[wp-trac] [WordPress Trac] #44012: Store the agreed-to-privacy-policy date/timestamp to help prove GDPR compliance
WordPress Trac
noreply at wordpress.org
Sat May 19 02:37:06 UTC 2018
#44012: Store the agreed-to-privacy-policy date/timestamp to help prove GDPR
compliance
-----------------------------+------------------------------
Reporter: johnstonphilip | Owner: (none)
Type: feature request | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Privacy | Version: 4.9.5
Severity: normal | Resolution:
Keywords: gdpr | Focuses:
-----------------------------+------------------------------
Comment (by summoner):
IMHO storing at least if the user has ever given their consent is a must.
Just read Article 7 where it stands:
''1. Where processing is based on consent, the controller shall be able
to demonstrate that the data subject has consented to processing of his or
her personal data.''
I think beyond that storing even the timestamp of the consent is
desirable, as it is possible to compare that to the timestamp of the
publication of different Privacy Policies and thus it is possible to tell
which version of the policy has been accepted by the subject. To go even
further, maybe i would store an array of the timestamps of the consents,
that way the controller can clearly demonstrate which different versions
of the policy has been and exactly when has been accepted by the subject.
These infos might be crucial before the authorities or court.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/44012#comment:5>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list