What is GDPR?
The General Data Protection Regulation (GDPR) (EU) 2016/679 is a regulation in EU law on data protection and privacy for all individuals within the European Union. It addresses the export of personal data outside the EU. You can read the GDPR Wikipedia post here.
According to Dejlig Lama & Peter Suhm “GDPR states that if a website collects, store or use any data related to an EU citizen. You must comply with the following:
– Tell the user: who you are, why you collect the data, for how long and who receives it.
– Get a clear concent, before collecting any data
– Let users access their data, and take it with them
– Let users delete their data
– Let users know if data breaches occur”
At LifterLMS people are contacting us everyday about GDPR. GDPR is in effect on May 25, 2018. Currently the WordPress core is adding a few features which we will be able to hook into which will make data erasure easy. We’re also paying attention to what WooCommerce is doing here. They haven’t shipped GDPR compliance yet but plan to in their next release. However, until the WordPress Core ships compliance functionality most of WooCommerce’s functions won’t work. We’ll be tracking the core patches and will add compatibility to LifterLMS when it’s possible to do so.
Relevant GDPR Resource Links
- WooCommerce GDPR blogpost: https://woocommerce.wordpress.com/2018/04/10/how-were-tackling-gdpr-in-woocommerce-core/
- WooCommerce patch: woocommerce/woocommerce#19330
- WP Tavern “Delete Me” plugin: https://wptavern.com/delete-me-wordpress-plugin-assists-website-owners-in-granting-the-gdpr-right-to-be-forgotten
- WordPress Core patch example readmes: https://github.com/allendav/wp-privacy-requests
LifterLMS and GDPR
We are aware that GDPR is an important issue for some of our users. LifterLMS will integrate as soon as it’s possible to do so. Additionally, GDPR is not something that can be entirely solved via code. Users concerned with GDPR should likely consult with their own legal, tax and other professionals to update their privacy policies, terms and conditions, and communicate with their visitors.