Accounts and Privacy Settings

Clicking on the Accounts and Privacy tab at the top of the WooCommerce > Settings page takes you to the accounts and privacy Settings.

These settings are where you can enable or disable guest checkout, control customer account creation, decide how personal data is retained or removed from your shop, and set your privacy policy notices. Sections include:

Additionally we share information about what WooCommerce adds to the WordPress Personal Data Exporter tool.

WooCommerce's Accounts and privacy settings in the admin area.

Guest Checkout and Accounts

↑ Back to top

Guest Checkout

  • Allow customers to place orders without an account – Allows customers to check out without creating an account or being logged in. Guest orders will not be tied to a user account in WordPress.
  • Allow customers to log into an existing account during checkout – This displays a login form and prompt on the checkout page if the customer is not already logged in.

Account Creation

  • Allow customers to create an account during checkout
  • Allow customers to create an account on the My account page
  • Automatically generate username from customer email – If this setting is disabled, there will be an input box for the user to enter their own username.
  • Automatically generate customer password – If this is disabled, there will be an input box for the user to set their own password. Note that while the password strength notification will be displayed at Checkout, customers can choose any password so as to not limit conversions. For accounts created on the My Account page, the password will need to meet certain strength requirements (i.e. a combination of the number of characters and mixture of uppercase / lowercase / numeric / symbol characters).

Account erasure requests

  • Remove personal data from orders – WordPress 4.9 allows you to remove personal data on request. When doing this, if you enable this option, user data will also be removed from your orders if they belong to the user being erased.
  • Remove access to downloads – WordPress 4.9 allows you to remove personal data on request. When doing this, if you enable this option, download data will also be removed if it belongs to the user being erased. The erased user will no longer have access to any purchased downloads if this happens.

Personal data removal

  • Allow personal data to be removed in bulk from orders – Adds a new bulk action to remove personal data on the Orders page. Useful if you need to manually anonymize orders in bulk. See more about this feature at Managing Orders: Removing Personal Data from Orders.

Privacy policy

↑ Back to top

This section lets you select a page for your privacy policy, and display privacy policy snippets on your account and checkout pages shown to customers.

  • Privacy Page – This link takes you to Settings > Privacy where you can select a page to act as your privacy policy. Using [privacy_policy] in the two notices below will link to this page. Some themes also use this option to link to a privacy policy in other places, such as the footer.
  • Registration privacy policy – Shown on the registration form on the My Account page. You should include information about your privacy policy, and link to your page privacy policy page for more information.
  • Checkout privacy policy – Shown on the checkout form. You should include information about your privacy policy, and link to your page privacy policy page for more information.

Personal data retention

↑ Back to top

This section allows you to decide how long to keep order data on your store. You should specify how long your site will retain data in your privacy policy; consider what makes sense for local laws such as the EU GDPR.

For each option, enter a number and choose the duration from days, weeks, months, or years. Leaving these options blank will retain that data indefinitely.

  • Retain inactive accounts – Inactive accounts are accounts which have not logged in nor placed an order for the specified duration.
  • Retain pending orders – Pending orders are unpaid or abandoned and should not need to be fulfilled.
  • Retain failed orders – Failed orders are unpaid or abandoned and should not need to be fulfilled.
  • Retain cancelled orders – Cancelled orders were orders cancelled on purpose by either the admin or the customer, or timed out waiting for payment.
  • Retain completed orders – Completed orders were fulfilled in the past.

If enabled, this cleanup will run via a daily cron job. Inactive accounts are tracked using anonymous metadata, and only subscriber/customer accounts are removed.

  • Failed, pending, and canceled orders which get cleaned up will be moved to the trash.
  • Completed orders which get cleaned up will be anonymized so sales stats are unaffected.
  • Inactive accounts will be deleted. An inactive account is one which has not been logged in to, or which has not placed orders, for the specified time.

Personal Data Exporter

↑ Back to top

WordPress 4.9.6 added the ability to export personal data associated with an email address to an HTML file. You. canexport personal data from your site at Tools > Export Personal Data. While these exports are not a WooCommerce feature, WooCommerce adds data to the generated export file, exporting the following data:

  • Customer address/account information
  • Orders associated with the given email address
  • Download permissions and logs associated with the given email address

To ensure requests are genuine, a confirmation email is sent to verify the request. The verification process:

  1. Enter an email address or username.
  2. User is notified via email with a confirmation link.
  3. Confirmation link is used, and request is marked “confirmed.”
  4. Email with link to download their personal data is sent to the user.

Here’s an example of a Personal Data File:

A file titled "Personal Data Export" with three tables demonstrating customer information. The three tables are in sections titled: "About", which contains who the report was generated for, what site and URL it came from, as well as the date of the export. "Customer Data", which lists billing and shipping addresses of the customer, as well as their phone number and email address. And "Orders", which lists details of the customer's orders including the number, total cost, items purchased, IP address, and address information for each order.

Questions and Support

↑ Back to top

Do you still have questions and need assistance? 

This documentation is about the free, core WooCommerce plugin for which support is provided in our community forums on WordPress.org. Searching there you’ll often find that your question has been asked and answered before.

If you haven’t created a WordPress.org account to use the forums, here’s how.

  • If you’re looking to extend the core functionality shown here, we recommend reviewing available extensions in the Woo Marketplace.
  • Need ongoing advanced support, or a customization built for WooCommerce? Hire a WooExpert agency.
  • Are you a developer building your own WooCommerce integration or extension? Check our Developer Resources.

If you weren’t able to find the information you need, please use the feedback thumbs below to let us know! 🙏