What do You Need to Know about WordPress GDPR Compliance?

The full form of GDPR is General Data Protection Regulation. It is the privacy law that protects the right of all EU citizens and their personal data. It was approved on April 14, 2016 by the European Commission. Here are the few terms you should understand:

  1. Controller

A controller ascertains his purposes and means of processing the personal data.

  1. Processor

They are responsible for processing the personal data on controller’s behalf.

  1. Personal data

Personal data is information that identifies a person, even indirectly by combining one piece of information with another piece of information.

  1. Processing

If personal data is accessed, used or stored in any way, it is called processing. According to GDPR compliance, processing entails all actions taken on personal data like collecting, recording, organizing, structuring, storing, adapting, changing, retrieving, consulting, using, transmission, disclosing, disseminating, combining, aligning, restricting, erasing or destroying.

Basic principles of GDPR

  1. Data should be processed under lawful, fair and transparent means. Also considering that the consent is given.
  2. Personal data should be gathered for a certain, explicit and valid purpose and should only be used for the stated purpose.
  3. Personal data must always be proper, relevant, and limit collection to only what is needed at the time.
  4. Personal data should always be accurate and updated.
  5. Personal data should only be stored in an identifiable form for the shortest time.
  6. Personal data should be processed in a way that it guarantees data security.
  7. The controller has the sole responsibility to be able to pay heed to these aforementioned principles.

How does GDPR Impact WordPress?

  1. The WordPress community site that gathers personal information for every user profile.
  2. The WordPress theme shop where the customer needs to sign up for accounts to buy themes or plugins.
  3. A WordPress blog that bears a newsletter subscription widget or allows the visitors to comment.
  4. A WordPress site that makes the use of analytics software.

How to Make Your Website GDPR Compliant?

  1. Hire a lawyer
  2. Review the data collected and the processing workflow
  3. GDPR Project is now integrated with WordPress Core for Developers
  4. Keep all the legal documents updated.
  5. Offer data portability
  6. Self certify under privacy shield framework
  7. Encrypt your data or HTTPS
  8. Have a look at your themes, plugins, services etc.

Comments are closed.