Search the site:

Home / Blog / GDPR compliance in Booking & Appointment plugin for WooCommerce

GDPR compliance in Booking & Appointment plugin for WooCommerce

The Booking & Appointment Plugin for WooCommerce 4.9.0 Version is now made GDPR Compliant.

Mainly we have done three things in the plugin which are as below:

(a) Export of the ‘Booking’ and ‘Google Event’ post data

When a customer is asking for what all his data is available on the site then from booking plugin we are exporting the Booking post data, Google Event post data and adding booking information in the Order data of the WooCommerce. We will go through each of them & the changes done respectively in the below paragraphs.

Booking post data:
We are creating the Booking post for the booking done on the website. We are storing all the booking related data in this post. All these data information is being exported when a customer asks for their data.
Booking Post Data

Google Event post data:
When importing the booking from Google Calendar, a post is being created for that imported event which is nothing but the Google Event post. In this post, we are storing all the event details, order number and product to which the event is mapped. Below is the screenshot of the data of Google Event post being exported when a customer asks for their data.
Google Event Post Data

Booking detail in Order table:
We are adding the booked product details in the Order table which are exported by WooCommerce. Below is the screenshot for the same.
Booking detail in Order table

(b) Erasure of the personal data from Google Event post

We are storing customer personal data only in the Google Event post when an event is being imported to the website from Google Calendar. When a customer asks for the erasure of their data then all the personal data will be removed from the Google Event posts. Below is the screenshot for the same.

Erasure of the personal data from Google Event post

 

Erasure of the personal data from Google Event post

(c) GDPR Notice for Third Party Application

Informing the store owner via WordPress Notice that the user’s personal data is being exported to a third-party application if they are using the Google Calendar Sync feature.

If Google Calendar Sync feature from our plugin is being used then we are exporting the customer’s personal data to Google Calendar (third party application) based on the value set to Event Location, Event summary (name) and Event Description options available on Booking-> Settings-> Google Calendar Sync page. It is not in our hand to control the data which are exported to a third-party application. So it is store owner’s responsibility to erase those data if a customer is asking for the erasure of their data.

A dismissable notice with the appropriate information will be displayed on the backend of the website so the store owner can take appropriate action on it. Also, the same notice will always be displayed on Booking-> Settings-> Google Calendar Sync page.

 

GDPR Notice for Third Party Application

Leave a Reply

avatar

This site uses Akismet to reduce spam. Learn how your comment data is processed.

  Subscribe  
Notify of

Subscribe Now