Data Protection
Overview
Elastic Path Commerce provides the following additional features for the management of personal data and documentation to maintain compliance with various data protection laws for the collection, storage, and usage of personal data:
- Managing data policies which can be associated with the data policies defined in the Content Management Systems (CMS).
- Managing user permission details such as, time of consent for each data policy.
- Managing user data when the retention period of the data policies are exceeded.
- Managing deletion of data points.
- Disabling a specific a data policy or deleting data points for an individual or for all shoppers manually.
- Providing information about the personal data of the shopper being used by the store and allowing the customer to change the settings.
- Managing details of the data policies configured in the system and a detailed list of customers and the data policies that are active for a customer.
You can use data policies to maintain compliance with various data protection laws, such as CCPA (California Consumer Privacy Act) or GDPR (General Data Protection Regulation).
Data Points
A data point refers to a specific field about a customer that Elastic Path Commerce collects. For example when a customer orders an item, Elastic Path Commerce collects information about the customer such as the name, address, and email address.
Elastic Path Commerce collects customer data from the shopper profile, shopper addresses, submitted orders, or any personal information that is persisted with the cart.
Data point deletion
The system runs a scheduled job to delete data points if either the retention period of the data policy expires or consent is revoked. For more information, see the Data Point Revoked Consents Job and Expired Data Point Values Job documentation. By default, these jobs run daily at 2:00 am and 1:00 am, respectively.
If a data point is used in one or more data policies, data is automatically removed only if the following conditions are met:
- The customer has not provided consent for the data point in any other data policy
- The retention period for all data policies using the data point is expired
The store administrator can also manually remove customer field data in Commerce Manager if the customer requests removal of information.
Data Point Properties
name
Type:
String
Specifies the name of the data point.
dataLocation
Type:
String
Specifies the source of the data point.
For example, customer profile or customer address. By default, all data points are stored in Elastic Path Commerce database. However, for customized Elastic Path Commerce data points, the data points might be stored in a different location, such as LDAP (Lightweight Directory Access Protocol), File.
dataKey
Type:
String
Provides a reference for the value of a data point in the database. For example, for the email address in customer profile, data location is customer profile and key is email address. For more information, see Elastic Path Commerce data points.
descriptionKey
Type:
String
Specifies a key that a CMS or localized property files uses to describe the data point.
removable
Type:
boolean
Specifies whether a data point needs to be retained for auditing or legal reasons.
guid
Type:
String
Specifies a GUID to use with import or export capabilities
Elastic Path Commerce data points
Elastic Path Commerce provides the following data points:
Name | Data Location | Data Key |
---|---|---|
Customer Billing Address | CUSTOMER_BILLING_ADDRESS | See ADDRESS Data Keys. |
Customer Shipping Address | CUSTOMER_SHIPPING_ADDRESS | See ADDRESS Data Keys. |
Customer All Addresses | CUSTOMER_ALL_ADDRESSES | See ADDRESS Data Keys. |
Order Billing Address | ORDER_BILLING_ADDRESS | See ADDRESS Data Keys. |
Order IP Address | ORDER_IP_ADDRESS | ORDER_IP_ADDRESS |
Order Payment Card Holder Name | ORDER_PAYMENT_CARD_HOLDER_NAME | ORDER_PAYMENT_CARD_HOLDER_NAME |
Order Gift Certificate | ORDER_GIFT_CERTIFICATE | See ORDER_GIFT_CERTIFICATE Data Keys. |
Cart Gift Certificate | CART_GIFT_CERTIFICATE | See CART_GIFT_CERTIFICATE Data Keys. |
Customer Profile | CUSTOMER_PROFILE | See CUSTOMER_PROFILE Data Keys. |
Order Data | ORDER_DATA | See ORDER_DATA Data Keys. |
Order Payment Gift Certificate Recipient Name | ORDER_PAYMENT_GIFT_CERTIFICATE | RECIPIENT_NAME |
Order Payment Gift Certificate Sender Name | ORDER_PAYMENT_GIFT_CERTIFICATE | SENDER_NAME |
Order Payment Gift Certificate Recipient Email | ORDER_PAYMENT_GIFT_CERTIFICATE | RECIPIENT_EMAIL |
ADDRESS
Data Keys
ADDRESS
data keys are defined as follows:
FIRST_NAME
LAST_NAME
FAX_NUMBER
STREET_1
STREET_2
CITY
SUB_COUNTRY
ZIP_POSTAL_CODE
COUNTRY
CUSTOMER_PROFILE
Data Keys
The CUSTOMER_PROFILE
data keys have the prefix CP_
. The keys are defined in the TATTRIBUTE
table and set in the TCUSTOMERPROFILEVALUE
table.
The following CUSTOMER_PROFILE
data keys are defined by default:
CP_FIRST_NAME
CP_LAST_NAME
CP_EMAIL
CP_PREF_LOCALE
CP_PREF_CURR
CP_ANONYMOUS_CUST
CP_PHONE
CP_FAX
CP_COMPANY
CP_DOB
CP_HTML_EMAIL
CP_BE_NOTIFIED
CP_BUSINESS_NUMBER
CP_TAX_EXEMPTION_ID
Additionally, any custom customer profile attribute added in the Elastic Path Admin Console can be used as a data key.
All data points values can be removed, but removing the following data key values can result in HTTP errors presented to the end user. If you need to remove the following data key values, ensure that any errors are properly handled:
CP_FIRST_NAME
CP_LAST_NAME
CP_EMAIL
CART_GIFT_CERTIFICATE
Data Keys
CART_GIFT_CERTIFICATE
data keys are found in the TCARTITEMMODIFIER
database table, prefixed with KEY_
:
KEY_RECIPIENT_EMAIL
KEY_RECIPIENT_NAME
KEY_SENDER_NAME
KEY_CODE
KEY_SENDER_EMAIL
KEY_PRODUCT_TYPE
KEY_GUID
ORDER_GIFT_CERTIFICATE
Data Keys
ORDER_GIFT_CERTIFICATE
data keys are found in the TCARTITEMMODIFIER
database table. Any value in this table can be used as a data key.
ORDER_DATA
Data Keys
ORDER_DATA
is provided as a data location for additional data required by your business that needs to be associated with the order.
To provide a data key value to the ORDER_DATA
data location, call the com.elasticpath.domain.order.Order
interface’s Order.setFieldValue()
method. The values provided to this method are stored in the TORDERDATA
table. Any value in the ITEM_KEY
column can be used as a data key.
Data Point service methods
The com.elasticpath.service.datapolicy.DataPointService
class provides methods to create, update, and read data points.
Reading data point values
The DataPointValueServiceclass
provides the DataPointValueService.getValues()
method to read one or more data point values, for one or more customers. You can use the values of data points to generate reports and to display data point values of a shopper before deletion.
To get values of data points of a customer, provide a map in the following format: DataPointValueService.getValues(Map<String, ? extends Collection<DataPoint>)
String
specifies a customer GUID and a list of data points to read the database values for. This method returns a collection of DataPointValue
instances corresponding to data point values.
Map<String, Collection<DataPoint>> customerGuidToDataPoints = new HashMap<>(1);
DataPoint dp = new DataPoint();
dp.setName("A name");
dp.setDataLocation("CUSTOMER_PROFILE");
dp.setDataKey("CP_EMAIL");
List<DataPoint> dataPoints = Collections.singletonList(dp);
customerGuidToDataPoints .put(customerGuid, dataPoints);
List<DataPointValue> dataPointValues = dataPointValueService.getValues(customerGuidToDataPoints);
Deleting data point values
The DataPointValueService
class provides the DataPointValueService.removeValues()
method to delete one or more data point values. You can provide one or more DataPointValue
instances corresponding to the data points that you want to delete. A DataPointValue
instance has a unique uidPk value corresponding to the location of the data point value in the database.
When you use the DataPointValueService.removeValues()
method to delete data point values, such as cart gift certificates, order data, or customer profile, the system deletes data point values from the database. For example, when you use the DataPointValueService.removeValues()
method to delete your street address, the system deletes the street address from the database.
note
For data point values, such as IP addresses, order payment gift certificate, email addresses, the values are set to -
.
To remove data point values, run the following method with the collection of data point values that you want to remove:
int numOfRemovedDataPointValues = dataPointValueService.removeValues(dataPointValues);
- The
dataPointValues
is the collection of data points that you want to remove - The system returns the number of the data point values removed from the system
Data Policies
A data policy is a collection of data points that Elastic Path Commerce stores for a specific customer. You can use data policies to maintain compliance with data protection laws. CMS use data policies to manage consents of customers to use their data. With data policies, customer can change the permission settings for data point values at any time. However, you can also define a data policy with no data points.
A data policy with no data points enables collection of consent for data points that are not in Elastic Path Commerce. For example, a data policy for collecting banking details might be maintained in an external system, but the consent is managed by a data policy in Elastic Path Commerce.
Defining the legal description of the data policy, implementation of the data policy, and presenting the data policies to customers are done by the CMS. Elastic Path Commerce only manages the data points in a data policy, logical implementation of the data policy, and the customer consents. A data policy comprises of the following information:
- A retention period or criteria to determine how long the data policy is retained
- The data policy segment associated with the data policy
- An optional collection of data points
Data Policy Properties
policyName
Type:
String
Specifies the name of the data policy.
retentionPeriodInDays
Type:
Integer
Specifies how long the data policy is retained. You can set this period starting from the last modified date and from created date.
retentionType
Type:
RetentionType
Specifies how the retention period start date is calculated. Retention period can either be calculated from the creation date or from the last updated date. You can also define a custom retention type by extending a new object using the
com.elasticpath.domain.datapolicy.RetentionType
class.For active data policies with the
From Last Modified Date
retention type, the retention period is calculated from the last modified date. For a disabled data policy with theFrom Last Modified Date
retention type, the retention period is calculated either from the last modified date or the disabled date whichever is the earliest date.For example, if disabled date is
January 3, 2018
and last modified date isJanuary 8, 2018
, the retention period is calculated fromJanuary 3, 2018
. After the retention period of data policies, data is deleted.segments
Type:
Set
Specifies the data policy segments for which the data policy is applicable.
dataPoints
Type:
List
Specifies the data points associated with the data policy. This setting is optional.
startDate
Type:
Date
Specifies the start date for the data policy. This date implies that the date policy is enabled for the store from the specified date. The default setting is current date and time.
endDate
Type:
Date
Specifies the date until which the data policy is active. Data collected on the end date of a data policy is still retained for the total retention period specified by the policy. You can change the end date of an active data policy. This setting is optional.
state
Type:
DataPolicyState
Specifies the current state of the data policy. Data policies can have
DRAFT
,ACTIVE
, orDISABLED
states. The default state isDRAFT
.description
Type:
String
Provides a description for the data policy to provide additional information, such as the purpose or associated data segments. This setting is optional, and the maximum length of description is 255 characters.
referenceKey
Type:
String
Specifies a key that can be used by a CMS to retrieve the data policy text.
activities
Type:
String
Provides additional information about the purpose for which data is being used.
For example, if data collected by a data policy is used for personalization of orders, you can specify activities as personalization. You can add more than one activity, to a data policy, separated by a comma. This setting is optional.
guid
Type:
String
Specifies a GUID to use with import or export capability
DataPolicyService
Methods
The com.elasticpath.service.datapolicy.DataPolicyService
class provides methods to create, update, and read data policies.
DataPolicyService.save()
To add a new data policy:
Add the data points to the data point collection in the DataPolicy object, by running:
DataPolicy.getDataPoints().add(DataPoint);
Add a new datapolicy object by running:
DataPolicyService.save(DataPolicy dataPolicy);
DataPolicy.update()
You can update a data policy by updating the datapolicy object using the update method: DataPolicyService.update()
.
note
You can modify settings for a data policy in the draft state only.
After modifying other properties of the data policy, update the data policy using the DataPolicyService.update()
method.
Data Policy Segments
Data policy segments indicate logical segments of customers for which a data policy can be applied. For example, you can create data segments for different geographical locations, as required. Each data policy is associated with the one or more data policy segments.
A data segment can be associated with one or more data policies depending on the data protection laws in that segment. How a data policy functions is configured by the front-end developer in the CMS.
Data policy segments are stored as a Set<String> segments
in the DataPolicy
object. You can add a new data policy segment by adding a new string to Set<String> segments
:
policy.getSegments().add(<NEW_SEGMENT>);
After adding new data policy segment to the collection, update data policy using the dataPolicyService.update()
method.