The General Data Protection Regulation (GDPR) is a European Union (EU) law that aims to protect the personal data of EU citizens. It applies to all websites that are visible in the EU, as well as non-EU websites that receive European visitors. The GDPR has been in effect since May 2018, and non-compliance can result in significant risks and fines.
To help website owners meet their GDPR obligations, WordPress has introduced tools in version 4.9.6 that allow for the management of user privacy in three steps:
- Export personal data: Under the GDPR, European visitors have the right to request a copy of all personal data concerning them. WordPress has a tool for exporting all known data of a single person, identified by an email address. To be GDPR compliant, each plugin must add its own data to this feature. DaReactions has implemented its built-in exporter to the WordPress export functionality in version 3.20.
- Deleting personal data: The GDPR guarantees citizens the right to request and obtain the deletion or anonymization of their personal data. WordPress has provided a centralized tool for this purpose, and all plugins should be compliant with European laws. In version 3.20, DaReactions has added this functionality to the WordPress delete personal data panel. The reactions will not be deleted, but will be modified to be completely anonymous.