Whether you are building a website for yourself or for a client, you have probably run into WordPress. WordPress is a free and open source content management solution that can be used to build websites with a wide variety of features, from a simple blog to a complex online store and everything in between. WordPress has long been one of the favorites of website builders, not only due to its ease of use and adaptability to your needs, but also for its large and supportive community. This community regularly meets at WordCamps to share knowledge, make new friends, and volunteer to work on the WordPress project.
- What privacy laws you need to comply with; and
- Whether the template actually meets the disclosure requirements that apply to you.
It is important to note that just these first two tasks could potentially take up hours of your time if you are attempting to complete them without help.
- California Online Privacy and Protection Act of 2003 (CalOPPA);
- California Consumer Privacy Act (CCPA);
- Delaware Online Privacy and Protection Act (DOPPA);
- Nevada Revised Statutes Chapter 603A;
- General Data Protection Regulation (GDPR); and
- Personal Information Protection and Electronic Documents Act (PIPEDA).
|Effective date||CalOPPA, DOPPA and Nevada Revised Statutes Chapter 603A||No|
|What Personally Identifiable Information you collect (note that some privacy laws require you to disclose the categories of PII that you collect, while others state that you need to provide the specific pieces of PII that you collect)||CalOPPA, CCPA, DOPPA, Nevada Revised Statutes Chapter 603A, GDPR, and PIPEDA||Yes|
|Sources from which you collect PII||CCPA, and PIPEDA||No|
|Purposes for which you will be using the PII||CCPA, GDPR, and PIPEDA||No|
|How your website responds to Do Not Track Signals||CalOPPA and DOPPA||No|
|Whether you sell PII and, if you do, what rights consumers have regarding such sales||Nevada Revised Statutes Chapter 603A and CCPA||No|
|The privacy rights afforded to consumers||CCPA, GDPR, and PIPEDA||Yes. However, the suggested text does not include the full list of privacy rights afforded by each of these laws.|
|How consumers can make a complaint to the relevant authorities about your privacy practices||GDPR and PIPEDA||No|
|How long you store PII||GDPR||Yes. The template states that certain PII is retained indefinitely, which can be a violation of GDPR’s data storage requirements.|
|Whether you plan on using PII for direct marketing purposes and, if you do, how consumers can opt out of such direct marketing||GDPR||No|
|Your other policies, procedures, standards and codes||PIPEDA||No|
- The suggested text includes language that is in direct violation of certain privacy laws. For example, the suggested text states that certain PII is retained indefinitely. However, this is in direct violation of the GDPR, which requires PII to be kept for a certain time period only (e.g. 1 year) or to state the criteria that will be used to determine the storage period for PII (e.g. we retain your PII until you unsubscribe from our emails).
Hans Skillrud is the cofounder and Vice President of Termageddon. Hans is the Vice President of Termageddon, overseeing sales & marketing. Hans ran a 12-person web design agency in downtown Chicago for 7 years, and sold it in March of 2019 to focus all of his attention on Termageddon. In his free-time, Hans enjoys history, philosophy, reading, and drinking whiskey with friends.