=== Polski for WooCommerce ===
Contributors: motylanogha
Tags: woocommerce, gpsr, omnibus, rodo, ksef
Requires at least: 6.4
Tested up to: 7.0
Stable tag: 1.24.4
Requires PHP: 8.1
License: GPLv2 or later
License URI: https://www.gnu.org/licenses/gpl-2.0.html

WooCommerce for Polish shops: GPSR, Omnibus, GDPR, withdrawals, VAT ID, KSeF, unit prices and storefront modules.

== Description ==

**Polski for WooCommerce** is a free WooCommerce plugin for Polish online shops. It helps you organise GPSR product data, the Omnibus lowest-price history, GDPR consents, the right of withdrawal, VAT ID (NIP) handling, unit prices, hooks for KSeF processes, DSA reports and storefront modules.

The plugin is modular. You can enable only the features a given shop needs, for example GPSR, Omnibus, cart consents, withdrawals, unit prices, food data, a wishlist, a product comparison or AJAX search.

Polski helps you configure the technical shop processes related to the Polish and EU market. It is not legal advice and does not guarantee regulatory compliance. Your shop configuration, terms, products and obligations always have to be verified for your specific business.

= Documentation and links =

* **Documentation** - https://plogins.com/polski/docs/
* **Plugin page** - https://plogins.com/polski/
* **Source code** - https://github.com/wppoland/polski
* **Bug reports and feature requests** - https://github.com/wppoland/polski/issues
* **Discussions and questions** - https://github.com/wppoland/polski/discussions

= Why Polski for WooCommerce? =

* **One plugin, many modules** - GPSR, Omnibus, GDPR, right of withdrawal, product data and storefront modules in one place.
* **Built for Polish shops** - features designed for WooCommerce stores selling in Poland or to Polish customers.
* **Free and open source** - the core product, checkout and storefront tools are available at no cost.
* **Modern code** - PHP 8.1+, a React admin panel, REST API and WP-CLI support.
* **WooCommerce blocks support** - compatible with both the classic and block-based cart and checkout.
* **HPOS compatible** - supports WooCommerce High-Performance Order Storage.

= Key modules =

* **GPSR product fields** - manufacturer, importer, EU responsible person, product identifiers, safety warnings and instructions, including CSV import and export.
* **Omnibus price history** - records and displays the lowest price from the last 30 days on discounted products.
* **GDPR consents and checkboxes** - configurable consents at checkout, registration and reviews, with a consent log.
* **Right of withdrawal and returns** - requests from the customer account, e-mail confirmations and a request log.
* **VAT ID (NIP) and KSeF hooks** - detection of orders with a VAT ID, a KSeF flag and hooks for invoicing integrations.
* **DSA reports** - a point of contact, an illegal-content report form and an admin panel.
* **Shop health monitor** - passive monitoring of frontend errors, checkout issues and sales anomalies.
* **Security incident log** - an internal log of incidents, outages, vulnerabilities and follow-up actions.
* **Product environmental fields** - a basis for green claims, certificates and expiry dates.
* **Verified purchase badge** - a badge on reviews from customers who bought the product.

= Checkout, consents and returns =

* **Consent checkboxes** - consents at order, registration and reviews, with the option to enable only selected fields.
* **Omnibus price history** - automatic recording and display of the lowest price from 30 days.
* **Right of withdrawal** - withdrawal/return forms and requests from the customer account.
* **Double e-mail confirmation** - e-mail address confirmation during customer registration.
* **Shop pages** - link the terms, privacy policy and withdrawal content into WooCommerce notices.
* **Dispute resolution** - an ODR information module for the shop's information pages.
* **Consent log** - logging of consents with date, context, IP address and content version.

= Product data and labelling =

* **Unit prices** - price per kg, litre, metre, piece or a custom unit.
* **Delivery time** - estimated delivery time on product pages and product lists.
* **Tax information** - gross/net messages and the VAT rate.
* **Price display** - configuration of how prices are presented in the shop.
* **Food data** - composition, nutrition values, allergens, origin, distributor and other fields for grocery shops.

= Storefront modules =

* **Wishlist** - save products for later.
* **Product comparison** - compare products side by side.
* **Waitlist** - back-in-stock notifications for products.
* **Quick view** - preview a product without opening the product page.
* **Gallery zoom** - enhanced product image zoom.
* **Product video** - add a video on the product page.
* **Product slider** - a carousel of products and collections.
* **Infinite scroll** - automatic loading of more products.
* **Product tab manager** - configure the tabs on the product page.
* **AJAX filters** - filter products without reloading the page.
* **AJAX search** - live product search.
* **Product badges** - sale, new, featured and custom labels.
* **Promotional popups** - popup campaigns in the shop.

= Admin and developer tools =

* **React panel** - manage modules and settings.
* **REST API** - an API for settings, checkboxes, legal pages, withdrawals and search.
* **WP-CLI** - commands to manage selected features from the terminal.
* **CSV import and export** - bulk management of product data, including GPSR.
* **Shortcodes** - embed GPSR information, withdrawal forms, DSA reports and other elements.
* **Database migrations** - versioned and safe updates of data structures.
* **Integration hooks** - filters and actions for KSeF, invoicing and integrations with other plugins.
* **Audit scope** - DPA, DSA, KSeF readiness, environmental-claim control, verified reviews and security incidents.

== Installation ==

= Automatic installation =

1. In the WordPress dashboard go to **Plugins > Add New**.
2. Search for **Polski for WooCommerce**.
3. Click **Install**, then **Activate**.
4. Open the new **Polski** menu in the admin panel.

= Manual installation =

1. Download the plugin ZIP from WordPress.org.
2. In the WordPress dashboard go to **Plugins > Add New > Upload Plugin**.
3. Choose the ZIP file and click **Install Now**.
4. Click **Activate Plugin**.

== Getting Started ==

1. **Check the legal pages**: go to **Polski > Modules** and make sure the legal pages module is active. In its settings choose your terms, privacy policy and withdrawal page.
2. **Configure the checkboxes**: open the legal checkboxes module and enable the consents your shop requires.
3. **Check VAT rates**: make sure WooCommerce has the correct tax rates for your shop.
4. **Fill in unit prices**: for products sold by weight or volume, fill in the data in the **Polski** tab of the product editor.
5. **Enable Omnibus**: the module records price history and can display the lowest price from 30 days.
6. **Fill in GPSR**: for physical products add the manufacturer, importer and responsible person data and safety information.

== Configuration ==

Polski works in a modular way. You can enable only the features you need:

* **Product data**: GPSR, unit prices, delivery time, food data.
* **Checkout and consents**: checkboxes, right of withdrawal, legal pages.
* **Storefront**: wishlist, comparison, search, filters and badges.

Active modules with settings appear in the **Polski** menu or have a settings link on the modules page.

== Frequently Asked Questions ==

= Is Polski for WooCommerce free? =

Yes. Polski for WooCommerce is a free WooCommerce plugin for Polish online shops and is distributed as open source under GPLv2 or later.

= Which WooCommerce shop is Polski for? =

Polski is intended for WooCommerce stores selling in Poland or to Polish customers. It is especially useful when a shop needs modules for GPSR, Omnibus, GDPR, VAT ID (NIP), the right of withdrawal, KSeF and product data.

= Does Polski support GPSR in WooCommerce? =

Yes. Polski adds GPSR-related product fields, including manufacturer, importer and EU responsible person data, product identifiers, safety warnings and instructions. The data can be filled in the product editor and in bulk via CSV import or export.

= Can I show the manufacturer, importer and responsible person on the product page? =

Yes. The GPSR module can store and display the manufacturer, importer and EU responsible person data on the WooCommerce product page. Visibility depends on the module settings and the data filled in for the product.

= Does Polski support the Omnibus Directive and the lowest price from 30 days? =

Yes. The Omnibus module records price history and can display the lowest price from the last 30 days on discounted products. You can adjust the display settings in the module panel.

= Does Polski add GDPR consents in WooCommerce? =

Yes. The plugin lets you add configurable consent checkboxes at order, registration and reviews, and keep a consent log with date, context and technical audit information.

= Does Polski add checkboxes at checkout? =

Yes. Polski can add checkboxes for the terms, privacy policy, withdrawal information, consent for digital content, marketing consent, delivery notifications and a review reminder.

= Does Polski add a withdrawal or return form? =

Yes. Polski can add right-of-withdrawal handling from the customer account, with request confirmation, a request log and e-mail messages. This helps organise the returns process in WooCommerce.

= Does Polski support VAT ID (NIP) in WooCommerce? =

Yes. Polski includes features and hooks related to the Polish VAT ID (NIP), including detection of orders that may require invoice or KSeF handling. Field availability and behaviour depend on the enabled modules.

= Does Polski support KSeF in WooCommerce? =

Polski is not a complete system for sending invoices to KSeF, but it adds mechanisms ready for integrations: flagging orders by VAT ID, a KSeF status column and hooks for invoicing plugins and custom integrations.

= Does Polski issue invoices in WooCommerce? =

Polski provides data, flags and hooks useful for invoicing and KSeF, but it does not replace a full invoicing plugin or accounting system. For automatic invoicing, use a dedicated invoicing integration.

= Does Polski work with the WooCommerce block checkout? =

Yes. Polski supports the classic checkout as well as the block-based WooCommerce cart and checkout.

= Does Polski work with HPOS in WooCommerce? =

Yes. Polski declares compatibility with WooCommerce HPOS, that is High-Performance Order Storage / Custom Order Tables.

= Does Polski add unit prices in WooCommerce? =

Yes. The plugin lets you show unit prices, for example per kg, litre, metre, piece or a custom unit.

= Is Polski suitable for a WooCommerce grocery shop? =

Yes. Polski includes modules useful for grocery shops, including composition, nutrition values, allergens, origin, distributor and additional product labelling fields.

= Does Polski add a DSA report form? =

Yes. The plugin includes DSA tools, including point-of-contact settings, an illegal-content report form shortcode, a report-handling panel and e-mail notifications.

= Does Polski add a wishlist, comparison and quick view? =

Yes. The storefront modules include a wishlist, product comparison, quick view, back-in-stock notifications, AJAX filters, AJAX search and product badges.

= Can I enable only selected modules? =

Yes. Polski is modular, so you can enable only the features you need, for example GPSR, Omnibus, GDPR, returns, VAT ID, DSA or storefront modules.

= Does Polski support CSV import and export? =

Yes. Polski extends the WooCommerce CSV import and export with selected product data, including GPSR fields and other product information.

= Does Polski have shortcodes? =

Yes. The plugin provides shortcodes for selected modules, including GPSR information, withdrawal forms, DSA reports, complaint templates and shop messages.

= Does Polski guarantee legal compliance? =

No. Polski provides technical modules for WooCommerce, but it is not legal advice and does not guarantee that your shop is compliant. Your shop configuration, terms and obligations always have to be verified for your specific business.

= Is Polski ready for the Cyber Resilience Act? =

Polski follows security practices relevant to CRA readiness: updates are delivered through the official WordPress.org channel, vulnerabilities can be reported under a coordinated disclosure policy, the code uses standard WordPress security mechanisms, and external services are described in this readme. This is not a declaration of legal compliance.

= Where do I report bugs or feature requests? =

For day-to-day support use the WordPress.org forum. Technical bugs and feature requests can also be reported in the GitHub repository.

= Does the plugin have a simple feedback form? =

Yes. The admin panel includes a simple feedback form that stores messages locally in WordPress. Do not enter passwords, license keys or customer personal data there.

= What happens when the plugin is deactivated and uninstalled? =

Deactivating the plugin keeps your settings and stored data. Uninstalling removes the plugin files. Plugin data is removed only when you enable the "remove data on uninstall" setting.

== External Services ==

= GUS REGON API =

When the VAT ID (NIP) lookup module is enabled, the plugin can connect to the public GUS REGON registry to fetch company data based on the VAT ID entered by the user. The connection is made only after the lookup is deliberately triggered.

* Data sent: the VAT ID (NIP).
* Service address: [https://wyszukiwarkaregon.stat.gov.pl/](https://wyszukiwarkaregon.stat.gov.pl/)
* Terms of service: [https://api.stat.gov.pl/Home/RegulaminBIR](https://api.stat.gov.pl/Home/RegulaminBIR)
* Privacy policy: [https://bip.stat.gov.pl/](https://bip.stat.gov.pl/)

= Google OAuth =

When the social login module is enabled and Google login is configured, a customer clicking the continue-with-Google button is redirected to Google for authentication. The plugin exchanges the authorization code for an access token and fetches the profile data needed to sign in or create an account.

* Data sent: the redirect address, client ID, authorization code and access token used to fetch the profile.
* Data received: the Google account ID, e-mail address and name.
* Service address: [https://accounts.google.com/](https://accounts.google.com/)
* Terms of service: [https://policies.google.com/terms](https://policies.google.com/terms)
* Privacy policy: [https://policies.google.com/privacy](https://policies.google.com/privacy)

= Facebook OAuth =

When the social login module is enabled and Facebook login is configured, a customer clicking the continue-with-Facebook button is redirected to Facebook for authentication. The plugin exchanges the authorization code for an access token and fetches the profile data needed to sign in or create an account.

* Data sent: the redirect address, application ID, authorization code and access token used to fetch the profile.
* Data received: the Facebook account ID, e-mail address and name.
* Service address: [https://www.facebook.com/](https://www.facebook.com/)
* Terms of service: [https://www.facebook.com/legal/terms](https://www.facebook.com/legal/terms)
* Privacy policy: [https://www.facebook.com/privacy/policy/](https://www.facebook.com/privacy/policy/)

= Google Tag Manager / Google Analytics =

When the DataLayer module is enabled and a GTM container ID or a GA4 measurement ID is configured, the plugin can load the Google Tag Manager or Google Analytics scripts in the shop and send ecommerce events according to the configuration.

* Data sent: page views and ecommerce event data, for example product IDs, product names, prices, cart actions, checkout events and order values, depending on the configuration.
* Service address: [https://www.googletagmanager.com/](https://www.googletagmanager.com/)
* Terms of service: [https://policies.google.com/terms](https://policies.google.com/terms)
* Privacy policy: [https://policies.google.com/privacy](https://policies.google.com/privacy)

Admin-panel feedback and deactivation-form information are stored locally in WordPress and are not sent to an external service.

== Screenshots ==

1. The module management panel with module toggles and settings.
2. GPSR product safety fields in the product editor.
3. GDPR consent checkboxes at checkout with the consent log.
4. Omnibus Directive - the lowest price from 30 days on a discounted product.
5. The right-of-withdrawal action in the customer account.
6. The DSA illegal-content report form.
7. AJAX search and product filters in the shop.
8. Wishlist, comparison and quick view on the product list.

== Changelog ==

= 1.24.4 =
* New blocks: product-data blocks for block themes and the editor - Unit Price, Delivery Time, Lowest Price (Omnibus), Tax Information, Shipping Costs, Manufacturer, Safety Instructions, Safety Documents, Power Supply, Defect Description, Nutrition Values, Allergens, Ingredients, Nutri-Score, Food Information and Product Safety Information (GPSR) - all in the "Polski" category. Each one displays the matching product data and shows nothing outside a product context. This brings the block editor to parity with the Polski widgets for Elementor.

= 1.24.3 =
* New blocks: DSA Report Form, Dispute Resolution (ODR) Information, Small-Taxpayer VAT Exemption Information and Available Payment Methods are now available as blocks (in the "Polski" category), so they can be placed on any page without remembering a shortcode. Each one displays nothing until the matching feature is configured.

= 1.24.2 =
* New: all Polski blocks are now grouped in the block editor under a separate "Polski" category, and block metadata is registered from block.json files, so the blocks are correctly visible and easier to find.
* Fix: storefront blocks - AJAX search, AJAX filters and the product slider - did not register on installed pages. They now register correctly and appear in the editor.

= 1.24.1 =
* Fix: the gallery and zoom lightbox could stay on screen as a dark overlay if the theme forced its own display value. The closed state is now always hidden.
* Hardening: the popup and quick-view overlays also force the hidden state, so a theme should not keep a closed overlay on screen.

= 1.24.0 =
* New: full support for the WooCommerce block checkout. Consent checkboxes, the digital-content consent and custom checkout fields render, validate and save in both the block and classic checkout.
* New: product information, including the lowest price from 30 days, the unit price and the delivery time, appears in the block cart and checkout.
* Security: hardened rate-limit handling on the guest withdrawal path and improved IPv6 address anonymisation in the consent log.
* Fix: uninstall removes all plugin tables, database migrations run in the correct order, and the Omnibus lowest-price window no longer collapses to the current price for an empty period.

= 1.23.2 =
* Improvement: the setup wizard is now a guided multi-step process: company, legal, taxes and OSS, checkout, finish. It collects company data, enables the needed legal modules and helps configure taxes and checkout. Optional steps can be skipped, and finishing does not disable modules you already use.

= 1.23.1 =
* Translations: completed the bundled translations for German, Czech, Slovak, Ukrainian, Lithuanian, Belarusian and Simplified Chinese, including the text of the new setup wizard and module search and sorting.

= 1.23.0 =
* New: the setup wizard. A new card suggests ready-made scenarios such as a Polish legal baseline, food and grocery, digital products, B2B and wholesale, fashion and conversion growth. The wizard only enables modules, it does not disable existing settings.

= 1.22.7 =
* Fix: the Polski admin menu icon no longer shifts on hover and in the active state.

= 1.22.6 =
* New: the modules screen now has instant search by name and description and sorting: grouped, alphabetical or enabled first. Without reloading the page.

= 1.22.5 =
* Fix: removed a TypeError fatal error that could occur on order queries, including on the WooCommerce orders screen, when the withdrawal query helper received a pagination object instead of an array.

= 1.22.4 =
* New: the BDO number module. Enter a BDO number and display it with the [polski_bdo] shortcode or the BDO number block, for example in the footer. The company identification block can also include the BDO number.

= 1.22.3 =
* Admin: merged five separate settings screens into one tabbed screen, and moved withdrawals, the consent log, CRA incidents, SBOM, the complaint template and GDPR training documents into a reports and tools centre.
* Admin: split the module list into groups and added tooltips to each module. Action links are dimmed when a module is disabled.
* Fix: the Polski menu icon is now centred relative to its label.
* Translations: refreshed and recompiled all bundled language catalogs after the settings and menu changes.
* Documentation: updated the documentation and plugin-page links on plogins.com.

Older versions are available in [changelog.txt](https://plugins.svn.wordpress.org/polski/trunk/changelog.txt).

== Upgrade Notice ==

= 1.20.1 =
Fixes admin-screen script loading in some configurations and refreshes the bundled translations.

= 1.6.3 =
Plugin Check tidy-up: added justifications for queries against custom tables. No functional changes.

= 1.6.2 =
Hardening after the WordPress.org review: safer input handling, a broader description of external services and improved wording in the readme.
