With the European Union’s General Data Protection Regulation (GDPR) just around the corner, many software vendors have been busily making updates to help businesses comply with the new laws. WordPress has also been working away on making improvements to help the WP community deal with their data.
It is important to remember that although GDPR is a European regulation, any business that collects European residents data will have to comply. You can learn more about the GDPR from the European Commission’s Data Protection page.
Let’s take a look at the WordPress updates for GDPR
A user will now be given the choice as to whether their name, email address and website are saved in a cookie on their browser when adding a comment.
Under the tools menu you have new options for personal data management:
You can now export a zip file containing specific users personal data on your site. This will allow you to comply with the data subjects Right of portability – If requested, we will export your data so it can be transferred to a third party. and Right of access – We’re transparent about the data we have and how we use it. You can contact us at any time if you’d like to access your data.
This will delete all personal data of your data subjects including personal data stored by participating plugins. This will allow you to comply with the data subjects Right to be forgotten – After receiving a request to be forgotten, we will permanently delete your record and all data associated with it within 30 days of receiving the request.
There is also a new data request email that works with the Data Export and Data Erase features above and can be submitted by both registered users and commenters.