Participants at this year's Conference of German Data Protection Authorities passed a resolution that consumers should not be required to create a customer account when shopping online.
According to the data protection regulations, customers should always be free to decide whether or not they want to provide their personal data. The practice of “forcing” them to set up a regular customer account would therefore contradict the id of voluntarily giving consent to the processing of personal data.
Conference participants also pointed out that Internet Customer Accounts collect more information about online purchases, including storing information about the form of payments made and contracts concluded. This interpretation supports the need for consumer awareness to give consent in this area as well.
And although the resolutions of the Conference are not binding law, it is to be assumed that in the framework of the inspections of e-commerce shops carried out by these authorities, the failure to implement the recommendations will lead to the recognition of a violation of data protection law.
What steps must an e-commerce store owner take?
- Must provide customers with an access to place orders without creating a regular customer account regardless of whether it also provides them with a registered user account (regular customer account).
- Must verify that in processing the data of these guest accesses, it is ensured that data processing is kept to a strict minimum.
Want to make sure Your online store is fully compliant with German law?
Grau Rechtsanwälte PartGmbB advises on all e-commerce issues and supports you in the process of setting up online stores, electronic platforms and company websites in compliance with German regulations.