Privacy Compliance

Kibo's terms and conditions comply with General Data Protection Regulation (GDPR) and the California Consumer Privacy Act of 2018 (CCPA). Kibo also offers services for obfuscating/deleting customer data for shoppers that request their data to be removed, as required by those privacy regulations.

GDPR Storefront Compliance


Kibo features updated terms and conditions on the checkout page that includes a section explaining GDPR. Shoppers must agree to all terms and conditions before they can submit their order.

Callout of the GDPR agreement on the checkout

My Account Creation

When a shopper creates an account, the storefront page displays a checkbox requesting them to agree to GDPR terms and conditions. Shoppers are required to select this checkbox to successfully create an account.

Callout of the GDPR agreement on account creation

By default this link points to, but you can update this URL to your own terms and conditions page. For more information, refer to Enable GDPR Storefront Changes section below.

Enable GDPR Storefront Changes

This feature requires changes to your core theme. Ask your theme developer to make the required changes to your theme to enable this feature, as detailed in the Github pull request.

Updating the GDPR Link

To update the GDPR link in the terms and conditions to your own policy page, you need to edit the URL for the agreeToGDPR or agreeToGDPRCheckout labels in the following theme files:

  • templates/pages/signup.hypr
  • templates/modules/common/
  • templates/modules/checkout/

Delete/Obfuscate Shopper Data for Shopper Requests

GDPR and CCPA require that companies be able to delete/obfuscate a shopper's data if the shopper requests it. You can submit requests to Kibo to delete or obfuscate shopper data. To request Kibo to delete/obfuscate data:

  1. Send a request to Kibo Support. Kibo then sends you a report (in a password protected file) that details what data will be affected.
  2. Reply to Kibo Support and confirm that the data listed in the report is the data you want to delete/obfuscate. Upon receiving confirmation, Kibo starts deleting/obfuscating the data listed in the report.