GDPR option
- For the 'select-navigate-to' boxes, add an auto-complete option with your current pages (should be retainable from wp itself)
- Add the saved data to the wp-personal information cache, this is one of the newest options added to WordPress to make data-controll easy. (there is a fast option for deleting/editing the data if nesseccary.
It seems like this is a bug of the forum itself? I used a Base64 image to embed it in the post (as the buildin image takes a hosted image rather than an uploaded).
Basically when entering such an image you put something like:
Sadly this forum trims the ‘data:’ prefix from the image source, making it unrecognizable for the webbrowser. (e.g. it would make it look like:)
If you add the prefix yourself it will show the image again (though it will require you to go into developer/editor mode).
That’ll do as well indeed 😀
Any information about the data-retetion control?
Yes same questions. Is the plugin GRPD ready?
If yes how do you deal with this major option?
Thanks
All client data is stored within Appointments. By managing Appointments you can control the data of users. There is no centric storage of customers inside plugin.
Best regards,
Nikola
That’s what we found out indeed. Though in order to make things GDPR ready there needs to be extended control over client data.
Since the plugin only needs an appointment-id, the time-data and at most a valid email addres to make all the synchronization/logic work, there should be an option to control the retention of the remaining data (e.g. name, phone number, any custom fields etc.).
I noticed that WordPress has published an API for personal data control, maybe it is an option to hook into that system? Otherwise, the instalment of a cron-job, which removes additional/extra data would suffice the requirements IMO. (setting it to 5 min. vs. every weekend is a personal option in that case).
I would love to hear your thoughts about this!
Regards,
Hi, you want to remove other information from custom fields? Data from customers is inside Appointments, so maybe adding more convenient way of handling that data by filtering via email, exporting, altering etc.
Best regards,
NIkola
I don’t think the email/export is the problem (as we can control what will be send already). The main problem is the data retention by EA itself.
Basically there are multiple types of data which should be handled in different ways. There is non-personal data (which may be used by everyone).
Than there is personal data where the GDPR is in effect.
By law there is a set retention-time for each specific personal-data type which we have to comply with. For personal data that usually means that we either need to ask for permanent storage, or have a data-retetion policy in place (which is the main request here!!).
To make this feature totally complete we should note that different personal-data requires different retention times. For transaction-related data for example the usual retention-time is 7-10 years (for tax-control etc.), while for an email/phone number or (to make it interesting) medical information, the retention-time should be way shorter.
Maybe as an additional reason as to why this is important, personal-data should always be protected by certain standards (high level of encryption, double verification acces etc.). Since I don’t think the implementation of these standards are that easy to achieve, the first alternative is to add a retention mechanism (preferably with an auto-export option) so EA doesn’t hold the responsibility of data-retention safty.
You are right, export of data is and cleaning the old appointments make sense. Regarding data-retetion I have similar thing on site here. Every form that is submitted is kept for only 2 hours. So you would like to have option to select custom fields and interval when it will be removed?
Best regards,
Nikola
That would be verry helpfull indeed. If (optionally) old appointments can be cleared as well, this plugin would make the perfect planning app for me (technical wise, skinwise Im curious what additions will come in the near future 😉 ).
ps. If you need help with designing, feel free to ask btw.
Can you tell me what part of design are talking about. Any help is more then welcome 🙂
Best regards,
Nikola
Hi, you want to limit how long data are stored? Can you give some example how that should look like.
Best regards,
Nikola
As it may differ from implementation to implementation of what should be retained, I would add a choice of which data should be removed and how long after the last appointment.
For your app to function properly you need all the data fields, until the appointment date. After that your app doesn’t have any use for it anymore, so that should be time-0.
So I would imagine a configuration which gives the options to:
– never remove data
– remove data immediatly after the appointment
– at a given time after the appointment (say 1 day; 7 days; 3 weeks etc.)
– at a given point per day/week/month/year (every evening at 20:00; every monday at 8:00; every second thirsday of the month at 12:00 etc.)
So to give it a visual perspective there are multiple ways to achieve this. Fast solution would be to add a table with every type of selected data (email, appointment time, appointment booking time, custom fields etc.), after each type a column with retention rules (one of the mentioned above).
A more fancy solution would be to add a table which contains data-groups. Each group contains the data types, and a retention rule (one of the mentioned above).
If you have questions regarding the example described above, feel free to ask
(ps. with a table I mean the data-structure, feel free to be creative with the visual stuff 😛 ).
Hi,
that is in plan to add. For example on EA demo pages there is cron that deletes appointments data after 15 minutes. I have one question or suggestion. That will be to have that action trigged by admin user. Something like delete appointments data older than , ,… etc.
If you want to have thing that you suggest that will require cron execution and deletion without user knowing.
Best regards,
Nikola
Please login or Register to submit your answer