eCommerce and the General Data Protection Regulation: case study on ensuring compliance in online retail

Abstract

This bachelor’s thesis examines the basic compliance requirements for eCommerce practices, to ensure ethical and lawful collection, utilisation, and processing of personal data of individuals, by the analysis of the General Data Protection basic compliance requirements and its intersection and correlation with the data processing practices of eCommerce businesses. The aim of this bachelor’s thesis is to inspect and analyse the legal framework behind the compliance requirements of eCommerce business practices and the core principles of the GDPR strengthening the compliance efforts of eCommerce business practices, as well as review and discuss political influences and ethical considerations on the collection of personal data of individuals by the means of doctrinal and non-doctrinal research approaches. As per the results of the analysis of this bachelor’s thesis, while there are set guidelines on how to achieve compliance, there still is room for improvement on the compliance efforts of eCommerce businesses.