Try ERPNext Buy Support Partners Foundation Foundation Members

Is ERPNext GDPR-Ready?

Just also realised the GDPR part is missing. We were trying to add Facebook login (FB developer feature that is integrated in ERPNext) and you can’t do it without a Privacy Policy page and GDPR functions. Facebook simply refuses it. ERPNext guide page on this is outdated.

Hello Steve,

Thanks for your expression of interest. Will be great if you could list the missing feature in ERPNext to fulfil GDPR requirement in this Github Issue.

Based on the efforts estimation, we could connect again for the implementation plans, if you are still open. Please let us know.

@kennethsequeira @Pooja_Bedi

1 Like

It seems that this Issue “To make ERPNext for GDPR ready” has already the needed things listed.

Notify, that in EU market if a company is not complying the GDPR it can get enormous fines, 4% of the company turnover and even up to 20 million euro (about 22,8 million dollars). That’s why this is extremely important. We have also listed this in the bounty of correcting the webstore / shopping cart flow that we made today.

1 Like

This is really dissapointing that it has not been implemented yet. We are all not in compliance with GDPR and now risk massive fines

This from May 2018

Thanks for the resource and advice. We agree with your suggestion to consult a legal entity over this.

Regards,
Prateeksha Singh
https://erpnext.com

Good that this has been put back on the agenda…I have little insight in the number of paying (Frappe Cloud) customers from the EU…That may explain the sluggish adaptation…

This looks like a great list. Speaking for @Steve_Simonson, we are anxious to see this get developed. I will look for an outside resource that could let us know if we are missing anything.

1 Like

Possibly, but not an excuse. It is not about the cloud users, but the information the cloud users put on the system. Even if there are NO companies using the cloud version that are EU based, if even one of those companies put one customer on that system with EU residency then ERPNExt must be GDPR compliant.

1 Like

This is true. This is actually crucial for ERPNext. The EU authorities may come after ERPNext as well. The easiest solution of course is to get asap e.g. a selection box for a webstore client “I have read the terms and privacy policy” and then all webstore owners can make their own privacy policies by themselves. But of course we are not only talking about webstores here.

Related to this GDPR question, what comes to generally for shopping cart and checkout in which also this GDPR should be taken care of, we have formed a group to develop matters forward.

You are welcome to join / follow: