The Data Subject is a natural person (a human being) whose personal data is processed by a controller or processor (or both). For example, a data subject can be your website visitor, your customer or even your employee. GDPR Art. 4 (1): ‘personal data’ means any information relating to an…
GDPR
Processing can be any activity or set of activities performed on personal data, e.g. viewing, collecting, storing, transferring, modifying, erasing. Simply put, pretty much anything you do with your customers’ data on purpose is “processing.” GDPR Art. 4 (2): ‘processing’ means any operation or set of operations which is performed…
You, as WordPress owner, you are the controller A controller is someone who determines the purpose (the why) and means (the how) of processing personal data. If you own a website that does anything with its visitor’s personal data, you are the controller. You control your customers’ data and you…
You MUST get an explicit agreement to your Terms and Conditions and Privacy Policy from your visitors, customers, if they interact with your online presence (website, emails, social media, etc), no matter what they do. Examples are (but not limited): creating an account; signing up; requesting information from you; commenting…
GDPR Art. 5: GDPR states that you (as the controller) are also responsible for demonstrating that you are actually following the rules of GDPR. Read a more user-friendly version of the full law here: https://www.privacy-regulation.eu/en/article-5-principles-relating-to-processing-of-personal-data-GDPR.htm In the event of a data breach or another personal data related problem, being able…
Even if your WordPress does not have other user accounts exept yours (and ours too, if you are a recurrent customer), YOU ARE STILL COLLECTING your visitors personal data, with tools like: analytics, comments, reviews and any kinds of form submissions, social media integrations, wp plugins, etc. Starting from May…
The General Data Protection Regulation (GDPR) is a legal framework that sets guidelines for the collection and processing of personal information of individuals within the European Union (EU). The GDPR sets out the principles for data management and the rights of the individual, while also imposing fines that can be…
