Yes, it turns out that looking for a solution to another problem, I discovered that the JetPack plugin has recently included a module, active by default and without warning, that tracks your WooCommerce installation.
What does JetPack spy from my online store?
Specifically, according to JetPack’s own documentation, it tracks the following without your consent:
- When they see products.
- When a product is added or removed from the cart.
- When the checkout page is displayed.
- When an order is processed.
All this information is stored in Automattic’s servers, together with JetPack’s statistics, whether you have the module activated or not.
What do you think?
How does it do it?
Simple, whether you are installing JetPack for the first time or have recently upgraded, it adds a module called WooCommerce Analytics, active by default without your consent or information.
I DON’T SEE IT! Where is that JetPack module? How do i disable it?
Well, it’s not in sight in JetPack’s settings, but it’s hidden, concealed, whatever you want to call it, in the actual complete list of JetPack’s modules.
This is how to find it and disable it…
Why don’t they ask for permission or report that?
I honestly don’t understand why they don’t ask for consent or even report such monitoring of activity in online stores created with WooCommerce.
I’ve checked the WordPress privacy texts in case JetPack or WooCommerce would indicate something about it and no, they don’t.
It goes without saying that this is in flagrant breach of the European GDPR, as no consent is asked at any time, not even from the owner of the site, much less the users, but it also leaves the owner of the Ecommerce unaware that this monitoring is being done, so he cannot inform.
What should I do?
Well, I think it’s clear, so you know, you have two options:
- Disable the module as I show you in the video above (okay).
- Don’t deactivate it but inform your users about the follow up that is being done by Automattic about their actions in your online store.
I also asked them to explain this situation in a discussion in the plugin’s forum, in case they have a reason that I missed, but it seems that they didn’t, they just did it, passing their privacy through the triumphal arch.
Am I wrong? Am I being too picky? What do you think about this?
Read this post in Spanish: JetPack espía las ventas y productos de tu tienda online WooCommerce