Support » Plugin: Wordfence Security - Firewall & Malware Scan » Opt out of sending data to US from EU

  • Resolved Mac

    (@macnscr)


    As of yet Defiant is not on the Privacy Shield list. I understand you have applied for it and are actively doing whatever possible to comply with the GDPR, also made clear in comments made earlier: https://www.wordfence.com/blog/2018/05/wordfence-is-gdpr-compliant/#comment-67827

    However, in the meanwhile I would prefer to disable sending any data from visitors to the US. Is there any option to do so?

    I am aware that you put the information to good use. But you have to understand, not every website owner is too happy about finding out any personal data is sent to an non-EU company (or one of the exception companies). And hearing that that company is from the US and not on the Privacy Shield list (especially after the Safe Harbour debacle) does not help at all…

Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Author Kerry

    (@kboyte)

    Hi @macnscr,

    You can disable sending visitor data collected from the site to the Wordfence servers in the US by turning off “Participate in the Real-Time Wordfence Security Network” on the Options page.

    If you turn this off, you will cripple the software to only provide protection that can be run entirely locally. Anything that protects based on IP reputation which is the vast majority of the blocks we see, would no longer work and open up your site to much more unnecessary risk.

    We have provided a lawful, GDPR-compliant method to transfer data from the EU to our servers in the US via the Data Processing Agreement we have setup (https://www.wordfence.com/help/general-data-protection-regulation/#data-processing-agreement). This is the process you can use until we have completed getting setup with Privacy Shield. The intent of GDPR isn’t to put sites at greater risk for attack attempts which is why many companies use a Data Processing Agreement and/or Privacy Shield to continue to allow security products to protect EU sites and transfer EU data lawfully.
    -Kerry

    Thank you for your response Kerry. Unfortunately for the specific websites I implemented Wordfence your DPA does not suffice. So I have been asked to either disable the plugin entirely or the real-time security network on the websites I maintain.

    Either way, I do want to thank you for an otherwise good product I have been working with for years.

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Opt out of sending data to US from EU’ is closed to new replies.