VirtueMart GDPR

A popular webshop extension for Joomla is VirtueMart. With a webshop you need to store personal information like name, address for legal obigations (invoices) and to fullfill your contract (the order).


This component has been available since 2005. It is a highly configurable and customizable multi-language shopping cart solution for Joomla 2.5 and Joomla 3.


Virtuemart and GDPR

Interesting discussion about what to consider / change in Virtuemart:

Safety measure

For security reasons (to protect possible personal data on invoices), it is advised to put the invoices folder outside the webroot of the website. You can configure the folder ("Safe path") that VirtueMart uses for storing invoices and downloadable files. You should specify that folder in the Virtuemart configuration: 

VM Configuration > Templates > Media File Settings

Visit the Virtuemart documentation for more information. 

General tips for webshops 

  • use SSL for your website so that all communication is transported through a secured line
  • inform your visitors and customers about cookies
  • only collect necessary data
  • check for payment providers - they are processors and you need processor contracts with them
  • inform what data is stored and how long
  • if you store IP-address inform people
  • are you using a currency convertor? Is it an external JavaScript?

End of Service

Thank you for your interest in this GDPR tool.

We've decided to quit with this service at end of September 2023.
Former customers can download their PDFs until the end of September 2023.