GDPR Compliance

  • Resolved Jose

    (@jgflores)


    6 years, 7 months ago

    Dear Support,

    I am currently auditing my site and checking 3rd party compliance to the new European General Data Protection Regulation (GDPR) coming into effect in May 2018.

    Since I am using your plugin, I have a couple of questions regarding this topic:

    – Is WP Instagram Widget setting cookies with personal information from visitors (like IP-address)?
    – Is WP Instagram Widget collecting, storing and/or sending personal information from visitors (IP-address, etc.) locally and/or externally?

    In case that you are storing/sending and/or processing visitors’ information:

    – Are the IP addresses only stored anonymously, i.e. without the last octet?
    – What are you doing with the stored information?
    – Do you share the data with 3rd parties? If yes, have you concluded appropriate contracts with the subcontractors that commit the subcontractors equally to data protection?
    – When will the user data stored by you (in particular cookies) be deleted?
    – Do you offer opt-out options for users (if yes, how are they implemented)?
    – Can you provide us with a Data Processing Agreement including technical and organisational protection measures as well as an overview of the subcontractual relationships for signature?

    In case you operate in the US and you are storing/sending and/or processing visitors’ information:

    – Do you offer legally recognised guarantees for the level of data protection (e.g., EU Standard Contractual Clauses or Privacy Shield)?

    Thanks in advance for your replay!

    Best regards
    Jose

Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Author Scott (@scottsweb)

    (@scottsweb)

    Hi @jgflores
    This is open source software (as are all the plugins on the www.ads-software.com repository) so the code is available for inspection. As a result most of these questions can be answered without the need to open a ticket.

    In answer to your questions:

    – Is WP Instagram Widget setting cookies with personal information from visitors (like IP-address)?

    No.

    – Is WP Instagram Widget collecting, storing and/or sending personal information from visitors (IP-address, etc.) locally and/or externally?

    Not directly. However the images are loaded directly from the Instagram CDN so you may wish to contact Facebook/Instagram to see if they collect or set data on the CDN.

    – Do you offer legally recognised guarantees for the level of data protection (e.g., EU Standard Contractual Clauses or Privacy Shield)?

    None. The plugin is provided without any warranty or legal protection. This is hobby project, not a business.

    Thread Starter Jose

    (@jgflores)

    Hello Scott,

    Thank you very much for your reply!

    Even if the code is available for inspection, not everyone (including me) is a developer and can understand it ??

    All the best!
    Jose

    Plugin Author Scott (@scottsweb)

    (@scottsweb)

    Hi Jose
    That is a fair assessment. Following that same logic though it is probably best to not ask a developer for legal advice, I certainly struggle when it comes to understanding small print ??

    Cheers

    Scott

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘GDPR Compliance’ is closed to new replies.

Tags