search

mdsimpson / contact-form-7-to-database-extension

CFDB - WordPress plugin to save form submissions into a database
GNU General Public License v3.0
240 stars 59 forks source link

GDPR compliance #61

Open vertigofactory opened 6 years ago

vertigofactory commented 6 years ago

Hi, I was wondering if are you planning to make this plugin GDPR compliant.

You can find more info about the new EU Privacy Law and Wordpress here: https://wordpress.org/news/2018/04/gdpr-compliance-tools-in-wordpress/

Thank you

Taranis01 commented 6 years ago

why do you think it should be the database Plugin to add GDPR?

vertigofactory commented 6 years ago

I think it is necessary because into the new EU privacy law is required that the user must be able to access to all his data. Using your plugin I can store the data provided by the user through a form, so I have to manage this data. As example, if a user asks for his data I should be able to provide him a dump. I discovered an external solution (here: https://wp-gdpr.eu/add-ons/contact-form-db-7-addon/), but it is not free of charge, and the Wordpress team is working on a set of privacy tools for plugin developers, like a common interface, but the plugin should be compatible with this interface, it's not an automatic process.

Taranis01 commented 6 years ago

ah i understand. However, i'm not the developer ^^

luckyday4 commented 6 years ago

@vertigofactory It seems that the fonctionality you ask would be native on 4.9.6.

But this is not the biggest problem with CFDB7. The biggest pb is that personal data is not pseudonymised. As multiple people such as webmaster could access these datas (name, email, phone number) even if he doesn't need to plugin should provide something that allow you tu blur personnal data for non commercial ou Customer relationship users.

vertigofactory commented 6 years ago

@luckyday4 exactly, I'm agree with you. about the functionality I asked for: on 4.9.6 there's an interface called privacy tools, a sort of API, but it is required that the plugin make use of this interface (trivially, the wordpress interface cannot automatically know how the plugin saves the data into the db).

kunzi commented 6 years ago

I would also like to see a functionality that would automatically delete old data from database after certain amount of years. It seems that personal data should not be stored indefinitely and to manually delete data periodically would be cumbersome.

thewebtailors commented 6 years ago

I would love to see an automatic delete after x days feature as well.

dominikmuellerwf commented 5 years ago

Yes, an automatic deletion of records after x days/months would be great!