My Sellerdeck Account | Free Trial

Sellerdeck Community & Knowledge Base

  #1  
Old 18-Mar-2018, 10:19 AM
gail gail is offline
Registered User
Join Date: Mar 2006
Full Name: Gail Litherland
Posts: 117
Thanks: 6
Thanked 2 Times in 2 Posts
Gdpr

With the deadline looming for the implementation of GDPR there does not seem to be much information on it relating to Sellerdeck.

Sellerdeck themselves appear to be working on the compliance but from what I have read this is only on a new version which they are going to release.

This leaves the rest of us who do not want/can not afford to upgrade sort of out in the cold.

Does anyone else share my concern about this or is there a simple solution and I am worrying unnecessarily?
__________________
Scottish Gifts 4U - quality gifts from Scotland
Reply With Quote
  #2  
Old 19-Mar-2018, 08:55 PM
Buzby's Avatar
Buzby Buzby is offline
Registered User
Join Date: Feb 2004
Full Name: Jason
Posts: 875
Thanks: 91
Thanked 39 Times in 35 Posts
Don't worry, Sellerdeck say they will release it before the deadline.

So expect to be working through the night on May 24th.

2 months to go and without any sort of statement as to what is happening I feel is very poor.
Reply With Quote
  #3  
Old 20-Mar-2018, 09:49 PM
PJ ENG PJ ENG is offline
Registered User
Join Date: Dec 2002
Full Name: Paul Vetere
Posts: 116
Thanks: 1
Thanked 5 Times in 3 Posts
From what i have been told it will only be available on V18
Reply With Quote
  #4  
Old 20-Mar-2018, 09:59 PM
Buzby's Avatar
Buzby Buzby is offline
Registered User
Join Date: Feb 2004
Full Name: Jason
Posts: 875
Thanks: 91
Thanked 39 Times in 35 Posts
And this is what is unacceptable, 2 months to go and no one has any idea what is happening, and how they can be ready.

I run 4 sites on 2014 and 2016, so is it a minor upgrade on each software, or do all 4 sites have to be upgraded to 2018?

Time is ticking Sellerdeck
Reply With Quote
  #5  
Old 21-Mar-2018, 09:09 PM
brucet brucet is offline
Administrator
Join Date: Apr 2003
Full Name: Bruce Townsend
Posts: 979
Thanks: 59
Thanked 237 Times in 142 Posts
I'm not sure if you are aware, but we already issued a statement here, and it has a link to a blog post with more information: https://community.sellerdeck.com/showthread.php?t=57457

A white paper with additional help and information is in final draft and will be available very soon. Sellerdeck v18 will also be released shortly, with a number of enhancements designed to support GDPR. For users of currently supported versions who do not wish to upgrade, as far as possible we will provide appropriate steps to enable you to identify and mitigate any risks.

So we are taking active steps to ensure that our software is not a barrier to GDPR compliance. However please note - we cannot make you compliant, nor can we provide comprehensive advice on how to comply. GDPR touches all of your business processes. Each business is individual, and each is responsible for its own compliance. So please don't wait for us - only you can establish what the new regulation means for your own business, and it's most important that you do.
__________________
Bruce Townsend
Ecommerce Product Manager
SellerDeck Ecommerce Solutions
Reply With Quote
  #6  
Old 21-Mar-2018, 09:20 PM
Buzby's Avatar
Buzby Buzby is offline
Registered User
Join Date: Feb 2004
Full Name: Jason
Posts: 875
Thanks: 91
Thanked 39 Times in 35 Posts
Hi Bruce,

Yes I was aware of that, however doesn't mention what versions will be covered, so as I say 2 months to go and I do not know if my sites will be supported.

Also no mention of timescale, too close and people won't have time to implement. How about designers who will have a mad rush?

Can you confirm which versions will be covered, You know, so please let us know so we can make plans.

I am aware that we need to do more to be compliant, but how do we do that when we don't know what the website will, and will not do. It is like writing a user manual for a product you've never seen.

I pay 1000 a year to be, not informed and kept up to date.
Reply With Quote
  #7  
Old 22-Mar-2018, 12:57 PM
John Ennals's Avatar
John Ennals John Ennals is offline
Registered User
Join Date: May 2006
Full Name: John Ennals
Posts: 106
Thanks: 36
Thanked 34 Times in 29 Posts
Quote:
Originally Posted by brucet View Post
So we are taking active steps to ensure that our software is not a barrier to GDPR compliance.
I understand the MS Access database in Sellerdeck 2018 will not be encrypted, which I suggest is a fairly significant barrier. In this respect SD 2018 will not be inherently GDPR compliant, and will need to be installed on an encrypted hard drive in order to make it so.

John
__________________
www.tortoys.co.uk
Reply With Quote
  #8  
Old 26-Mar-2018, 03:51 PM
Mantra Mantra is offline
Registered User
Join Date: Jan 2011
Full Name: Martin Nichols
Posts: 72
Thanks: 38
Thanked 9 Times in 7 Posts
Quote:
Originally Posted by brucet View Post
Sellerdeck v18 will also be released shortly, with a number of enhancements designed to support GDPR. For users of currently supported versions who do not wish to upgrade, as far as possible we will provide appropriate steps to enable you to identify and mitigate any risks.
I downloaded v18 BETA and noted that there does not appear to be any change to the Business Settings | Terms and Conditions | Privacy Policy template nor any mention of enhancements designed to support GDPR in the Release Notes. Please can you provide some more information on what these enhancements are likely to incorporate so that users can be prepared in advance?

Quote:
Originally Posted by brucet View Post
So we are taking active steps to ensure that our software is not a barrier to GDPR compliance. However please note - we cannot make you compliant, nor can we provide comprehensive advice on how to comply. GDPR touches all of your business processes. Each business is individual, and each is responsible for its own compliance. So please don't wait for us - only you can establish what the new regulation means for your own business, and it's most important that you do.
My reading of this is that each business must consider its own responsibilities for compliance according to the requirements that impact on the data it collects, stores and processes and this seems a reasonable expectation.

The first step then would be for each business to identify the requirements and formulate a policy statement that addresses each of the requirements in turn. The question then is how would this Policy Statement with any associated consents needed be integrated into the SellerDeck software? Please advise how the new version of the software will address this requirement so that businesses can take this into account in the formulation of the GDPR Policy Staement. For the time being I feel that Business Settings | Terms and Conditions | Privacy Policy could be expanded used for this purpose.

Martin Nichols
Mantra Audio

Last edited by Mantra; 26-Mar-2018 at 04:03 PM.. Reason: typo + extra words
Reply With Quote
  #9  
Old 06-Apr-2018, 03:48 PM
PJ ENG PJ ENG is offline
Registered User
Join Date: Dec 2002
Full Name: Paul Vetere
Posts: 116
Thanks: 1
Thanked 5 Times in 3 Posts
Just had a Email from SD

They are producing a white paper but only available for Sellerdeck Desktop 365 Plus customers

Way to alienate your customers who dont want to take a lower standard product for more money !
Reply With Quote
  #10  
Old 06-Apr-2018, 04:33 PM
John Ennals's Avatar
John Ennals John Ennals is offline
Registered User
Join Date: May 2006
Full Name: John Ennals
Posts: 106
Thanks: 36
Thanked 34 Times in 29 Posts
Yes, it also says this on the Sellerdeck 2018 microsite.

I was contacted on 22nd March by a Sellerdeck employee (I'll refrain from naming him here) to ask whether I had received notification of the price increases. I told him I had, and I asked him whether the GDPR white paper would be available to those of us with Sellerdeck Cover as well as Sellerdeck 365 customers. He said it would.

However, in the same conversation I asked whether the Access database in Sellerdeck 2018 was going to be encrypted and he confirmed it would be. As this is not true, I am not particularly hopeful about receiving the white paper either.

Incidentally, on 13th March Sellerdeck sent me an email saying that my Sellerdeck Cover would renew on 27/3/18 at 436.00 exc. VAT, which was a nice surprise. Needless to say on 27/3/18 they actually charged me 545.00 exc. VAT.

Seems fake news is everywhere these days. Wonder how long this post will stay up?

John
__________________
www.tortoys.co.uk
Reply With Quote
  #11  
Old 06-Apr-2018, 04:47 PM
PJ ENG PJ ENG is offline
Registered User
Join Date: Dec 2002
Full Name: Paul Vetere
Posts: 116
Thanks: 1
Thanked 5 Times in 3 Posts
Quote:
Originally Posted by John Ennals View Post
Yes, it also says this on the Sellerdeck 2018 microsite.

I was contacted on 22nd March by a Sellerdeck employee (I'll refrain from naming him here) to ask whether I had received notification of the price increases. I told him I had, and I asked him whether the GDPR white paper would be available to those of us with Sellerdeck Cover as well Sellerdeck 365 customers. He said it would.

However, in the same conversation I asked whether the Access database in Sellerdeck 2018 was going to be encrypted and he confirmed it would be. As this is not true, I am not particularly hopeful about receiving the white paper either.

Incidentally, on 13th March Sellerdeck sent me an email saying that my Sellerdeck Cover would renew on 27/3/18 at 436.00 exc. VAT, which was a nice surprise. Needless to say on 27/3/18 they actually charged me 545.00 exc. VAT.

Seems fake news is everywhere these days. Wonder how long this post will stay up?

John
I had a very similar experience, i have 1 key and 3 users, turns out i have been only paying for support for 2 users !!

I also sent a snapshot over to them with a view to upgrading to V18, no reply.
Reply With Quote
  #12  
Old 06-Apr-2018, 05:26 PM
Mantra Mantra is offline
Registered User
Join Date: Jan 2011
Full Name: Martin Nichols
Posts: 72
Thanks: 38
Thanked 9 Times in 7 Posts
Quote:
Originally Posted by PJ ENG View Post
Just had a Email from SD

They are producing a white paper but only available for Sellerdeck Desktop 365 Plus customers

Way to alienate your customers who dont want to take a lower standard product for more money !
Just 7 weeks to go before compliance date and we still do not know how SellerDeck intends to enable its customers to be GDPR compliant!!!
Reply With Quote
  #13  
Old 07-Apr-2018, 10:44 AM
Mike Hughes Mike Hughes is offline
Registered User
Join Date: Jan 2003
Full Name: Mike Hughes
Posts: 8,025
Thanks: 267
Thanked 465 Times in 410 Posts
From what I can see the GDPR is actually quite a sensible regulation where the scope and extent of the requirements depends very much on the sensitivity of the personal data being collected, the risk to the rights of the person who's data it is and the costs and risks associated with implementation when assessing appropriate measure.

For example here is the main clause regarding security of Data Processing

Quote:

Security of Data - Security of processing

1. Taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, the
controller and the processor shall implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk,
In my view, as a retailer who won't be storing particularly sensitive data, where the data being stored is not done on a major scale, where it won't be shared for processing with other companies and where the risk to the rights of the individuals concerned is relatively small then I am reasonably confident that I can take (am already taking) measures that will be compliant with the GDPR.

I am also confident that the data I am collecting and storing (Name, Address, Contact Details, Products Purchased, Method of Payment. etc) has unambiguous consent for it's use in fulfilling my obligations of delivery and follow up customer service and support. I'll make sure this is clearly explained in the terms and conditions and prior to purchase.

Marketing to my existing customer base is one area I'll have to consider to make sure I have the appropriate consent in place.

The only area that concerns me really is the right to be forgotten and to me there are two areas I need to look into:

Firstly, if a customer buys something from me, how long should I hold his/her data to satisfy customer service and accounting requirements? I quite often have customers contacting me up to three years after purchase but after that I'm not so sure. I think there might be a requirement to keep financial and accounting records for up to 7 years but whether that includes customer purchase and payment data I don't know.

Secondly, should a customer request for personal data to be erased / no longer consent to it's use, how do i implement that? In the most simple procedure I could just overwrite the personal data in sellerdeck. Again, I believe I am allowed to keep that data as long as there are legitimate legal grounds for retaining it so I'm not expecting a major problem here either, a simple procedure enabling the customer to make the request and for me to implement it should be fine.

So all in all, I'm not sure I have too much of a requirement for new stuff from Sellerdeck. The use of TLS for sending emails coming in 2018 doesn't seem necessary to me but given it's low cost of implementation then it makes sense. Not a deal breaker either way for most Sellerdeck users.

I have to admit, I think a lot of the scare stories out there are coming from consultants wanting to chase down some nice little earners and making it seem far more draconian than it probably is for most retailers.

What does everyone else think? Is there anyone considering more drastic measures?
__________________
-----------------------------------------

First Tackle - Fly Fishing and Game Angling

-----------------------------------------
Reply With Quote
The Following 3 Users Say Thank You to Mike Hughes For This Useful Post:
John Ennals (08-Apr-2018), KarenBM (14-Apr-2018), Mantra (10-Apr-2018)
  #14  
Old 08-Apr-2018, 06:30 PM
John Ennals's Avatar
John Ennals John Ennals is offline
Registered User
Join Date: May 2006
Full Name: John Ennals
Posts: 106
Thanks: 36
Thanked 34 Times in 29 Posts
Quote:
I think there might be a requirement to keep financial and accounting records for up to 7 years but whether that includes customer purchase and payment data I don't know.
In my case I'm self-employed so HMRC requires me to retain records for at least 5 years after the tax return submission deadline. The HMRC website suggests those records should include sales invoices. Therefore my Privacy and Security policy will state that specified personal data will be collected in order to process and deliver orders, and that data will be retained for (say) 6 years to comply with HMRC rules.

I think you can purge old orders fairly easily from Sellerdeck by filtering by date then deleting. Looking at the database table structure I guess that would remove the customer's name, address etc. unless there also existed newer orders for that customer that hadn't been deleted. Somebody at Sellerdeck would need to confirm this.

John
__________________
www.tortoys.co.uk
Reply With Quote
The Following 3 Users Say Thank You to John Ennals For This Useful Post:
KarenBM (14-Apr-2018), Mantra (09-Apr-2018), Mike Hughes (09-Apr-2018)
Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes Rate This Thread
Rate This Thread:

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off



All times are GMT. The time now is 07:22 PM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2018, Jelsoft Enterprises Ltd.