Right to erasure

If your site must comply with GDPR, your organization will need to handle user requests to correct or erase personal data. As part of GDPR, users have a right to request that personal data that was collected by your site is erased. To help your organization get ready to meet the GDPR requirements that are related to this right, WebSphere Commerce provides your organization with the ability to delete personal data about a user.

Removing user personal information

When a shopper or other user for your site or organization wants any personal data that your site collected about that user to be removed or edited, the user can submit a request to your organization's Data Protection Officer (DPO). Your organization is responsible for creating the request submission process that your site and internal users must use to submit data access and erasure requests. WebSphere Commerce does not provide any process for creating or receiving these requests.

After the request is received, your Data Protection Officer user can use SQL to retrieve and delete the data that is collected about the user. The Data Protection Officer can then provide details of the data changes to the user that requested the information.

For more information about the personal data that WebSphere Commerce can collect that a user can request to be erased, see Data collection.

Note: Due to business requirements, some data, such as order history, may not be erased right away. For example, order history data can be required for audit purposes and as a record or purchase, such as for processing returns or refunds. If any specific data cannot be immediately erased, you may be best served by determining the remaining retention period for the data. As part of the response that your organization sends to the user about their data changes, consider including details about the data that must be retained for business purposes and when the data can be erased.

To delete any personal data, the Data Protection Officer needs to obtain identifying information about the user from the user's request. The Data Protection Officer might need to obtain and use at least one the following pieces of identifying information for the user to retrieve the user's personal data records:

Logon ID (USERS_ID or MEMBER_ID)

With this ID, the SQL for retrieving user personal data can be constructed and used. For more information about the SQL that can be used to delete personal data, see SQL statements: Right to access

Generating a report about collected personal data

After your Data Protection Officer corrects or removes personal data for a user, the details of the data changes should be provided to the user in a commonly used and machine-readable format. Provide details about any data that must be retained for business purposes and the date when that data can be erased. Provide the details of the data changes to the user over a secure method of communication.

As part of the EU GDPR, users of your site have a right to data portability. To try and meet the requirements to support this right for your users, your site should have processes in place to provide a user details about the data that you collect about the user, and any processing of that data.

Your organization is responsible for developing the communication process to provide to users any details about your organization's handling of their right to erasure request. WebSphere Commerce does not provide any functionality for developing this communication process or for generating reports about data changes.