Moderator
Jan Dembowski
(@jdembowski)
Forum Moderator and Brute Squad
Side note: I’ve moved this to Fixing WordPress as this doesn’t belong in Requests and Feedback.
Bad news? It’s not easy. Basically you download the plugin and read every line of code 🙁 It’s about as much fun as it sounds (and I do it for a living)
Good news. WP’s working on helping that be a little easier
You can read ALL the posts about it here: https://make.wordpress.org/core/tag/gdpr-compliance/
We’ve got a lot of open tickets, but sadly there won’t be a one-sized fits all solution for everyone. After all, there are a great many plugins that legitimately call other servers (like a backup plugin, or a spam plugin) 🙁
It would be great if WordPress.org had a GDPR Compliant “stamp” for each plugin that the developer could point in “YES” / “NO” and then provide what data is collected and where they are sent.
I guess that plugin developers who inform ind the Details about the plugin will have much more success among european users.
Anyway, what should I look for in the code to see if it calls another plugin, uses userdata or communicates data somewhere?
