Everybody has heard about GDPR by now. This post is about how it relates to our WordPress plugins and add-ons and it’s intended to help our customers understand which tools they have related to GDPR compliance.
We’ll present a brief summary and a refresher before the main content.
- We understand the importance of GDPR to our users’ business. We have created a list of resources to help admins ensure their websites are compliant with user data regulation. The highlight is a GDPR And Data Privacy documentation article.
- Two WordPress products are receiving updates related to user data control: Customer Reviews and Rating and Question and Answers. Other products will also receive lesser important updates.
What is GDPR?
GDPR stands for the European Union (General Data Protection Regulation). It comprises of a series of rules intended to protect the data privacy of its citizens.
It was approved by the EU Parliament on 14 April 2016 and is set to be enforced starting on 25 May 2018.
WordPress has addressed GDPR compliance in its 4.9.6 Privacy and Maintenance Release (May 17th). Some of the features include:
- Comments – Guest users can opt-out of cookies.
- Data Handling – Data Export and Data Erasure features. Includes an e-mail based confirmation system.
Read WordPress’ Release Notes for more information.
This is a fundamental update, as it grants the admin with more flexibility in handling (and removing) user data.
We encourage all WordPress administrators to update their installations as soon as possible.
We also have announcements of our own.
Updates on Plugins
In an attempt to give more power to our customers and their users, two of our plugins are receiving updates directly related to data ownership.
The Reviews plugin allows users to add reviews to the website. The update covers:
- Terms of Service – The admin can now add a disclaimer that the users must accept before posting their first review.
- New shortcode [cmr_delete] – It generates a link that lets the user delete all his/her reviews. The user is warned that this action cannot be undone.
- IP Collection – The admin can toggle this option off at any time.
- New shortcode [cmq_delete] – It generates a link that lets the user delete all his/her submissions. The user can pick between removing only questions or answers and is warned that these actions cannot be undone.
This is covered in the Documentation Guide CM Answers (CMA) – User Data Privacy and GDPR Compliance.
These updates to both products are being deployed and should be available to all users soon.
Some of our products provide services that are related to user data and can be interpreted to affect GDPR compliance.
With that in mind, the following guides were created. Their intent is to give a quick overview of which data is collected and which tools the admin has to enforce compliance.
- General Support – GDPR And Data Privacy – a general guide about GDPR and CreativeMinds. This important document serves as a hub to all other related to GDPR. It can be accessed from all product pages.
- CM Expert Directory Community (CMEDC) – User Data Privacy and GDPR Compliance
- CM Product Directory Community (CMPDC) – User Data Privacy and GDPR Compliance
- CM Tooltip Glossary Community Terms (CMTCT) – User Data Privacy and GDPR Compliance
- CM FAQ Community Submissions – User Data Privacy and GDPR Compliance
- CM Map Locations (CMML) – User Data Privacy and GDPR Compliance
- CM Map Routes Manager (CMMRM) – User Data Privacy and GDPR Compliance
- CM Download (CMDM) – User Data Privacy and GDPR Compliance
If you have any further questions, please get in touch with us.
All users are encouraged to review it.
Some of our products work by integrating data with external services. Here is a handy list of resources related to GDPR compliance from each of them.