Working on a project for one of our customers we decided to use Shopify as platform.
The control area and platform are quite nice to use. It took us initially a bit to find the right place to adjust the templates and look of the theme but other than that the whole process was pretty straight forward. We spent a few weeks working on the page and setting it up.
Fast forward, closer to the release of the website, the new European Data Protection Regulation came into effect. Trying to attract customers from all over the world including Europe, the shop had to comply with the GDPR. In regards to that, one of the key requirements from our customer was to have a double opt in feature for account creation.
Shopify and GDPR
Most people will be familiar with the double opt in procedure. For those who don’t know, when a customer registers an account, they receive an email to their specified email address. They have to click on a link in this email in order to verify their email and validate their account. Only after the link has been clicked, the account would be activated. This is pretty much a standard for almost all online stores.
Shopify vs General Data Protection Regulation
Trying to set this up for the website, we were disappointed to find out that Shopify doesn’t offer a double opt in option. We contacted Shopify about it and talked to one of their support team members, who promised to check with their tech team, to find out if there was a plan to develop and implement a double opt in feature.
In the meantime (we still haven’t heard back from them 2 months later), they recommended that we check their marketplace in order to find a Shopify expert willing to help us with our requirement for customisation and additional features. We did that.
Using Shopify Marketplace
It didn’t take long to receive several replies from Shopify experts, confirming that they can develop the account/email double opt in feature for us. We went with the one that sent the most professional and detailed reply (one of the experts simply replied “I can”, which did not seem convincing to us).
We replied and explained in detail what we needed – which seemed obsolete, as email double opt in is a very common feature across all online platforms. They confirmed again that they can do it and sent us a quote. After agreeing to their quoted price, we paid and granted the expert who was based out of Europe access to our Shopify account.
Now this is where the fun begins. The first thing we noticed was that we had suddenly three people from different IP addresses (Europe, USA, Vietnam) accessing our Shopify account.
We have no problem outsourcing work to USA or Vietnam, but paying and giving access to someone in Europe, we did not expect them to grant access to people outside of their company. Our first thought was that our account got hacked.
Login from unknown IP addresses
After clarifying with the contracted Shopify Expert and them explaining that the login from the USA and Vientam are their co-workers, we just let them continue “working” on the requested feature. With working I mean exchanging emails with us. For 3 weeks we exchanged emails, explaining over and over again what we need – Account/Email double opt in … They kept on proposing different options and work arounds, all of which had nothing to do with double opt in.
We realised that they probably are not able to create a double opt in feature and just asked them. They confirmed our suspicion that the Shopify platform wouldn’t allow them to develop and integrate a double-opt in feature. In the end they were simply not able to deliver and they knew in from the start. But they together with the other Shopify experts all confirmed that they were able to, to get the deal and the contract.
We asked for a refund and they offered us to use the money for different customisation work. We didn’t need anything else, so we insisted in getting the refund. Don’t get me wrong, they were nice about it by they were desperate for us to spend the money on something else.
Experience Using Shopify Experts
While they have refunded us the money in the end, I am quite disappointed with how it all played out. Not only should they have not confirmed that they are able to deliver (none of those who replied), but we also wasted 3 weeks ping-ponging emails for contracting work that was not even possible.
This is why I am annoyed with Shopify. I explained them what we needed and they have recommended us to find a Shopify Expert on their marketplace and pay them to develop a customised plugin for us … even though their platform doesn’t allow a double opt in feature.
I understand why Shopify aren’t developing certain features themselves. They want to keep their marketplace active and their eco system alive by enabling developers to earn money for custom work. But email double opt in is such an absolute basic feature every online platform should have. If not as default feature, than at least as option that can be activated.
Well, thats the story of our experience with Shopify “experts” in regards to Email double opt in.
Can we recommend using Shopify?
We quite liked working with Shopify. It is a good platform with a lot of integrated features. That being said, there are certain limitations, in particular regarding customisations and and features. We had the feeling that WordPress gives more freedom in that area.
Can we recommend Shopify Experts?
Having used WordPress as main platform to built customer websites over the years, we like the idea of custom plugins, apps and features to further optimise a website. The Shopify marketplace and experts offer just that. Our tip is to be very specific with any feature request. Make it clear what you need and have the confirm it. That gives you something to refer to inc ase they can’t deliver in the end.
Is using Shopify experts secure?
We were not impressed that the expert we hired granted additional people from other countries access to our account. How can they control what those other users are doing? It doesn’t seem correct that Shopify Experts are allowed to simply give other people access to our account without our confirmation. You be the judge.
Is Shopify GDPR Compliant?
In Shopify’s defence, they have implemented new features as a result of the GDPR. For example a simply option that allows shop managers to delete customer details on their request. They have also added a whole new section on GDPR to their knowledge base. On top there are also additional third party apps addressing GDPR related issues, for example Easy GDPR.
Is Double Opt in Required?
Double opt in is not explicitly mentioned in the GDPR as requirement, but there have been law cases in European countries in which the shop owner lost a case which could have been prevented with email double opt in. For that reason we are still keen for Shopify to develop this feature, or at least, make it possible for the marketplace and Shopify expert to develop it.
What is your personal experience using Shopify experts?
#shopify email double opt in #shopify account double opt in #shopify double opt in #shopify experts #shopify marketplace #shopify experts experience #experience with shopify experts