Hi @prcm777,
Thank you for contacting us!
You can absolutely be GDPR compliant with WP Mail SMTP. However, since all data will be stored completely on your end (we don’t keep copies of email logs, etc), it’s important to keep a few things in mind:
1. Many mailer options will keep logs of emails that are sent out from your site. In order to meet the “right to be forgotten” component of GDPR, you’d need to be aware of these logs and how to delete them. Please look into this for the particular mailer option you intend to use (we have quite a few:?https://wpmailsmtp.com/docs/a-complete-guide-to-wp-mail-smtp-mailers/).
2. Within the paid version of WP Mail SMTP, you can optionally enable email logging (https://wpmailsmtp.com/docs/how-to-set-up-email-logging/). This is separate from the logs above, and must be manually enabled. However, if you do choose to enable this option, then again you’d just need to be sure this is something you address if users request data deletion.
Last, definitely be sure to check all forms on your site for GDPR compliance: https://wpforms.com/docs/how-to-create-gdpr-compliant-forms/. Since GDPR requires that you ask for consent before any user data is collected (which will also be before any emails could get sent out), this is a super important part of the compliance process.
Please also know that in all circumstances, we strongly recommend that you consult directly with legal counsel familiar with the GDPR regulations to review your specific use of any plugin that collects user information.
I hope this helps with clarification. Thanks ??
