eBay privacy policy updates to reflect GDPR

By Dan Wilson May 1, 2018 - 5:04 pm

There’s a new eBay privacy policy notice that refers to the new EU regulations that come into force on the 25th May and relate to holding the personal data of citizens in the European Union. It is effective immediately upon acceptance for new users and will be active from June 1st 2018 for all other users of eBay.

eBay has emailed all users today with this new information. And you can read the notice on eBay UK here. And there is an eBay Inc. portal for global users that explains the changes and what eBay is doing for users around the world, outside of the EU. As they note GDPR applies not just organisations which process data in the EU, but also any organisation that offers goods or services to, or monitors the behaviour of people inside the EU. GDPR applies even if the processing takes place outside of the EU.

Included on the eBay Inc. website is a link so that users can make information requests under GDPR to understand what information eBay holds and also request deletion. It does look like eBay will be processing GDPR request centrally in the USA.

Since the GDPR language was finalized in 2016, eBay has been taking steps to prepare for compliance with the new standards ahead of the May 25, 2018 implementation date. eBay is making enhancements to its processes, products, contracts, and documentation to help support the company’s, and our partner’s, compliance with the GDPR. While many of these changes will not be directly visible to customers, we’re providing greater clarity on the way eBay collects, uses, shares and manages personal information through our new and improved User Privacy Notice.
– eBay Inc.

There’s stack of information about GDPR out there and how it might affect marketplace merchants, including a number of posts from Tamebay. But there are still some unanswered questions that we hope to clarify for marketplace sellers in the next few weeks.

  • Chris
    1 year ago

    Too little and too late, Ebay, and not well thought through.

    It is not just Ebay that will have to comply-it is also all the sellers.

    I would like to know what Ebay is doing about the listings design.
    I have changed to the new format shop front and looked to check where I could post the shop’s privacy policy statement. There is no facility for a custom page under the new format, and no tab on the listing (as there is for business policies, return policies). That would seem to be the natural place for it.

    So where to put the statement??

    The only place I can see is the listing description details, surely a clumsy solution for those trying to shorten descriptions for the mobile age. And yes, every listing would have to be amended individually.

    • fluffy
      1 year ago

      not sure why you feel you need to put something in your listings? The only communication you have with eBay customers is about a transaction they’ve initiated, which is legitimate use and requires no consent. You can email ebay customers but only if they’ve explicitly opted into your newsletter, which again makes it fine. You have no other need to store, retain or process customer data (in fact, it’s probably against the rules of eBay to do so) so I think you’re in the clear, Chris…

      On your own website, it’s a different issue, but on eBay, there’s no need. Please correct me if I’m wrong, because obviously this is an important thing that I don’t want to mess up.

    • 1 year ago

      @fluffy Is it against eBay rules? If so why do they allow companies to collect data for processing, like Royal Mail / Linnworks / Channel Grabber etc…

      I use WPLister which collects all data from eBay / Amazon orders and stores it in my website, at the same time it syncs my inventory between my website, eBay & Amazon.

      Royal Mail Click & Drop collects the order information, name, address, email, telephone number, items purchased & amount spent, which we then use to print the labels.

    • Rachael
      1 year ago

      I agree, I have been looking where to put our privacy policy. We may be just the data processor on ebay, but as information is then processed for posting, stored for HMRC etc – we need to advise customers. – I am not sure that the blanket ebay one counts? I have added to ebay and to my website – but cannot find where to add to ebay at all.

  • fluffy
    1 year ago

    basically it is fine to collect and process data *for the transaction that the buyer has initiated* and little else. That’s fine with both eBay and GDPR. However, storing the data and using it for other purposes afterwards would be against both eBay and GDPR rules. GDPR would require you ask for consent to process the data for anything else, and eBay won’t help you get that consent that because it would violate their terms of service for you to send marketing messages to eBay buyers directly.

    So to use your example; Royal Mail, Linnworks etc are processing the data in order to make a transaction possible- i.e. you have to have addresses and emails etc to actually fulfil an order and deliver it, and you have to be able to manage the stock in your warehouse. That’s called “legitimate use”, and requires no consent…it’s a type of processing that is essential to the transaction that the user has explicitly chosen to initiate.

    Marketing is not considered essential to the transaction and so requires consent.

  • 1 year ago

    I also sell on Etsy and they emailed me last week requesting that I add a privacy policy to my profile, giving an example that could be edited – simple. Pity Ebay couldn’t do somethin similar?

    • 1 year ago

      Apart from that they can just have a check box pre purchase to agree to GDPR terms. Once ticked, job done…

Welcome to our Tamebay Guide. Companies listed in the directory represent the leading suppliers in the UK and Europe.


eBay’s mission is to be the world’s favourite destination for discovering great value and unique selection

See More Companies >