Como adequar seu e-commerce a LGPD

How to adapt your e-commerce to the new LGPD?

Just under a month ago, companies had access to users' browsing histories, data and habits on the internet, often without their being aware of it.

Although it is an interesting strategy to customize the user experience and even maximize the conversion of your e-commerce, the practice is invasive and goes against the new rules of the General Data Protection Law.

Since August 2020, this practice has become illegal, with penalties already being considered by the responsible bodies. Therefore, if you don't want your e-commerce to be affected by not complying with correct data treatment, read this article and learn how to adapt your e-commerce to the LGPD.

How does LGPD affect your e-commerce?

Marketing along with data collection is part of the sales process of e-commerce, because it makes it easier to analyze the preferences and characteristics of each customer. Whether for lead capture, campaign engagement, ad segmentation or promotions and content targeted to the customer profile.

With LGPD, This system is used not only by e-commercesWith the LGPD, the free way of handling data in this process is revised. Now, every e-commerce will have to be explicit with its customers and users about how their data will be stored and for what purpose it will be used. In addition use of the data will be exclusive to the reported purpose to the customer. That is, it will be necessary to say whether the information will be used to generate contact, newsletter sending, studies and statistics, etc..

Another point that is affected by the new rules is related to tracking cookies and user behavioral analysis, which is commonly used in online stores. The use of these technologies must be warned to the user as soon as he accesses the site and asks for consent.

Finally, personal information for sales purposes should be justified and plausible. For example, e-commerce that sells services or digital products do not require information such as the customer's address. If they do, they need to justify the purpose.

How to adapt to the new data protection law?

As you may have already noticed, the LGPD directly interferes in the way e-commerces communicate with their customers, so how can you adapt your online store to meet the new rules defined by the general data protection law? To do so, keep in mind the following aspects:

Privacy policy

Update your privacy policy according to the principles of the LGPD. One of the main reasons is to promote transparency about the treatment of personal data, by communicating to your customers about each step, each purpose, the professionals or areas responsible, and make clear how the user can revoke access to their data if they want to.

Some topics to be reviewed:

  • Purpose of collection of cookies and treatment that will be performed;
  • Purpose of collection of registration on the site and forms, and treatment that will be performed;
  • Purpose of collection of the store's Wish List and how it will be handled;
  • Easy access to the customer about the data and information that the company has about him;
  • Update internal data treatment process, how it will be done, responsible area and ensuring the proper use of data according to the consent given.


Cookies are used to improve site experience while the user is browsing. Some track preferences for show content that may be of interest to you and others that through location, give options of stores and pickup points near your address.

Despite being useful to the user and also to e-commerce, according to the new LGPD rules, the use of cookies must be previously consented to by the user.

One way to collect this consent is to display a message in your footer explaining the use of cookies and requesting confirmation of use in the user's section.

There are tools, such as LGPDY, that install this popup and allow you to manage the consents and also the removals by the user.

Security and customer registration

If your e-commerce has mandatory registration for customers to make purchases, it is important to make clear why and the security reasons behind the registration.

The new data protection rules accompany the concern about the personal data that companies have access to. Besides being aware of what their data will be used for, the user wants to feel safe. So invest in website protection companies, or anti-fraud systems, and let the customer know that.

Wish lists and forms

It is rare that an e-commerce site does not make Wish lists It is a useful tool for the customer who has quick access to products of interest and the company that has a precious source of data to win sales opportunities.

Lists can continue to be used to understand the buying profile of customers, but it is important to clarify how this feature works to the customer.

The same applies to forms made available on the website, they should clearly communicate the purpose of collection and how they will be used. An example of forms are newsletter signups or promotion popups.

Query information

Any information that is collected must be available for the customer to request access whenever they want. This rule applies to all companies, because it goes against the autonomy that the user has over his data under the new rules.

The user will be able to check the integrity of his data and even request anonymity or deletion.

For this reason it is important to facilitate this consultation to the user, some e-commerces have already added the information in their footer, with the privacy policy, but it is not limited to this, it is necessary to create protocols for the customer to verify data.

Finally, we realize that transparency and communication are the basis that must be followed to maintain a secure relationship and to comply with the general data protection law.

ebook: guia sobre a lgpd

Always communicate with your customer, let him know the processes his data will go through, and give him autonomy to claim his data when he wishes. Making your e-commerce compliant with the new rules will not only avoid penalties, but will also positively influence the relationship with your customer.

So, did you like today's article, which of these practices have you already activated in your website?

Leave a comment

Please note, comments need to be approved before they are published.