I've just received it but my copy was 4 pages in total!!

I am waiting for this prior to making my site legal for the 25th.

Is it worth the wait?

You can use a soft opt-in for customers if you use Legitimate Interest as the basis for contacting them (as we would recommend). But you must give the opportunity to opt out. See eg https://ico.org.uk/for-organisations...ail-marketing/ which is the definitive interpretation for the UK.

What you cannot do is have an 'opt in' check box that is pre-ticked. If it's an 'opt in' box, then the subject must make an affirmative action to check it.

Either way, you must make clear what they are opting into. And you must not send them anything beyond the bounds of it.

Having quickly read through the Heart Internet GDPR blog paper, it appears that a soft opt-in option should not be an option to receive email communications and that an informed consent checkbox tick will be required after all.
Martin

Helpful Notes on GDPR

Here is a very helpful document about GDPR from Heart Internet - again released to all, not just to a limited group of subscribers.

https://www.heartinternet.uk/blog/a-...do-to-prepare/

Further Link

https://www.heartinternet.uk/blog/a-...Newsletter+3+A

Using the 'Terms and Conditions agreed RWD' layout to get express consent.

Using the 'Terms and Conditions agreed RWD' layout to get express consent.

Forum is throwing script errors again so please read this text file - thank you.

https://www.webeg.net/gdpr-06.txt

I have tried to edit post https://community.sellerdeck.com/sho...6&postcount=16 above but keep getting this whatever browser I use:
So here it is as a new post.

POST SCRIPT ADDED 03 May 2018

There are two issues with my suggested prompts above. The 'Moving in one month' even when marked as required is not in fact required and the sequence will continue if the box is not ticked. Secondly, the phrase 'Moving in one month' appears in the orders tab and on the printed invoice.

Gary Green and the Developers have produced a modified orderscript.pl which makes the moving in one month box truly required. Download (for v16) here: https://www.webeg.net/OrderScript.zip
Go to 'Design', 'Text' and GoTo 'Phase:' -1 'ID:' 802 and change 'Moving In One Month' to 'Consent to data?'

Crystal Reports draws on this text so the printed invoice will reflect the true value and confirm consent has been gained.

Use the 'Terms and Conditions Agreed RWD' layout instead of 'Moving in One Month'.

An arguably better method is to move the 'Terms and Conditions Agreed RWD' from Checkout 1 to the top of both address fields in Checkout 0 and it still works. You will not now need the 'Moving' layout. By altering the label text you can achieve what I was trying to do above and have the checkout sequence depend on a positive response. I will have a working example linked from the forum shortly.

Jonathan
I could not find this particular code line in the Smart Responsive Current Stylesheet which stops at line 1090 for my site.

The Current Stylesheet lines 1 to 4 has comment and code to Pull in Core Styles, Responsive CSS, Responsive CSS Part 2 but I cannot figure out how to open the Responsive CSS.

Have you any suggestions on how to do this or do I need to add some code to the Smart Responsive Current Stylesheet to cover this?

I am considering using the "invoicePrivacy" part of your suggested coding changes as a Legitimate Interest soft opt-in option to recieve emails - so that customers have to check this to opt out which is similar to existing invoicePrivacy.

At the moment I do not see a need to adopt the "Moving in One Month" part for consent to collect name, address and email details as I think this can be covered by the consent to agree Terms and Conditions and Privacy Policy on check out when an order is placed, however, it would be useful to incorporate the text message here without the check box drawing attention to this but I am not sure how to do this at the moment.

I have added our site Privacy Policy to the existing Business Settings | Terms and Conditions | Privacy Policy part together with a new paragraph to cover the above consent that could be repeated on the Checkout Page 0.

Your tool tips explaining the reasoning why the information is required will also be useful add-ons.

Martin
Mantra Audio

John
I have copied my Privacy Policy over into Business Settings | Terms and Conditions | Privacy Policy - section and removed the link out to the separate Privacy-Policy.html page.

The text in the existing Business Setting Privacy Policy is headed up "Summary" and ended "Privacy Policy - Full - See More..." using Norman's code to expand and hide this protracted policy part whilst keeping it within the overall Terms and Conditions.

Not sure why though the "See More..." and "Hide" function correctly on clicking the "Terms and Conds" link to the "info.html" page from the page header and footer but not for the check out link "Click here to view Terms and Conditions" link to "infopopup.html". I think it is still OK because it defaults to the Privacy Policy - Full notice but I would welcome any suggestions to get round this as I may be missing something obvious.

I have also taken up Sarah's suggestion to change the wording on the checkout page "Terms and Conditions Agreed RWD" design layout (V16 Line 9) to read "By placing this order, I agree to [COMPANYNAME] Terms and Conditions and Privacy Policy."

This should ensure the Privacy Policy is visible to obtain customer consent before an order can be placed.

I still need to look at the marketing bit but as this is likely to consist of email follow ups to existing customers and online enquiries, I am tempted towards the Ligitimate Consent soft opt in approach put forward by James in the below post:

https://community.sellerdeck.com/sho...7&postcount=30

Martin
Mantra Audio

If this is where you mean, here are some images of where they are. I inserted 2 and 3 to show which is which.

Terms and conditions header (where I have put test) is phase -1 ID 2386

Hi Sarah
I think the agreement to T & C is perhaps best left where it is on Checkout Page 1.
The wording "I Accept the Terms and Conditions" can still be changed to something like "By placing this order, I agree to [COMPANYNAME] Terms and Conditions and Privacy Policy".

Amazon have something like this in place that flags up when you place an order. Their's also includes a reference to Cookies and Internet Advertising that may not be needed if already incorporated into the Privacy Notice.

Can anyone advise on how to change the following:

1. The section heading on the checkout page to read say "Terms and Conditions and Privacy Policy" whatever?

2. The Terms and Conditions link to read say "Click here to read say "Click here to view Terms and Conditions and Privacy Policy" for consistency?

Martin
Mantra Audio

Martin,

I like what you've done, and I think I will probably follow your lead and incorporate the Cookie Policy rather than making it separate.

I also need to expand the data sharing bit to include and explain Statcounter as a third party, and to mention our legitimate interests somewhere.

I'm treating the Privacy Policy very much as a live document and I expect to carry on tweaking it indefinitely.

John

I reached the same conclusion and had a go at developing a policy for our small business which I hope is easier to read and understand than some of the policies I've seen.

It has some similarities to yours except I have incorporated the 'Cookie' part into my Privacy Policy - it is not as specific as yours. Thank you for sharing and your offer to copy. I may incorporate some of your ideas across into my policy, I quite like the references to GDPR Arcticle Nos. and some other aspects regards layout, wording, appearance etc.

I too would welcome any comments and would have no objection to members copying it to develop and and tailor for their particular business - no warranty implied.

Nor me but it will take more than a couple of days as it has been very time consuming task and I feel like I need to take a break.

I am also waiting to see if SellerDeck come up with anything new - it has been very quiet on that front lately!!

Martin
Mantra Audio

Most of the sample GDPR-ready Privacy and Security Policies I've seen on the web have been rather long and difficult to read, often regurgitating the GDPR itself in large chunks to no particular purpose.

I've had a go at a policy suitable for very small businesses with normal human beings (or data subjects if you will) as customers, and it's on my website if you want a look. I'd welcome any comments, and by the same token you're welcome to copy it if you like. No warranty implied! Bear in mind the HMRC record retention period will probably be different if you're a limited company etc.

I haven't got round to changing the wording in the checkout re consent, but will do so over the next couple of days.

John

Thank you for your response that guided me to a solution.

The privacy policy statement that I have in preparation is to lengthy to incorporate under the Business Settings | Terms and Conditions | Privacy Policy part so I have set this up as a brochure page with fragments for key heading parts introducing a new Privacy-Policy.html page.

I have found that I can link out to the new Privacy-Policy.html URL by adding the html code into the Business Settings | Terms and Conditions | Privacy Policy part:

This code line (part) can also be used to replace the Design Library | Page Areas | Deep Footer Layout Line 17 code (part).

with amended wording so that the Privacy & Payment Security Information link in the page footer links out to the Privacy-Policy.html URL.

There is also another option to incorporate the complete new Privay Policy statement under the Business Settings | Terms and Conditions | Privacy Policy part by using See More... links to break the text down into sizeable chunks that can be expanded and hidden as required - see Norman Rouxel's excellent post
https://community.sellerdeck.com/showthread.php?t=54937 on how to do this.

Thank you Norman for bringing this to my attention.

I have used this code in some of the Privacy Policy brochure fragment text and verified that it also works fine when pasted into the Business Settings | Terms and Conditions | Privacy Policy part.

That's the structure in place for the privacy policy that is still work in progress as there are points now being aired daily on this forum that need to be considered and addressed.

I just need to consider how I address the consent bit.

I am attracted to Sarah's solution possibly combined with the coding that you have already shared.

Martin