General Data Protection Regulation (GDPR)

This is one in a series of topics to help Adobe Commerce merchants and developers understand the implications of the General Data Protection Regulation (GDPR). The information is intended for informational purposes only and should not be construed as legal advice. Consult with your legal counsel to determine whether and how your business should comply with any legal obligations.

The European Union (EU) enacted General Data Protection Regulation (GDPR) to give its citizens more control over their personal data. GDPR applies to any organization operating within the EU. It also applies to organizations outside of the EU that offer goods or services to customers or businesses in the EU.

System integrators can use the dataflow diagrams and database information in the Personal Information Reference to build scripts to resolve use cases similar to the following:

  • A shopper asks for a copy of the data that the merchant has stored about them
  • A shopper requests to delete their information

Personal information reference

For technical information, see the dataflow diagrams and database entity mappings in the Personal Information Reference that applies to each version of Adobe Commerce that you support.

For more information about how Adobe Commerce helps merchants comply with GDPR, see the following: