Jump to content
Sign in to follow this  
  • entries
    3
  • comments
    0
  • views
    435

About this blog

From 1 January 2015, telecommunications, broadcasting and electronic services will always be taxed in the country where the customer belongs*

This new rules has an impact on the ecommerce company sell services. In this case, the rules to apply taxes has change. Og course, ClicShopping is compatible avec these new rules.
If your are question about thaht, don't hesitate to post a comment or a question on our forum.

There a summary information concerning these new rules.

– regardless of whether the customer is a business or consumer
– regardless of whether the supplier based in the EU or outside

* For a business (taxable person) = either the country where it is registered or the country where it has fixed premises receiving the service.
* For a consumer (non-taxable person) = the country where they are registered, have their permanent address or usually live.
For the definition of ‘electronic services see the Explanatory Notes below, in particular under points 1.3; 2.3.3; and 2.4.3.

The effects of this are as follows:

EU BUSINESSES supplying:

1. Business in another EU country

No VAT charged.
Customer must account for the tax (reverse-charge mechanism).

2. Consumer in another EU country

Must charge VAT in the EU country where the customer belongs (not where the business is based).

3. Business or consumer outside the EU

No EU VAT charged.
But if the service is effectively used & enjoyed in an EU country, that country can decide to levy VAT.

 NON-EU BUSINESSES supplying:

1. Business in the EU

No VAT charged.
Customer must account for the tax (reverse-charge mechanism).

2. Consumer in the EU (telecoms, broadcasting or electronic services)

Must charge VAT in the EU country where the customer belongs.

Entries in this blog

 

GDPR Requirement : Update your ClicShopping Website

Below, some information can help you to majke your website GDPR. GDPR is new european directive to allow all the customers to control their data.   GDPR Requirement for your E-commerce website - General   Please note:  EU GDPR will affect businesses both inside and outside of the EU. Any non-EU company dealing with EU customers will have to comply with the GDPR. To achieve full compliance by the end of May 2018, WooCommerce businesses will need to: Tell the user who you are, what data you collect, why you collect the data, for how long you retain it and which third parties receive it (if any)   Get a clear consent before collecting any data Let users access their data Let users download their data Let users delete their data Let users know if a data breach has occurred   If you don’t strictly adhere to these rules, you will eventually get fined up to €20 million or 4% of your worldwide annual turnover, whichever is greater… Now, this is good to know, but actually, the most important question is: what changes am I required to do on my WordPress/WooCommerce website? Well, with my goal being translating GDPR in plain English and in “WordPressian” (a new language I just created), the 6 rules outlined above will have implications on:   ClicShopping Terms & Conditions (Checkout page) ClicShopping Privacy Policy (Checkout page) ClicShopping User registration (My Account page) ClicShopping Cart Abandonment (Checkout page) ClicShopping product reviews (Single Product page) ClicShopping comments (Blog pages) ClicShopping opt-in forms (Newsletter, notification, etc.) ClicShopping contact forms (Contact Us page, widgets, etc.) ClicShopping analytics (Google Analytics, etc.) ClicShopping Plugins & APIs (Payments, Email marketing, etc.)   Breach notifications   That’s quite a lot of work… Once again, please double check this with a lawyer or a GDPR consultant as I’m neither of the two.   GDPR Compliance Step 1: ClicShopping Terms & Conditions   Based on Quora’s article, “What is the difference between Privacy Policy and Terms and Conditions?“, the Privacy Policy is to inform the user about the data you gather, while the Terms and Conditions (also called T&C, Terms of Service or ToS) include the legal terms and rules that bind the customer to your business.   Therefore, while the biggest changes will need to be done on your Privacy Policy (as well as showing this everywhere, see the following section), you should also amend your T&C page in regard to the new GDPR terminology and the gathering of customer data from the ClicShopping checkout. In my opinion, it’s simply sufficient to add a paragraph to your ToS that links to the revised Privacy Policy and therefore the whole personal data usage document.   If you have no T&C page at all, you can use some of the online generators (google “terms and conditions generator” or “terms and conditions template”), use a premium service like iUbenda, or alternatively take a look at T&C pages on popular e-commerce websites to get some inspiration   Once this is done, the Clicshopping checkout will show a checkbox on the checkout page with default text and a link to the T&C page you selected in the previous step:   To-do list:   Create a T&C page if you have none (you can use a T&C generator or take a look at popular e-commerce T&C pages – remember to refine the document for your specific legal agreements and have it revised by a lawyer) Add a new GDPR paragraph to your T&C that links to your Privacy Policy page Use the ClicShopping Checkout Settings to add a checkbox to the Checkout page   GDPR Compliance Step 2: ClicShopping Privacy Policy   On Business Bloomer I have no T&C page (working on that…) and no Privacy Policy page (definitely working on that now…).   Surely, the Privacy Policy page is the one that requires a lot of editing and copywriting. On top of this, we will need to show the Privacy Policy opt-in message on the checkout page and other places, such as contact forms and opt-in forms (see following sections).   In regard to the Privacy Policy page content, you must inform the user about the data you collect, store and use. Once again, the suggestion here is to take a look at reliable ecommerce websites Privacy Policy pages and see how they’re approaching the new GDPR rules.   Surely, you will need to cover the following:   who you are (company, address, etc) what data you collect (IP addresses, name, email, phone, address, etc) for what reason you collect the data (invoicing, tracking, email communication, etc) for how long you retain it (e.g. you keep invoices for 6 years for accounting purposes) which third parties receive it (MailChimp, Google, CRM, etc) how to download data (either automatically or by emailing the Data Protection Officer) how to delete data (either automatically or by emailing the Data Protection Officer) how to get in touch with you for data-related issues (the contact details of the assigned Data Protection Officer, probably you)   Now that you’ve written your Privacy Policy, you need to show this on every page of the website (a link in the footer would do) and – on top of that – a privacy policy checkbox on any opt-ins, user registration forms and checkout forms. Based on the useful comments I received on this article, users need to actively “check” or “agree” to the Privacy Policy (exactly in the same way people do so with your T&C) so you must show a checkbox (and you cannot pre-select that checkbox by default). So, how do you add a “Privacy Policy” checkbox on the checkout page? Well, in this case you can add a second checkbox, on top of the default “I’ve read and accept the terms & conditions”.   This second checkbox might say something like “I’ve read and accept the Privacy Policy” (or a more user-friendly label such as “Your personal data will help us create your account and to support your user experience throughout this website.   Please read and accept our Privacy Policy document, where you can find for more information on how we use your personal data”).   So, this concludes the Privacy Policy work.   To-do list: Create a Privacy Policy page if you have none Add who – what – how – why – when to Privacy Policy Display link to Privacy Policy in the footer   GDPR Compliance Step 3: ClicShopping User Registration   As this is personal data, we need to show the Privacy Policy checkbox on the frontend, similarly to what we’ve done on the checkout page. Also remember to only collect information you strictly require to run your business.   To-do list: add a Privacy Policy checkbox to the registration form   GDPR Compliance Step 4: ClicShopping Product Reviews   Ah, product reviews! In ecommerce, they really matter, don’t they? Of course, reviews contain personal data. You got it, you need user consent.   This is against the GDPR, which requires explicit consent (i.e. ticking a box).   Customers will have already opted-in to your T&C and Privacy Policy, so nothing will need to be added to the product review form if they’re logged in.   If you allow reviews from non-logged-in, non-purchaser users, that’s another story. Not sure why you’d do that, but in this case you’ll need to add the Privacy Policy checkbox to the product review form.   Simple as that !   GDPR Compliance Step 6: ClicShopping Comments   If your ClicShopping pages and posts have comments, here comes another GDPR compliance problem.   Users are usually prompted to enter their name, email address and website URL together with their message without the need to register an account (this happens on Business Bloomer for example, but maybe in your case you might force user registration in which case you’re GDPR compliant in regard to ClicShopping comments by default).   Once again this is pretty simple – you will need to add a Privacy Policy consent message in the “Leave a comment” form and a “cookies opt-out”.   To-do list:
Make sure to display the Privacy Policy checkbox before users submit a comment   GDPR Compliance Step 7: ClicShopping Opt-in Forms   An opt-in form is a contact form where users enter their name and email address (usually) to join your email marketing list (or database of contacts). First of all, you must remove all automatic opt-ins on your site. All checkboxes must be not checked by default (a “checked” checkbox by default cannot imply acceptance). Besides, are you passing those email addresses to sub-companies or other partners? Hopefully not…   Either way, users must:   consent know why their personal data is needed (“Enter your email address to receive our weekly newsletter“) give you only relevant information (to join your newsletter you don’t need to ask for the date of birth… unless you want to send them a gift on their birthday! In this case, you’ve got to make it clear WHY you want that personal piece of data know how to delete/download the data at any time know how to opt-out   Usually, an opt-in form is tied to a specific software e.g. Mailchimp Whoever you send that email address to, make sure they are reliable (Mailchimp, ConvertKit, Aweber, etc.) and that they are actively working on HELPING you being GDPR-ready.   To-do list: Audit all your opt-in forms See if your opt-in form / newsletter / email marketing provider has a GDPR solution Make sure to display the Privacy Policy checkbox before users opt-in   GDPR Compliance Step 8: ClicShopping Contact Forms   These forms now require Privacy Policy consent. Simply put, you should add a checkbox (very easy with any of the above plugins) close to the “Submit” button, to make sure users are agreeing to your Privacy Policy.   To-do list: Add Privacy Policy checkbox to all your contact forms If the contact form is going to store personal data in a database and/or is tied to an email marketing software, you need to tell your users why and where you’re storing data   GDPR Compliance Step 9: ClicShopping Analytics   Whether you use Google Analytics, Metorik, or both, you’re capturing user data and using cookies without consent. Same applies to Google AdWords, Facebook pixels and similar.   The best thing to do in this case is to check each provider’s GDPR policy, because THEY are collecting the data and not YOU. You’re just passing data to THEM: “Under the GDPR, if you use Google Analytics, then Google is your Data Processor. Your organization is the Data Controller since you control which data is sent to Google Analytics“.   According to Google Analytics Team (they sent an email to all account holders on April 11th 2018): GDPR requires your attention and action even if your users are not based in the European Economic Area (EEA) They introduced granular data retention controls that allow you to manage how long your user and event data is held on our servers. Google Analytics will automatically delete user and event data that is older than the retention period you select Before May 25, Google Analytics will also introduce a new user deletion tool that allows you to delete all data associated with an individual user (e.g. site visitor) from your Google Analytics properties GA remain committed to providing features for customizable cookie settings, privacy controls, data sharing settings, data deletion on account termination, and IP anonymization They are also updating their policies as Data Processors Indeed, I just found this new section in my GA account:   To-do list: Only use reliable, GDPR-compliant tracking software Ask software providers how they’re handling GDPR compliance Add to your Privacy Policy who handles your tracking data   GDPR Compliance Step 10: ClicShopping Plugins   This is a very important section, but I won’t keep you here for too long.   It’s very easy. Does plugin _____ either get, read, store, use, edit, handle, access user personal data?   Simply ask yourself this question for each plugin.   If the answer is yes:   make sure it’s a reliable plugin make sure they are GDPR ready make sure to add the plugin to the list of “third parties” that get access to user data in your Privacy Policy   If the answer is no: are you 100% sure? really, really sure? good then, you don’t need to do anything   Who knew GDPR was actually a good thing!   To-do list: Ask yourself the “magic” GDPR question about each plugin and theme Select GDPR-compliant plugins Discard non-GDPR-compliant plugins   GDPR Compliance Step 11: ClicShopping APIs   We already mentioned this before, but “API” cover a lot of different applications. But first, what the heck is an API (in plain English pleaseeee)? An API (Application Programming Interface) is basically “a piece of code” that allows you to access an external software without ever leaving your website. API is used for transmitting data between two parties. A good analogy is to think about a bus traveling from one city to another, back and forth, moving people between the two points (data). Another good one (allow me to be a little Italian about it!) is to think about API as a waiter that takes your pizza order and lets the kitchen know what toppings you want Either way, an API is a “data connector” – private data might be passed from your website to another software and viceversa, hence GDPR applies.   Examples: users can join your Mailchimp list without ever leaving your website, thanks to Mailchimp API users can checkout with Stripe without ever leaving your site, thanks to Stripe API and so on… Facebook, Twitter, any kind of third party software give you APIs. These APIs connect your ClicShopping store to the outside world, passing data to it – possibly private, personal user data.   As long as you know:   what APIs you use ? what data is sent ?   if the API is GDPR compliant …then you’re good to go. As usual, you have to add to your Privacy Policy the detailed list of APIs that handle user data.   To-do list: Audit all your APIs Discard non-GDPR-compliant APIs Add APIs to your Privacy Policy   GDPR Compliance Step 12: Breach Notifications   Under the GDPR, if your website experiences a data breach this needs to be immediately communicated to those users affected by the breach. A notification must be sent within 72 hours. What’s a data breach by the way?   Well, this occurs when personal information is passed to:   an unauthorized data processor or subcontractor a non-GDPR compliant body a third party without the knowledge of the data subject a hacker On top of this, you will need to have a security data breach response plan and process in place.   To-do list: Secure your ClicShopping website please! Subscribe to all your third-party software / API providers so that you can become aware as soon as a data breach that affects your users occurs Reduce the amount of data you store. Brilliant workaround, isn’t it? Have a data breach emergency plan    

ClicShopping

ClicShopping

 

Secure ClicShopping

Websites are by nature high risk elements of the information system. Security is of great importance, and this for several reasons.
The most known threats on websites are disfigurements and denial of service. Disfigurement is an attack in which an attacker modifies the site to replace the legitimate content with content they choose, for example relaying a political message to denigrate the site owner or simply to assert his attack as evidence expertise.

A denial of service for its object to make the site unavailable to its attack legitimate users. In both cases, the impact on the site owner is obviously a poor images and, in the case of a site for supporting a lucrative business, a shortfall.

To reduce the most common attacks ... Here are a few recommendations that you can apply.
Step 1 : Your administrators
Register an Administrator:

Your nickname: We recommend you to alias a complex that is not current or use your email.
Password: a complex password with * / - + - () necessarily complicate a hacker who wants to enter your online store ClicShopping.

In addition, you also have the option to save your password and user name in an htaccess file and htpasswrd. This method is the best, however all servers may not accept this method (at least there may be some incompatibility with ClicShopping code), so we recommend that you save an user without the option htaccess , htpasswrd and with the option to verify proper operation
Maybe you need it also change the file permissions.

Default htaccess file htpassword are not enabled, you must follow this procedure.

.htaccess :
The file is located in the ClicShoppingAdmin directory under the name _htaccess.
Change _htaccess by .htacces
Locate and change this line

if you have a problem, after to have created an administrator, look this line in htaccess.
AuthUserFile /home/domain/www/boutique/ClicShoppingAdmin/.htpasswd_clicshopping

and Change by your relative path to the server.

.htpasswrd :
The file is located in the ClicShoppingAdmin directory under the name _htpasswrd
Change _htpasswrd by .htpasswrd     Step 2 : The Security Module
In the menu menu Configuration / module / sécurity, please edit the different modules to change the security.

For example, the default Administration module contains two types of value:

- Please specify the time waiting for a connection error in the administration part: This value indicates the time that a director must wait before attempting to reconnect
Note : More the time is long, more it's better.
- Please specify the number of allowed login to login as admin: This value indicates the number of attempts allowed connection. If this value is exceeded, it will be impossible to connect.
Note : More the value is small, more it's better.

In addition each attempt failed connection, you will received an email telling you that someone has tried to log in to your administration.

In the menu Tools / Security, server information, you will find a summary of the analysis of the principal organs of ClicShopping.

Menu Information ClicShopping

This file will indicate the security status of key files on your site
a green light: everything is configured on the server
a yellow light: there is a risk, provisions are to be
a red light it is very important to solve this problem.

Menu Surveillance des actions

This file will tell you who logged into your administration, sent email ...    
Step 3 : Configuration files and access to the database.
Theoretically, if you have followed the Installation Manual, it is not useful to speak on this item. However, we recall that the rights on the file configure.php file must be read-only mode is chmod 444.
Please make sure that these rights are correct.

Step 4 : Access to your administration
You can also change the directory ClicShoppingAdmin to further improve a little more security tool. However, you must perform several operations on this

- Change the configure.php file located / includes / configure.php by the new path
- Modify the configuration file located ckeditor config.js / ext directory and then enter the new
- Modify the configuration file Kfm, located configuration.php / ext directory and then enter the new
- Edit the htaccess file with the new path.     Etape 5 : Your Store - The images directory
On this directory, it is best is to let the directory chmod 755 and files 644 mode. Generally are the default settings provided by the apache server.

However, there may be a warning at the notifying administration ClicShopping it can not save the file. In this case, we recommend you to directories only 777 mode.
CliCshopping records for setting up the product images file chmod 644.

If you create other directories, we advise you to put an empty index.html or index.php file types, you can create it directly from the images editor that is offered in ClicShopping.

In addition, this directory (but others too) are protected by a .htaccess file preventing them from access these directories via your browser.    
Conclusion
If you apply these best practices, you will help to improve the security of your online store. If you are not sure, we can propose you a service and set up properly for you your online store ClicShopping.

 

ClicShopping

ClicShopping

 

ClicShopping Installation Process

ClicShopping is an open source application to manage online stores (B2B, B2C, B2B/B2C), open and private sale. In addition, you can qualify the application of social ecommerce with its capabilities that allow the administrator to interact with social networks and users (the catalog is not forgotten also).






Download ClicShopping
To begin, you should download the compressed files containing all necessary files and archive.Visit the download ClicShopping section, download the file to your computer and unzip the file.
Setting up your FTP software
You will also need an FTP software to upload files to your server. One of the most used (which we recommend) is Filezilla. You can download the filezilla.org website and install it.

From elements that you were given by your host, configure filezilla so that it can connect to your hosting.
1 - How to Use Filezilla. - Click File and Site Manager. You will get the following items below.
- Fill the host box, which is usually your website
- Select the appropriate file transfer protocol: FTP generally
- Choose the type of authentication: usually: normal
- Enter your username: give your host
- Indicate voting password: give your host
- Click on Connection


2 - Download files You must connect to the server and download the files in the target directory of your instance (This directory typically contains an index.php or index.html).
Given the variety of settings of the servers, it may be in a directory, groups, for example web. 3 - Permission on files there are two important files in ClicShopping solution in order to begin the installation correctly. These files require a temporary change permissions during the installation process

The following files are located in the directory - /boutique/includes/configure.php : store configuration file (catalog) - /boutique/includes/ClicShoppingAdmin/includes/configure.php : store configuration file (administration)
In Filezilla, go to the directory and right mouse button,
- Click Change file attributes
- In numerical value: Specify the 777 value (allowing the writing to file)
- Click Ok
- Make this action the titles configure.php files  

4 - Installing ClicShopping   You can now start installing ClicShiopping.

Indicate in your browser following url: http://www.monnomdedomaine.com/boutique/install (change mydomainame.com par your domain)

Step 1 :

The first step is to accept the license to use the tool.

Step 2 :

The second step is to set write permissions on folders and files on your server.

You need for this step of your FTP and assign the correct rights (see Step 3 for explanation) based on directories and files listed in step installation
Once this is done, you can refresh your browser by pressing the F5 key to see if the parameters you changed are correct.

If all lights are green, then you can proceed to the next step.
Step 3 : Configuring the database

This step is to make a connection to your database.

For safety reasons, it may be that you can not create the database from the installation file. Your host has provided you with a password, a login (username), web address to connect to the administration of PhpMyadmin or from your hosting manager to create a database .

Depending on the case, you will have 4 parameters at your disposal

Server database: usually localhost (For ovh is another element)
The login user name: provided by your host or one that you created
Password: given by your host or one that you created
The name of the database: given by your host or one that you created

From these elements, fill the form
Then click Next and wait for the download process to happen. Once this is finished, you will automatiquely to the next step. Please do not interrupt the process

Step 4 : Setup files configure.php

This step allows you to retrieve various parameters to set the configure.php files correctly.
There is no specific operation to be performed on this stage, click Next

Step 5 : Setup ClicShopping

This step is done so that you can access your administration ClicShopping and shop as some additional information

Notes:

In the username, please enter your email address
In the password, please use the symbol * / - eg

This will give you greater security.

Etape 6 : Go to shop ClicShopping

This step will show you how to perform a security tool files.

From FTP

- Reassign the configure.php files in read-only mode (444) (step 3 procedure)
- Remove the installation directory
- Any other operation will be indicated by the installation procedure.

Once this is done, you can access your administration and start the setup according to your needs. A guide is available on this item

Please note that to use the catalog, you should download a number of modules (see philosophy, specifications, features).

Thank you have installed the solution of social e-Commerce ClicShopping.  

ClicShopping

ClicShopping

Sign in to follow this  
×

Important Information

By using this site, you agree to our Terms of Use