在隐私(Privacy)方面,欧洲(Europe)一直在严格确保每个网站都披露他们如何收集访问者的数据。欧盟的通用数据保护条例 (GDPR)(General Data Protection Regulation (GDPR))将于(Europe)5 月 25 日(May 25)生效。它同样要求公司和网站所有者对他们如何收集、使用和共享个人数据保持透明。 WordPress作为一个平台为全球最大数量的网站提供支持,今天他们推出了 4.9.6 版本,现在可以使用隐私(Privacy) 作为其主要亮点。
(GDPR)在如何收集、使用和共享他们自己的个人数据时,GDPR还为个人提供了更多访问权限和选择。WordPress在此版本中添加了许多新的隐私功能。让我们来看看。
在 WordPress 网站中配置隐私
升级到WordPress 4.9.6后,如果您使用WordPress的默认主题,您应该会立即看到一些更改。
WordPress中的隐私政策页面
网站所有者现在可以使用WordPress中的内置工具创建专用的隐私政策(create a dedicated privacy policy)页面。虽然您始终可以使用提及所有内容的现有页面,但如果您没有,该模板将包含欧盟通用数据保护条例(General Data Protection Regulation)( GDPR ) 中推荐的大多数内容的格式。
在您的WordPress Dashboard中,以管理员身份进入Settings > Privacy。我建议您先查看模板,但您始终可以链接您网站的现有隐私页面(Privacy Page)。
这个新页面允许您在“我们收集哪些个人数据以及我们为什么收集它”标题下添加部分或收集哪些数据,以及为什么这样做。该部分扩展为
- 评论
- 媒体
- 联系表格
- 饼干
- 来自其他网站的嵌入内容
- 分析
- 其他信息
- 您如何保护数据
- 我们有哪些数据泄露程序
- 我们从哪些第三方接收数据
- 我们对用户数据进行哪些自动化决策和/或分析
- 行业监管披露要求
您将需要解释一切,并且对于大多数事情,您可以根据您的网站修改模板数据。
除此之外,WordPress还创建了一个指南,其中包括来自WordPress和参与插件的关于它们如何处理个人数据的见解。该公司建议您将其复制并粘贴到您网站的隐私政策中,以帮助您入门。在wordpress.org上(wordpress.org)插件手册的(Plugin Handbook)隐私(Privacy)部分了解更多信息。
个人数据导出和删除
WordPress还包括一个工具,可让您从您的网站导出或删除个人数据。如果您有必要这样做,此工具将派上用场。虽然数据导出非常简单,因为它允许站点所有者使用WordPress和参与插件收集的数据导出包含用户个人数据的ZIP文件。(ZIP)数据(Data)擦除是有趣的。
数据擦除(Data Erasure)是一种基于电子邮件的新方法,网站所有者可以使用它来确认个人数据请求。此请求确认工具适用于导出和删除请求,也适用于注册用户和评论者。它可以删除用户的个人数据,包括参与插件收集的数据。
因此,例如,如果有人要求您从您的网站中删除他的数据,您可以询问该网站的电子邮件 ID,然后使用此界面获得他的确认。收到后,您可以删除他的所有数据。然后发送确认。
评论:(Comments: )不属于网站的访问者,即退出的评论者可以选择是否将他们的姓名、电子邮件地址和网站保存在浏览器上的 cookie 中。简而言之,当您再次访问评论时,评论框中的那些字段将不会自动填充。
为什么需要遵循这个?
用户的隐私长期以来一直受到侵犯,并被用于广告,并随时随地跟踪他们。虽然它为公司和网站所有者带来了很多钱,但这并不是一种健康的做法。如果你没有得到这部分?欧盟的通用数据保护条例(General Data Protection Regulation)( GDPR ) 已将此作为法律。
如果你不遵守这一点,它将长期影响你。即使是像谷歌(Google)这样运营最大广告平台Adsense的大公司,也会要求网站所有者遵守。使用分析工具时,您必须遵守它。
在不遵守规定的情况下,欧盟有权对您进行金钱罚款。它将从警告到谴责(Reprimand)到暂停(Suspension)数据处理到罚款(Fine),最高可达 2000 万欧元或全球年营业额的 4%。这对于那些在欧盟开展业务的人来说很重要,对于那些在欧盟以外的人来说,与您有联系的公司会要求您采取适当的行动。
提示(TIP):WordPress 提供了几个插件,您可以使用这些插件使您的博客符合GDPR。其中一个易于实施的免费软件是Quantcast GDPR Consent。您可以在此处(here)自行配置或从 WordPress.org 下载。
How to configure Privacy in WordPress and Why it's important
When it comes to Privacy, Europe had been working strictly to mаke sure every website reveal how they are cоllecting data about the visitоrs. The European Union’s General Data Protection Regulation (GDPR) takes effect on May 25. It requires the same i.e. companies and site owners to be transparent about how they collect, use, and share personal data. WordPress as a platform powers maximum number of websites around the world, and today they have rolled out version 4.9.6 is now available with Privacy as its main highlight.
GDPR also gives individuals more access and choice when it comes to how their own personal data is collected, used, and shared. WordPress has added a number of new privacy features in this release. Let’s have a look at it.
Configure Privacy in WordPress site
After an upgrade to WordPress 4.9.6, and if you are using the default theme of WordPress, you should see some changes right away.
Privacy Policy Page in WordPress
Website owners can now create a dedicated privacy policy page using an inbuilt tool in WordPress. While you can always use an existing page where you had mentioned everything, if you haven’t the template will include a format for most of the things that are recommended in European Union’s General Data Protection Regulation (GDPR).
In your WordPress Dashboard, as admin, to Settings > Privacy. I will suggest you look at the template first, but you can always link an existing Privacy Page of your website.
This new page lets you add sections or which you collect data, and why you do it under the heading “What personal data we collect and why we collect it”. The section expands to
- Comments
- Media
- Contact forms
- Cookies
- Embedded content from other websites
- Analytics
- Who we share your data with.
- How long we retain your data.
- Other information
- How you protect data
- What data breach procedures we have in place
- What third parties we receive data from
- What automated decision making and/or profiling we do with user data
- Industry regulatory disclosure requirements
You will need to explain everything, and for most of the things, a template data is available which you can modify according to your website.
Apart from this, WordPress has also created a guide that includes insights from WordPress and participating plugins on how they handle personal data. The company recommends you to copy and past it into your site’s privacy policy to help you get started. Learn more in our Privacy section of the Plugin Handbook on wordpress.org.
Personal Data Export and Erasure
WordPress also includes a tool which allows you to export or erase personal data from your website. This tool will come in handy if at all it becomes necessary for you to do it. While the data export is very simple as it allows site owners to export a ZIP file containing a user’s personal data, using data gathered by WordPress and participating plugins. Data Erasure is what is interesting.
Data Erasure is a new email-based method that site owners can use to confirm personal data requests. This request confirmation tool works for both export and erasure requests, and for both registered users and commenters. It can erase a user’s personal data, including data collected by participating plugins.
So for example, if someone requests you to remove his data from your website, you can ask the email id which is with the website You then use this interface to get his confirmation. Once received, you can delete all his data. A confirmation is then sent across.
Comments: Visitors who are not part of the website i.e. Logged-out commenters will have a choice if their name, email address, and website will be saved in a cookie on their browser. In simple words, those fields in the comment box will not be auto-filled when you visit to comment again.
Why do you need follow this?
Privacy of users have been long breached, and used for advertisements, and tracking them wherever they go. While it gets companies, and website owners a lot of money, it’s not a healthy practice. And if you don’t get this part? European Union’s General Data Protection Regulation (GDPR) has made this a law.
If you don’t follow this, it will affect you in long term. Even big companies like Google which runs the biggest advertisement platform, Adsense, will be asking site owners to comply. When using an analytics tool, you will have to comply with it.
Under non-compliance, EU has authority to take fine from you in terms of money. It will start from a Warning to Reprimand to Suspension of data processing to Fine which could be Up to €20 million or 4% of global annual turnover. This is important for those doing business in EU, and for those outside, the companies connected with you would ask you to take proper action.
TIP: WordPress offers several plugins that you can use to make your blog GDPR compliant. A free one which is easy to implement among them is Quantcast GDPR Consent. You can configure it yourself here or download it from WordPress.org.