Magento 1
Magento 2

Magento 1 GDPR Compliance: Anonymisation of order data

£84.99 Excluding VAT

Magento GDPR extension allows you to implement cookie notification, "privacy consent required checkbox" on all the forms where personal data is getting collected, full customer data export including guest customers, customer data deletion along with anonymization of their sales data.

  • Delete & Anonymize Customer Account
  • Cookie Notification Message / Restriction Notice
  • Add the customizable cookie policy bar
  • Manage customer consents

* Required Fields


Magento GDPR Compliance: Personal Data Protection and Cookie Consent

Compatible with community: 1.4.x - 1.9.x and enterprise: 1.8.x - 1.14.x

This module supports you to make your Magento 1 store GDPR compliance. It supports cookie compliance, complete set of customer data export and customer data deletion along with anonymization of the transaction data

Here are the main features of this module-:

Cookie Compliance / Right to be informed

  • It allows you to implement cookie compliance customized notification message on your website
  • The cookie notification banner requesting user consent appears as soon as user lands up on your website
  • The cookie notification can be optional or mandatory for customers to accept before browsing through the website
  • It allows you enable/disable cookie notification message from configuration
  • The cookie message can be fully manageable from configurations
  • It allows you to manage text and background colour of the cookie message via admin panel so that you can match your brand colours without changing code
  • The message is always displayed at the top of the page so that its clearly visible to the user
  • The cookie choice get saved as a first party cookie which can be further used to prevent calling third party trackings like Google Analytics, Google Remarketing, FB Remarketing etc.

Privacy Policy Consent / Right to be informed

  • It allows customers to give clear and concise consent on different forms like newsletter, contact us, registration and checkout pages
  • It sets subscription date with all newsletter subscriptionS because now you have to have information about who opted in and when with specific date and time
  • It records when, who and how the consent was given by the customer before filling any personal data on your website
  • It allows administrators to look who, when and how the consent was given by the customer including guest customers
  • It allows administrator to control which forms they would like the consent checkbox to appear on the frontend
  • It allows administrator to change privacy text of the consent checkbox which appears on the frontend

Right to be forgotten

  • It allows logged in customer to delete their account including newletter subscription from front end under my account section but this option can be disabled from admin panel
  • It allows administrators to delete customers (registered and guest), their newsletter subscription and anonymise their transaction data within Magento Admin Panel
  • It allows administrators to send confirmation email to customers with the link to delete and anonymise their transaction data including order, invoice, credit memo and shipment
  • It allows administrators to anonymise transaction data manually or automatically which are older than the retention period. (New!)
  • It allows administrators to receive email when customer account gets deleted either from frontend or backend, this allows them to remove data of this customer from other systems
  • It allows you to fully anonymize or delete customer data from customer, sales, quotes, newsletter tables so that you have met your "right to be forgotten" obligation
  • It anonymises personal data which includes customer firstname, middlename, lastname, email address, remote IP address, phone, fax, region, street, city and postcode
  • The extension also allows you to set all the personal data in the Quotes to NULL through a cron job. You can easily manage the number of days after which data needs to set to NULL from configurations

Right of access / Right of data portability

  • It allows administrators to export all customer data manually for a given customer including guest customers. This meets the requirement of "right to access" and "right of portability" as under GDPR individuals will have full rights to ask for complete set of their personal data on your website. (New!)
  • It exports all the personal data from the system including customer, customer addresses, sales orders, sales order addresses, quotes and newsletter(New!)

Other features

  • All the messages or texts appearing anywhere either on frontend or backend are translatable
  • It allows you to stop sending emails to customer automatically until customer's account has been deleted from all the external systems
  • It allows you to give permission to specific roles to export customer data, anonymise orders, delete customer data including newsletter subscription and send confirmation link to customers to delete their account NEW!
  • It allows you to change email templates from admin panel exactly same as other Magento email templates
  • It works with sub-domains and multi-domain websites **
  • It works with all the latest Magento Enterprise and Community versions
  • This module can be completely disabled whenever required via system configuration in admin

Use our demo store to try out this extension. The demo store is refreshed every 3 hours.
Admin Demo URL

Cookie Pop Up

Cookies pop up is used to improve the experience for user by providing them all the infomation about the individual cookies used on the site. With the help of cookie pop up admin can maintain the categories for all the cookies generated on the website. It helps user to set cookie preferences for individual categories.

Here are the main features of this module-:

  • You can create/add cookie prefrences categories in back-end.
  • It lets you select cookie pop up styling, modal border, header font color, background color etc..
  • You can add customize CSS.
  • You can manage the buttons style and the title, text, font color of the tabs.
  • You can manage the pop up styling from back-end.
  • It allows you to choose whether cookie is required or not.
  • You can set the default values for cookies.
  • You will have an option to select all cookies or an individual cookie.
  • You can define categories and cookie choice at store level.
  • You can add cookie choice description

Click here to know more about it.

Compatible with community: 1.4.x - 1.9.x and enterprise: 1.8.x - 1.14.x

We provide 60 days free support and free upgrade from the date of purchase for any standard Magento site. Installation service is also available with a minimal charge of £50 with 6 months free support and free upgrade for any standard Magento Site. If you need any help with this extension or you want to enhance this extension to meet your business needs, please contact and we will get in touch with you. And if we like your idea we might do the solution at discounted rate or for free.

** Please refer to our FAQ or T&C section for running our extensions on multiple domains or sub-domains

Frequently Asked Questions

Q. How can I get license key for my development website?
A. If you want to get the license key for the developer website, please contact our team at along with order number and development site URL. The developer website can be on a separate Magento installation than your base domain for which the license was purchased
Q. Can I test the extension before buying?
A. Unfortunately we can't provide you extension for testing purposes but we have demo available for most of our extensions and happy to provide full refund if the extension doesn't work
Q. Can I request for customisation on your extensions?
A. Yes we do provide all sort of customisation for our clients at the reasonable rates. And if we believe the customisation will help our product then we also provide great discount on the customisation
Q. I have two live domains, do I need a separate license key for each live domain?
A. Yes you need to buy a separate license key for each live domain or sub-domain. If you are buying licenses for more than four live sites in one transaction then we can offer you 30% discount on total amount
Q. How can I upgrade my extension to the latest version?
A. If your extension is within the free upgrade period then simply email us with your order number and our team will send you the latest version of the extension but if it is outside free upgrade period then you need to buy an upgrade using the following link

Once you received the latest version of our extension then we would highly recommend to delete all the files and folder of our extension from your website first before uploading the latest version because we might have removed existing files and keeping existing files could cause problems on your website.
Q. Does my license get expired after certain period?
A. No, your license is not going to get expired but we would highly recommend upgrading to get all the latest fixes (including security fixes if any), improvements and new features. In the upgrade, we also ensure it is compatible with the latest version of Magento and when you upgrade you will have a smooth transition.
Q: What is GDPR?
Q: What happens when customer "declines" or "accepts" third party cookies from cookie notification message?
A: It creates first-party cookie i.e. "cookie_accepted" and set the value to 1 when customer "accepts" and 0 when cutomer "declines". If you are using any of our tracking extensions then they all come with the option to stop sending info to third parties like Google when third party cookie usage has been declined by the customer. But if you are using third party tracking extension then they need to check for cookie name "cookie_accepted" and this will be set to 1 for "accept" and 0 for "decline"

Here is the function which will force your tracking not to run unless the cookie has been accepted by the customer from cookie notification message

     * Check if the third-party cookie has been accepted or not
     * @return bool
     protected function hasCookie()
          $cookieKey = 'cookie_accepted';
          $cookie = (string)Mage::getModel('core/cookie')->get($cookieKey);
          return ($cookie=="1" ? true : false);

Here is the function which will turn off your tracking only when customer declines from cookie notification message

     * Check if the third-party cookie has been accepted or not
     * @return bool
     protected function hasCookie()
          $cookieKey = 'cookie_accepted';
          $cookie = (string)Mage::getModel('core/cookie')->get($cookieKey);
          return ($cookie=="0" ? false : true);

N.B - You don't need to do anything with your trackings if you are not sending Personal Identified Information (PII) because GDPR only applies to personal data not transaction or catalogue data
Q: I am using GTM for all my trackings, can I control certain tags to get fired only when customer has accepted the cookie?
A: Yes of course, please follow the below steps in GTM -:
  1. Step 1 - Create a new variable named "acceptance_cookie", variable type should be 1st-Party cookie and give the name of the cookie as "cookie_accepted"

  2. Step 2 - Create a new trigger named "Acceptance Cookie", trigger type could be anything like GTM.DOM, Pageview, Custom Event etc. and based on the trigger type choose some custom events or some pageview and add the following condition

    - From first dropdown - select variable name created in Step 1 i.e. "acceptance_cookie"
    - From second dropdown - select equals
    - Third Input box - put value 1

  3. Step 3 - Associate the trigger created in Step 2 ie.. "Acceptance Cookie" with any existing tag and that tag will ony fire when customer accepts the cookie on your website
Q: Does this extension make my company fully GDPR compliant?
A: This extension is going to support towards compliance, it targets mainly around few main requirements "cookie notification", "privacy consent", "right to erasure","right to be informed","right of data portability" and "right of access" but just installing this extension is not going to make your company fully compliant. To be precise it is not just implementing technical elements on your website. It is a disciple which is around making sure the personal data (for example email address, phone number, name, addresss, medical info etc.) which is stored in your data centre in any format or the personal data that you are sharing with third parties is secure. For more information Click here to know more about GDPR.
Q: If someone puts items into a cart and does provide personal information, but finally does NOT order, the customer is not registered as a customer but that data is still somewhere in the system - does this module also delete this data ?
A: Yes we are running a cron job which clears personal data from cart / quote table automatically after set number of days which you can configure in admin, by default it is set to 30 days.
Q: Can my customer change their cookie preference?
A: Yes they can change their cookie preference by clicking on the cookie preference link from the header
Q: How often the cron job runs to anonymise order data automatically?
A: It runs every 1 hour to anonymise order data automatically
Q. How can I manually uninstall your module?
A. Please follow the below steps -:

Step 1: Remove the module Scommerce_%.xml files from app\etc\modules\

Step 2: Drop module tables or columns from database, please check folder app\code\community\Scommerce\%\sql\% for more information

Step 3: Remove the folder app\code\community\Scommerce\%

Step 4: Remove module configuration settings from core_config_data table by running the following query
DELETE FROM core_config_data WHERE path LIKE 'scommerce%'
Step 5: Remove module from core_resource table by running the following query
DELETE FROM core_resource WHERE module LIKE 'Scommerce_%';
Q: Can I remove cookie preference link?
A: Yes you can copy layout xml file from \app\design\frontend\base\default\layout\scommerce\gdpr.xml to your custom theme folder and remove addLink reference
Q: How can I translate text on frontend or admin?
A: Our extension uses Magento out of the box translate mechanism, you can do it using inline translation feature and alternatively copy the following file app/locale/en_US/Scommerce_GDPR.csv into correct language folder and update the file accordingly. For example for Germany, you need to copy "Scommerce_GDPR.csv" into app/locale/en_DE/ folder
Q: I can’t see privacy policy consent checkbox on newsletter sign up or contact us form
A: This could be because of your custom theme, please check if you have custom theme with contacts.phtml and subscribe.phtml. If yes then copy contacts.phtml from app\design\frontend\default\default\template\contacts\ and subscribe.phtml from app\design\frontend\default\default\template\newsletter\ to your custom theme
Q: I am using Ebizmart Mailchimp extension, when the customer gets deleted from my website, does it get deleted from Mailchimp as well?
A: Yes it does remove the details of the customer from Mailchimp as soon you delete personal data using our extension
Q: I don't receive confirmation email after an administrator deletes my account from admin customer section
A: Please make sure "Enable sending email communication to customer" setting is set to YES in system configuration
Q: I can't see "send deletion link to customer" button in admin under customer section
A: This could be because of the following three reasons -:
  1. You don't have permission to see this button
  2. Enable Customer Account Deletion / Anonymisation setting is set to YES
  3. Enable sending email communication to customer setting is set to YES
Q: I don't see "Export Customer Data" or "Delete GDPR Personal Data" in sales order action drop-down in admin
A: This could be because of the following two reasons -:
  1. You don't have permission to see this action
  2. Allow Guest Checkout system configuration setting under Sales -> Checkout -> Checkout Options is set to NO
Q: I don't see "Export Customer Data" or "Delete GDPR Personal Data" in newsletter action drop-down in admin
A: This could be because of the following two reasons -:
  1. You don't have permission to see this action
  2. Allow Guest Subscription system configuration setting under Customers -> Newsletter -> Subscription Options is set to NO
Q: Can I delete or export data for guest customers?
A: Yes you can delete and export complete data of guest customers from action drop down of sales order, newsletter subscription and privacy policy consent screens in admin
Q: Can I anonymise order data for guest customers?
A: Yes you can anonymise orders for guest customers from sale order screen using "Anonymise order" action. Please click here to see the screenshot
Q: As an administrator what all things I can perform and set up from Magento admin panel?
Here is the list of things you can do as an administrator -:
  1. Cookie Notification Message and other configurations – You can manage from System -> Configuration -> Scommerce Configuration -> GDPR

  2. Order anonymisation – This can be achieved either by clicking “Delete personal data” button from Customers -> Manage Customers or from Sales -> Orders -> Actions drop down (Anonymise Orders)

  3. Delete Personal Data for Guest or Registered Customers - This can be achieved by clicking “Delete Customer and Anonymise Transaction data” button from Customers -> Manage Customers or alternatively from action drop down of Sales Order Grid, Newsletter Subscription Grid, Customer Grid and Privacy Policy Grid

  4. Send delete link to customer – This can be achieved by clicking “Send deletion link to customer” button from Customers -> Manage Customers

  5. Export customer data - This can be achieved by clicking “Export GDPR data” button from Customers -> Manage Customers or from action drop down of Sales Order Grid, Newsletter Subscription Grid, Customer Grid and Privacy Policy Grid

  6. Transactional Emails - You can change email templates from System -> Transaction Emails. There are three emails which you can change -:
    1. Scommerce GDPR Deletion Confirmation - This sends link to customer to delete their own account
    2. Scommerce GDPR Customer Data to Admin - This sends email to administrator with customer details whose account has been recently being deleted
    3. Scommerce GDPR Deletion Success - This sends an email to customers after successfully deleting their account
  7. Privacy Policy Consents - You can check privacy policy consent from Customers -> Privacy Policy Consents. You can check all the consents given by customer from different sources like newsletter sign up or registration or contact us or order

Release Notes

Version 0.0.1 - Initial Commit

Version 0.0.2 - Fixed issue related to delete function and also move hard coded text to configuration

Version 0.0.3 - Added functionality to disable cookie alert completely from admin panel

Version 0.0.4 - Refactored the anonymisation code to provide better performance

Version 0.0.5 - Added email templates in the configuration so that they can be amended using transactional emails

Version 0.0.6 - Added IP Address also to anonymisation list as static IP address could also be considered as personal data

Version 0.0.7 - Fixed issue related to cookie notification message as it was still appearing even the configuration was off

Version 0.0.8 - Added translation file to support different languages

Version 0.0.9 - Added feature to anonymise transactions using order action dropdown of sales orders grid in admin

Version 0.0.10 - Added new feature to export all customer data including order, order address, quote, quote address, customer, customer address and newsletter subscription

Version 0.0.11 - Added new feature to allow customer to change cookie preference even after accepting or declining cookie. Also blocked site wrapper id or class is now being configured so that it can be changed from admin configuration without changing theme code. Also given provision to override adminhtml sales order mass action block from admin configuration. Also added subscription date with newsletter

Version 0.0.12 - Added new feature to send email to administrator when customer account gets deleted so that they can delete that customer from external systems. Also added confirmation popup before deleting or sending email to customer from admin panel

Version 0.0.13 - Added new feature to anonymise personal data from orders automatically including invoices, shipment, credit memo. Also added permission to give access to certain roles to anonymise transaction and delete personal data from admin panel

Version 0.0.14 - Added new feature to override CMS page setting to use external or internal links. Also checking if jquery exists or right version of jquery is installed on the website or not. Also added subscription date in the newsletter grid in admin

Version 0.0.15 - Removed conflicts with third party extensions for sales order action because quite few extension are overriding Mage core classes.

Version 0.0.16 - Improved performance of order anonymisation and also added new Magento Enterprise tables including RMA and Archive to anonymisation process

Version 0.0.17 - Exporting payment information as well in the customer export file. Also changed the default email templates to match Magento default theme and fixed some system.log notices and warnings

Version 0.0.18 - Added new feature to record privacy policy consent from the forms where customers are filling personal data to make sure they understand and accept privacy policy before giving consent. Also added confirmation message on delete customer account on frontend and also in admin against order anonymisation to avoid mistakes

Version 0.0.19 - Added privacy policy consent checkout for newsletter subscription as well to cover all the forms of the website where personal data has been collected. Also fixed jQuery conflict for cookie popup message.

Version 0.0.20 - Added new configuration to stop sending delete account confirmation emails to customers automatically. Also changed configuration so that it is more organised instead of having all the fields in general configuration

Version 0.0.21 - Fixed issue related to addFieldFilter function to make it compatible with older version of Magento. Also added parameter confirm=1 with customer deletion link which allows customer to redirect to deletion page instead of delete the account straight away

Version 0.0.22 - Added new feature to allow full export and complete deletion of guest customers from the website. Also fixed issue related to email template for multi-store websites

Version 0.0.23 - Fixed filter issue related to sales order grid on order status, base and grand total columns

Version 0.0.24 - Added cookie pop up feature

Product Reviews

Write a Review

Write your own review


You're reviewing: Magento 1 GDPR Compliance: Anonymisation of order data

  • You may also like

    © 2019 Scommerce Mage Ltd. All rights reserved. Your privacy and security are guaranteed. VAT registration number GB239 3674 77.
    Scommerce Mage Limited, Company Number 08765857, Registered in England and Wales.
    Registered Office: 39 Coresbrook Way, Knaphill, Surrey, GU21 2TR, United Kingdom.