GDPR Compliance And Wordpress Modules: All You Need To Know

by Data Recovery Uae Data Recovery Services

GDPR Compliance And Wordpress Modules: All You Need To Know

The change is on the horizon with the arrival of the GDPR (general regulation on data protection), the new data privacy legislation. Because this discipline applies to data collection and affects EU citizens, regardless of whether they are based in an EU country or not, the scope of the GDPR affects everyone. These new rules come into force on 25 May 2018, which means that there is still very little time to adapt to the new provisions of the GDPR.

Many people include WordPress modules on their company websites, which collect information about users every day. These modules fall within the scope of the GDPR. With this article we want to put you at ease and get ready to face the new rules. A resource to start understanding how to behave so that the WordPress modules of your website comply with the GDPR.

In this article we will cover three main topics:

What Is The GDPR?
What Is The Scope And Impact Of The GDPR?
Adapt To Comply With The GDPR

This article will be constantly updated as we get closer to the date of entry into force of the regulations, so keep an eye on it!

Before starting …

First, let's make a clarification: we are not lawyers and what follows is not legal advice. We try to help people in view of the entry into force of the GDPR, but if you need legal advice, we invite you to consult a lawyer.

What is the GDPR?

The General Data Protection Regulation (GDPR) replaces the Data Protection Directive 95/46 / EC. The change is much more than a simple update. Inside, the GDPR represents an extra step towards the consecration of the control of personal data as a fundamental human right.

The GDPR allows EU citizens to check their digital data and gives them the right to know when personal data is collected, what data is collected, who has access to such data and the right to delete it on request. This is just a general overview, we will enter the core of the matter later in this article.

In short, the GDPR is a data privacy regulation that modernizes and normalizes data privacy laws across Europe and applies to any organization that collects data on EU citizens.

Impact and scope of the GDPR

The GDPR makes important changes to the privacy law and inserts the subject of data into fundamental rights for all EU citizens.

Increase in the territorial area

The scope and applicability of the GDPR is not limited to the EU, but instead affects any website / organization that manages the personal data of any EU citizen. This means that, in essence, any WordPress-based website must comply with the GDPR, regardless of where the servers or administrators are physically located. If you accept EU traffic on your site and collect information from EU citizens, compliance with GDPR is important.

In more technical terms, the GDPR applies to any processing of personal data by both the owners (controllers) of the processing and the managers (processors) of such data. Article 4 defines data controllers as anyone involved in determining how personal data is handled, regardless of whether or not they collect such data. Instead, those responsible are defined as anyone who actually processes personal data on behalf of the controller. This is a key point to note as it extends the reach of the GDPR to anyone involved not only in the collection, but also in the processing of personal data, including cloud services.

Also check for GDPR Compliance

Explicit consent requirement for data collection

The consent requirements have strengthened the focus of the new regulation . If you collect or manage data of EU citizens, you must:

· Request the explicit consent of each user before data collection takes place. Requests must be in clear, simple, easily understandable language, without legal technicalities. It must also be isolated from other issues or requests and not be buried in other text.

· Have a clear and accessible privacy policy that informs users about how the collected data will be stored and used.

· Allow users to request access and view the data you have collected about them.

· Provide users with a way to withdraw their consent and delete personal data collected; that is, to give users the "right to be forgotten".

Penalties and fines

The sanction in case of non-compliance comes in the form of administrative sanctions of various levels, which adapt to the seriousness of the violation. The penalties can reach 4% of the annual turnover or up to 20 million Euros, depending on which amount is greater.

Data object rights

Simply put, the interested party is an EU citizen from whom personal data is collected. GDPR compliance requires that certain rights be recognized to the data subjects. The following is not an exhaustive list, but introduces some relevant rights for the collection, processing and storage of personal data on your WordPress website.

Right of access . Interested parties must be able to request and obtain confirmation that the data is or is not collected on them, and in that case exactly what data is collected, how, where and for what purpose. These data must also be provided to them in electronic format free of charge upon request.

Right to be forgotten. Stakeholders should be given a quick and painless way to withdraw their consent and see the collected data eliminated .

Data portability. Similar to the right of access, data portability requires that interested parties be able to request, obtain and / or transfer possession of the data collected at any time.

Notification of violation. If there is an unauthorized violation / access of personal data that could "entail a risk for the rights and freedoms of individuals", the notification must be made within 72 hours of becoming aware of the violation.

How to adapt to be GDPR compliant?

According to data obtained from various research in many sectors, 70% of company employees have access to data that should be protected. This fact will represent a real problem when the GDPR comes into force in May 2018.

The evidences reported underline many critical issues and introduce the paths that must be taken to reach the goal of complying with the GDPR. Were you able to figure out how to get in order? Can you do it all yourself or do you need help from industry experts?

UAE Data Recovery can help you if you are located Dubai UAE, contact us for more information!

Contact one of our experts: We can provide you with more information on the GDPR and give you assistance, call: 045864034.