Tips for ecommerce GDPR compliance
Make sure your vendors are GDPR compliant
If you transfer an individual's personal data to vendors — such as integrations or third-party apps — verify that they are GDPR compliant.
Protect personal data and report breaches
Take steps to make sure your customers' data is secure, and if there's a breach, disclose it to the Supervisory Authority within 72 hours.
Update your data privacy notice
Explicitly ask for consent before collecting personal data, and be transparent and specific about the way it's being collected and used.