The add-on itself creates the ability for users to view, edit, download and request to delete their personal data from all entries, kept by Gravity Forms, on your website.
Users can ask access to their personal data.
We use their email-address as an unique identifier. That's why this field needs to be implemented and required when you want to store personal data and make use of the add-on.
The user can go to the 'GDPR – Request personal data' page that's created by the free core plugin and fill in his email-address.
When users ask to delete their personal data a request is send to the administrator of the site. He has the possibility to delete or anonymise the data. There are 2 buttons in de backend where he can automatically invoke these features. When he made his choice and the data is deleted or updated the user will receive an email notifying him of the changes.
The user will receive an email with a unique url on which he can update his personal data, both for comments and Gravity Form Entries.
- Users can view their personal data (Art. 15 GDPR - Right of access by the data subject)
- Users can adapt their personal data (Art. 16 GDPRRight to rectification)
- Users can download their personal data to a csv (Art. 20 GDPRRight to data portability)
- Users can request to delete their personal data (Art. 17 GDPRRight to erasure (‘right to be forgotten’)
Besides the ability to act upon a delete request, you can view a log of all users that requested to view their data, a list of delete requests, a list of plugins and a settings page where you can activate your plugin.