What is the GDPR?
User privacy and data protection are top of mind for many businesses, website owners, and users of online services. The General Data Protection Regulation (GDPR) is a new, comprehensive European privacy law that’s driving much of the recent attention. The GDPR, among other things, requires companies and site owners to be transparent about how they collect, use, and share personal data. It also gives individuals more access and choice when it comes to how their own personal data is collected, used, and shared. You can read more information about the GDPR and its requirements on our GDPR resource page.
It’s important to understand that while the GDPR is an European regulation, its requirements apply to all sites and online businesses who collect, store, and process personal data about residents of the EU no matter where the business is located.
With the GDPR in mind, we’re working hard to add features that enhance user choice around their personal data and bring more transparency to our practices around the collection, storage, and use of the data our users entrust to us.
Our Commitment to GDPR Compliance
As the enforcement date for the GDPR (May 25, 2018) approaches, we are working on several enhancements and tools to help WordPress.com, Jetpack, and WooCommerce services on their own compliance journeys.
Over the coming weeks, we will be introducing a number of new features and pieces of documentation to:
- Honor personal data access and export requests for our WordPress.com, Jetpack, and WooCommerce users.
- Offer account closure for WordPress.com accounts.
- Enable opt-outs for Automattic’s first-party analytics system for WordPress.com users.
- Provide more information on the cookies we use in our services, such as via on-site notifications (banners) that highlight the cookies we use on our sites.
We’re also releasing features to help you and your site meet the requirements of new privacy laws. These include: a new “cookie and consent” notification that WordPress.com and Jetpack site owners can add to their sites, and tools for our WooCommerce.com merchants to manage data access and deletion requests from their customers.
These new features are in addition to the features we have already launched (and will be blogging about here soon) and the privacy protections we had in place already to help you control your content, keep it secure, or even move your site to another WordPress host.
We’ve always held a strong commitment to user privacy and security. Many of the GDPR’s principles align with our long-held values and we look forward to sharing our privacy related work with you.