hi @bonaldi,
Thanks for the feedback!
As for the contact option, I’ll ask our lawyer. The phpcs is something that I’m going to work on in the coming weeks.
Hi @bonaldi,
The GDPR requires that the privacy policy must contain the identity and contact details like address, phonenumber, email or social media, so a link to the contact form won’t suffice.
Hi Rogier,
Thank you for your response.
Good for phpcs.
This is not entirely correct, from my point of view: the email address must appear on the site, but the GDPR does not require that this be on the Privacy Policy page.
It is therefore possible to include a link to the contact form in the Privacy Policy.
Can you check with your lawyer ?
Regards.
Hi Bonaldi,
Art. 13 GDPR may not prescribe the format or modality by which such information as the email address should be provided to the data subject but does make it clear that it is the data controller’s responsibility to take “appropriate measures” in relation to the provision of the required information for transparency purposes. WP29 recommends that where a data controller has an online presence, an online privacy statement/notice should be provided.
WP29 also recommends the following:
Both Articles 13 and 14 GDPR refer to the obligation on the data controller to “provide the datasubject with all of the following information…” The operative word here is “provide”. This means that the data controller must take active steps to furnish the information in question to the data subject or to actively direct the data subject to the location of it (e.g. by way of a direct link, use of a QR code, etc.). The data subject must not have to actively search for information covered by these articles amongst other information, such as terms and conditions of use of a website or app. (…) WP29 recommends that the entirety of the information addressed to data subjects should also be available to them in one single place or one complete document (e.g. whether in a digital form on a website or in paper format) which can be easily accessed should they wish to consult the entirety of the information.
So not mentioning the email address in the privacypolicy at all or “hiding” it somewhere else on the website is not a good thing in my point of view.
That being said, inserting (optionally) a link in the privacypolicy to the contact form of the site would be a nice extra for some users, and I will ask @rogierlankhorst to put it on our backlog.
Plugin Author
Aert
(@aahulsebos)
Hi @bonaldi,
PHPCS is now ready to be tested. Mathieu’s point of view is leading in our legal features and fixes. As the backlog has been complemented with your idea I regard this as closed. If something comes up in the meantime, please start a new thread.
Thanks again and if you want to become a contributor, please see if you can raise an issue on Git, or do a pull request!
https://github.com/rlankhorst/complianz-gdpr
regards Aert
Mathieu, thank you for confirming that the GDPR does not require that the email address be at a specific location on the website.
It is not a question of hiding it either, but for example in France we have other mandatory Legal Notices (Mentions Légales) which must already contain this email address. It is therefore not essential in the Privacy Policy.
A link to the contact form is therefore an interesting alternative.
To make a parenthesis, there is something illogical on the one hand to oblige the owners of sites to provide a readable email which could be private, and on the other to do everything so that personal data is not disclosed. From my point of view, a link to a contact form should be possible, to improve the fight against the unauthorized indexing of these email addresses and fight more effectively against spam (and therefore participate in the fight against global warming) . But that’s another story … End of the parenthesis.
Aert, do you consider that I am not a contributor although I participated last year in the implementation of the part concerning the integration YouTube, Vimeo and Dailymotion and that I am also PTE of the plugin for French Team?
I’m kidding and I guess you can’t remember everything. 😉
Thank you for PHPCS, code maintenance will be easier for everyone.
I will give you feedback if necessary after the next release.
Regards.
