With the advent of the EU’s complicated GDPR policy in May of 2018, this post explains some of the ways that our plugins support, or may be used to support, the GDPR. Note that none of this is legal advice; it is meant to provide information for you to make decisions regarding the proper implementation of GDPR compliance for your own site(s). It is your responsibility to ensure that your site is prepared for the changes required by GDPR. So with that in mind, let’s get into it.
Plugin Support
Here is a list of each of our plugins, and which features (if any) may be useful in implementing GDPR compliance for your site.
Banhammer Pro
Banhammer Pro is based on collecting user details like IP address, user agent, referrer, and so forth. Without the ability to properly track visitors, the plugin would not be useful. Perhaps at some point in the future, depending on demand, we will implement a way to disable collecting of IP addresses, however currently that is not an included feature of the plugin.
Blackhole Pro
Blackhole Pro is based on collecting user details like IP address, user agent, referrer, and so forth. Without the ability to properly track visitors, the plugin would not be useful. Perhaps at some point in the future, depending on demand, we will implement a way to disable collecting of IP addresses, however currently that is not an included feature of the plugin.
BBQ Pro
BBQ Pro is fully compliant with GDPR because it does not collect any user data whatsoever. It’s a firewall that blocks bad requests, so no need to collect any user data. The only exception is when email alerts are enabled. In which case, the email alerts include various request data, including the IP address. Check out this post for details.
GA Google Analytics Pro
GA Pro does not collect any user data. Even so, the tracking code added by this plugin is used by Google to collect all sorts of user data. So this plugin does not do anything to make your site less compliant with GDPR. It simply adds the necessary tracking code to your web pages, so Google software can do its thing.
Simple Ajax Chat Pro
SAC Pro collects voluntary user chat data (i.e., Name, Chat Message, and optional URL). It also gives the administrator the option to collect (or not collect) sensitive user data like IP address, host name, and so forth. When data collection is disabled, the only user data stored by this plugin are the voluntary chat data (Name, Message, URL). Learn how to disable data collection in SAC Pro.
As for cookies, SAC Pro uses a few simple cookies for remembering chat names and URLs. It does not connect to any third-party locations. Minimal impact on privacy.
SES Pro
SES Pro does not collect any IP data, however it is an email-signup plugin that collects user names and email addresses.
USP Pro
USP Pro enables you to build forms that are completely customizable. So you can integrate any specific fields and information that may be required in order to support policies like GDPR. For example, USP Pro makes it easy to add an Agree to Terms checkbox that must be checked before the user can submit the form.
USP Pro also makes it possible to collect user data, such as IP address, user agent, URI request, and referrer. As explained in the linked article, USP Pro may be configured for any of the following:
- Enable complete collection of user data (i.e., IP address, user agent, URI request, and referrer data)
- Enable partial collection of user data (i.e., excludes IP address, collects only user agent, URI request, and referrer data)
- Completely disable all collection of user data (i.e., IP address, user agent, URI request, and referrer infos)
So USP Pro is very flexible in terms of controlling which data is collected, etc.
FAQs
This post is a work in progress. As more infos are acquired about GDPR and its myriad requirements, I will update the information with anything new and/or useful. So to kick it off, here are some questions that already have been received and answered.
“will you update your plugin with the possibility of deleting ip addresses and userer data if nessesary? [sic]”
I won’t be adding any delete-IP functionality because it is not necessary. WordPress already provides ways to delete all user data. For example:
- to delete a user, visit the Users screen
- to delete a post, visit the Posts screen
- to delete any IP/Referrer data added via USP, visit the Edit Post screen
- etc.
Also the plugin provides options to disable collection of IP address info: visit USP General tab and disable “Enable Basic Statistics” option. See this tutorial for more information.
“work the plugin with cookies? [sic]”
Yes USP Pro may use cookies to help with form remembering and user login infos. If you would like to notify your users about cookies, you can install a plugin such as this (lots of other cookie plugins available as well).
“Do any of your plugins send user data back to your site (Plugin Planet) or anywhere else?”
Each of our plugins sends basic purchase info (e.g., customer name, license number, plugin name, and other details) back to this site, plugin-planet.com. That purchase data is used to verify your license for upgrades, plugin activation, deactivation, and so forth. That’s the only data that is sent by any of our plugins. So none of your user/visitor data is transmitted anywhere.
“Does USP Pro set any cookies that I should be aware of?”
It really depends on the specific form, any related JavaScript, configuration, settings, and so forth. The best way to be certain of which cookies are set for your particular form, is to install a free “cookie inspector” extension for your browser. Then you can determine cookie infos for the following states:
- Before the form is submitted
- After the form is submitted
- If there is any error when the form is submitted
“Where can I ask a question about your plugins?”
Got a question about our plugins? Contact us anytime, we’ll be glad to respond asap :)