Updates for the GDPR合规 of the most popular CMS platforms

Today, we’d like to shed some light on the GDPR-related changes in the leading CMS.

GDPR stands for the General Data Protection Regulation, which was introduced by European Union. 它成了人们感兴趣的主要话题. The most frequent questions site owners ask nowadays are “What is the GDPR?、“我该怎么做才能使我的公司符合GDPR规定? website?”, “What are the GDPR requirements and what should I have in my GDPR合规 checklist?”, etc.

GDPR定义

We’re happy to help you deal with those questions, so let’s start with a short GDPR overview.

GDPR abbreviation means “General Data Protection Regulation” and that means that European Union governments make everything possible to improve data protection and take care of data privacy by using laws as the main leverage.

GDPR的截止日期到了 May 25, 2018违反GDPR的制裁已经有了真正的机制. 从现在开始，每一个 website 业主应该使自己的网站符合GDPR的要求. 特别地， website has to inform site visitors about gathering of their personal information, 你网站的用户必须同意 website Terms of Use (GDPR Privacy Policy) in case any personal data is to be submitted from their side.

很明显，领头的 CMS platforms that are used by millions of websites over the web couldn’t ignore this and have already worked on some features to help site owners gain this aim.

GDPR合规更新在WordPress

从版本4开始.9.6 following things were changed in WordPress in order to improve data privacy:

• 增加了关于隐私政策管理的说明 multisite 安装(仅供管理员使用).

• There were added details about themes passing the fields argument to comment_form().

Whenever someone posts a comment, the system will pre-populate their name, email, and website 到注释表单的相应字段中. Also, now they can change their mind and remove the comments pending for approval.

There was also added an option to choose the Privacy policy page via Settings > Privacy 部分 Dashboard. In the new installations, the Privacy policy page will be available by default as a draft. The site visitors are also given the choice either to agree to or reject using cookies，这将收集有关他们活动的某些数据. 然而,使用 cookies 是可选的，是各自的 checkbox 由于GDPR同意要求而存在.

Another important thing is the GDPR rule for “the right to be forgotten”. That’s why, now in WordPress you can export your personal data, as WordPress 4.9.6包含一个to的选项 archive 导出的用户数据. 该功能允许用户生成ZIP文件 archive 他们所有的数据都在WordPress上 website. The entire process of using this tool is already described in the WordPress法典，如果需要，请按照步骤进行操作.

简而言之，您应该使用 Tools > Export Personal Data 菜单，输入您的电子邮件并同意数据导出请求. Then, email the data to yourself or download it directly using the special 下载个人资料 popup menu. You can also submit the removing data request using the same tool.

你也可以得到 GDPR Suite Zemez提供.为你的WordPress设置io website. The following important changes will be integrated into your theme to comply with the core GDPR rules:

• 隐私政策页面(包含示例内容)将添加到您的 WordPress模板.

• A notification of consent to store data with a link to the privacy policy page and the checkbox 在所有内置主题联系表单中.

• A notification of consent to store data with a link to the privacy policy page and the checkbox 在WordPress注册表单.

• A notification of consent to store data with a link to the privacy policy page and the checkbox 在所有内置 newsletter subscription forms or implementing double opt-in (depends on the nature of subscription form).

• GDPR评论表单隐私 checkbox.

• Cookies usage banner 这个通知 website 参观者了解的用法 cookies on your website.

This service is completed within 3-4 business days and costs $59. 随便拿吧 here. 这里有一个小小的对比, 在GDPR组织中，违反GDPR规则, can result in a fine up to 4% of the annual sales turnover or €20 Million (whichever is greater).

GDPR法律的第一个诉讼发生在德国, GDPR生效后5天, 罚款定为5万欧元. 结果是 公开提供(德文). That seems to be the first case of this type, but definitely not the last one. For sure, we’re not lawyers, so don’t take any of this as a legal advice, just keep that in mind.

Joomla的GDPR合规更新!

Joomla! 是另一个领导吗? CMS platform powering up websites all over the world, including EU countries. 欧洲数据隐私法影响其用户的利益, thereby, its developers have also started integrating the Privacy Tool Suite into their CMS.

Joomla team declares the intention to implement following changes into Joomla 3.9作为其GDPR解决方案:

• Provide an API for extension developers so they can report the data they collect and this info can be displayed in the new com_privacy extension (核心API项目委员会)

• 获得注册用户的同意(表格) plugin), track their consent, log their activities, and take care of the consent retention time (同意计划委员会)

• 简化与用户请求相关的工作流 (资料索取及计划委员会):

  • 使用户更容易提交信息请求

  • 跟踪用户请求的状态

  • 允许用户访问和下载他们的数据.

编码员、测试员和文案都欢迎加入 专用的存储库 (合作的空间，以工作的隐私 framework (Joomla)来帮助完成这个版本. 3 .目的.9的发布是为了满足数据保护标准, therefore, only the features related to the data protection policy are going to be merged to it. Joomla开发人员还计划发布Joomla 3.10有小的更新和功能改进可用.

如果你不想等Joomla团队, 但想要立即获得符合gdpr的更新, 你可能会感兴趣的 GDPR套件服务 Zemez提供.对于基于joomla的网站. The following important changes will be integrated into your template to comply with the core GDPR rules:

• A Cookie banner.

• Privacy policy page (with sample content) will be added to your template.

• A checkbox 在模板中 contact form 以获得数据存储的同意.

• A checkbox in the newsletter (if it is available 在模板中) 以获得数据存储的同意.

This service is completed within 24-48 business hours and costs $59, it’s recommended to get the service once and let the Zemez team get you covered. 请随意点菜 here.

Please note! Compliance to the GDPR is a risk-based ongoing process that involves your whole business. We are not eligible for any claim or action based on any information or functionality implemented with the offer.

感谢您阅读这篇文章! 现在你对已经完成的工作有了更多的了解, and what is planned for future implementation in the world’s most popular CMS 平台- WordPress和Joomla!

PLEASE NOTE! 我们不是律师，所以不要把这些当成法律建议!