GDPR Compliance
The General Data Protection Regulation (GDPR) is a European Union (EU) law taking effect on May 25, 2018. The purpose of GDPR is to give European citizens more control over their personal and related data stored by others.
The WooCommerce Global Cart plugin never stores any sensitive personal information on the server-side or locally using cookies.
To achieve the Global Cart functionality, the plugin creates 2 additional cookies to ensure a WooCommerce session is matched and paired on the server-side.
| Cookie Name | Description | Lifetime |
|---|---|---|
| woogc_session | The cookie contain a random string/hash to identify the user WooCommerce session syncronisation chain. This is created on the first “add to the cart” user action. | 30 days |
| woogc_sync_run | The cookie is an anonymized string/hash created from user IP address and browser user agent. The string can’t be reversed to recover initial data, is being used as comparison hash, when set the woogc_session cookie for other domains. This cookie is used when the synchronisation type is set to screen. | 10 secconds |
| woogc_session_trigger | The cookie is an anonymized string/hash created from user IP address and browser user agent. The string can’t be reversed to recover initial data, is being used as comparison hash, when set the woogc_session cookie for other domains. This cookie is used when the synchronisation type is set to headers. | 10 secconds |
When the user add a product to the cart, the synchronization routine is triggered and the woogc_session cookie is set to each of the shops/domains that are enabled through the plugin settings. The cookie ensure the WooCommerce session remain unitary for the user across the shops in the network. That imply, when the WooCommerce cart session changes at a shop, it will also update on the other sites ( automated, internal server-side process ).
To ensure GDPR compliance, you should update you network Privacy Policy, to include the above cookies notices ( if using explicit names). Also ensure the user is aware of the cookie being set on all shop domains of your network and the existing WooCommerce user cart session maintained unitary across the sites.
If the user rejects the Policy, you can programmatically disable the global cart through the filter woogc/disable_global_cart, in which case everything runs as before with a default WooCommerce cart.