Skip to main content
WP HealthKit

GDPR

The General Data Protection Regulation (GDPR) is an EU law that governs how personal data is collected, processed, and stored, with significant implications for WordPress plugins.

How it works

GDPR requires that any software handling EU residents' personal data obtains explicit consent, provides data access/export/deletion capabilities, and implements appropriate security measures. For WordPress plugins, this means any plugin that collects emails, stores user preferences, tracks analytics, or processes form submissions must comply.

In WordPress

WordPress added GDPR-related features in version 4.9.6: a privacy policy page tool, personal data exporters, and personal data erasers. Plugins should register with these tools using wp_add_privacy_policy_content() and the privacy data export/erase hooks.

Related terms

WP HealthKit checks for GDPR-related vulnerabilities automatically

Run a Free Audit
GDPR Explained for WordPress Developers — What You Need to Know | WP HealthKit