There is a chance that your Magento store is not yet ready for GDPR, if you are still not sure how to approach this problem, you’ve come to the right place. In this post, we compare the two robust extensions that allow the implementation of the GDPR in Magento created by Amasty and Aheadworks.
MAGENTO 2 GDPR EXTENSIONS – BASIC FUNCTIONS
Below is a list of the basic functions of each of the mentioned Magento 2 GDPR extensions.
AHEADWORKS GDPR FOR MAGENTO 2
Personal data according to GDPR
Thanks to the module, your online store will be compliant with the latest GDPR regulations. The shop visitors have the opportunity to:
– access to your data and display it in PDF and XML format;
– validate of the use of data;
– consent to access and processing of data; or
– request the deletion of data.
Additionally, the Aheadworks Magento 2 GDPR module simplifies the management of huge databases containing customer information. It offers a user-friendly way to track customer consent to data processing and data removal requests.
Consent to the data protection policy
One of the most important aspects of GDPR is to allow customers to agree to a data protection policy on different websites. The Aheadworks Extension GDPR Magento 2 offers this possibility on the registration and payment page as well as via individual pop-ups.
Client access to personal data
Another important aspect of the GDPR is the possibility of access to personal data. Thanks to the Aheaworks Magento 2 GDPR extension, your customers will quickly get a copy via PDF or XML files. As a Magento administrator, you can get the necessary files in the backend section as well.
Improved client account
Customers not only receive a new registration form, but also an improved customer account. The plugin allows users to request access to their data and delete their accounts. Remember that deleting data leads to the removal of all incomplete orders and abandoned shopping carts. It should also be mentioned that the extension reduces the workload of the support department. Customer requests are downloaded directly from their accounts. Then you can quickly filter them out and properly handle them in the administration panel.
Checking e-mail and downloading data
It is also worth mentioning that the extension offers a secure verification mechanism that aims to protect customer data from fraudulent actions. As a store owner, you can filter out malicious requests via e-mail. Another significant function is related to data recovery. Thanks to the current API, you can effortlessly retrieve data from related third-party applications.
Convenient backend management
As a store administrator, you also receive several new mechanisms. There is a grid that allows you to track the consent of customers and export them as a list. In addition, you can process data access requests and delete them in a user-friendly manner. Everything is available in three independent sections: Compatibility, Data Access Requests, and Removal Requests.
The Aheadworks Magento 2 GDPR module enables:
– customer segmentation according to agreement conditions;
– management of requests for access to data and deletion of data;
– deleting selected customers.
The GDPR requirements are not eternal, so you should be ready to modify your store according to the new changes and rules. Thanks to the extension of Magento 2 GDPR by Aheadworks, you will not have to collect consent again. Instead, the module allows you to reset your current status with a single click and ask customers for permission to modify the modified version of the data protection rules. That way, you avoid the many headaches associated with all future updates of GDPR.
Now let’s focus on what Amasty offers so that your store is right for GDPR standards.
Advanced customer consent management
Convenient backend management
The next grid provided by the module contains removal requests. As a Magento 2 administrator, you can decide whether to approve or reject such requests.
Extended client account
As for the customer’s account area, it contains three new options:
– Download personal data via CSV;
– Anonymous personal data;
– Request for deletion of personal data.
Note that data anonymization is represented only by the extension of Amasty’s Magento 2 GDPR product. Aheadworks does not provide any similar possibilities.
MAGENTO 2 GDPR EXTENSIONS – BACKEND
Now that you know the fundamental differences between the two significant GDPR extensions for Magento 2, we can examine them in detail, starting with the backend section.
The Magento 2 GDPR backend extension section from Aheadworks is user-friendly and intuitive.
The appropriate Aheadworks Magento 2 GDPR expansion configuration section is divided into two subsections: General and e-mail settings. The first one allows you to select the data protection policy page displayed to clients. In the e-mail settings, you can specify the sender, and select the templates to confirm the deletion and e-mail confirming access to the data. These are all configuration settings:
A network of consent permits allows you to view customers with the appropriate consent. You can display parameters such as customer ID, first and last name, e-mail address, website, date of last consent and the consent itself. You can delete clients one at a time or in bulk. In addition, it is possible to export the mesh in a CSV or XML file.
Data access requests
All data access requests are also collected in the grid. It displays the customer’s name and email address, request status and creation time, as well as solution time. The available actions allow you to change the status of the request for processing, cancellation or termination. In addition, it is possible to download data in a PDF or XML format for each request individually. Collective actions enable a collective change of states.
A similar grid is available for removal requests. It provides the ability to delete data by changing the status. If the administrator changes the status of the request to “Finish”, the personal data of the specific client will be deleted. Please note that this activity is not compromised and the status of the completed request cannot be changed.
Now let’s take a look at the Magento 2 GDPR extension section created by Amasty.
The GDPR section itself is divided into the following tabs:
– Anonymization notifications;
– Notifications about account deletion;
– Reports to the deputies for consent;
– Privacy checkbox.
Customers who agreed
– Date of consent;
– A version of the agreed policy.
The grid provides the ability to send requests for approval of the new version of the rules for selected clients in bulk.
Customers without any consent
Customers expect an e-mail queue
Another complementary grid is the queue of e-mails for customers. Here you can check the status of sent e-mails.
The Amasty Magento 2 GDPR extension provides an intuitive way to manage removal requests that are also collected in the system. You can see the date of the application, the customer’s name and e-mail address as well as the number of completed and pending orders. The module then allows you to approve or reject bulk account deletion requests as shown below:
Logs of action
To improve the monitoring of customer activities, the module provides an action log grid. It covers the entire activity of visitors to your website related to GDPR. The grid shows the customer ID, name and IP address, as well as the action and its date. Anonymous users are encrypted.
As you can see, Amasty provides a more complex backend section with many additional grids, which simplify the back-office processes associated with the GDPR management. Let’s go to the frontend section of each module.
MAGENTO 2 GDPR EXTENSIONS – FRONTEND
Below we compare how both GDPR 2 extensions change the look of your store according to the new requirements.
The order process
Popup for current customers
Please note that previously registered users will be asked to agree to a dedicated pop-up window immediately after logging in.
The extension adds an additional card to the customer’s account. In this way, registered customers can request access to data and delete data or delete their account in the “Account information” section.
Amasty offers similar possibilities. Let’s take a look at the same sections.
The module also adds a checkbox and a link to private police to the registration form.
The order process
The module extends the area of customer accounts with a new section – Privacy settings. It provides customers with the possibility of:
– downloading personal data via CSV;
– anonymization of personal data;
– sending a request to delete an account.
The critical difference between these two modules is the anonymization of personal data. Amasty enables customers to change the way information is displayed. The extension replaces the contact and address data of the client with a random symbol sequence. The same sequence is displayed in the back office section of the store.
Confirmation email and notifications
Many privacy policies
Geo IP function
E-mails with consent requests
Data removal request
Extensive registration page
Extensive ordering process
Account removal request
As can be noticed, both extensions have the same price. 200 USD is quite an affordable price when you want your e-commerce store to be compatible with GDPR. Writing an analogous proprietary solution is over 80 hours of programmer’s work. If you want a more simple and intuitive tool, choose GDPR for Magento 2 created by Aheadworks. If you need additional features and extra backend control, the Amasty Magento 2 GDPR extension will be a better choice.