GDPR Data Manager

Description

YOUR WORDPRESS GDPR COMPLIANCE ASSISTANT

GDPR Data Manager is a plugin developed by Seahorse Data Management which assists website and webshop owners to adhere to the most critical data compliance obligations raised by GDPR.

What does it do?

Action Right to Forget (Delete) and Right to Portability (Export) requests easily and transparently using a customizable interface to meet your GDPR obligations.

Who is this plugin for?

If your are gathering personally identifying information (PII) from users (eCommerce customers, contributors etc.) within the European Union (EU), you must comply with the General Data Protection Regulation (EU) 2016/679 (‘GDPR’).

SUPPORT FOR:

  • WordPress Users
  • WooCommerce
  • Easy Digital Downloads

KEY FEATURES:

  • User actionable : once a user request is actioned by the site admin, an email is sent to the user which acts as a trigger for the Export / Delete action, to be completed by the user.
  • Action logging : all activity including user and admin actions are logged for audit purposes. The audit data is stored indefinitely on the GDM remote storage for retrieval as required. The GDM remote storage does not record any Personal Identifiable Information (PII) as per GDPR guidelines.
  • Remote Backup : in case of data roll-back (restoring database from a previous version) avoid having to request users complete the process again. GDM does this automatically.
  • Customization : real-time editor for customization of template views
  • Export : option of 3 exports formats CSV, JSON & XML
  • Database Overview : understand your database as per GDPR regulations i.e. see where personally identifying information (PII) data exists on your database

ROADMAP:

  • User initiation of data requests
  • Expansion of Database Overview
  • WP eCommerce (Support)
  • Ecwid Ecommerce (Support)
  • WP EasyCart (Support)

Screenshots

  • Search Interface
  • Admin Search Output with facility to action Export (Portability) or Delete (Erasure)
  • Example email sent to user upon data Portability request
  • Example history records (audit trail) including sync records from remote server after roll-back
  • Customize templates via the Options section
  • Your Database Overview

Installation

To install this plugin:

  1. Upload the entire ‘seahorse-gdpr-data-manager’ folder to the ‘/wp-content/plugins/’ directory
  2. Activate the plugin through the ‘Plugins’ menu in WordPress

FAQ

What makes this different to the native WordPress Erase / Delete Data feature?

GDM does not put the responsibility on the webmaster to securely generate and send requested data. No user data is sent over email, instead a secure link is emailed to the requestor which expires once activated or after 24 hours of inactivity. Requestors must complete the actions themselves ensuring that no export data is left accessible on webmasters machines in line with GDPR compliance.

What happens if I roll-back my database and user data which has been deleted is returned?

GDM stores activity remotely so in the event of a roll-back, the plugin will compare remote activity with local data to sync any changes. Users will not have to go through the verification process again. Data controllers can re-run the already verified actions

What if I have a Right to Forget request from a WooCommerce Guest user?

GDM can isolate WooCommerce guest data in the same way as regular user data. If the request is for data deletion, GDM only deletes the user data leaving system data intact for future reporting etc. as per data protection guidelines.

How is contributed content handled in cases of data deletion requests?

A distinction is made by GDM between contributed ‘content’ and ‘content attributes’ so in the case of posts, a deletion request will lead to the post being assigned to the deleted user as author (so no associated PII data) but the contributed content Title and Body text will remain.

If a user requests their data to be deleted, what happens to posts etc. that they have contributed?

The content (body, title etc.) remains in place – only the associated PII (author detail etc.) is removed.

If a user deletes their data, will my eCommerce reports be effected?

GDM maintains all operational data after a user deletion including some high level data (e.g. high level location data of customer etc.) so reporting is uneffected. All eCommerce order data persists – only user PII is removed.

Reviews

Read all 2 reviews

Contributors & Developers

“GDPR Data Manager” is open source software. The following people have contributed to this plugin.

Contributors

Translate “GDPR Data Manager” into your language.

Interested in development?

Browse the code, check out the SVN repository, or subscribe to the development log by RSS.

Changelog

1.2.1

  • Support for Easy Digital Downloads added

1.0.15

  • v1.0 of the ‘Your Database’ section

1.0.14

  • fix’s applied to external links and updates to free trial period

1.0.13

  • updates to system licensing method inc. UX edits

1.0.12

  • compatibility issue for PHP 7.1+ bug fix

1.0.11

  • Edits to user email text content

1.0.10

  • Expansion of disaster sync functionality and addition of free features (template views)

1.0.9

  • WC Guest deletion patched and post content deletion bug fix

1.0.4

  • updates to handling of disaster record syncing and delete data process

1.0.3

  • update to naming conventions as per WP guidelines

1.0.2

  • Fix – zip installation process error