Questa pagina non è disponibile nella tua lingua.

chiudi x

Vai al contenuto principale
search
it
English Dansk Deutsch Español Français Italiano 日本語 中文
Contattaci Cookie
external links
Richiedi una demo
Più forti insieme: Sitecore e Microsoft
Stronger together: Sitecore & Microsoft
Sitecore è stata premiata come Partner dell'anno globale retail e beni di consumo di Microsoft.
Per saperne di più
Marketing in un mondo senza cookie
Marketing in a cookieless world
Cosa significa la perdita dei cookie di terze parti per i marketer e come puoi affrontarla.
Leggi l'articolo
Entra nel team di Sitecore
Join the Sitecore team
Le persone di Sitecore sono davvero uniche e ti invitiamo a far parte del nostro viaggio di crescita.
Scopri di più
Contattaci Cookie
Gestisci i cookie

Gestisci il modo in cui i Siti web Sitecore utilizzano cookie e tecnologie simili, in conformità alla nostra informativa sui cookie, facendo le tue scelte di seguito. Tieni presente che disabilitando completamente i cookie e le tecnologie simili, i siti web di Sitecore potrebbero non funzionare correttamente.
Strettamente necessari

Questi cookie devono essere abilitati, senza di essi il sito non funziona. Sono correlati alle funzionalità principali del sito web e ai relativi servizi.
Prestazione

Questi cookie analizzano l'utilizzo del sito web, monitorano il traffico, migliorano e ottimizzano l'esperienza dell'utente sul nostro sito web. Senza questi cookie, non possiamo identificare quali informazioni sul sito web sono preferite dall'utente, limitando la nostra capacità di migliorare i contenuti che offriamo.
Funzionalità

Questi cookie aumentano la funzionalità del sito web di Sitecore. Potremmo utilizzarli per fornire un'esperienza personalizzata ricordando le preferenze, il nome, la lingua, il paese dell'utente, consentendogli di accedere ad aree sicure del nostro sito web e di elaborare gli ordini.
Targeting/Pubblicità

Questi cookie ci consentono di rendere i contenuti più rilevanti per te e consentono a Sitecore e ai nostri fornitori di servizi di offrire pubblicità o altre comunicazioni più rilevanti per te.
Salva le impostazioni
Rifiuta tutto
Accetta tutto

Compliance with GDPR

Your options if you’re on a previous version of Sitecore

What you need to know whether you’re on Sitecore 6, 7, XP 8 or XC 8

Whether it’s remediating your existing Sitecore implementation or upgrading to the current version of Sitecore, we’ll help you determine the best route to becoming GDPR-compliant.

GDPR requirement
Sitecore 6 series
Sitecore 7 series
Sitecore XP 8 series
Sitecore XP 9
The right to be informed, or being transparent about what you collect and how you use it (Article 12, 13, and Article 14 number 11)
As a developer you can inform end-users about data you collect through a privacy policy, cookie banner, and/ or preferences page on a Sitecore 6.x website, but you have no way of auditing a history of interactions.
As a developer you can inform end-users about data you collect through a privacy policy, cookie banner, and/or preferences page on a Sitecore 7.x website, but you have no way of auditing a history of interactions.
As a developer you can inform end-users about data you collect through a privacy policy, cookie banner, and/ or preferences page on a Sitecore XP 8.x website, but you have no way of auditing a history of interactions.
Yes, you or your developer can inform end-users about data you collect through a privacy policy, cookie banner, and/ or preferences page on a Sitecore XP or XC 9.0 website, and can audit a history of interactions via the Sitecore xConnect™ API. 
For commerce data, the history of customer interactions can be audited using the Commerce journaling feature and Commerce Services API. 
The right of access, or allowing individuals to see what personal data you’re processing and storing (Article 15)
Because Sitecore 6 did not include Sitecore xDB, you’ll need to address this in your own database configuration.
Because Sitecore 7 did not include Sitecore xDB, you’ll need to address this in your own database configuration. Users on version 7.5 (with xDB) should be aware there is no product feature support out of the box for the right of access; you will need to customize and extend your 7.5 xDB solution to fulfill those requirements.
No product feature support out of the box for XP versions prior to 8.2 Update 7. Users on prior versions will need to customize and extend their solution to fulfill the right of access requirements. Users of XP 8.2 Update 7 release can customize their solution and xDB to retrieve the interaction history of a contact through a dedicated API. You will need to extend your solution to use the API and retrieve the data in a programmatic fashion.
Sitecore XP 9 and Sitecore XC 9 have dedicated features to retrieve the full interaction history of an individual through the Sitecore xConnect API. As a developer, you will need to extend your solution to use the API and retrieve the data in a programmatic fashion.
The right to rectification, or allowing individuals to have their personal data corrected (Article 16)
Because Sitecore 6 did not include Sitecore xDB, you’ll need to address this in your own database configuration.
Because Sitecore 7 did not include Sitecore xDB, you’ll need to address this in your own database configuration. Users on version 7.5 (with xDB) should be aware there is no product feature support out of the box for the right to rectification; you will need to customize and extend your 7.5 xDB solution to fulfill those requirements.
You’ll need to make changes to Sitecore (and any other systems) to edit / change / delete personal data on request.

Personal information can be managed in User Security, List Management, in XC’s Customer and Order Management tool, and customized directly in MongoDB. 

The XC Customer and Order Management tool is a business user/ customer sales representative (CSR) focused, web-based management tool that is part of Sitecore Experience Commerce.

You need to make changes to Sitecore (and any other systems) to edit / change / delete personal data on request.

Personal information can be managed in User Security, List Management, and customized directly through the Sitecore xConnect API (e.g., through a web form).

Also, personal data can be managed in the Customer tool of the Commerce tool. Logs can be enabled and retrieved via the Commerce Services API.

The right to erasure, also known as the right to be forgotten (Article 17)
Because Sitecore 6 did not include Sitecore xDB, you’ll need to address this in your own database configuration.
Because Sitecore 7 did not include Sitecore xDB, you’ll need to address this in your own database configuration. Users on version 7.5 (with xDB) should be aware there is no product feature support out of the box for the right to erasure or portability; you will need to customize and extend your 7.5 xDB solution to fulfill those requirements.
No product feature support out of the box for XP versions prior to 8.2 Update 7. Users on prior versions will need to customize and extend their solution to fulfill the right of erasure requirements. Users of XP 8.2 Update 7 release can customize their solution and xDB to delete all personal data of a contact through a dedicated API.

In XC 8.2.1 update 3, PII included by Commerce Connect in interactions can be erased.

We recommend a review of the custom contact facets that have been extended in the xDB before using the API to ensure all personal data is removed.
Sitecore XP 9 has dedicated features for the right of erasure (or right to be forgotten). A contact’s personal data can be deleted through a Sitecore API call, “Execute Right To Be Forgotten.” This feature irreversibly removes the contact’s personal data. 

XC customers are responsible for determining what data may need to be retained (i.e., for legal reasons and how long that information should be stored). The xConnect API is available to help customize what data is removed.

 

The right to restrict processing, or allowing individuals to stop you from performing operations (collecting, processing, storing, etc.) on personal data (Article 18)
Because Sitecore 6 did not include Sitecore xDB, you’ll need to address this in your own database configuration.
Because Sitecore 7 did not include Sitecore xDB, you’ll need to address this in your own database configuration. Users on version 7.5 (with xDB) should be aware there is no product feature support out of the box for the right to restrict processing; you will need to customize and extend your 7.5 xDB solution to fulfill those requirements.
Sitecore XP/XC 8 allows you to customize how much personal data you wish to process. Opt-in and opt-out is a customization.
Sitecore XP/XC 9 allows you to customize how much personal data you wish to process. Opt-in and opt-out is a customization.
The right to data portability, or giving individuals the personal data you have about them (Article 20)
Because Sitecore 6 did not include Sitecore xDB, you’ll need to address this in your own database configuration.
Because Sitecore 7 did not include Sitecore xDB, you’ll need to address this in your own database configuration. Users on version 7.5 (with xDB) should be aware there is no product feature support out of the box for the right to data portability; you will need to customize and extend your 7.5 xDB solution to fulfill those requirements.
No product feature support out of the box for XP/XC versions prior to 8.2 Update 7. Users on prior versions will need to customize and extend their solution to fulfill the right to data portability requirements. Users of XP/XC 8.2 Update 7 release can customize their solution and xDB to retrieve the interaction history of a contact through a dedicated API. The information retrieved can be exported for an end user in your chosen format.
Sitecore XP 9 ensures full interaction history is available and can be exported from the Sitecore xConnect API and provided to your end user in your chosen format. 

XC 9 can also export the full interaction history as well as purchase history in your end users’ chosen format. The XC customer hosts these functionalities. None of this data is received by Sitecore.

The right to object, or prevent you from processing their personal data (Article 21)
Because Sitecore 6 did not include Sitecore xDB, you’ll need to address this in your own database configuration.
Because Sitecore 7 did not include Sitecore xDB, you’ll need to address this in your own database configuration. Users on version 7.5 (with xDB) should be aware there is no product feature support out of the box for the right to object; you will need to customize and extend your 7.5 xDB solution to fulfill those requirements.
No product feature support out of the box. Customization is required, dependent on your implementation.
No product feature support out of the box. Customization is required, dependent on your implementation.
GDPR requirement

The right to be informed, or being transparent about what you collect and how you use it (Article 12, 13, and Article 14 number 11)

Yes, you or your developer can inform end-users about data you collect through a privacy policy, cookie banner, and/ or preferences page on a Sitecore XP or XC 9.0 website, and can audit a history of interactions via the Sitecore xConnect™ API.

For commerce data, the history of customer interactions can be audited using the Commerce journaling feature and Commerce Services API.

The right of access, or allowing individuals to see what personal data you’re processing and storing (Article 15)

Sitecore XP 9 and Sitecore XC 9 have dedicated features to retrieve the full interaction history of an individual through the Sitecore xConnect API. As a developer, you will need to extend your solution to use the API and retrieve the data in a programmatic fashion.

The right to rectification, or allowing individuals to have their personal data corrected (Article 16)

You need to make changes to Sitecore (and any other systems) to edit / change / delete personal data on request.

Personal information can be managed in User Security, List Management, and customized directly through the Sitecore xConnect API (e.g., through a web form). Also, personal data can be managed in the Customer tool of the Commerce tool. Logs can be enabled and retrieved via the Commerce Services API.

The right to erasure, also known as the right to be forgotten (Article 17)

Sitecore XP 9 has dedicated features for the right of erasure (or right to be forgotten). A contact’s personal data can be deleted through a Sitecore API call, “Execute Right To Be Forgotten.” This feature irreversibly removes the contact’s personal data.

XC customers are responsible for determining what data may need to be retained (i.e., for legal reasons and how long that information should be stored). The xConnect API is available to help customize what data is removed.

The right to restrict processing, or allowing individuals to stop you from performing operations (collecting, processing, storing, etc.) on personal data (Article 18)

Sitecore XP/XC 9 allows you to customize how much personal data you wish to process. Opt-in and opt-out is a customization.

The right to data portability, or giving individuals the personal data you have about them (Article 20)

Sitecore XP 9 ensures full interaction history is available and can be exported from the Sitecore xConnect API and provided to your end user in your chosen format.

XC 9 can also export the full interaction history as well as purchase history in your end users’ chosen format. The XC customer hosts these functionalities. None of this data is received by Sitecore.

The right to object, or prevent you from processing their personal data (Article 21)

No product feature support out of the box. Customization is required, dependent on your implementation.

Why upgrade to Sitecore XP or XC 9?

Becoming GDPR compliant becomes far simpler if your content management or digital marketing platform is architected and built on a singular database that tracks all historical customer information. Customers on older versions of Sitecore would best prepare for GDPR by upgrading their platform and migrating their data to version 9.

Sitecore Experience Platform (XP) 9 and Sitecore Experience Commerce (XC) 9 facilitate GDPR compliance by incorporating a number of privacy-by-design and privacy-by-default principles and new features. These include support for anonymizing data, the ability to annotate data, and support for treating data as sensitive, depending on your needs and your configuration choices.

Version 9 offers capabilities that significantly expedite Sitecore users achieving GDPR compliance with their Sitecore deployment, including:

  • Extended database support: The ability to deploy xDB on Microsoft SQL Server or Microsoft SQL Azure (in addition to MongoDB), which makes managing databases more efficient for teams already familiar with SQL Server or Azure Services, and can improve infrastructure where datasets have had to interact between different technologies.
  • Sitecore xConnect™: A new service layer and set of APIs designed to securely interact with Sitecore xDB and allow for the collection and interchange of customer data across channels— even third-party apps—and at scale. Much of how Sitecore XP 9 and XC 9 facilitate a customer configuration that supports GDPR compliance is attributable to Sitecore xConnect because it helps you more easily and effectively manage personally identifiable information.
  • Encryption: Advanced security, with data encryption support for data that is both in motion, where data is encrypted with HTTPS and Transport Layer Security/Secure Sockets Layer (TLS/SSL), and at rest, where data in xDB can use SQL features such as Always Encrypted.

For more information on how Sitecore XP 9 and XC 9 support GDPR compliance, download our white paper “Sitecore and GDPR.”

Download now

How does it affect you?

Know the considerations for your implementation of Sitecore, whether you’re on Sitecore version 6, 7, or XP 8; or Sitecore XC 7 or 8.

Get the white paper