E-COMMERCE, GDPR and Secure Shopping


Since years, the online shopping has been growing in size and users. It’s a well known fact, both in terms of purchased goods quantity and volumes of involved money. Focuses and statistic analysis are abundantly available: it only takes a brief search on Google to retrieve reports of any nature concerning the topic. It is common to be amazed by the constantly double digit growth percentages of the sector. But are we always sure of providing our credit cards and IDs data to 100% secure platforms? Or that our e-commerce provider enforces acceptable safety standards?

Obviously, we all trust major multinationals’ portals, like Amazon, E-Bay, Zalando, and the home-banking systems of our bank. And maybe we are doing good like this, giving for granted that these big companies have all the interests in providing the safety of our data and online purchases. (even if they do not always manage to!).

The new GDPR (General Data Protection Regulation), effective since May 2018, introducing an updated normative system and harsher penalties for improper handling of personal data online and elsewhere, is a great helping hand to this cause.

New duties for e-commerce.

Being their own functioning based upon sensitive user data collection and management,, e-commerce websites are a class that must dedicate extreme caution to data handling and online transactions security.
Keeping the new GDPR as reference, e-commerce can only collect the data that are strictly required to the service, and store them only among the necessary technical times. The bank coordinates, for istance, must be erased as soon as the payment is completed. Each collected data must be authorised by the user: therefore it’s crucial that who signs for a subscribes to a service, or a newsletter, or purchases online, is clearly informed and able to give a cristal-clear, fully aware and detailed consent.
The right to portability and removal of stored user data, as long as data handling and management documentations must be provided to the end-user.

Technical Requirements
It is vital not to forget the technical solutions that e-commerce owners must absolutely implement within their portals to guarantee a safe online shopping. Safe business means customers fidelisation, a proof of reliability that highlights how the vendor deserved end-user’s trust. Going in-depth on these safety systems, the HTTPS protocol encrypted connections and the SSL certificates are a must-have, not only for online shopping: everywhere a form requires to be filled with sensitive user data (or other newly defined personal data), wherever a secure connection must be provided.
Therefore, if you use a website to provide your products or to develop your business, to collect contacts (lead), or to run SEM and DEM campaigns to draw traffic to your pages, keep in mind that it is vital to implement a valid and recognized SSL certificate to establish secure HTTPS connections: your users will benefit from it, and so you will.

If, instead, you are “abitués” of online shopping, be very aware of where you shop: you risk of leaving your data to portals that are untidy and careless of your security, or that inadvertently put your personal informations in danger.