iThemes & GDPR Compliance

Here at iThemes, we’re taking GDPR compliance seriously. Have questions about the upcoming GDPR changes and how iThemes is ensuring compliance? We’re here to help.

What is the General Data Protection Regulation (GDPR)?

The General Data Protection Regulation (GDPR EU 2016/679), which replaces the European Union (EU) Data Protection Directive (known as Directive 95/46/EC), is a European privacy law. The aim of the GDPR is to strengthen data privacy and protection for individuals within the EU, both citizens and non-citizens, as well as the transfer of EU personal data outside of the EU. The GDPR becomes enforceable on May 25, 2018. The GDPR requires companies and site owners to be transparent about how they collect, use and share personal data. It also gives individuals more access and choice when it comes to how their own personal data is collected, used and shared.

Is iThemes GDPR Compliant?

Yes! See the answers below for answers to your questions about iThemes and GDPR compliance. You can also check out our updated iThemes Privacy Policy, effective May 22, 2018.

To Whom Does the GDPR Apply?

The GDPR applies to any organization that processes and holds personal data of EU data subjects, regardless of whether or not the organization is a member of the 28 EU member states. The GDPR also applies to both citizens of the 28 EU member states, as well as any individuals transmitting data outside of the EU while traveling within the EU member states.

GDPR Compliance As It Relates To iThemes Products

We know you may have specific questions about how GDPR impacts our products. Here’s a brief overview.

• Our plugins and themes are integrating with the built-in privacy tools offered in WordPress 4.9.6 to help website administrators ensure that their websites are GDPR compliant.
• Our services are being updated to have privacy statements and necessary changes required for those services to be GDPR compliant.

Important: Update to WordPress 4.9.6

This release is unique as it includes a number of privacy-related features such as:

• Privacy policy page template/creation
• A built-in guide for generating your privacy policy page
• User data request handling
• User data export and removal tools
• Cookie opt-in for comments
• Other features related to GDPR compliance

Adding a Privacy Policy Page

With this release, site owners can now designate a privacy policy page. This page will be shown on your login and registration pages. You should manually add a link to your policy to every page on your website. If you have a footer menu, that’s a great place to include your privacy policy.

Data Exports & Data Erasure

The latest version of WordPress adds new screens to the WordPress > Tools menu. These new data handling features allow you to export and erase user data upon request.

• Data Exports: Site owners can now export a ZIP file containing a user’s personal data, using data gathered by WordPress and participating plugins.
• Data Erasure: You can now erase a user’s personal data, including data collected by participating plugins.

Still Have Questions about GDPR Compliance?

Please send all questions about the GDPR to [email protected].