WebSphere Commerce Version 8.0.4.12

Updating store pages to request and obtain consent

In you need to obtain shopper consent before your site collects and processes data, you might need to update your store pages to provide functionality for obtaining consent. For instance, your store can request and obtain consent from shoppers for collecting and processing personal and behavior data from the shoppers, such as for marketing purposes.

If your store is based on a sample store, then you need to create or update the following pages. Your organization is responsible for ensuring that any sample page that your store uses is customized to disclose the correct information to your shoppers. Your organization is also responsible for ensuring that your legal counsel has completed any required reviews of your store pages and privacy policy.

If you are including a privacy policy page or just-in time privacy policy notice within your custom store, create the content that needs to display on the pages. If you are copying and using the sample privacy policy pages that are provided with a sample store, replace the sample content with your store’s privacy policy content. The content that is included on the store pages is provided as a sample only for demonstrating how to display content on the page. Do not use this content as-is within your custom store.

  • A Privacy Policy page

    The main Privacy Policy page is a store page that is always accessible by clicking a link within the footer of any other store page. The Privacy Policy page shows the store's privacy policy details.

  • A Just-in-Time Privacy Notice page

    The page does not exist by default. Create your own Just-in-Time Privacy Notice page to be displayed as a pop-up window when a shopper first visits any store page. The page is displayed to shoppers again whenever the store privacy policy is changed. The page should also be displayed when a shopper visits the store with a browser that does not include the cookie that indicates that the shopper previously accepted the current privacy policy.

  • A Registration page

    The Registration page is the page where shoppers specify their personal information to create an account and become registered users of the store. When consent management is enabled, create your own radio buttons on the page for shoppers to select to provide consent. By default, shoppers are opted-out, but shoppers can use the radio buttons to provide consent.

    If a shopper provides consent, the registration data that is captured on the page can be used for adding the shopper to customer segments and for targeting the shopper with precision marketing features. For example, you can use gender and birthday field data to build customer segments, and then personalize marketing messages based on gender and age.

  • A Personal Information page

    The Personal Information page is the account page where registered customers can update their personal details and account preferences. When consent management is enabled, create your own radio buttons on the page for shoppers to select to provide consent. By default, shoppers are opted-out, but shoppers can use the radio buttons to provide consent.

    If a shopper provides consent, the personal data that is entered on the page can be used for adding the shopper to customer segments and for targeting the shopper with precision marketing features.

Procedure

  • Update your site to include a Just-in-Time Privacy Notice page.

    Create your own Just-in-Time Privacy Notice page to be displayed as a pop-up window when a shopper first visits any store page. The page is displayed to shoppers again whenever the store privacy policy is changed. The page should also be displayed when a shopper visits the store with a browser that does not include the cookie that indicates that the shopper previously accepted the current privacy policy.

    1. Write a custom widget to render the Just-in-Time Privacy Notice and retrieve the Privacy Policy content: 
      
<c:set var="emsName" value="PrivacyPolicyPageCenter_Content" scope="request" />
<%@include file="../../com.ibm.commerce.store.widgets.ContentRecommendation/ContentRecommendation_Data.jspf"%>

      Where emsName is the e-Marketing Spot name that is used to show the content of the privacy notice.

      The page does not display to shoppers every time they visit your store. When the shopper accepts the policy, a WC_PrivacyNoticeVersion_{storeId} cookie is created within the shopper's browser that indicates that the store privacy policy is accepted. The cookie is used to pass the confirmation of the shopper's acceptance of the policy to the store whenever the shopper returns to the store. Your organization can choose to configure the policy acceptance store function to create the WC_PrivacyNoticeVersion_{storeId} cookie so that the user's acceptance is stored for only the current browser session or is store persistently.

      If the version of the Privacy Notice is updated to a newer version, shoppers will be prompted to agree with the terms in the new privacy notice. Parse the privacy policy version from the Marketing Content name data and compare it with the current version in the cookie WC_PrivacyNoticeVersion_{storeId}, if the version is different, pops up the Privacy Notice window to shopper.

    2. Add the customized Just-in-Time Privacy Notice page to the store by updating the CommonJSPFToInclude.jspf file: 
      
<flow:ifEnabled feature="ConsentOptions">
	<%out.flush();%>
		<wcpgl:widgetImport url="${customized_PrivacyPolicyPopup.jsp">
			<wcpgl:param name="storeId" value="${storeId}" />
			<wcpgl:param name="catalogId" value="${catalogId}" />
			<wcpgl:param name="emsName" value="PrivacyPolicyPageCenter_Content"/>
		</wcpgl:widgetImport>
	<%out.flush();%>
	</flow:ifEnabled>

      Where emsName is the e-Marketing Spot name that is used to show the content of the privacy notice.

    3. Update the page to include radio buttons for requesting and obtaining consent from shoppers before they browse your store.
      Figure 1. Example showing adding radio buttons
      <flow:ifEnabled feature="ConsentOptions">
 <flow:ifEnabled feature="MarketingConsent">
        <wcst:message bundle="${widgetText}" key="MARKETING_CONSENT" var="acceptMarketing" >
         <wcst:param><c:out value="${storeName}"/></wcst:param>
                </wcst:message>
                <div class="column" id="WC_UserRegistrationAddForm<c:out value='_${paramPrefix}'/>div_27">
                <div class="input_label" id="WC_UserRegistrationAddForm<c:out value='_${paramPrefix}'/>div_28">
                        <wcst:message bundle="${widgetText}" key="MARKETING_CONSENT_OPTIN" var="acceptMarketing" >
                                <wcst:param><c:out value="${storeName}"/></wcst:param>
                        </wcst:message>
                                 <wcst:message bundle="${widgetText}" key="MARKETING_CONSENT_OPTOUT" var="optOutMarketing" ></wcst:message>
                                 <br><div class="checkboxField marketingConsent">
                                                 <label class="radiocontainer" for="WC_UserRegistrationAddForm<c:out value='_${paramPrefix}'/>marketingConsent_optin_1" id="WC_UserRegistrationAddForm<c:out value='_${paramPrefix}'/>marketingConsent_optin_1_Label">${acceptMarketing}
                                                 <input type="radio" name="marketingTrackingConsent" id="WC_UserRegistrationAddForm<c:out value='_${paramPrefix}'/>marketingConsent_optin_1" value="1">
                                                 <span class="radiocheckmark"></span>
                                                 </label>
                                 </div>
                                 <div class="checkboxField marketingConsent">
                                                 <label class="radiocontainer" for="WC_UserRegistrationAddForm<c:out value='_${paramPrefix}'/>marketingConsent_optout_1" id="WC_UserRegistrationAddForm<c:out value='_${paramPrefix}'/>marketingConsent_optout_1_Label">${optOutMarketing}
                                                 <input type="radio" name="marketingTrackingConsent" id="WC_UserRegistrationAddForm<c:out value='_${paramPrefix}'/>marketingConsent_optout_1" value="0">
                                                 <span class="radiocheckmark"></span>
                                                 </label>
                                 </div>
                                 <script type="text/javascript">
                                                 $( document ).ready(function() {
                                            var marketingConsentOptedIn = false;
                                            c:if test="${marketingConsent == 1 }">
                                            marketingConsentOptedIn = true;
                                            </c:if>
                                            var marketingConsentCookie = getCookie('WC_MarketingTrackingConsent_' + WCParamJS.storeId);
                                            if( marketingConsentOptedIn == true){
                                            // for logged in user with MarketingConsent opt in
                                                  $('#WC_UserRegistrationAddForm<c:out value='_${paramPrefix}'/>marketingConsent_optin_1').prop("checked", true);
                                            }
                                            else if (marketingConsentCookie != null ) {
                                                  marketingConsentCookie = parseInt(marketingConsentCookie);
                                                  if (marketingConsentCookie == 1) {
                                                      $('#WC_UserRegistrationAddForm<c:out value='_${paramPrefix}'/>marketingConsent_optin_1').prop("checked", true);
                                                  }
                                                  else {
                                                      $('#WC_UserRegistrationAddForm<c:out value='_${paramPrefix}'/>marketingConsent_optout_1').prop("checked", true);
                                                  }
                                            }
                                            else {
                                                  $('#WC_UserRegistrationAddForm<c:out value='_${paramPrefix}'/>marketingConsent_optout_1').prop("checked", true);
                                            }
                                        });
                                 </script>
                              </div>
                         </div>
                     <br clear="all" />
                     </flow:ifEnabled>
             </flow:ifEnabled>
  • Update your site to include consent in the Privacy Policy, Registration, and Personal Information pages.

    Create your own radio buttons on these pages for shoppers to select to provide consent. By default, shoppers are opted-out, but shoppers can use the radio buttons to provide consent. If a shopper provides consent, the personal data that is entered on the page can be used for adding the shopper to customer segments and for targeting the shopper with precision marketing features. Refer to the previous step for an example of how to add radio buttons to a page.