Here you can learn how to add a privacy notice for your online store or individual store versions.

After you've created a privacy notice by following the instructions in this article, a link to the privacy notice will appear at checkout next to the order confirmation button.

You can use the same privacy notice for the entire online store or create separate privacy notices for different store versions. The use of both methods has been illustrated below.

Using a single privacy notice for the entire online store

  1. Create a content page for the privacy notice on the admin panel's Contents > Pages page.
  2. In the admin panel, go to Settings > General settings.
  3. Select the privacy notice page that you've just created from the Privacy notice menu.

Using version-specific privacy notices

You can use different privacy notices in different store versions. This may be necessary, for example, if the online store has a separate B2B version.

If you'd like to translate the privacy notice into different languages, add the translations to the page as usual.

Learn more about translating your online store.

Here's how to use different contents in the same language versions:

  1. Create a separate content page for each privacy notice on the admin panel's Contents > Pages page.
  2. In the admin panel, go to User interface > Versions.
  3. Open the version you'd like to edit from the menu on the left.
  4. Select the privacy notice page that you've just created from the Privacy notice menu.

The contents of the privacy notice

In MyCashflow, customers can create user accounts in online stores, which means that your online store will collect and store user details. Because you will process personal data, you must provide a privacy notice in which you'll explain what your online store does to comply with EU's General Data Protection Regulation (GDPR).

You should regard the duty to provide a privacy notice as a positive thing, because all information you provide to your customers will add to your store's credibility, reliability and transparency as well as help you to earn your customers' trust.

The privacy notice should include the following:

  • The following information should be stated clearly and easy to find: your company name and contact information, contact information of the potential person responsible for data protection, as well as information about the kind of personal data your company is going to process
  • The purpose for which your company is going to process personal data
  • A lawful basis for processing personal data
  • How long personal data will be stored
  • Other organizations or people who can be given access to personal data
  • Will personal data be transferred outside the EU
  • Rights of the individual regarding data protection
  • The right to lodge a complaint with a supervisory authority
  • The right to withdraw consent to use personal data if consent was the legal basis for data processing
  • Information about automated decision making and logics related to processing

Source: Tietosuoja.fi/en

There is no standard template for a privacy notice but you can use the information provided on the Finnish Data Protection Ombudsman's GDPR page to write yours.

You can also use other online stores' privacy notices as models.

The reCAPTCHA check is available for the following online store forms:
  • the contact form
  • the availability notification form
  • the registration form
  • the newsletter subscription form
  • the password reset form