We released a new major version of our WP-GDPR Core plugin.
Over the past weeks, we worked towards a flexible privacy center that allows us to integrate more services. The Personal Data Overview page was a good start, but it was hard to integrate this in your theme. To remove this problem, we decided to fully redo the code.
These are the changes:
- New frontend Privacy Center UI for personal data management
- New options for users to export their personal data : PDF / COPY / EXCEL / CSV / PRINT
- Users can filter their personal data through search
- Users can sort their Personal data in the Privacy Center
- Privacy Center uses theme header + footer
- Upgraded translations for NL BE FR SE
Please update your WP-GDPR Core and all of its add-ons.
Released WP-GDPR 1.5.2 for our core plugin.
This release contains:
- Improve interface in wp-admin
- Improve labels and texts
- Add data to plugin.json
- Add Call To Action buttons to add-on overview
- Add Norwegian translation
- Add Italian translation
We mainly focussed on a better UI of the wp-admin of our plugin.
The new UI will give you a better overview and help you prioritize the work that needs to be done first.
If you encounter another problem or have suggestions, don’t hesitate to contact us!
General Context
Already in the early 90’s, the European Union adopted the Data Protection Directive which regulated the processing of personal data within the European Union. The directive helped European citizens to be aware of their right to privacy, but the effect on the personal data itself was small. Partially because of the different interpretations of the directive by the individual member states.
With the General Data Protection Regulation (GDPR), a new and modernised law will become enforceable on the 25th of May 2018. The regulation wants organisations (companies, governments, NGO’s, …) to get a mindset of “Data protection by design”. And this not only for European organisations, but all organisations that handle personal data from a European citizen. Even if the organisation is located outside of the EU.
What is a Data Register?
With the WP-GDPR Core plugin and its add-ons, you have to tools at hand to process personal data and let your visitors manage that data themselves. We’re working on improving the process and explaining more on how the plugin works, so it will be easier for new users to get started with the WP-GDPR plugin. This will also help with changing the mindset of personal data.
Apart from managing personal data, it’s also very important to keep track of what happens to the personal data. Basically a history of all things related to the data. This includes:
- When did someone consent to storing the data?
- What data can we store and for how long?
- Who requested access?
- Who filed a delete request?
This “Record of processing activities” (Reference: Article 30 of GDPR) is often called the Data Register and must be available for consultation when privacy authorities ask for it. The Data Register let you keep track on who does what with personal data.
Data Register template
In many cases, creating a Data Register isn’t that hard and can be a good second step (First Step: Identifying all personal data) in getting GDPR compliant. To help you get a grip on the whole Data Register, we make a spreadsheet template available for you to download here:
https://docs.google.com/spreadsheets/d/1IsFLKF9kiZZ8Cp8fKrJkmhGODWy-Xkisa1MIzSHXHtw
(We’ve put the template in a Google Spreadsheet, so you can always access the latest version of it)
Automate all the things
As you can see, there’s some administration involved in keeping the Data Register up-to-date. In essence, the Data Register can be this spreadsheet on someone’s computer, but we suggest storing the Data Register on your website. This makes it possible to automate certain parts of storing. For example, we can store the consents from forms or the delete requests automatically in the Data Register of the WP-GDPR plugin.
Of course, since not every request or consent comes from the website, there should be an option to manually add records to the Data Register.
In future releases, we will try to make more integrations possible to automatically store the consent. We will start with the WP-GDPR Core and the add-ons.
Released WP-GDPR 1.4.3 for our core plugin.
This release contains
- Fix: Deprecated warning
- Fix: When request form is embedded on a non-standard page. Until now, you got a 404-error when redirecting to the “Thank you”-page
- Fix: Confirmation of processing the delete request shows a short reference to what happened to the data
- Enhancement: Add table header “request language”
As you see in the list above, we mostly fixed issues and did small improvements to this core plugin.
If you encounter another problem or have suggestions, don’t hesitate to contact us!
Released version 1.4.1 from the WP-GDPR Core plugin.
This release contains
- an improved autoloader
- a fix to prevent conflicts with the Jetpack comments
In the support forum, therecipettes and tauchenalow23 pointed at the conflict. Since many of you use Jetpack features, we thought it important to do a minor release.
If you encounter another problem or have suggestions, don’t hesitate to ask!
We released version 1.4.0 of the WP-GDPR Core plugin.
A lot of improvements were released, but we’d like to highlight a few of them:
- Add DPO email address
- Option to not show the comments section
- Add settings feature
- Stop form submition after refreshing
- Add filter to implement checkbox in other commentforms
- Update DE language (thanks Ritchie!)
Also we made the codebase of the core plugin compatible with PHP version 5.3
Download from the plugin directory:
Everone working with WordPress has heard from WooCommerce. Many of us probably build at least one website with it. According to Builf With, 42% of all ecommerce websites have WooCommerce as its engine.
Source: https://trends.builtwith.com/shop
When you place an order in WooCommerce, some important but personal data is required.
You have to store some of the data for some years as stated in laws. Other parts of the data are optional and need to be manageable according to GDPR.
As you can see, there are many things to keep in mind when handling personal data in combination with GDPR.
From today on, we will be working on an add-on to help you make your WooCommerce GDPR compliant.
Update:
On March 28th, 2018 we launched the WP-GDPR WooCommerce add-on.
It’s available on this website: https://wp-gdpr.eu/add-ons/woocommerce-add-on/
Today we release a new add-on for the WP-GDPR core plugin.
With the WP GDPR CFDB7 add-on we help you to let visitors view, manage, update and request to delete its data. This makes your website more in line with GDPR.
If you have any more questions, don’t hesitate to contact us!
Early 2017 we heard about the possible impact of GDPR on web development. We then realized the impact on our clients business is enormous. In the meantime, initiatives to make WordPress GDPR compliant were taken by the large WordPress community.
Some blog posts (Blog post sources ) made us think about a reusable solution for our clients.
Today we start developing a plugin that assists you in making your WordPress website GDPR compliant.
You can follow development through this website.
Update February 13th:
We moved the repository to github and made it publicly available.
Please join us at https://github.com/WP-GDPR/wp-gdpr-core
Of course we accept pull requests!