A few weeks ago, we shared some tips with you to help you prepare for the May 25 deadline for Europe’s new General Data Protection Regulation, or GDPR. As the deadline loomed closer, WordPress implemented some tools in WordPress 4.9.6 to help you prepare. Here’s an overview of the tools, what each does, and what you need to do to ensure you’re prepared for GDPR enforcement.
Privacy policy page
WordPress 4.9.6 introduced an easy way to create a privacy policy page. Site owners can designate an existing page on their site as the privacy policy page or create a new page. WordPress also now includes a guide that includes insights from WordPress and participating plugins on how they handle personal data. This is helpful so you can ensure the information you supply your site’s visitors is complete and accurate. These insights can be copied and pasted into your privacy policy page.
Data export and deletion
One of the GDPR’s new requirements is that you make the data you collect available to users upon request and delete the data you’ve collected from them if requested. WordPress 4.9.6 makes this process streamlined and easy as site owners can now export a .zip file containing a user’s personal data and email it to the user. This file includes the data WordPress collects as well as data any plugins collect. Site owners can also erase a user’s personal data, including data participating plugins have collected. Both requests are sent through email and the user has the ability to confirm the request before it is performed.
Comments
On sites that use the default WordPress comments, logged-out commenters are offered a checkbox asking whether or not they want their name, email address, and website stored in a cookie in their browser.
WordPress 4.9.6 was released on Thursday, May 17 and is available as an automatic update for any users of WordPress 4.9 and above. For site owners using WordPress 4.8.6 and earlier, visit the Updates section of your WordPress Dashboard to install the update and take advantage of the new features.