The new GDPR legislation is enforceable on May 25th, 2018. It upholds the highest standards of data privacy, and applies to any website that collects data from EU citizens. This means if you’re running a website and at least some of your users reside in the EU, the GDPR applies to you.
How Uncode helps you
Privacy preferences and consent management can be handled directly from the front end of your site, thanks to banner notifications.
There are convenient fallbacks for all native modules of Uncode connected to external services that send and receive personal data.
You can include and exclude content based on the user's consent. This is convenient if you use extra modules or plugins that send data.
The new WordPress 4.9.6 and WooCommerce 3.4 provide tools that help you meet the GDPR legislation requirements.
Let’s try to understand
When you use a service like Google Fonts, Google Analytics, YouTube, Facebook, or Twitter on your website, some personal data (usually your IP address) is sent to the provider in exchange for the free service offered. This data is then used to create targeted advertisements. Suppose that on your website’s home page, you use a YouTube video as the background for your main header. When this video is watched, some personal data about the viewer is sent to service provider (YouTube). It’s not compliant with the GDPR to simply include the video and communicate to the user that it's possible to disable it. After all, by the time the page loads, YouTube (in this example) has already collected some personal data.
The GDPR stipulates that users will first have to provide approval through consent before any data is processed. Obtaining this consent needs to be of the utmost importance.
Video Background & Lightbox Example
When your visitors watch a video from YouTube, some personal data (such as their IP address) is sent in exchange for the free service offered. If YouTube consent is denied, however, Uncode will use a fallback image. No personal data will be sent until YouTube consent is given by the user.
When your visitors watch a video from Vimeo, some personal data (such as their IP address) is sent in exchange for the free service offered. If Vimeo consent is denied, however, Uncode will use a fallback message. No personal data will be sent until Vimeo consent is given by the user.
“ ‘Personal data’ means any information relating to an identified or identifiable natural person (data subject); an identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that person ”. Definitely the GDPR states that IP addresses should be considered personal data as it enters the scope of ‘online identifiers’.
When you use a Spotify or SoundCloud audio, some personal data (such as their IP address) is sent in exchange for the free service offered. If these consent are denied, however, Uncode will use a fallback message. No personal data will be sent until the consents are given by the user.
With the Consent Logic feature, you can include or exclude Visual Composer rows based on each user's consent. This is convenient if you need to include custom elements that send personal data. In this example, if Custom Consent is enabled, a map with geolocation will be displayed.
WordPress 4.9.6 is now available. This is a GDPR privacy and maintenance release.
WooCommerce 3.4 add tools and features to help store owners become GDPR-compliant.
Export & Erase
Just using Uncode does not guarantee that an organization is successfully meeting its responsibilities and obligations to the GDPR. This page is a brief introduction of the GDPR, and presents some of the specific features of Uncode that can help you comply with the regulation. Organizations should assess their unique responsibilities, and ensure that any additional measures are taken that are necessary to meet any obligations required by law, as based on a data protection impact assessment.