Recently, the European Union enacted new rules related to online user privacy. General Data Protection Regulation (GDPR) controls how companies collect, store, and use European customer data.
In response, WordPress released several updates to align with the new regulations. The GDPR concept is based around one common theme: All customer data must be obtained and used with the customer’s consent, and securely stored. While the new regulations are from the EU, it affects any company or website who has European visitors or customers. If you’re selling products or services to a citizen of an EU country, you need to be in compliance with the regulations or risk the fines. These rules also apply to any plugins or vendors you’re using on your website. Wondering more about how exactly all of this works? See our GDPR Guide for the basics.
The new WordPress release makes it easier for you to be aware of what data you’re collecting from users and where it’s being stored. It also gives EU users the right to have their data permanently erased or transferred to another data controller. Here’s our breakdown of the main changes related to GDPR from the WordPress 4.9.6 update.
2. Commenter Information
Another change for WordPress involves the options for commenters when they’re not logged into a WordPress account. If they’re logged out, commenters have the option of whether or not their name, email address, and website are saved in cookies on their browser. This is something to keep in mind for any plugins you use for comment sections on your website.
3. Data Storage Methods
Related to all of these changes, data storage is another big factor when it comes to GDPR compliance. Right now site owners have the ability to export a ZIP file that has personal data from users gathered by both WordPress and plugins.
With this update, site owners have the option to erase a user’s personal data, including plugin data, upon user request. The update also includes a new email-based method, where site owners can confirm personal data requests and erasures for both registered users and commenters, giving everyone involved more peace of mind when it comes to data storage and protection.
Questions? Get in touch!