這個外掛並未在最新的 3 個 WordPress 主要版本上進行測試。開發者可能不再對這個外掛進行維護或提供技術支援,並可能會與更新版本的 WordPress 產生使用上的相容性問題。

GDPress

外掛說明

GDPress is providing tools for privacy and more.

Major features in GDPress include :

  • a privacy request form
  • a menu in the admin_bar to see at once confirmed privacy requests

and since version 2.0 a set of tools to help you comply with GDPR
* a set of protection and wellness tools, because protecting personal data starts with a healthy and protected installation to prevent potential data breach.
* a RoPA assistant to help you building your Records of Processing Activities – a GDPR obligation (Article 30).
* a logging of all events related to export/erase requests by/for the data subject (see settings page).
* a specific wp role for dpo.
* and a dedicated Privacy/GDPR/ISO27701 dashboard for your d.p.o. !

GDPR compliancy is a never ending process.

Technical Details

n/a

Privacy

GDPress is not calling any external web services
and is not using any external software other than WordPress core.

GDPress stores events related to the data subject and core privacy processes if archive setting is set.
Archives are under the authority of the Data Protection Officer for legal purpose ONLY.
They are retrieved to the data subject, but not deleted.

Accountability/Auditability

These are legal obligations in GDPR. In front of your local data protection authority or a judge :
* You are accountable of your actions to reach GDPR compliancy and must prove it (activating this plugin is not enough).
* If sued, you will have to provide some evidence : you acted lawfully and replied to the request of the data subject (archive all activities for Legal Purpose is allowed in GDPR and must be declared in your Records of Processing Activities).

Other Major Obligations

  • Records of Processing Activities, expecting WordPress team to publish it for core. And for any theme or plugin, adding a new Privacy Section in readme.txt is a must do.
  • Communication of a personal data breach to the data subject (and to your local D.P.A.)

Privacy by design

This concept is in GDPR too. In wp, Privacy is a component like Gutenberg, Admin, wp-cron …
Privacy by design is or should be declined and included in ALL wp components. Should all components publish their “Privacy Section” just like the above recommandation for themes and plugins ?

Pending Questions

  • Privacy settings in core : only one setting on a unique page that cannot be amended (no hook) : the privacy policy page
  • any privacy request is a personal data and should be retrieved to the data subject
  • removing an export request do not delete the export file (security issue, potential data breach)
  • external processors to be identified (privacy by design)
  • Gutenberg blocks coherence with embed handlers and oembed providers as set on the server side (privacy by design)
  • oEmbed responses cached in transients (no more postmeta html cached) for blog posts or oembed providers (privacy by design)
  • ability to remove blocks in Gutenberg such as “/map” for Mapbox (privacy by design)
  • future “Icon” component : from Dashicons to svg (privacy by design)
  • Nowadays, emails such as “θσερ@εχαμπλε.ψομ” are valid but rejected by wp function is_email() (privacy requests rejected)
    Web standards should apply and this can be a legal issue : one of the “variety of privacy issues around the world” !

螢幕擷圖

  • Request Form
  • Admin Bar Menu

安裝方式

Upload the GDPress plugin to your blog, Activate it.

To set up the privacy request form you can :

  1. Replace your comment form on the privacy policy page by a request form.
    ** copy two files in your wordpress theme folder :
    *** a page template
    *** a file template
  2. Maybe a quick and fast adaptation to your theme : 9 samples are provided in gdpress/gp-content/themes

The last 3 options (yes 3) are identical with a nice animation using the same code in the background :
3. a widget
4. a shortcode [gdpress]
5. or

And a lot of options to take control of your installation

  1. Visit the settings page and read the help.

常見問題集

see wordpress.org/support/plugin/gdpress/

使用者評論

閱讀全部 1 則使用者評論

參與者及開發者

以下人員參與了開源軟體〈GDPress〉的開發相關工作。

參與者

將〈GDPress〉外掛本地化為台灣繁體中文版

對開發相關資訊感興趣?

任何人均可瀏覽程式碼、查看 SVN 存放庫,或透過 RSS 訂閱開發記錄

變更記錄

2.0.1

2020/09/10

css compatibility with wp 5.5
hulu not a oembed provider anymore
bug fix on GDPress role

2.0

2020/05/25

More options and advices to reach a better GDPR compliancy

1.1

2020/02/09

Changing some admin urls

1.0

2019/04/10