JungleWP & the GDPR
At JungleWP, our company mission is to support your ongoing business and help build a better web. We believe that the protection of our customers' and their end users' data is key to the success of this mission.
The General Data Protection Regulation (GDPR) is a new European Union (EU) privacy law that comes into effect on May 25, 2018. The GDPR harmonizes data privacy laws across the EU and mandates how companies collect, store, delete, modify and otherwise process personal data of EU citizens. It applies to any company that processes personal data of EU citizens, regardless of whether such company has any physical presence in the EU, or even whether it has any EU customers.
Stronger rules on data protection from May 2018 mean EU citizens have more control over their data.
Here is a summary of site owners’ obligations in regards to collecting data related to EU citizens, which we’ve listed below:
- Tell the user who you are, why you collect the data, for how long, and who receives it.
- Get a clear consent (when required) before collecting any data.
- Let users access their data, and take it with them.
- Let users delete their data.
- Let users know if data breaches occur.
Each of these bullet points is subject to many caveats, exceptions, and degrees of how much you need to do, but they do serve as a good starting point.
What do you need to know or do as a WordPress site owner?
First, read up and do your research. Each e-commerce site site uses a different set of plugins, has a different flow for shipping, etc., so there isn’t a one-size-fits-all approach. You’ll need to know what you need to do for your specific site. This post is an introduction to help guide you in the right direction, and help you understand where we stand — it isn’t meant to be all-inclusive and we are unable to provide legal advice.
If you sell any products to customers based in the EU, or have EU visitors to your site, you’ll need to make sure your site complies with GDPR.
Your site can be considered GDPR-compliant, depending on how you’ve set it up. Code in WP has put together a breakdown of how the GDPR affects WordPress sites.
It’s also up to you as the site owner to communicate how your customers’ information is being used — it’s more of a communication and process question, rather than something that can be solved with technology.
What resources are there available to help you?
GDPR affects every site that operates in the EU — there are lots of resources to assist you further. This list should get you started, but it’s not meant to be comprehensive.
- WP Astra have put together an updated guide on How to Make Your WordPress Site GDPR-Compliant.
- Our friends at WPMU DEV have published a very thorough WordPress GDPR compliance guide for 2021, with critical details explained in plain English.
- Willow Consulting in Ireland has put together a fantastic post on what you need to do to comply with GDPR as an eCommerce site owner.
- Delete Me plugin allows users to delete their accounts.
- GDPR For WordPress is a project setting up a GDPR validation framework for WordPress plugins.
- Mailjet’s GDPR Journal: On The GDPR Track, Our Compliance Roadmap and FAQ.
- WP Tavern is regularly sharing information about GDPR.
How is JungleWP applying GDPR?
As a company that works with users in the EU, JungleWP also need to be compliant with GDPR.
JungleWP uses only your Personal payment information in order to process the payments of your services.
These information are stored on our partner's payments gateways (Paypal, or Stripe) depending on the payment method you choosed.
- JungleWP allows you as a customer to change or destroy your data at anytime.
- JungleWP is GDPR compliant from the groundup since we first started, as we built our solutions with data privacy in mind.
In short, we’re already GDPR compliant, and currently working to continue to enhance our user choice and bring more transparency to our practices around the collection, storage, and use of your data.
We’ll continue to post more information as we launch new features to enhance user privacy and data choice ahead of May 2018, and beyond.
If you have any questions about the your privacy, please contact us. You can write our privacy team at privacymanager @ junglewp.com or post to JungleWP Ltd, 21/F, On Hing Building, 1 On Hing Terrace, Central, Hong Kong.