What to Do About Your WordPress GDPR Compliance

1 - Using Plugins

Although you are not the creator of the plugins used on your site, it's still your responsibility to ensure that the plugins are GDPR compliant.

You have to ensure that every plugin you install on your site has the capability to export, provide, and erase the user data it collects.

If you are a plugin developer, then you may have to include an addendum that users can add to their sites. This will let visitors and customers know how their personal information is collected and used in line with the GDPR rules.

And as the business owner, you will have to deploy data protection policies for the whole company (both offline and online activities).

2 - Notifying Users of Any Breach

If you notice any data breach of your website, you are mandated by GDPR to notify your users within 72 hours. A data breach may have far-reaching implications that can result in a risk for their rights or freedom.

Data processors and controllers are also required under GDPR to notify their users of any data breach within 72 hours of becoming aware.

As a WordPress site owner, you are required to notify all users of your site within the said 72 hours once you notice a data breach. These users comprise regular visitors to your website, your contact form entries, and even those who may have posted comments on your site.

The Wordfence plugin is one of the best tools to monitor web traffic and web server logs as well as help prevent data breaches and secure your site.

3 - Data Processing

Users have the right to know what their data would be used for and the right to request that their data be deleted from your site's storage. Once the user withdraws their consent for their data to be stored, that means every trace of it has to be erased from storage and from the server.

There's also the need to provide users with a copy of their data should any request be made by them.



Join the Discussion
Write something…
Recent messages
DCarpenter1 Premium
Thank you Israel,

Most important training to ensure compliance.


Denis
Reply
Israel17 Premium
Oh, yes, Denis! Compliance is mandatory whether a site is EU based or not. It's meant to protect the EU citizens.

Israel Olatunji
Reply
Keny44 Premium
Thanks for enlightening us on WordPress GDPR. It's such a great information.
Reply
Israel17 Premium
Thanks for the compliments, Keny! Much appreciated! Glad you found my GDPR tutorial useful and informative!

Israel Olatunji
Reply
Parameter Premium
Data protection is essential in all aspect. Thank you very much for this comprehensive insight.

Ayodeji
Reply
Israel17 Premium
Most welcome, Ayodeji! Yeah, whether your site is based in EU or not, you're obliged to comply to the regulation. Thanks again!

Israel Olatunji
Reply
ijeomaeze Premium
Thank you.
Reply
Israel17 Premium
Appreciate your comment, ijeomaeze! I hope you found my GDPR updates useful!

Israel Olatunji
Reply
Wilde Premium Plus
You have an excellent way of coving topics that I am researching. It's pretty funny to me that just yesterday, I was looking into GDPR and today you post-training on it (this has happened a few times in the past too).

GDPR is a pretty crazy thing, and I did not know about the fine they can impose. Thanks for covering this and using this as a simple reminder.
Reply
Israel17 Premium
Wow, that's awesome to know, EW26! Glad my GDPR tutorial came handy, my friend!

Israel Olatunji
Reply
Top