EU.

System integrators can use the dataflow diagrams and database information in the Personal Information Reference to build scripts to resolve use cases similar to the following:

A shopper asks for a copy of the data that the merchant has stored about them
A shopper requests to delete their information

Personal information reference

For technical information, see the dataflow diagrams and database entity mappings in the Personal Information Reference that applies to each version of Adobe Commerce or Magento Open Source that you support.

For more information about how Adobe Commerce and Magento Open Source help merchants comply with GDPR, see the following:

6ad2ec8d-4e70-43dd-8640-a894018d6404