WPCommerce MultiDomain
GDPR Compliance
The General Data Protection Regulation (GDPR) is a European Union (EU) law taking effect on May 25, 2018. The purpose of GDPR is to give European citizens more control over their personal and related data stored by others.
The WPCommerce Multi-Domain plugin never stores any sensitive personal information on the server-side or locally using cookies.
To achieve the Global Cart functionality, the plugin creates 2 additional cookies to ensure a WooCommerce session is matched and paired on the server-side.
| Cookie Name | Description | Lifetime |
|---|---|---|
| woomd_session | The cookie contain a random string/hash to identify the user WooCommerce session syncronisation chain. This is created on the first “add to the cart” user action. | 30 days |
| woomd_sync_run | The cookie is an anonymized string/hash created from user IP address and browser user agent. The string can’t be reversed to recover initial data, is being used as comparison hash, when set the woomd_session cookie for other domains. | 10 secconds |
When the user adds a product to the cart, the synchronization routine is triggered and the woomd_session cookie is set to each of the shops/domains that are assigned to the main shop. The cookie ensures the WooCommerce session remain unitary for the user across the domains. That implies, when the WooCommerce cart session changes at a shop, it will also update on the other sites ( automated, internal server-side process ).
To ensure GDPR compliance, you should update your network Privacy Policy, to include the above cookies notices ( if using explicit names). Also, ensure the user is aware of the cookie being set on all shop domains of your network and the existing WooCommerce user cart session maintained unitary across the sites.
If the user rejects the Policy, you can programmatically disable the global cart through the filter