How could I detect from where - which organization with address and contact details - the plugin comes?
This is important regarding GDPR:
If personal data is processed, I am obliged as data controller to conclude a data processing agreement with all companies that have potential access to this personal data.
This is particularly sensitive when dealing with manufacturers outside the EU, as the privacy shield agreement is no longer valid. It is therefore particularly important to ensure that no data ends up outside the EU, e.g. in the USA.
If I cannot guarantee this, it is imperative that I inform the customer that there is no data protection for the data processed by the customer and this fact must then be actively accepted by the customer - e.g. by checking a checkbox.
Conversely, this means that the website is not secure, which of course should be avoided.
If any of you have an Idea to solve the problem, please let me know.