Moderator
Jan Dembowski
(@jdembowski)
Forum Moderator and Brute Squad
Thanks for the review but keep it about this plugin. This is not an opportunity to send users to another plugin.
These ads have been removed long time ago.
So the widget posts our clients form data to mlcalc servers and the output is generated from that site rather than our sites?
And the resulting graph has a link to this page (https://www.mlcalc.com/) where our website visitors are directed to lenders who we have no idea of?
Hmmm, I tried to edit my post to add additional information but it will not let me for some reason. This post is intended to replace the previous post.
The widget appears to post our clients form data to mlcalc.com servers where and the output is generated into an iframe on our webpage rather than our site being responsible for the data collected and the output to the users?
The resulting graph (the cool output) contains google analytics and has a link to this page (https://www.mlcalc.com/) where our website visitors are directed to lenders who we have no idea of?
I guess if this were transparently disclosed as the “price” of the software being “free” I’d think differently but it seems you only figure this out if you really dig. And, there should be a way to turn this off the external links.
According to the WP.org TOS: “The plugin must not embed external links on the public site (like a “powered by” link) without explicitly asking the user’s permission.” Maybe I missed it but I did not see either a notice or an asking of permission in the plugin documentation or interface for this.
According to the WP.org plugin guidelines: ” plugins may not contact external servers without explicit and authorized consent… Documentation on how any user data is collected, and used, should be included in the plugin’s readme, preferably with a clearly stated privacy policy.”
This plugin does not seem to be compliant with either of these.The resulting iFrame seems to employ google analytics and at a minimum appears to need to receive our users data to create the output. This affects our privacy policy as well as seeming to have the intent to divert users from our website to your advertisers.
My apologies in advance if I am missing something here.
At a minimum, I think we need to understand how our user’s data is collected and used and where permission is asked for the external public facing links and how those can be controlled.