We in the EU have to follow the GDPR (data protection law)
Which you can read more about here: https://ec.europa.eu/info/law/law-topic/data-protection/reform/rules-business-and-organisations_en
I’ve delved into this pretty deep aside from webflow and a couple of points should be taken central in all your digital/online activities regarding user data:
- Where will the data be stored?
- Is it stored securely, with no one other than a rightful person having access?
- How will you and you client treat the data? (Archiving purposes = ok, reselling = not)
- Will you be using the data to build target profiles (e.g. for targeted ads)? (you need user consent)
- Can users ask to change or perm. remove their data from your systems? (they should be able to)
In case of webflow, the answer to the first question is: AWS. And AWS is, since 2018, GDPR compliant: https://aws.amazon.com/blogs/security/all-aws-services-gdpr-ready/
Stored securely? I’d argue that if AWS is hacked, there will be a way bigger problem than just your data. That would be news like “google hacked” or “apple icloud hacked”. Given their expertise and market cap, I’d trust AWS to be more secure than anything you, me or a local IT company can trump up on premise for you.
@sabanna For the last question, will users be able to change or delete their data from the ecommerce on their request? I’m not sure, a webflow expert should comment on that.