Don't worry, Sellerdeck say they will release it before the deadline.

So expect to be working through the night on May 24th.

2 months to go and without any sort of statement as to what is happening I feel is very poor.

From what i have been told it will only be available on V18

And this is what is unacceptable, 2 months to go and no one has any idea what is happening, and how they can be ready.

I run 4 sites on 2014 and 2016, so is it a minor upgrade on each software, or do all 4 sites have to be upgraded to 2018?

Time is ticking Sellerdeck

I'm not sure if you are aware, but we already issued a statement here, and it has a link to a blog post with more information: https://community.sellerdeck.com/showthread.php?t=57457

A white paper with additional help and information is in final draft and will be available very soon. Sellerdeck v18 will also be released shortly, with a number of enhancements designed to support GDPR. For users of currently supported versions who do not wish to upgrade, as far as possible we will provide appropriate steps to enable you to identify and mitigate any risks.

So we are taking active steps to ensure that our software is not a barrier to GDPR compliance. However please note - we cannot make you compliant, nor can we provide comprehensive advice on how to comply. GDPR touches all of your business processes. Each business is individual, and each is responsible for its own compliance. So please don't wait for us - only you can establish what the new regulation means for your own business, and it's most important that you do.

Hi Bruce,

Yes I was aware of that, however doesn't mention what versions will be covered, so as I say 2 months to go and I do not know if my sites will be supported.

Also no mention of timescale, too close and people won't have time to implement. How about designers who will have a mad rush?

Can you confirm which versions will be covered, You know, so please let us know so we can make plans.

I am aware that we need to do more to be compliant, but how do we do that when we don't know what the website will, and will not do. It is like writing a user manual for a product you've never seen.

I pay £1000 a year to be, not informed and kept up to date.

I understand the MS Access database in Sellerdeck 2018 will not be encrypted, which I suggest is a fairly significant barrier. In this respect SD 2018 will not be inherently GDPR compliant, and will need to be installed on an encrypted hard drive in order to make it so.

John

I downloaded v18 BETA and noted that there does not appear to be any change to the Business Settings | Terms and Conditions | Privacy Policy template nor any mention of enhancements designed to support GDPR in the Release Notes. Please can you provide some more information on what these enhancements are likely to incorporate so that users can be prepared in advance?

My reading of this is that each business must consider its own responsibilities for compliance according to the requirements that impact on the data it collects, stores and processes and this seems a reasonable expectation.

The first step then would be for each business to identify the requirements and formulate a policy statement that addresses each of the requirements in turn. The question then is how would this Policy Statement with any associated consents needed be integrated into the SellerDeck software? Please advise how the new version of the software will address this requirement so that businesses can take this into account in the formulation of the GDPR Policy Staement. For the time being I feel that Business Settings | Terms and Conditions | Privacy Policy could be expanded used for this purpose.

Martin Nichols
Mantra Audio

Just had a Email from SD

They are producing a white paper but only available for Sellerdeck Desktop 365 Plus customers

Way to alienate your customers who dont want to take a lower standard product for more money !

Yes, it also says this on the Sellerdeck 2018 microsite.

I was contacted on 22nd March by a Sellerdeck employee (I'll refrain from naming him here) to ask whether I had received notification of the price increases. I told him I had, and I asked him whether the GDPR white paper would be available to those of us with Sellerdeck Cover as well as Sellerdeck 365 customers. He said it would.

However, in the same conversation I asked whether the Access database in Sellerdeck 2018 was going to be encrypted and he confirmed it would be. As this is not true, I am not particularly hopeful about receiving the white paper either.

Incidentally, on 13th March Sellerdeck sent me an email saying that my Sellerdeck Cover would renew on 27/3/18 at £436.00 exc. VAT, which was a nice surprise. Needless to say on 27/3/18 they actually charged me £545.00 exc. VAT.

Seems fake news is everywhere these days. Wonder how long this post will stay up?

John

I had a very similar experience, i have 1 key and 3 users, turns out i have been only paying for support for 2 users !!

I also sent a snapshot over to them with a view to upgrading to V18, no reply.

Just 7 weeks to go before compliance date and we still do not know how SellerDeck intends to enable its customers to be GDPR compliant!!!

From what I can see the GDPR is actually quite a sensible regulation where the scope and extent of the requirements depends very much on the sensitivity of the personal data being collected, the risk to the rights of the person who's data it is and the costs and risks associated with implementation when assessing appropriate measure.

For example here is the main clause regarding security of Data Processing

In my view, as a retailer who won't be storing particularly sensitive data, where the data being stored is not done on a major scale, where it won't be shared for processing with other companies and where the risk to the rights of the individuals concerned is relatively small then I am reasonably confident that I can take (am already taking) measures that will be compliant with the GDPR.

I am also confident that the data I am collecting and storing (Name, Address, Contact Details, Products Purchased, Method of Payment. etc) has unambiguous consent for it's use in fulfilling my obligations of delivery and follow up customer service and support. I'll make sure this is clearly explained in the terms and conditions and prior to purchase.

Marketing to my existing customer base is one area I'll have to consider to make sure I have the appropriate consent in place.

The only area that concerns me really is the right to be forgotten and to me there are two areas I need to look into:

Firstly, if a customer buys something from me, how long should I hold his/her data to satisfy customer service and accounting requirements? I quite often have customers contacting me up to three years after purchase but after that I'm not so sure. I think there might be a requirement to keep financial and accounting records for up to 7 years but whether that includes customer purchase and payment data I don't know.

Secondly, should a customer request for personal data to be erased / no longer consent to it's use, how do i implement that? In the most simple procedure I could just overwrite the personal data in sellerdeck. Again, I believe I am allowed to keep that data as long as there are legitimate legal grounds for retaining it so I'm not expecting a major problem here either, a simple procedure enabling the customer to make the request and for me to implement it should be fine.

So all in all, I'm not sure I have too much of a requirement for new stuff from Sellerdeck. The use of TLS for sending emails coming in 2018 doesn't seem necessary to me but given it's low cost of implementation then it makes sense. Not a deal breaker either way for most Sellerdeck users.

I have to admit, I think a lot of the scare stories out there are coming from consultants wanting to chase down some nice little earners and making it seem far more draconian than it probably is for most retailers.

What does everyone else think? Is there anyone considering more drastic measures?

In my case I'm self-employed so HMRC requires me to retain records for at least 5 years after the tax return submission deadline. The HMRC website suggests those records should include sales invoices. Therefore my Privacy and Security policy will state that specified personal data will be collected in order to process and deliver orders, and that data will be retained for (say) 6 years to comply with HMRC rules.

I think you can purge old orders fairly easily from Sellerdeck by filtering by date then deleting. Looking at the database table structure I guess that would remove the customer's name, address etc. unless there also existed newer orders for that customer that hadn't been deleted. Somebody at Sellerdeck would need to confirm this.

John