Does this app make my store GDPR compliant?

Disclaimer: Using this app alone does not guarantee full GDPR compliance. 

Our app uses an open-source plugin (Osano) to pass consented information back to Shopify. Currently, the app is designed so that users can give explicit consent by clicking to accept cookies or they can be brought to your site’s privacy policy page, where instructions should be given on how to disable cookies. Each Shopify merchant is responsible for posting their own privacy policy

In this article:

Limit tracking for European customers

If you do want to limit tracking for European customers, follow the steps below:

1
In your Shopify admin, go to Online Store.
2
Click Preferences.
3
In the Customer Privacy section, check  Limit tracking for customers in Europe.

Checking this will mean that Shopify downgrades their cookies to ‘session cookies’ which will be deleted when the user closes their browser. If the user clicks to accept cookies on our cookie banner, the consent will be passed to Shopify and those cookies will be upgraded to ‘persistent cookies’ which are not deleted. You can read more about this here: Cookies and customer tracking

Beyond this functionality of passing along the user's consent, the app does not handle any data or any other part of the tracking process, nor does it guarantee full compliance with GDPR.

Common questions

Does the app automatically block cookies?
The app cannot automatically block Shopify's cookies if a visitor declines to accept cookies on the banner and does not have the ability to block cookies at all. Our app simply passes the consent to Shopify, who adjust how cookies behave accordingly. When Limit tracking for EU customers is enabled — as outlined above — the cookies will be deleted when the user's browser session has ended.

What permissions do I need to grant the app and why are they necessary?
Upon installing the app, it will ask permission to access and modify store data. This is necessary to install and run the app and its files in your theme. Our app does not handle any user data, beyond the consent given when they click accept on the banner.