Regulation. • It is approved by the European Parliament in April 2016 and already came into force on 25 May 2018. • EU GDPR will affect businesses both inside and outside of the EU. Any non-EU company dealing with EU customers will have to comply with the GDPR. • If your WordPress website or WooCommerce store collects any personal data from EU users, you need to get it GDPR-compliant. In other words, all websites that collect personal information from individuals and citizens within the EU will fall under the jurisdiction of the GDPR. • If you don’t comply with the regulations, there are harsh penalties – up to 4% of annual global turnover or €20 Million (whichever is greater).
data via forms (contact forms, newsletter signups etc.) • How you collect analytics data • What you do with that data • Where the data is stored • How you communicate with your customers and contacts • The code you use – plugins and themes.
Tell them who you are when you request the data. Say why you are processing their data, how long it will be stored and who receives it. • Consent: Get their clear consent to process the data. Collecting from children for social media? Check age limit for parental consent. • Access & Portability: Let people access their data and give it to another company. • Warning: Inform people of data breaches if there is a serious risk to them. • Erase Data: Give people the ‘right to be forgotten’. Erase their personal data if they ask, but only if it doesn’t compromise freedom of expression or the ability to research. • Marketing: Give people the right to opt out of direct marketing that uses their data.
of third party themes and plugins when creating sites for clients. • When creating plugins or themes which include a form where users will input personal data. • When linking to third party APIs to access or process data. • When coding analytics functionality or anything which can identify a user via their IP address, location or other means.
need to do following: • Tell the user who you are, what data you collect, why you collect the data, for how long you retain it and which third parties receive it (if any) • Get a clear consent before collecting any data • Let users access their data • Let users download their data • Let users delete their data • Let users know if a data breach has occurred
inform the user about the data you gather, while the Terms and Conditions (also called T&C, Terms of Service or TOS) include the legal terms and rules that bind the customer to your business. • Create a T&C page if you have none. • Add a new GDPR paragraph to your T&C that links to your Privacy Policy page • Use the WooCommerce Checkout Settings to add a checkbox to the Checkout page
you have none, Use WordPress Privacy Policy document generator. You will need to cover the following: • who you are (company, address, etc) • what data you collect (IP addresses, name, email, phone, address..) • for what reason you collect the data (invoicing, tracking, email communication, etc) • for how long you retain it (e.g. you keep invoices for 6 years) • which third parties receive it (MailChimp, Google, CRM, etc) • how to download data (either automatically or by emailing the Data Protection Officer) • how to delete data (either automatically or by emailing the Data Protection Officer) • how to get in touch with you for data-related issues (the contact details of the assigned Data Protection Officer, probably you) • Display link to Privacy Policy in the footer.
a registration form with username and password, if you’ve enabled this from the WooCommerce settings. • As this is personal data, You need to show the Privacy Policy checkbox on the frontend like on checkout. • Remember to only collect information you strictly require to run your business • You need to use hook to add content to the bottom of the registration form.
need user consent. • A good way to avoid this “consent” is to only allow logged in customers who purchased the product to leave a review • Tick the “Reviews can only be left by “verified owners”” checkbox in the WooCommerce settings • If you allow reviews from non-logged-in, non-purchaser users, you’ll need to add the Privacy Policy checkbox to the product review form.
comments enabled, here comes another GDPR compliance problem. • You will need to add a Privacy Policy consent message in the “Leave a comment” form and a “cookies opt-out”. • Use the default WordPress Comments or select a GDPR-compliant WordPress Comments plugin • Make sure to display the Privacy Policy checkbox before users submit a comment
automatic opt-ins on your site. All checkboxes must be not checked by default. • Audit all your opt-in forms • See if your opt-in form / newsletter / email marketing provider has a GDPR solution • Make sure to display the Privacy Policy checkbox before users opt-in
7, Ninja Forms, Gravity Forms etc. on our Contact Us pages and other WordPress pages. • These forms now require Privacy Policy consent. • Add Privacy Policy checkbox to all your contact forms • If the contact form is going to store personal data in a database and/or is tied to an email marketing software, you need to tell your users why and where you’re storing data.
capturing user data and using cookies without consent. Same applies to Google AdWords, Facebook pixels and similar. • Only use reliable, GDPR-compliant tracking software • Ask software providers how they’re handling GDPR compliance • Add to your Privacy Policy who handles your tracking data • Google Analytics introduced a new user deletion tool that allows you to delete all data associated with an individual user (e.g. site visitor) from your Google Analytics properties.
is basically “a piece of code” that allows you to access an external software without ever leaving your website. • Private data might be passed from your website to another software and viceversa, hence GDPR applies. • Examples: Mailchimp API, Stripe API, Facebook API, Twitter API • Add APIs to your Privacy Policy
this needs to be immediately communicated to those users affected by the breach. • A notification must be sent within 72 hours. • Secure your WordPress/WooCommerce website • Subscribe to all your third-party software / API providers so that you can become aware as soon as a data breach that affects your users occurs • Reduce the amount of data you store. • Have a data breach emergency plan
ahmedabadwordpress
hoshinoresearch
scbc1167
n0bisuke2
tosseto
dosu0805
ma2shita
tichise
awsjcpm
masaru_b_cl
mojombo
swwweet
philhawksworth
jeffersonlam
iamctodd
brianwarren
brad_frost
kevinliebholz
erikaheidi
ufuk
eileencodes
stephaniewalter
