Key Aspects of WP GDPR That Need to Consider

25th of May 2018 is the day when the General Data Protection Regulation will come into effect. GDPR compliance is an important thing to consider for all the WordPress websites because without that website owners have to pay heavy fines. GDPR is intended to strengthen and unify the data protection rights of the individuals within the European Union and also visitors of other continents. Its primary aim is to give the control over the personal data.

Key Aspects of WordPress GDPR That Users Need to Consider

The GDPR compliance team is aware that making the WordPress based sites compliant with the GDPR is definitely a big task. So, they are focusing more on the core policy, privacy tools and documentation, plugin guidelines and etc.

Will WordPress Developers Make the Platform GDPR Compliant?

Yes, for sure. While developing a WordPress website, our developers will take care of the GDPR guidelines by using the required tools or plugins needed for compliance.  We will check the development road map to find out whether your site will support the plugin or not. In case you are looking for some customized support, then we can let you know about our services only after thorough analysis of the site.

Important Things to Consider in WordPress GDPR:

Data collection, storage and processing:

The most important aspects that need to be considered are the right to access, data portability and the right to be forgotten. 

  • The right to access offers the users complete transparency in data storage and processing, what data are to be collected, where are they stored and processed, the reason of collecting and etc. The users will now have to be given a copy of their data.
  • Data portability clause offers the users the right to download their personal data for which they had previously given permission and then transmit the data to a different controller.
  • The right to be forgotten allows the users to erase any personal data and also stop any processing and further collection of data. This involves the user to withdraw his or her consent from their personal data to be used.

As a WordPress website owner, you have to publish the details of the policy on which you will collect personal data and how you would use, process and store them.  

Breach notification:

If in case your website is experiencing any data breach, then you are liable to communicate the message to your users. The breach may result in a risk of freedoms of individuals and this makes it essential to notify the users timely and the notification should be sent within 72 hours of the breach. In case of your WordPress website, if you notice any data breach, then you need to notify those users within the stipulated time frame.

Use of any plugins:

Any WordPress plugins that you use need to adhere to the GDPR rules. As a website owner, it is your sole responsibility to ensure that every plugin that you use export/erase or provide the user date that it collects according to the rules of GDPR. Each plugin should establish a data flow and inform the users about the processing of any personal data. In case you are the developer of a WordPress plugin, then provide the users of your plugin an addendum, so that they can add it to their website policies to make them GDPR compliant.