GDPR Compliance for a WordPress site

By | 2 May 2018

On 25th May 2018, the GDPR (General Data Protection Regulation) enacted by the EU will come into effect.
The aim of the GDPR is to give citizens of the EU control over their personal data and change the approach of organizations across the world towards data privacy.

In the nice infographic by European Commission it’s clearly illustrated the data protection process including a summary of site owners’ obligations in regards to collecting data related to EU citizens:

– tell the user who you are, why you collect the data, for how long, and who receives it
– get a clear consent (when required) before collecting any data
– let users access their data, and take it with them
– let users delete their data
– let users know if data breaches occur

Some usual ways in which a standard WordPress site (and third party plugins) might collect user data:

– user registrations
– comments
– contact form entries
– analytics and traffic log solutions
– any other logging tools and plugins
– security tools and plugins

The GDPR for WordPress project has two aims: help plugin developers with a simple solution to GDPR validate their plugins and offer Website Administrators the overview and tools to handle the administrative tasks involved with being GDPR compliant.

While developers are working to include GDPR in the WordPress core, various GDPR plugins have been released.

Finally a list of useful resources about GDPR and WordPress:

The Complete WordPress GDPR Guide by codeinwp.blog
Checklist: Is Your WordPress Website GDPR Compliant? by WPUPGRADER
Is Your Website GDPR Compliant? How to Get Ready for the General Data Protection Regulations by wpmudev
WorPress Tavern
GDPR compliance verification tool by Cookiebot

[UPDATE 21/05/2018]

With the release of WordPress 4.9.6 you can find these new features about GDPR:

– readers that leave a comment can choose to allow name, e-mail and web site are saved on the browser. If the checkbox is checked the preferences will be stored in a cookie.

– there is a new Privacy entry on the settings that allows to choose an existing page or write a new page. There is a guideline about what content to include, you have to adapt it about your needs.

– manage users data feature. 2 tools have been added: export and import user data.

Iscriviti al gruppo Telegram Italian Spaghetti Geeks

https://t.me/ItalianSpaghettiGeeks

News e discussioni sulla tecnologia (internet, computer e mobile, telefonia, sat/DTT e streaming, ecc...), giveaways esclusivi prodotti tech, sconti ed offerte e molto altro ancora!

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.