Support » Plugin: Post SMTP Mailer/Email Log » GDPR…

  • Hello.

    As the new too complicated GDPR law goes live in May 25th I wanted to ask you if there are plans to make the plugin compatible and add new features/settings to it concerning data collection from the users/visitors and also presenting that information to them in the frontend and options to opt-out if they wish.

    I’m not sure if an SMTP plugin needs to be GDPR compatible but I’d like to hear your input on this because it concerns everyone I think.

    Please let me know.
    Thanks!

Viewing 6 replies - 1 through 6 (of 6 total)
  • Plugin Author yehudah

    (@yehudah)

    Hi,

    The only part of the plugin need adjusment is the email logger.
    The plan is to add an export option for results and option to disable the email logger.
    Beside the above post smtp is not collecting anything.

    Thread Starter catmaniax

    (@catmaniax)

    I see, thanks.

    Do you think the update for this will be released before May 25th?

    Plugin Author yehudah

    (@yehudah)

    Yes, the plan is next week.

    Thread Starter catmaniax

    (@catmaniax)

    That’s nice to hear 🙂

    The only thing you as a user of the Post SMTP plugin needs to do is switch off the logging of emails to your server IF and only IF you don’t inform your users that you log their emails, their email IP addresses and the contents of their emails for a short period of time (no longer than XXX days) for the purpose of debugging or maintaining the website. This debugging is not permanently enabled etc etc.

    If you want to avoid having to put anything in your privacy policies, then just switch off logging full stop.

    If anything, all the plugin developer need do is insert a section in the Plugin Documentation reminding users of the plugin that ‘logs’ are stored within the database and therefore users should consider the GDPR guidelines with respect to the storage of user data.

    At the moment, the logs store a number of entries, one future feature request could be an expiry date (i.e. X days) where log entries will expire and be automatically deleted. That will provide cover for websites that have low traffic where it might take several years to have say 100 emails accumulate and for emails to drop out of the log/database. Having an expiry date will reduce the chances of falling foul of the GDPR. But that’s a nice to have feature request…

    GDPR is not ‘as scary’ is it first sounds. 9/10, so long as you show you have well documented procedures and policies, you do not keep data that you don’t operationally need for longer than necessary, that the user can easily request to be forgotten or have their data transferred and corrected, you are covered.
    (YMMV – if in doubt, consult a lawyer etc etc, yada yada yada).

    Thread Starter catmaniax

    (@catmaniax)

    The expiry date feature request will be more than welcome if it’s possible 🙂

Viewing 6 replies - 1 through 6 (of 6 total)
  • The topic ‘GDPR…’ is closed to new replies.