I’m happy to announce that the team behind GDPR compliance in WordPress core has gotten the first version of GDPR tools into the upcoming version of WordPress.

Download and test please – and if you’re a plugin developer, it’s time to start implementing the exporter into your plugin.

Website admins – you get the tools, but that does NOT mean your site is compliant by default. Since we still haven’t got a unified way to check if a plugin implements the new tools, it’s your job to make sure that any personal data handling plugins you have, does so within the regulatory rules.

Also, you need to manually setup a way for users to contact you. You then manually validate the users identity and then – via admin – send out a validation link to the user in question.

Then, wait for the user to confirm, and then manually click, to do an export that is then sent to the user.

Yes, we’re not 100% automatic about the flow – this is a crucial first step and we should be happy that it’s in place before 25th of May

WordPress 4.9.6 Beta

  1. Simon Johansson May 10, 2018 at 1:34 pm

    I try to make my wordpress site GDPR compliance, and therefore have some questions.

    I now wonder:
    1. what data wordpress collects,
    2. and the reason for collection?

    So data like Tokens, IP addresses, user agents (browser version), login timestamps and Gravatar data.
    And why the data is collected.

    Please describe all data as clear as possible, and the purpose why the data is collected.

    Thanks in advice! This would mean much to me!


    1. Hi Simon, all that data is provided in the new GDPR tools of WordPress – the Privacy page holds a guide as well as a detail of what WordPress collects.


Leave a Reply

Your email address will not be published. Required fields are marked *