What is the GDPR – General Data Protection Regulation?
The GDPR (https://www.eugdpr.org/) becomes enforceable from May 25, 2018. It gives EU citizens control of their digital data by empowering them with the right to know when personal data is being collected, what data is being collected, access to that data, and to purge it on request. the legislation affects not only businesses and organizations operating in Europe, but also those ‘processing the personal data’ of people living in the European Union. Which includes most websites around the world.
These are the key items addressed:
- Consent. Everyone whose data you collect must consent to you doing so. This doesn’t just apply to data gathered via forms but also to data picked up in the background such as IP addresses, if it’s used to identify an individual.
- Right to access. Individuals will have the right to access to their data and to information on how it’s being processed and used.
- Right to be forgotten. An individual will have the right to have their data erased, and for it to no longer be disseminated.
- Breach notification. Inform users if there is a breach.
The GDPR Will Affect U.S.-Based Business & Websites
If you don’t allow public registrations, you might not think that you collect data from your visitors, but you probably do. Some of that data may come from EU citizens, even if they’re not part of your target market.
You website collects data from users if it:
- Allows comments (WordPress logs the email address, IP, and name)
- Allows user registrations
- Uses online forms (especially if you’re storing this information in your database)
- Uses analytics tools – such as Google Analytics
Basically, it affects you if you collect any type of data, even unintentionally.
GDPR Compliance and WordPress
The WordPress development team is actively working to address GDPR compliance for WordPress websites. They are working on centralizing tools in WordPress itself to help website owners understand and meet compliance standards.
Some Items Being Developed For Release (soon):
- Section and/or tools to address: consent, right to access, right to be forgotten, and breach notification
- Opt-in for cookies (ex: Google Analytics)
- Documentation/help for site owners on how to use the new tools