You are here:
Consent Management for B2C Commerce
Honor and respect your customers’ wishes when they request only specific forms of contact from your company or opt-out of certain types of data-sharing. We provide details to help you determine the best way to comply with the data protection and privacy regulations that apply to your company.
Required Editions
| Available in: All Editions |
Track your shoppers’ approval for how your company interacts with them. Data subjects have the right to consent to the use of their personal data and can object to the processing of their personal data with respect to receiving marketing communications, online tracking, and user profiling. To help you assess your compliance with various data protection and privacy regulations, we give you examples of common shopper requests. And we provide details to help you determine the best way to comply with the regulations that apply to your company. For instance, a shopper visits a website and doesn’t want any of their information tracked while visiting the site.
Many data protection and privacy regulations require you and your company to honor people’s requests about how you use their data. We’ve listed a few of the regulations that are important to many companies collecting and processing their customers’ data.
- General Data Protection Regulation (GDPR), European Union
- California Consumer Privacy Act (CCPA), United States
- Personal Information Protection Act (PIPA), Japan
- Privacy Act, Australia
- Personal Information Protection and Electronic Documents Act (PIPEDA), Canada
If you have shoppers who request specific methods of contact from your company, review these common requests and the procedures related to them.
| Common Customer Request | Actions to Consider | Things to Consider |
|---|---|---|
| I don't want your site to track my personal information for marketing or other purposes. | Set the Tracking site preference Programmatically override the site preference using the Script API Read about a sample consent tracking implementation in SGJC (SiteGenesis JavaScript Controllers) |
A new site preference, Tracking, lets you set default tracking behavior for each storefront. If you want to override this behavior for an individual shopper, you can implement your own consent management solution by calling the and methods. Session cookies are used by default, so you might want to discuss them with your legal team. |
| I don't want your app to track my personal information for marketing or other purposes. | Determine shopper's tracking preference using the Shop API HTTP/HTTPS headers. Search for the OCAPI Global HTTP Headers topic. | Shop API resources let you set the HTTP(s) header DNT, which indicates whether personal information should be tracked. |
| I want to know which cookies your site uses to store information about me. | Review the local browser storage topic to understand the usage and lifespan of data stored locally. Inform the shopper of cookies that might be relevant to their usage. |
Many cookies are automatically deleted at the end of each session, but some have longer lifespans. A system or browser crash can prevent deletion. |
