The acronym GDPR means General Data Protection Regulation, it is a european law and all website that are visible anywhere in Europe must be compliant.
This law is active since May 2018 and still a lot of website owners don’t are aware of the risks and fines.
One of the most ignored facts is that the GDPR also applies to non-EU sites if they receive European visitors, this is because the law aims to protect EU citizens from all abuses regarding privacy issues.
The formalities and obligations for the owner of a website are many, and this has also had significant effects on the community of WordPress themes and plugins developers.
How WordPress deals with GDPR
WordPress from version 4.9.6 has introduced the tools necessary for managing user privacy, in three steps.
WordPress offers a very useful template for this purpose and each plugin should add information about how it works.
DaReactions can work very well even without storing any personal user data, however in the settings it is possible to activate the storage of the IP address for registered users.
Step 2 – Export personal data
Another of the obligations of a website owner towards its visitors is the export of personal data.
Thanks to the GDPR, every European visitor has the right to request a copy of all personal data concerning him, and this request must be met quickly.
WordPress has made available to site owners a tool for exporting all known data of a single person, identified by an email address.
Each plugin, to be GDPR compliant, must add its own data list to this WordPress feature. DaReactions since version 3.20 has implemented its built-in exporter to WordPress export functionality.
DaReactions Data Exporter is GDPR compliant.
Step 3 – Deleting personal data
The last of the three formalities required by the WordPress platform concerns the cancellation or transformation into anonymous form of personal data.
GDPR guarantees all citizens the right to request and obtain that their data be deleted or transformed in such a way as not to allow the recognition of the single individual.
WordPress also for this need has provided a centralized tool and all plugins should adapt to be compliant with European laws.
Since version 3.20 DaReactions has added this functionality to the WordPress delete personal data panel.
The Reactions will not be deleted, but will be modified to be completely anonymous.
DaReactions Data Anonymization is GDPR compliant.
If you are already using Reactions you are almost certainly in compliance with the GDPR, unless you have set up the storage of registered users’ IP addresses, which would allow you to pair two pieces of information in a way your visitors do not know.