Support » Plugin: Site Reviews » Is this plugin GDPR compliant?

  • Resolved mmpineda

    (@mmpineda)


    Hi,
    Every form needs a layer that explains who is responsible to keep the data safe, what is the data captured for, etc…

    I don’t see this, and I can’t see a tick box to the Privacy Policy either.

    Is there a way to make this plugin GDPR compliant?

Viewing 7 replies - 1 through 7 (of 7 total)
  • Plugin Author Gemini Labs

    (@geminilabs)

    1. Use the Translations page in the settings to customise the text of the “terms” field. Links are supported, so you can add links in the terms text to your Terms and Conditions / Privacy pages. For example:

    2. Site Reviews integrates completely with the WordPress privacy tools.

    The “Export Personal Data” tool will include the reviews if any exist for that person.

    The “Erase Personal Data” will remove all personal details from the reviews of that person (i.e. email, name, IP address).

    3. Site Reviews adds a section to the WordPress “Privacy Policy” guide which should help you get started with writing a your privacy statement for the reviews.

    4. If you would prefer not to store the IP addresses, you can use the provided hook that is documented in the FAQ Help page.

    Thread Starter mmpineda

    (@mmpineda)

    Thank you very much for your quick support!! 😀

    It would be perfect if the translation supported other html code, like br and strong.

    We are supposed to add an extra text (I think it’s called “the first information layer”), which informs about who is the person who is responsible to keep the data, what is the aim of this particular form, the visitor’s rights, etc.

    It ends up being a bit long, so it should be properly formatted.

    Example:

    Acepto la Política de Privacidad.

    Información básica sobre protección de datos

    Responsable: Your name here
    Finalidad: Registro de valoraciones
    Destinatarios: No se cederán datos a terceros salvo obligación legal.
    Derechos: Puedes ejercitar en cualquier momento tus derechos de acceso, rectificación, supresión, oposición y demás derechos legalmente establecidos poniéndote en contacto con la responsable.
    Información adicional: Puedes consultar la información completa y detallada sobre protección de datos en mi política de privacidad.

    Thread Starter mmpineda

    (@mmpineda)

    And, what about saving the consent, which means that they value of the ticked box as “Acepted”?

    Plugin Author Gemini Labs

    (@geminilabs)

    1. Is it required to have this on the page with the form, or can most of it be contained in the Privacy page of your website?

    2. If it must be on the page, why not add it in a paragraph before or after the form?

    3. If it must be displayed below the terms toggle field, you can use a custom field.php template in your theme which could look something like this:

    <?php defined('ABSPATH') || die; ?>
    
    <div class="{{ class }}" data-field="{{ field_name }}">
        {{ label }}
        {{ field }}
        {{ errors }}
    </div>
    <?php if ('terms' === $field['path']): ?>
        <p>
            <strong>Información básica sobre protección de datos</strong><br>
            <strong>Responsable:</strong> <?= get_post_meta(get_the_ID(), 'responsable', true); ?><br>
            <strong>Finalidad:</strong> Registro de valoraciones<br>
            <strong>Destinatarios:</strong> No se cederán datos a terceros salvo obligación legal.<br>
            <strong>Derechos:</strong> Puedes ejercitar en cualquier momento tus derechos de acceso, rectificación, supresión, oposición y demás derechos legalmente establecidos poniéndote en contacto con la responsable.<br>
            <strong>Información adicional:</strong> Puedes consultar la información completa y detallada sobre protección de datos en mi <a href="/privacy">política de privacidad</a>.
        </p>
    <?php endif; ?>

    And use the Custom Fields meta box when editing the page to add a custom field where you save the name of the person responsible (using “responsable” as the Custom Field name).

    See the FAQ Help page to learn how to use the custom templates.

    4. If you make the terms fields a required field in the settings, then reviews cannot be submitted without implicit acceptance of the terms which negates the need to save the consent. However, If you would prefer to store that acceptance of consent to each review, you can either:

    a. Use the site-reviews/review/created hook to save a meta value to the review with the result of the terms field (see the Hooks Help page for more information on this), or…

    b. Use the Review Forms add-on to add a custom hidden field to the form which saves an “accepted” value to the review on submission (provided the terms field is required in the settings).

    Thread Starter mmpineda

    (@mmpineda)

    Thank you! I really appreciate how much and well you explained what to do. (I just get lost about the hook thing because I’m not a developer and don’t know anything about php).

    Anyway! 🙂 I have followed your instructions, I have created a custom_field.php file and have placed it under my theme /site-reviews folder that I have created.

    Then, I have added the “responsable” custom field to the page where I placed the shortcode for the review form to show up. But the special text doesn’t show up under the Terms text or anywhere.

    Did I do something wrong? (I’m testing all this on Localhost).

    Plugin Author Gemini Labs

    (@geminilabs)

    The template filename is wrong.

    /wp-content/plugins/site-reviews/templates/form/field.php
    
    

    Is copied here:

    /wp-content/themes/<your-child-theme>/site-reviews/form/field.php
    
    
    Thread Starter mmpineda

    (@mmpineda)

    It’s working now!! You’re star! 😀

    Thank you very much for this great support!!

    Tomorrow I’m going live with it, and I will make sure I give you five stars!

    Consent must be saved, according to the law, so some plugins which do different things save a time stamp and the value of the acceptance field. For instance, I have a plugin that makes WordPress comments GDPR compliant. This plugin does the work, by saving the acceptance field.

Viewing 7 replies - 1 through 7 (of 7 total)
  • The topic ‘Is this plugin GDPR compliant?’ is closed to new replies.