What is GDPR?
The EU’s General Data Protection Regulations (GDPR) take effect May 25, 2018, and we are in support of the spirit of these regulations for a safe and secure Internet. We are committed to the privacy rights for our community, clients, and partners.
These new regulations govern how companies collect and handle personal data, and may impact companies that are not located in the EU. Please visit https://www.eugdpr.org/ for more information.
Is Reaction GDPR Compliant?
We are in the process of implementing specific initiatives. Here is our progress so far with GDPR compliance:
We are auditing all areas of Reaction Commerce to determine what personal data we collect and for what purpose. In cases where we might be collecting personal data that is not essential, we are removing that collection process.
Status: In Process
We’re working with our legal team to ensure that our policy clearly communicates any instances of personal data collection.
Data Modification and Deletion
A user has the right to request that we modify or delete all of their personal data. Those who want to inquire about modifying or deleting the personal data can contact us at firstname.lastname@example.org
Access / Portability
A user can request access to a copy of the personal data that we have collected. Users who wish to request portability can contact us at email@example.com
Status: In progress
Here is a list of all current sub-processors in use by Reaction. A sub-processor includes any third party that we share personally identifiable info with.
- Cirrus Insight
Are changes required to Reaction Commerce code to be compliant with GDPR?
GDPR regulations give individuals the right to access, change, and delete personal information when requested.
We are working on mapping personal information that is stored by Reaction Commerce but there are no anticipated changes required to become compliant. However, merchants should put in their own process to ensure they are in compliant with GDPR.
How can merchants using Reaction become GDPR compliant?
Merchants should contact their own legal counsel to help them understand what they must do to be compliant.
How do plugins and integrations impact GDPR compliance?
Merchants should review services from any contracts with external companies providing the plugin and integration services.
How do EU merchants ensure that their data and their customers data remain in the EU?
Merchants should work with their hosting provider to ensure that they are hosted in EU locations.