General Data Protection Regulation (GDPR) and WebSphere Commerce

WebSphere Commerce provides documentation and functions that your organization can use to help it on the journey to GDPR readiness. If your store operates within the European Union (EU), sells products or services to those people in the EU, or monitors the behavior of EU data subjects, your site likely needs to be GDPR compliant from May 25, 2018.

The aim of GDPR (General Data Protection Regulation) is to unify data protection and privacy laws and requirements across the EU and empower people in the EU with the right to data privacy and the capability to take back the control of their personal data. GDPR influences the way organizations approach data privacy across the region and imposes rules on organizations and companies that host and process data, anywhere in the world. The GDPR influences the way organizations approach data privacy across the region.

The GDPR has two primary objectives:
  1. The protection of natural persons (data subjects) in the EU regarding the processing of personal data.
  2. The free movement of personal data within and outside the EU.
For more information, see the following resources:
Important:

The following documentation describes features that are available within WebSphere Commerce that you, the IBM client, can use to help your organization customize your store to help in your GDPR program. The documentation does not provide any procedural advice or commitment for any overall compliance with GDPR.

Clients are responsible for ensuring their own compliance with various laws and regulations, including the European Union General Data Protection Regulation. Clients are solely responsible for obtaining advice of competent legal counsel as to the identification and interpretation of any relevant laws and regulations that may affect the clients’ business and any actions the clients may need to take to comply with such laws and regulations. The products, services, and other capabilities described herein are not suitable for all client situations and may have restricted availability. IBM does not provide legal, accounting or auditing advice or represent or warrant that its services or products will ensure that clients are in compliance with any law or regulation.

Related GDPR subject areas

The provided store and features within WebSphere Commerce can help your organization get ready to meet requirements for the following subject areas of GDPR.

Feature Pack 7 or laterYou must apply interim fix JR59223, which includes enhanced back-end services and logic that you can use on your journey to GDPR readiness.