Support » Plugin: Content Cards » GDPR – General Data Protection Regulation

  • By May 2018 every WordPress site needs to make sure that the site is GDPR comliant. Plugins can only be used if they are GDPR compliant.

    Ist the tool GDPR compliant?

Viewing 1 replies (of 1 total)
  • Plugin Author Stanislav Khromov

    (@khromov)

    GDPR compliance isn’t an on/off switch, it depends on if and how a plugin handles personal data and each case will be unique.

    By my interpretation of the GDPR, this plugin has the potential of storing data that would fall into the realm of “Personally Identifiable Information”. For example, a preview image on a site could contain the image of a person residing in the EU, and the title or description of the post could contain their names.

    However, the primary use of this plugin is not to store user data, and as such, we can not implement an interface like https://www.gdprwp.com/ which is used for plugins with an explicit goal to store user data.

    I am not a lawyer, but my interpretation of GDPR in this case is that:
    – If you create a content card that does not contain personally identifiable data, you do not have to worry about the GDPR.
    – If you create a content card which contains personally identifiable data in the image, title or description, it does fall under GDPR and you are liable to amongst other things, remove the content card at the persons requests (Art. 17 GDPR Right to erasure). However, this process does not need to be automated, and because you are not accepting user data directly, you do not have to have any warning messages on your site to use this plugin.

    GDPR is still a developing topic and we will see over the coming year how it will be enforced.

    Hope that sheds some light on this (somewhat fuzzy) topic.

Viewing 1 replies (of 1 total)
  • The topic ‘GDPR – General Data Protection Regulation’ is closed to new replies.