Last updated: May 25, 2018
At Payhip, we are fully aligned with the spirit of the GDPR for a safe and secure internet. We aspire to embrace privacy by design and, whenever possible, to not collect and store personally identifiable information.
For the personal data we do collect, we have a legitimate interest to use customer provided data for product fulfilment, order processing, fraud prevention, and product support.
What is GDPR?
The GDPR (General Data Protection Regulation) comes into force on 25th May 2018.
The EU General Data Protection Regulation (GDPR) replaces the Data Protection Directive 95/46/EC and was designed to harmonize data privacy laws across Europe, to protect and empower all EU citizens data privacy and to reshape the way organizations across the region approach data privacy – https://www.eugdpr.org
Here are the main concepts of the GDPR:
- Personal data requires lawful processing
- Customers should specify exactly what communications they want to receive from you
- Customers will have a right to transparency around the collection and processing of their data
- Customers can request the right to be forgotten
Getting all of this right could be complex. So we’re rolling out changes to make it super simple and straightforward for you.
Changes we are making
Apart from the hard work we have been doing behind the scenes with our lawyers. The following are the main changes that you will notice.
When buyers go through the checkout process, before purchasing, we will ask them specifically if it’s OK for their details (email address) to be shared with you, the seller. If the buyer gives consent, we will provide their email address as normal to you in the customer’s area.
If the customer does not give consent, then we will set the email address with the unsubscribe state meaning you can still see the email but you will not be able to use the product updates feature for these customers.
Updated 24th of May: A new privacy and cookies policy has been added
If you’re using Payhip to sell your digital products, there isn’t anything else you need to do.
If you have any questions regarding these changes, just contact us, we’re happy to help!
Is this only served when you detect that the customer is in EU (similar to how VAT is automatically served)? But if it’s default opt out, for customer out of EU and for seller out of EU, how can we identify that GDPR doesn’t apply?
Hi Jeannie, yes that is correct. We only request customers to opt in when they are in the EU (for now). For those that we don’t ask to opt in, you can see their location in the customers section of your dashboard. I hope this makes sense!
Does this work for free products that we put automatically subscribe? I don’t see it, but I’m not in the EU.
Yes this works for free products too.
Leave a Comment