Sometimes. a customer wants to remove their digital footprint from the Internet. Maybe they were the victim of identity theft, suffered online harassment, or just want reduce their online presence. Whatever the reason, store owners who collect data from EU residents can expect to receive “Right to Erasure” requests under the GDPR.
As with Right of Access requests, the data a person can expect to be erased includes the obvious — name, address, phone number — and the less obvious, like tracking numbers and VAT IDs.
Before You Get Your First Request
Here, you’ll also want to start with test orders to understand what data you collect, and develop a standard procedure for responding to requests. Your procedure should include:
- How you will confirm the person’s identity: Only an authorized person can request erasure.
- Where you will obtain the data. Some data will be available using the new tools in WordPress and WooCommerce. Some plugins store data separately, and you might have other online systems separate from your WordPress/WooCommerce store where you input data.
Not sure you know all the places data might be stored? This is where a test order is handy; you’ll be able to see what plugins are automatically providing data using the new WordPress export tool. Note all the plugins you don’t see in the export tool; you’ll have to erase data from these plugins separately.
In WooCommerce, new settings help you control and limit automatic erasure of customers’ personal data. You can find them under WooCommerce → Settings → Accounts and Privacy. Here, you can control:
- How long inactive accounts are preserved.
- How long pending, failed, or cancelled orders are preserved.
- How long completed orders are preserved.
You can also control some Right to Erasure-related settings, like:
- Whether personal data in orders should be removed.
- Whether access to downloads should be rescinded.
When That First Request Comes In
As with Right of Access requests, start by confirming the identity of the person making the request before you touch their personal data.
A new WordPress page under Tools → Erase Personal Data lets you send a confirmation request to the customer’s email (or via their username). Type their email address in the box provided and hit «Send Request»:
While you’re waiting for the customer to confirm, you’ll see the request displayed as “Pending.»
After they click the link, you’ll see that status switch to “Confirmed»:
Once their identity is confirmed, click the Erase Personal Data button, and the software will start scrubbing away. WordPress, WooCommerce, and many extensions work together to erase a person’s personal data. If a plugin needs to retain a bit of personal data for whatever reason, it will be displayed to you at the end of the erasure process.
If the person has a user account on your site, the request will also include a link to start the “Delete User” process — the same one that is in WordPress core already. Hold off on this at first; you might want to preserve their account depending on whether any plugins you use return a message about items “retained” during the erasure process.
Again, don’t forget that this only covers plugins that hook into the new WordPress personal data erasure tool — you may need to manually remove personal data collected by other plugins or services to be in full compliance with the Right to Erasure request.
Next up? Notifying Customers of a Breach of their Data