[wp-trac] [WordPress Trac] #44013: Add Basic Access and Deletion Front-end Request Forms as shortcodes/widgets/blocks
WordPress Trac
noreply at wordpress.org
Wed May 9 05:15:13 UTC 2018
#44013: Add Basic Access and Deletion Front-end Request Forms as
shortcodes/widgets/blocks
-----------------------------+------------------------------
Reporter: webdevmattcrom | Owner: (none)
Type: feature request | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Shortcodes | Version:
Severity: normal | Resolution:
Keywords: gdpr | Focuses:
-----------------------------+------------------------------
Comment (by xkon):
Providing a core way of handling this would be good imho as well but with
1 note:
Replying to [ticket:44013 webdevmattcrom]:
> (no other fields are truly necessary since the confirmation emails would
be sent automatically, and no action would happen until confirmed).
Auto-confirmation should be made as a setting for each Admin to choose
(either in the settings privacy screen or a flag in the form shortcode
etc).
Why:
- The regulation says that you have to provide the data no later than a
month from the receipt except if there's a tech issue of course (but I
have no idea what counts as receipt, the day you took the request? Or the
day you confirmed it?)
- Some websites depending on their business background will choose extra
means of confirmation, for example by phone first before sending the
actual e-mail `if` that e-mail is sent eventually even. I already have 2
websites under my care that deal with this by phone first and then asking
for a 'written' confirmation. By making it auto-confirm without the option
of cancelling that it might create a problem for some as they wouldn't
expect their lists to become confirmed instantly on their admin tools
especially when the actual export/erasure actions are not automated.
I can't openly say why these 2 websites do it like this of course but I
can outline the flow but you'll see that the 'confirmation' part is pretty
much the last step:
- Users send an email with their request adding their contact information
(phone + email are mandatory).
- They get contacted by phone first from the company.
- They receive the email stating that they will receive their data in X
time (depending the situation) by Y means (usb/email/hdd whatever else).
- They confirm that they have read / understood the above told and that
they asked for their data.
- They get their data.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/44013#comment:3>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list