GDPR News Center News for 10-26-2018

GDPR compliance with Power BI data

Ninja GDPR Compliance 2018 for WordPress by NinjaTeam

GDPR is a regulation that requires businesses to protect the personal data and privacy of EU citizens for transactions that occur within EU member states. Websites that collect data on citizens in European Union countries will need to comply with strict new rules around protecting customer data by May 25, 2018. That’s why Ninja GDPR Compliance 2018 WordPress Plugin was born to give you the best solution regarding this new law for your site. If you use forms like Contact 7 to collect user’s data, you need GDPR compliance. If you use MailChimp or other addon to save users’ data, you need this GDPR compliance. 

If you use any communication service like live chat or support help desk for your site visitors, you need this compliance. WordPress website owners It doesn’t whether you sell on your website or not, or even if you don’t collect any data. Request Data ArchiveCollect Data access requests and automatically inform admin. Forget me formCreate a form for users to request for their stored data to be deleted and automatically notify website admin. Data RectificationAllow users to request their stored data to be rectified. 

Data Breach NotificationNotify data breach to all users as required by law. Added: EU Traffic – Added: Email notification to admin when user request forget, data access, data rectification – Added: Notification when click Accept button shortcode – Improved: Set default value for options – Improved: Added more strings to translate – Fixed: Cache conflict – Fixed: Some small CSS and bugs. 

Keywords: [“data”,”users”,”site”]

GDPR Compliance Hunter

The EU General Data Protection Regulation is the most comprehensive change to EU data privacy law in decades. For EUR residents, the regulation aims to increase their control over their personal data. For businesses, the GDPR becomes a unifying regulation across the EU. On the 25th of May, the GDPR took effect and replaced the 1995 Data Protection Directive. The GDPR regulation applies to any EU residents’ data, regardless of where the processor or controller is located. 

As a data controller, under Article 28 of the GDPR, you need a a data processing addendum signed with your processors. How Hunter is complying with the GDPR. Even though the GDPR only applies to data from EU residents, we took the decision to apply broadly the requirement of the regulation. We’re taking the security of the data we manage very seriously. Our processing is done exclusively in the EU. 

We store and process all our data exclusively in the EU. We even store our off-site backups within the EU. Log retention. The GDPR gives the right to any user to download any data that he provides to a service. We think this is a great idea and Hunter has always made it possible for user to download their data. 

Our applications heavily pseudonymise data to ensure the privacy of data subjects. If a data subject wishes to speed up the removal of any in our index, we offer a simple an efficient way to claim email addresses. 

Keywords: [“Data”,”GDPR”,”any”]

EUGDPR – Information Portal

The regulation will fundamentally reshape the way in which data is handled across every sector, from healthcare to banking and beyond. After four years of preparation and debate the GDPR was finally approved by the EU Parliament on 14 April 2016. It was enforced on 25 May 2018 – and organisations that are not compliant could now face heavy fines. This website is a resource to educate organisations about the main elements of the General Data Protection Regulation and help them become GDPR compliant. The guidance offered across this website will ensure that companies have effective data rights management strategies enforced. 

Reshape the way organizations across the region approach data privacy. GDPR reshapes the way in which sectors manage data, as well as redefines the roles for key leaders in businesses, from CIOs to CMOs. CIOs must ensure that they have watertight consent management processes in place, whilst CMOs require effective data rights management systems to ensure they don’t lose their most valuable asset – data. The key articles of the GDPR, as well as information on its business impact, can be found throughout this site. 

Keywords: [“data”,”GDPR”,”way”]

13 GDPR Compliance Tools ????????

GDPR is a data protection regulation that governs how websites store and the retain personal data of EU citizens. In what can best be described as this decade’s Y2K moment, it went into effect on May 25th.If you’re running a website, project, or startup with users in the European Union, you’ll need to comply with their new data privacy regulation. Iubenda’s GDPR toolkit is an all-in-one solution for your compliance needs. Cookie banners, consent management, and internal privacy tools. Siftery’s GDPR Checker helps you check your SaaS vendors for compliance, so that your user’s personal data is protected everywhere. 

Algolia’s GDPR search tool organizes all of the regulations in one place. This GDPR Form is the easiest way to accept personal data requests. is a guided task management tool for your compliance sprints. The Ultimate GDPR Quiz will teach you how to get compliant in seconds. These GDPR Compliant Badges will look stunning on your site. 

Finally, the GDPR Hall of Shame is a running list of GDPR fails. Protect yourself: see the full list of 13 GDPR Tools on Product Hunt. 

Keywords: [“GDPR”,”data”,”privacy”]

GDPR News Center News for 09-02-2018

CILIP: the library and information association

The General Data Protection Regulation comes into effect on 25th May 2018 and is the biggest change to UK data privacy law for 20 years. It creates a single set of rules that better protects personal information for people across the EU. All organisations must review how they manage all personal data, such as customer addresses and staff details to ensure they meet with GDPR requirements. The aim of GDPR is greater transparency, enhanced rights for citizens and increased accountability. 

Keywords: [“GDPR”,”member”,”Data”]

GDPR Compliance

Reduce the risk of data breaches by ensuring that users have appropriate access to your unstructured personal data that may exist across Windows file servers, NAS devices, SQL Server, Office 365, Active Directory and more. Scan your entire network to identify connected devices and provide a detailed hardware and software inventory, including non-computer devices, such as networking gear, printers and IP telephony. These actionable inventory reports make it easier to demonstrate compliance. 

Keywords: [“devices”,”inventory”,”network”]

General Data Protection Regulation Compliance Overview

The General Data Protection Regulation is set to go into effect on May 25, 2018. This new legal framework for personal data protection across the European Economic Area replaces the existing data protection framework under the EU Data Protection Directive. Smaato continues to implement and update our processes and policies as required to comply with the GDPR. We are also committed to supporting our partners in their own GDPR compliance initiatives by the May 25, 2018 deadline. 

Keywords: [“Protection”,”Data”,”GDPR”]


CLOSE. This website uses cookies in order to provide you with the best possible experience and to monitor and improve the performance of the site. We have published a new cookie policy which explains what cookies are and which types of cookies this website uses. If you would like to disable cookies please visit the cookie information page for details on how to do so. By continuing to use this site, you are agreeing to the use of cookies, unless you have disabled them. 

Keywords: [“cookie”,”site”,”uses”]

What is GDPR?

GDPR applies to both personal data and sensitive personal data. Personal data, means any information that can be used to identify a person such as a name, address, identification number or even an IP address. Sensitive personal data covers genetic data, biometrics, information about religious and political views, sexual orientation, and more. Personal data relating to criminal convictions and offences is not included, but similar extra safeguards apply to its processing. 

Keywords: [“data”,”personal”,”address”]

How GDPR Stole Christmas

Santa just didn’t realise how important the GDPR is, but it’s the most ambitious data protection legislation passed in the EU so far! It can all sound a bit bland, but almost every business will have to change its practices when it comes to acquiring, storing and using personal data. Santa stores lots of personal data at the Grotto: he sees you when you’re sleeping, he knows when you’re awake, he knows if you’ve been bad or good So of course the GDPR affects him! 

Keywords: [“Data”,”personal”,”GDPR”]

Salesforce GDPR Compliance Page

On May 25, 2018, a new landmark privacy law called the General Data Protection Regulation takes effect in the European Union. The GDPR expands the privacy rights granted to EU individuals, and it places many new obligations on organizations that market to, track or handle EU personal data, no matter where an organization is located. Salesforce is here to help our customers in their efforts to comply with the GDPR through our robust privacy and security protections. 

Keywords: [“privacy”,”organization”,”GDPR”]

General Data Protection Regulation

The regulation ecompasses steps to be taken in all areas of protecting an individual’s privacy – setting up security mechanisms, compliance, repercussions of breach and more. Non-compliance beyond the enforcement date, is liable to attract heavy penalties. Committed to protecting our customers personal data, Freshworks is here to help customers and end-users understand significance of the GDPR, its requirements and our allegiance to comply by global standards. 

Keywords: [“customers”,”protecting”]

GDPR & Beyond

On 25 May 2018, the European Union will officially enact the General Data Protection Regulation, which will have a transformative effect on how companies manage and secure personal data. The GDPR marks the biggest change to EU data privacy laws in more than 20 years and yet few enterprises are prepared to adapt and comply. GDPR & Beyond is your regulation-specific online resource for understanding the GDPR legislation, and how it impacts your business. 

Keywords: [“GDPR”,”Data”,”how”]


Like many websites, this website uses cookies to enhance your experience and to help us understand how to best serve our customers. Under the European Union’s Privacy and Communications Directive, we are required to ask for your consent before setting certain types of cookies. If you will allow this site to set these cookies, please click Accept below. Please be advised that refusing to accept cookies may result in a significantly degraded experience. 

Keywords: [“cookies”,”Accept”,”please”]

Solve the GDPR challenge with Salpo CRM

Our manual tools allow you to identify and flag Personal Data fields, and manually edit contact consents. You can also create privacy statements and link these to contacts. Our automated GDPR Compliance Assistance Tool allows you to bulk email contacts, pushing them to view any Personal Data your company holds and self-serve consents via an online portal. You can also join us for a webinar, to see our tools in action and ask questions. 

Keywords: [“contact”,”Tool”,”consents”]

GDPR News Center News for 08-22-2018

Roadmap: tools for GDPR compliance – Make WordPress Core

These tools will help site owners comply with the GDPR and other privacy laws and requirements. The site owners are able to select an existing page or create a new one. Core will also contain text that the site owners can use to create their policies. III. Add tools to core to facilitate compliance, and privacy in general. 

There are several plugins that are implementing similar tools. It would be great if the plugin authors participate/contribute to core to include the base tools, so we don’t double the efforts. These tools will require a confirmation of the email of the person that requests an action, see #43443. To export all personal data stored on the site, see #43438, #43440, #43547, #43547. Couple of tasks can be performed in core without additional tools. 

Having a specialized tools will enable plugins to hook into the performed actions and do their share. IV. Add documentation/help for site owners on how to use these tools. The documentation should be on the new Tools => Privacy screen. 

Keywords: [“site”,”tools”,”owner”]


Safe + Secure Nothing matters more to us than the security of your data. For over a decade now, Qualtrics has been the most secure platform on the market – and we’re staying that way. When the EU’s new General Data Protection Regulation come into force, we’ve got you covered. As part of those programs, a Privacy Impact Assessment – a key requirement of GDPR – has been performed and evaluated by an independent third-party assessor, so you can be confident your data is secure. Qualtrics has a Data Protection Impact Assessment that documents our handing of all your data, including personal data. 

Data correction Brand administrators can easily find and modify collected personal data to meet the ‘correction’ requirement of the GDPR. So, you’ll easily be able to modify an individual’s personal data should they request it. Right to be forgotten Brand administrators can permanently delete individual contacts and respondent personal data should an individual request it using a Subject Access Request. 

Keywords: [“data”,”Secure”,”personal”]

Snow GDPR Risk Assessment

Out-of-the-box reports cover common use cases, plus powerful data export functionality enables customisable reporting for answering questions to scenarios specific to each organization. Having discovery agents on 80% of an estate means 20% are potentially the greatest risk. An agentless scan can be a fast and effective way to fill the gaps in asset knowledge of devices and software. It is not good enough to know just software inventory. Knowing who has access to key software applications and data and who actually uses key applications will enable the tracing of users in the event of a security breach. 

A large proportion of security breaches are internal, either deliberate or through negligence. Deploying Snow’s GDPR solution will help identify who is responsible for a data breach and in some cases, enable preventative measures. Remain up to date with dynamic application intelligence. Snow’s Data Intelligence Service provides continuous updates and improvements on GDPR-relevant information. 

Keywords: [“data”,”application”,”software”]


Protecting and defending user privacy is at the heart of our work. From protecting user anonymity, to offering meaningful privacy and security controls, and our overall commitment to transparency, these are foundational principles and built into the core DNA of our company. We also partner with civil society, we stand up to governments and we continue to evolve our efforts around documenting our work. In preparing for GDPR, we formed a cross-functional team, made up of senior team members from across Twitter to make sure we are not only working towards GDPR compliance as an end in itself, but in a way that evolves our principles and overarching mission as a company. While our teams have been working on this behind the scenes, as the implementation date for the GDPR approaches, we will be making updates across our core product, policy, and operations. 

Our goal, as ever, is to meet our commitments to our users and to provide an industry-leading level of transparency and user control. 

Keywords: [“work”,”team”,”GDPR”]

Permission is everything

We manage data, risk and marketing for some of the UK’s biggest brands and financial institutions. From our unique perspective, we believe you will need to earn permission on three levels: data, brand and channel. If you hold data, you’ll need new levels of rigour and compliance. Review and audit data structures and identify personal data. Assess data quality to build a solid foundation for GDPR compliance and marketing activity. 

Create a single, consistent view of your data subjects. Brands must build trust and loyalty to retain existing customers and the permission to carry on the conversation with your audience. Channel and communications value audit and strategic recommendations. CRM strategies: 1:1 communications and programme design and application. Contextualising media strategies against new legislation. 

Connecting customer data across online and offline channels to create a single customer view. Conducting channel value audits and attribution application. 

Keywords: [“data”,”brand”,”channel”]

General Data Protection Regulation and Episerver

The GDPR will come into effect on May 25, 2018, replacing the current Data Protection Act in the biggest overhaul of data protection legislation in more than 25 years. The law will introduce new requirements for how organizations, both in the EU and abroad, process personal data. Companies collecting data on citizens of EU countries will need to adhere to strict new rules regarding the protection of customer data. The GDPR defines its requirements and rights granted to EU citizens in a document containing 99 articles. While companies collecting and storing customer data from citizens in the EU will need to address each of the articles to achieve compliance, some of the articles will have a greater impact on businesses than others. 

Instead, you should choose to see GDPR as an opportunity, as it levels the playing field for everybody, and the benefits will include better interactions, with the right message to the right people at the right time. 

Keywords: [“Data”,”right”,”citizens”]

GDPR News Center News for 08-21-2018

WordPress GDPR Compliance plugin

May 7th, 2018: v1.3 is out! Enabling your visitors to request access to their data and deleting it if they wish to do so. GDPR is a European privacy regulation allowing visitors more direct control over their personal data. Signing up for a newsletter for example or leaving a comment on a site means your email address and possibly your IP are both stored for future reference. Under GDPR visitors can at any time request access to their stored personal data. 

Ask for an export of all that data or for it all to be deleted. To start off with all functionality needed we integrated with several external plugins, as of v1.3: Contact Form 7, Gravity Forms, WooCommerce and WordPress Comments. Making it easy to add a consent checkbox and to keep a consent log. Adding checkboxes to supported plugins for explicit visitor consent. ‘Right to access’ through encrypted audit logs. ‘Right to be forgotten’ by anonymising user data. We’ll continue to give you increasingly more tools to comply with privacy regulations. 

Check out our development roadmap to find out when we’ll support your favourite plugin. 

Keywords: [“data”,”visitor”,”GDPR”]

Data Protection/EU GDPR Compliance

The EU General Data Protection Regulation will supersede all EU member states’ current national data protection laws based on the 1995 Data Protection Directive on 25 May 2018. Non-compliant organisations face considerably greater penalties under the Regulation than under current data protection laws – up to 4% of annual global turnover or €20 million. Data subjects will have the right to seek judicial remedies against data controllers and processors, as well as the right to obtain compensation for damages occurring as a result of GDPR breaches. If you’re undertaking a GDPR compliance project, IT Governance can provide everything you need. An ISO 27001-compliant ISMS should be the starting point for all organisations seeking to demonstrate that they have implemented these measures. 

We’ve been helping organisations implement ISO 27001 for over a decade, and have led more than 400 certifications to date. What’s more, we offer a 100% guarantee of successful certification. Here are a few ways we can help meet your GDPR compliance needs. 

Keywords: [“Data”,”Protection”,”GDPR”]

Marketing Data and GDPR Compliance cartoon

I just returned from a two week book tour with marketers in the UK and Norway. If there was one topic that overshadowed most marketing conversations, it was GDPR. The EU’s General Data Protection Regulation is the sweeping new EU regulation on marketing data that will impact any company that offers goods or services to EU residents or tracks them for analytics or advertising purposes. The regulation goes into affect in May 2018 and penalties are severe. While the awareness is lower outside of Europe, GDPR has massive implications worldwide. 

One study by Veritas Technologies said that 47% of global organizations have doubts they’ll meet the compliance deadline and 20% fear that GDPR could put them out of business. Another study reported that GDPR will make 75% of UK marketing data obsolete. Order Now GDPR fundamentally transforms how companies have to handle personal data. As GDPR awareness leads to panic and eventually to action, it will be interesting to see the impact on marketing and working with personal data in 2018. 

Keywords: [“Data”,”marketers”,”GDPR”]

GDPR Assessment Programme

The General Data Protection Regulation becomes enforceable on the 25th May 2018 and will have a profound impact on the way your organisation handles its customer and other personal data. Fines for data breaches will be increased massively up to 4% of global turnover. Organisations must not delay with many needing to change business processes and technical systems to be able to meet and demonstrate compliance. Ensure you are ready before your competitors and benefit from increased trust with your customers and new commercial opportunities. The GDPR RADAR from DQM GRC is a unique assessment of your organisation that will score your current readiness against the new regulations, help you understand where you need to improve and develop a bespoke programme to get your organisation to where you need to be. 

Not only will GDPR RADAR be the fastest and most efficient way to get compliant but leading business insurance firm QBE will offer up to a 25% reduction on their Cyber Insurance policy to our GDPR RADAR customers. 

Keywords: [“organisation”,”RADAR”,”GDPR”]

gdpr-compliance – Make WordPress Core

These tools will help site owners comply with the GDPR and other privacy laws and requirements. The site owners are able to select an existing page or create a new one. Core will also contain text that the site owners can use to create their policies. II. Create guidelines for plugins on how to get GDPR compliant. 

III. Add tools to core to facilitate compliance, and privacy in general. There are several plugins that are implementing similar tools. It would be great if the plugin authors participate/contribute to core to include the base tools, so we don’t double the efforts. These tools will require a confirmation of the email of the person that requests an action, see #43443. 

To export all personal data stored on the site, see #43438, #43440, #43547, #43547. Couple of tasks can be performed in core without additional tools. Having a specialized tools will enable plugins to hook into the performed actions and do their share. IV. Add documentation/help for site owners on how to use these tools. 

Keywords: [“site”,”tools”,”owner”]

GDPR News Center News for 08-09-2018

For most firms GDPR is an opportunity, not a threat

Big data, small data, structured and unstructured data, online and offline, backup and archive, open or grey, digital or paper-based data. It’s all data, and therefore GDPR applies to it. Easy, because decision makers don’t have to worry about what data is involved. Very difficult, because few organizations have a clear handle on what data is stored where. Here’s some other good news however – laws around data protection, discovery, disclosure and so on never distinguished between the media upon which data was stored, nor its location. 

To whit for example, KPMG’s quick scan of unstructured data to identify credit card numbers. Mapping an understanding of what you want to do with data, against what data you need, is not cause for concern. The thing GDPR rules out is use of personal data people didn’t want you to have, to fulfil purposes they didn’t want you to achieve. Equally, selling someone’s data against their will. If you were thinking of harvesting maximum amounts of data about, well, anybody, because you were thinking you could be monetizing or otherwise leveraging it, or you were buying data from others and looking to use it to sell people things, goods or services, you should probably look for other ways to make money that are less, ahm, exploitative. 

As an online display advertising firm, Criteo is keenly aware of questions around personal vs pseudonymous data, as well as the legal bases for processing. Veritas offers solutions for analysis of unstructured data sources, and has GDPR modules and methodologies available. 

Keywords: [“data”,”GDPR”,”business”]

WordPress, Gravity Forms, and GDPR Compliance

If you’re on this page, you’ve probably heard about GDPR compliance, but aren’t quite sure how your forms or WordPress site in general. In the simplest terms, what GDPR does is protect users from unauthorized data collection by requiring explicit consent. Along with providing permission to collect data, the GDPR requires that users are able to request access to their data and have it removed if requested. The easiest way to comply would be to add a required checkbox to any forms that need to be compliant. Part of GDPR compliance also requires that users are able to request access to their data at any time. 

Data modifications would be as simple as editing the form entry. It’s important to note that GDPR does not prohibit saving of personal data to the database, it just requires that you to gain consent before doing so. While you can’t currently prevent Gravity Forms saving the entries you can use custom code or a third-party add-on to delete them during submission, after the notifications and add-on feeds are processed. Allowing the user to view or edit their own submissions is not a built-in feature of Gravity Forms but is made possible by third-party add-ons such as GravityView by Katz Web Services, Inc. or Gravity Forms Sticky List by 13pixar. 

No. The form submissions are saved to your sites WordPress database. The data would only leave your site if you configure a notification email or an add-on to send it elsewhere. We hope we’ve clarified things a bit for you on making your forms GDPR compliant. 

Keywords: [“data”,”form”,”add-on”]

GDPR is not Y2K

Listen to our March 2018 podcast answering your questions on GDPR myths. I’ve been pleased to hear from many of you that the eight GDPR myth busting blogs we’ve run this year have been helpful in your preparations for the new legislation. Myth #9: GDPR compliance is focused on a fixed point in time – it’s like the Y2K Millennium Bug. I’m still picking up a lot of concern from organisations about preparing for the GDPR by May. Much of that is understandable – there’s work required to get ready for the new legislation, and change often creates uncertainty. 

Some of the fear is rooted in scaremongering because of misconceptions or in a bid to sell ‘off the shelf’ GDPR solutions. I’ve even heard comparisons between the GDPR and the preparations for the Y2K Millennium Bug. I want to reassure those that have GDPR preparations in train that there’s no need for a Y2K level of fear. Unlike planning for the Y2K deadline, GDPR preparation doesn’t end on 25 May 2018 – it requires ongoing effort. We pride ourselves on being a fair and proportionate regulator and this will continue under the GDPR, as I set out in my first myth busting blog. 

Much of the GDPR builds on the existing Data Protection Act 1998. There’s also guidance and a lot of help out there, including our Guide to the GDPR, as well as other help from us, from Article 29, from industry associations and data protection experts. In summary, the GDPR is not the Millennium Bug – there’s no wondering if the new legislation will happen, it will. 

Keywords: [“GDPR”,”data”,”new”]


You should be aware that when you use our websites, mobile sites, or mobile apps, we may collect information by using ‘cookies’. Your browser sends these cookies back to the website every time you visit the site again, so it can recognize you and can then tailor what you see on the screen. Some cookies are essential so you can move around the website and use its features. A group of cookies, often called ‘analytics cookies’ are used to gather information about how people navigate our sites. These cookies do not collect information that identifies you. 

The information collected is anonymous and is grouped with the information from everyone else’s cookies. Analytics cookies only record activity on the site you are on and they are only used to improve how a website works. We use cookies in order to remember your choices, to give you a better user experience by improving our web sites and for providing content more accurately suited to your needs. The session cookies are related to the current visit to the website and are deleted automatically when you close your browser. Persistent cookies self-delete after a certain period but will be renewed every time you visit the website. 

If you are using a PC and a recent browser and you want to remove the cookies that are already placed on your computer, press CTRL + SHIFT + DELETE at the same time. If you choose not to accept cookies at all, you can still visit our website, however we cannot guarantee an optimum experience without cookies. 

Keywords: [“cookie”,”website”,”site”]

GDPR News Center News for 07-29-2018

GDPR & SAP BI Compliance

By clarifying regulations around data privacy, the regulation also aims to simplify compliance for businesses. Of course, one might be forgiven for believing the opposite, because the introduction of any new data privacy regime has complications and pitfalls for all business entities. The GDPR gives data subjects the right to seek compensation for distress caused by the mishandling of private information, which may vastly increase the cost of data breaches beyond the statutory penalties. The objective seems to be to make data privacy difficult, if not impossible, to ignore. Privacy is the price we pay for doing business with EU data subjects. 

Data privacy should be regarded as a best practice in your business processes, rather than as an inconvenience. One way to reduce information security risk is to limit the data subject information you gather to what is specifically necessary to your dealings with the data subjects. In general, private information should be anonymized and encrypted at every opportunity, and you should note that the GDPR applies not just to information that is clearly private, but also to any data that can be traced to identify an individual. In general, data subjects have the right to control the who, where, when, why and how of the ways in which their personal information is collected, processed and retained. Perhaps the most important of the rights of data subjects is the right to understand and determine level of consent. 

You must have clear consent to use the data for the purpose for which it was collected. This right needs to be considered throughout your BI processes from the collection of data, through the creation of BI content, and its distribution for use in decision making. 

Keywords: [“Data”,”information”,”GDPR”]

GDPR Compliance for WordPress and WooCommerce in 2018

I attended WordCamp Manchester and WordCamp Stockholm in the last few months, and they had one thing in common: lots of questions about GDPR. I heard a number of discussions around what WooCommerce site owners needed to do, and if they were ready for GDPR. To help our WooCommerce site owners get ready for the GDPR, we wanted to provide some information about the regulation, along with our GDPR plans at WooCommerce. On 25th May 2018, the GDPR enacted by the EU will come into effect. Stronger rules on data protection from May 2018 mean citizens have more control over their data. 

Tell the user who you are, why you collect the data, for how long, and who receives it. Each of these bullet points is subject to many caveats, exceptions, and degrees of how much you need to do, but they do serve as a good starting point. Each WooCommerce site uses a different set of plugins, has a different flow for shipping, etc. You’ll need to know what you need to do for your specific site. If you sell any products to customers based in the EU, or have EU visitors to your site, you’ll need to make sure your site complies with GDPR. 

Your site can be considered GDPR-compliant, depending on how you’ve set it up. Code in WP has put together a breakdown of how the GDPR affects WordPress sites. It’s also up to you as the site owner to communicate how your customers’ information is being used – it’s more of a communication and process question, rather than something that can be solved with technology. GDPR affects every site that operates in the EU – there are lots of resources to assist you further. We expect that Automattic products and services will be in compliance with GDPR requirements by May 2018. 

Keywords: [“site”,”GDPR”,”Data”]

GDPR Basics: Understanding And Complying With The GDPR

Big data describes both structured and unstructured volumes of data: the data is typically so large that it presents logistical challenges in its management. Volume as the data is large and has many sources, velocity because data streams at a fast speed and variety because big data is presented in many formats. Pseudonymised data takes elements of personal data and replaces them with artificial identifiers. The purpose is to render the data record less identifying and therefore reduce concerns with data sharing. The difference between pseudonymised and anonymised data is that the pseudonym allows tracking back of data to its origins, meaning the subjects could be eventually identified again. 

Does the GDPR apply: If the data necessary to re-identify the individuals is destroyed the GDPR does not apply, if the company retains the data to identify the individuals then the GDPR applies. Anonymised data is data held in a form that does not identify individuals. The GDPR also states that anonymised data is not personal data and thus does not need to comply with the data protection principles set out by the GDPR. Does the GDPR apply: no. Datasets containing personal data can only be published as open data by controllers or processors with the consent of the data subject or on some other legitimate basis. 

The data GDPR data can only be transferred to a country that is also subject to the GDPR unless that receiving country has been deemed to have equal or better data protection laws in place. The data subjects have the right to access how their data is being used by the data controller. The data is also to be immediately destroyed after having used it, meaning that most grey data will be eliminated. 

Keywords: [“Data”,”GDPR”,”open”]