ZenCart Services
Chrome, Firefox and Google Search are driving the internet to HTTPS.
HTTP (Hypertext Transfer Protocol) has been in use by the World-Wide Web global information initiative since 1990.
HTTPS (HTTP Secure) is the secure version and aims at assuring confidentiality and security of exchanges. With the communication being encoded, the protocol protects not only from eavesdropping, but also from data alteration.
Until recently, a website using the HTTPS had a positive visual indicator, usually a padlock next to the URL. Where a problem arose, the padlock would be shown as broken or crossed out.
This proposal is now being implemented led by Chrome, Firefox and Google - the use of https is now a ranking factor
- websites using the non-secure version of the protocol will have to be clearly marked as non-secure by the web browsers. In December 2014, the Chrome security team published a proposal to all web browser vendors
- // NOW before your visitors leave for ever! Convert your site to use only https
General Data Protection Rules (GDPR) Compliance
To comply with GDPR, your users must give
- Explicit Consent for you to use their data for the purposes you intend,
- have Access to their information and
- have the Option to remove their information.
Zencart has Consent and Access in place (possibly needing some settings to be made in admin); the Option to Remove exists in the sense that the user must inform you that they want to have their data removed, but there is not the clear guidance that GDPR demands.
Explicit Consent. Your Privacy Statement must explain exactly what you intend to do with the user's data, If you do not already have your Privacy Statement as mandatory reading, then go to admin>configuration>Regulations and turn on the Privacy page. Content is added via admin > tools > Define Pages Editor...define_privacy.php and this is where you should add your GDPR policy. We cannot write your policy for you, but we can offer an example which has been approved by trading standards.
Once switched on, a checkbox appears on the Create Account page which must be checked by the user before they can complete the process. Anyone using Guest Checkout will need to seriously consider what you do with their data after the order has been completed, and will have to explain that within your privacy policy.
Access to their information. Customers can access and edit their data through "My Account". However, Guest Checkout users think they do NOT have an account. Not offering Guest Checkout may well be the only sensible solution here to remain compliant with GDPR.
Option to remove their information. Users cannot delete their account themselves, and deleting the account does not delete orders made by that account - which is good, because by law you need to keep 7 years of historical order data for tax reasons. That need for retention should be explained as part of your GDPR policy.
Our service adds a Delete My Account option on the customer's My Account page, enabling them to send you an email so you can then manually delete their account. We have also built in an automatic process which will delete the account 30 days after the request is made. This does NOT delete past orders.
What About Existing Client Data
Activating your Privacy page and making it mandatory to accept it on account creation is fine for new customers. However, GDPR requires you have specific consent to hold existing data, so to ensure you are compliant, we have added a Review and re-accept option on the MyAccount page. This links to a page which holds a copy of the define_privacy.php (so you only ever need to apply updates in the one place via Define Pages Editor) and includes Accept and Decline buttons. Choosing Accept allows the user to continue and stores the date of Acceptance in the database - this will be displayed in the individual Customer data page in admin.
Clicking Decline will log the user out of their account and record the date they declined in the database. After 30 days, the account details (but NOT past orders) will be deleted automatically.
Of course, the vast majority of returning customers are not going to go to their My Account page unless directed, so we've created a popup that appears when logging in to their account the first time after the site has been configured for GDPR.
Assuming that they accept the privacy statement, they will never see that popup again ... unless in the future you change that Privacy Statement which means people will have to re-accept.
Doing this means that you don't really have to worry about sending emails out to your entire clientbase asking them to go and update their acceptance. .. although it's actually a good opportunity to let them know you're on the ball in respect of GDPR.
We cannot write your privacy statement for you and you must take your own legal advice on what is appropriate for your business. GDPR requires that the Privacy Statement must be clear and separate from the general Terms & Conditions - and it makes sense to have clear links to it from either the header or footer of your site if you do not already have that.
-
//www.jsweb.uk/gdpr_service/images/popup.png" width="800" height="" />
//my.jsweb.uk/submitticket.php
We are covering the practicalities of the user being able to apply their rights in accordance with GDPR and enabling you to easily comply with those rights. The actual management of the data itself is down to you, but we can obviously help if it comes to you needing mass deletion of redundant data. Should that be the case, please get in touch at https
-
This is a service offered by JSWeb. If you are comfortable with editing and merging php files we are happy to provide the files. However, there will be no warranty and should you self-install and find things didn't quite work and you need our help to resolve it then we will be happy to assist but our time will be billed at our hourly rate.
NOTE
Anyone running a website, especially an cCommerce one, is probably well aware that page loading speed is a crucial element in Google rankings these days.
There are many factors that govern the speed of a web page, from the set up of the server to the amount of data you display on a page to whether you correctly optimise your images. We're not going to go into detail about everything but what we will do is point you to an excellent free online tool which will analyse your site and tell you what is wrong and what you can do about it.
There's a couple of important facts that you need to know before we show you where to access this tool..
1. you may well have the latest version of software installed, but that is no guarantee that the site is correctly optimised for Google. Any software that is supplied for general usage cannot possibly be properly tuned to a specific website in its "out of the box" state - rather like buying a standard car, if you want it to perform better, you need to spend time and money tweaking the engine, as well as applying the go-faster stripes and the shiny alloy wheels!
2. it is extremely unlikely that you will reach 100% in the analysis; anything above 90% is excellent whereas a total below 80% means you should take action sooner rather than later.
Whilst there is plenty of explanation on the analysis tool as to what is wrong and how to fix it, you may not have the time to do anything about it. After all, you have an online store to manage and you aren't expected to be a website designer or developer!
However, we make the time here at JSWeb and in most cases, we will be able to get your performance grade up to a very high B, possibly an A with a few hours work. There are of course caveats to that - results can vary and ANY external content loaded can affect the results and are outside our control eg. facebook and twitter feeds, comodo seal, verisign, google analytics, Trustpass, eKomi etc
-
//www.jsweb.uk/images/jsweb_perf_grade.png" />
Once you have invested time and money in making sure your Performance Grade is as high as possible, you really need to make sure it stays high.
JSWeb offer a monitoring service whereby you can be alerted once your Performance Grade score drops below a certain level (normally 85%). if the cause is a server change, we will fix that for free, but anything else is either for you to action yourself or we can do it at our normal hourly rate.
For an annual fee, you can choose to have your site monitored daily or weekly.
The implementation of GDPR brought about a change in the rules for displaying information about cookies. Previously, simply notifying site visitors that cookies were being used was acceptable; now the requirement is to show what types of cookie are being used and the visitor must have the ability to choose to accept or decline by type - i.e. to give active consent.
Service Agreement
What is a Website Service Agreement?
A Website Service Agreement is a contract for service between JSWeb Limited
and your company. By purchasing a Website Service Agreement, you will be guaranteed access to our experienced staff of programmers for an agreed-upon number of hours
per month.
What's in it for me?
- You pay a reduced hourly rate for our services - the more hours you book in advance, the more you save.
- You will have your own private access to our on-line Project Management System
How does the Service Agreement work?
The periodic fee is a retainer payable in advance; you are contracting for services to have our team of experts on hand for you at any time (during our normal business hours and subject to scheduling) you need to update or make changes to your website (see
What sort of Work Requests are covered in a Website Service Agreement?). To access our staff, you simply submit a work order or "Work Request" via our on-line Project Management System and our team will begin working on the request shortly after we receive it.
How many Work Requests may I submit?
You may submit as many requests as you would like, up to the maximum number of hours of coverage for which you have contracted.
How do I decide how many service hours I'll need each month?
This is really like asking "How long is a piece of string?" and therefore we'd suggest that unless you already know from experience how
many hours you'd need, you start with our minimum level (5 hours per month) and upgrade if it becomes apparent that it is insufficient for your needs.
What sort of Work Requests are covered in a Website Service Agreement?
- Upgrading to the current stable release of Zen Cart (NB. whilst minor upgrades can be just a couple of hours, recent major upgrades have been at least 30 hours)
- Implementation of any patch releases by the Zen Cart development team.
- PHP, HTML & CSS editing and programming (e.g.modifying the coding of your Zen Cart as required to achieve your needs, programming new functionality.)
- Development and programming of existing Zen Cart tools or plugins created by JSWeb
- Third-party software integration (including setting up of various Google tools)
- Design and production of Web graphics and banner ads
- Site integrity checking
- Technical consulting via email
- Tuition on Zencart matters
- Non-ZenCart development tasks
- Modification/development of 3rd party modules
- Origination of content copy (editorial/copy writing)
- Product data entry
- Substantial redesign of existing site(s)
- New site design
- Conversion of Flash-based functionality, navigation, application development or otherwise Flash Action Script-driven media design
- Any video or animation work
- SEO, Pay Per Click campaigns and/or management
- The cost of any commercially produced plug-in as charged by the plug-in owner
From time to time Work Requests are going to fall in a "grey area". In such cases, requests will be considered on a case-by-basis, and we will make every effort to accommodate them and work with you to ensure your projects are handled quickly and appropriately.
What if I end up needing more coverage than I've contracted for?
Subject to JSWeb discretion, you may use all your hours at any stage during the payment period, but unused hours for any month may NOT be carried forward. The ONLY exception to this is that work requests received during the final 5 working days of a month may, at JSWeb's discretion, be carried over to the next month.
With our Service Agreement, you are entitled to purchase extra hours of service, up to your currently contracted amount, at our contracted rate (ie. if you are contracted for 5 hours per month, you may purchase an additional 5). Should you find you that you regularly exceed your contracted coverage, you will likely be interested in changing the terms of your coverage to include more hours per month.
What does a Website Service Agreement cost?
Service Agreements are a 12 month contract and and offer a reduced hourly rate for our service. Our regular rate is £75/hr (ex tax).
Prices quoted are exclusive of tax and are in Sterling; fees may be paid in other currencies at the exchange rate of the day.
| Payment options /Hours per month | 5 | 10 | 15 | 20 |
| Pay Monthly | £350 | £650 | £900 | £1100 |
| Pay Quarterly | £1029 | £1911 | £2646 | £3234 |
| Pay 6-monthly | £2037 | £3783 | £5238 | £6402 |
| Pay Annually | £4032 | £7488 | £10368 | £12672 |
Example saving - if you pay quarterly for 15 hours per month you would save £2916 over 12 months compared to the standard hourly rate.
I still have questions — how can I contact you?
-
Our Website Service Agreement covers a wide variety of request types. The following are generally provided under the agreement
-
The following tasks are specifically not included
-
//my.jsweb.uk/submitticket.php?step=2&deptid=1" target="_blank">here and raise a ticket
For more information please click Starting from
£350.00 GBP
Monthly