regarding GDPR: how could I find the organization of Plugin development?

How could I detect from where - which organization with address and contact details - the plugin comes?

This is important regarding GDPR:
If personal data is processed, I am obliged as data controller to conclude a data processing agreement with all companies that have potential access to this personal data.

This is particularly sensitive when dealing with manufacturers outside the EU, as the privacy shield agreement is no longer valid. It is therefore particularly important to ensure that no data ends up outside the EU, e.g. in the USA.

If I cannot guarantee this, it is imperative that I inform the customer that there is no data protection for the data processed by the customer and this fact must then be actively accepted by the customer - e.g. by checking a checkbox.

Conversely, this means that the website is not secure, which of course should be avoided.

If any of you have an Idea to solve the problem, please let me know.

Plugins usually do not collect any data for their authors, if they are, you will be generally notified about it in the admin. They can of course save personal data of your visitors (like cookies, or if you have some sort of form), but those are stored on your site, the plugin authors do not have access to that.

1 Like

Thanks for advice :+1:

  • Plugins must not transmit any data to a third-party server, including your server, without the user being informed what will be transmitted and the user opting to it. The user must be able to opt out at any time and must be informed if the data being transmitted changes.
1 Like