User Post Gallery plugin violates GDPR law and subscribes to e-mail service

There’s a few things here. I’ll start with the easy one.

Any plugin that www.ads-software.com is hosting on this site must not collect information from users without their explicit approval and opt-in. If that happens without your consent then yes, that would be very bad.

https://developer.www.ads-software.com/plugins/wordpress-org/detailed-plugin-guidelines/#7-plugins-may-not-track-users-without-their-consent

The code for this plugin will be examined and if it is doing that without approval from the user then, yes, that’s bad. I have not looked at the code myself yet (I am not on the plugins team and they work hard) but I’ll try to look this weekend.

If the plugin code does that then it will be reported to the plugins team.

This part is harder.

please implement an official WordPress option which let’s admins disallow plugins to collect and send data to the outside. Yes this is a bit of work but WordPress should be GDPR conform too.

That won’t happen except in policy which you can see already is in place.

www.ads-software.com (this place) only hosts software and that software must comply with the terms here.

https://developer.www.ads-software.com/plugins/wordpress-org/detailed-plugin-guidelines/

Which is a long list well thought out list.

www.ads-software.com does not and should not have any mechanism for automatically make the determination like that. How could they? It’s all code and such a mechanism isn’t practical and would not work. People would just write code to get around that check.

The best way is when a volunteer user such as yourself reports it and the plugin gets looked at. As is happening in your support topic here.

I have no problem when WordPress collects data if it’s anonymised.

Also? That is not allowed either unless the user consents explicitly. Plugins must not do that.

The developer does get stats from this site in the form of active installations and downloads. But that comes from this place and should never come from a user’s site even if it is somehow anonymised.

I’ve just doubled checked if I have maybe an old account on www.ads-software.com with the e-mail adress UPG used to subscribe to the e-mail service.

Answer: I do not have an account with that e-mail on www.ads-software.com. One step forward to the fact that this plugin uses the WP Install e-mail, sends it to another place and then auto subscribes to a e-mail service which I never allowed.

For the moment I’ll try to use

define('WP_HTTP_BLOCK_EXTERNAL', true);
define( 'WP_ACCESSIBLE_HOSTS', 'api.www.ads-software.com,*.github.com' );

• This reply was modified 5 years, 8 months ago by karoyi.
• This reply was modified 5 years, 8 months ago by karoyi.

We don’t collect any email address or any extra information without any knowledge of user. User privacy is our priority.

You or may be someone else subscribed to our newsletter by providing email address in popup form.

You can unsubscribe from the link provided in email footer.

Sorry for the trouble caused to you.

I never ever subscribed to your nerwsletter. Data privacy is my priority as well and because of this I do not use strange newsletter subscribtion sites like you use.

I am using my website as a single person, nobody else has access at all. So I don’t know how but somehow my e-mail got in your e-mail list.

Sorry for the trouble caused to you.

I have no trouble because of this. I am just scared how my e-mail got in your newsletter list.

If technically you really do not collect any info at all, I am sorry having accused you and everything is fine. But it’s strange anyways how my e-mail got in your list.

• This reply was modified 5 years, 8 months ago by karoyi.
• This reply was modified 5 years, 8 months ago by karoyi.

Thank you so much for understanding.

Accusing me is your rights.

I am a small developer working day & night to make plugin better.

Currently I can only say, sorry again for any reasons you faced with my plugin.

I wouldn’t say it’s my right. I would rather say of myself that it’s not polite in the first place. The the case here was or is so sttrange that this was the only option to think of.