WooCommerce and the GDPR

The General Data Protection Regulation (GDPR) takes effect on May 25, 2018. The resources below are to inform and equip Woo.com customers, WooCommerce business owners, and developers who build stores and/or sell extensions, with regards to the GDPR.

Woo.com Customers

We are committed to protecting your data. If you have a Woo.com account, our Privacy Policy explains how we use and store your data, including what we share with marketplace developers.


Does WooCommerce store data?

WooCommerce itself does not receive or store usage data, unless you opted in to our Usage Tracker.

WordPress 4.9.6 and WooCommerce 3.4 include updates and tools for the GDPR that make it easier to handle Right to Access and Right to Erasure requests from customers.

Got questions? Join the WooCommerce Community on Slack and reach out in the #GDPR channel.


Do extensions store data?

When it comes to WooCommerce services and extensions, including those built by third parties, things get a little more nuanced.

Learn how specific extensions, including payment and shipping gateways, store data.

If you build and sell extensions on our (or another) marketplace, review our checklist on how to make an extension GDPR-ready.


May the GDPR force be with you

We trust these resources will be helpful as you navigate ecommerce in this brave new world of the GDPR and protected data. If you have any questions about WooCommerce and personal data storage, please reach out to us at
privacy (at) woocommerce (dot) com