What is the GDPR?
The General Data Protection Regulation (GDPR) is the replacement for the Data Protection Directive 95/46/EC. Originally enacted in 1995 while the internet was still young, they’re definitely due the update. The change is much more than a simple update/upgrade of existing policy, however. At its core, the GDPR is a move towards enshrining control of your personal data as a fundamental human right.
In short, the GDPR is a data privacy regulation that modernizes and normalizes data privacy laws across Europe and applies to any organization collecting data on EU citizens.
Some usual ways in which a standard WordPress site might collect user data:
- user registrations,
- contact form entries,
- analytics and traffic log solutions,
- any other logging tools and plugins,
- security tools and plugins.
Here are a few steps to be compliant to GDPR with Catchers Helpdesk:
2. Add Checkbox “I agree” to your contact form.
You can add a custom field GDPR field to any of your contact form via Contact Form Constructor Add-on.
3. Organize access to User Date
You can easily get the list of tickets via Export button via Productivity Add-on.
Right to Access. Data subjects must be able to request and obtain confirmation that data is or is not being collected on them, and if so exactly what data is being collected, how, where, and for what purpose.
Right to Be Forgotten. Data subjects must be provided a quick and painless way to withdraw consent and have collected data purged.
Data Portability. Similar to the Right to Access, Data Portability requires that data subjects are able to request, obtain, and/or transfer possession of collected data at any time.
All those rights might be realized by email request. So you can receive a request via a contact form or via email. Due to the search field, you can find a certain ticket, their profile and edit it in the WP users Panel.
To sum up what it means to make WordPress GDPR compliant:
- the law comes into effect in May 2018,
- it applies to any website that deals with personal information of EU users,
- it gives the user the right to control the flow of their personal information,
- there are defined processes to monitor compliance and huge fines are in place for non-compliance.
In a nutshell, to make your WordPress GDPR compliant, you should:
- look into all the different ways in which you’re collecting visitor data.
- put mechanisms in place to make sure that users can control their data. Additionally,
- even if you’re using third-party tools and solutions, you still need to make sure that those are GDPR compliant as well.
What questions do you have about the GDPR? Be free to ask us now!