Advanced Features – GDPR
In order to comply with GDPR requirements, Advanced Features Addon uses WordPress functions which are integrated to the WordPress core as of V4.9.6.
Prerequisites to use GDPR features
- WordPress version 4.9.6 or later
- A GDPR request form to integrate with GDPR core functions. There are several plugins for this purpose, for example GDPR Data Request Form plugin which we used for our tests.
Privacy Page
WP BASE adds its suggestions for the content of privacy page in Settings → Privacy admin page. You should combine suggestions from other plugins and publish your own Privacy Page. You can include the above GDPR request form to this page or to another one.
Request Export Personal Data
One of the requirements of GDPR is sending their personal data to the user when requested. WP BASE integrates with WordPress core functions and includes all saved user data, including UDF fields, to the user data that WordPress provides. Other plugins should hook in this function too. The process flow is as follows:
- Your client sends a personal data request using the GDPR Request Form
- He/she is required to confirm his email address
- When email is confirmed, you, as admin will receive a notification email. Visit Tools → Export Personal Data admin page and click Email Data button to send another email to the client
- Your client clicks the link in the email which opens an HTML document. WP BASE user data is included in this document
Request Erase Personal Data
Process flow for erasing personal data is similar to export personal data. WP BASE deletes all user meta and booking meta related to the submitted email address. Booking records do not contain personal data, but only user ID. As a result booking records are not deleted.