What information is stored in Shopware IP addresses and user's browser

Naturally, an eCommerce system must handle data in order to record delivery addresses. It’s critical to remember that processing involves not only software, but also the hardware that supports it.

Because your hoster’s configuration is highly customized, you should establish with your hoster the extent to which communication occurs there (e.g. with a disjointed database server, where the application communicates with the database over a network). We will focus exclusively on Shopware 6’s software-side processing of this data.

Today, we’d like to demonstrate how Shopware 6 processes personal data directly on What information is stored in Shopware IP addresses and user’s browser.

Table of Contents

• What information is stored in Shopware IP addresses
  • 1. Cookies (Session, CSRF)
  • 2. Session
  • 3. CSRF
  • 4. Timezone
• What information is stored in Shopware user’s browser
  • 1. order_customer
  • 2. customer
  • 3. log_entry
  • 4. version_commit_data
• Final thoughts

What information is stored in Shopware IP addresses

Whether or not to require opt-in for the setting of cookies that are not strictly required for the store’s functioning is a point of contention between attorneys. We recommend that you apply at least one of the existing options for cookie-based data protection information. More information about this can be found at www.cookiechoices.org; please consult your legal advisor for more information. Shopware by default, enables the cookie hint.

1. Cookies (Session, CSRF)

Shopware puts cookies in the visitor’s browser to enable the store’s essential functionality. Cookies are used to keep track of the contents of the shopping cart, the user’s login status, and also to provide CSRF security. Shopware cannot be used without cookies being enabled in the browser.

IMPORTANT: Shopware maintains only IDs in the customer’s browser; the actual data is assigned in the application area.

2. Session

Shopware determines whether a user has an active shopping cart and is logged in based on the session cookie. It acts as a means of communication between the browser and the server. The browser stores no more information other than the session ID. Session management is handled on the server-side by PHP and can be examined independently of Shopware.

3. CSRF

Additionally, when a customer visits the store, Shopware produces an individual CSRF cookie to enable the customer to access the business’s various sections.

4. Timezone

A fixed time is stored in the database, which is transformed using the time zone cookie to the user’s time zone. This ensures that the user is always presented with the accurate time. The cookie is set for frontend and administrative operations.

What information is stored in Shopware user’s browser

By default, Shopware stores IP addresses. This serves as the user’s unique identifier within the store. By default, Shopware keeps IP addresses in four locations.

1. order_customer

Each order includes a record of the customer’s IP address. This is not displayed or used by default in the admin. It is recorded in the order customer table of the database.

2. customer

The customer table stores the IP address of the most recent order. This is not displayed or used by default in the admin.

3. log_entry

The table logs entry stores all backend user activity. This table can be used to keep track of when changes have been made, for example. After that, you can allocate them to an individual depending on their IP address.

4. version_commit_data

Version commit data is a database table that maintains information about current usage. For instance, here, relevant data is saved for the duration of an order’s processing. Additionally, the IP addresses of visitors and customers are stored here.

Final thoughts

This is the complete list of data saved in Shopware’s IP addresses and the user’s browser. We hope that this article clarified their positions and their importance of them.