GDPR is used as an example in the sections below, but the details covered are applicable to all data protection and privacy regulations; such as GDPR and CCPA.
The European Union’s General Data Protection Regulation on data privacy rights takes effect as of May 2018. See the GDPR page at the Adobe Privacy Center.
See AEM GDPR Readiness for further details.
With Adobe’s out-of-the-box Commerce integrations, AEM is the experience layer, consuming services and sending data back to the customer commerce platform that runs in a headless mode.
For some commerce platforms, Adobe stores profile information ( /home/users
) and commerce tokens (to log on in the commerce platform) in AEM. For these use cases, read Handling GDPR Requests for the AEM Platform.
For the Salesforce Commerce Cloud integration, AEM Commerce does not store any GDPR relevant information. Forward the request to the Salesforce Cloud.
For the hybris and HCL WebSphere® Commerce integrations, there is some data in AEM. Use the AEM Platform GDPR instructions and consider these questions:
Have a look at the hybris wiki or the HCL WebSphere® Commerce documentation, if necessary.