|
|
|
|
|
|
by pmontra
2234 days ago
|
|
|
GDPR is about personal data. A user name (not an email) and a password are not personal data so their not in the domain of GDPR. A cart full of products is not personal data. It becomes personal data when we add a street address for delivery, an email or phone number for sending alerts, a credit card number for payment. However if delivery is to a PO Box (or an Amazon locker) and the credit card and customer name never touch the ecommerce site (a third party authorizes the transaction), then a fully anonymous ecommerce becomes possible. No GDPR and yet it keeps state and tracks orders. |
|
|