Are you a WordPress plugin author, and does your plugin handle user data in any way? Then this for you…
We are building a GDPR plugin standard
The EU General Data Protection Regulation will be in full force from 28th of May 2018. That’s about 200 days from now!
We are developing a unified descriptive methodology of what is being stored, where it is stored (database, file or cookie), how long it’s there for, as well as the purpose (ie. 3rd party sharing). And also providing information on each part of data, on how to safely handle deletion.
Our aim
We aim to give plugin developers a simple solution to GDPR validate their plugin, and offer Website Administrators the overview and tools to handle the administrative tasks involved with being GDPR compliant.
For plugin developers
Our solution is free, and offer a simple guide to create a file that will describe the user information handled within the plugin. This file will be open for anyone to read.
We need your feedback before we can move on to the next step:
Please! Spend 3 minutes on our survey.
For Website Administrators
We are building a GDPR compliance plugin suite, to help websites accomplish the Right to Access, Right to be forgotten, and Breach Notification functionality that every WordPress site must have, no matter the combination of plugins that handle user identifiable data.
GDPR summary
In (very) short. GDPR states that if a website collects, store or use any data related to an EU citizen. You must comply with the following:
– Tell the user: who you are, why you collect the data, for how long and who receives it.
– Get a clear concent, before collecting any data
– Let users access their data, and take it with them
– Let users delete their data
– Let users know if data breaches occur
See this nice infographic from the European Commission
Not following these guidelines will eventually result in a fine. Up to EUR 20 million or 4% of your annual turnover – so quite a bit of money.