CM Reviews and Ratings - User Data Privacy and GDPR Compliance
User Data Privacy and GDPR Compliance
This article lists data the CM Reviews and Ratings handles and the tools the admin can use to ensure users have control over their data. The subject is closely tied with the GDPR (General Data Privacy Regulation).
Note that the plugin provides the admin with tools to enforce and communicate the regulation, and that it's his/her responsibility to adopt them.
This guide contains information about features that are under development/deployment. It will be updated as soon as they are fully functional.
Data the admin can collect that can be considered personal information
- Username - Will be deleted if the account is deleted.
- Email - Will be deleted if the account is deleted.
- IP Address - Associated to the review. The admin can turn the IP collection on/off.
Compliance tools: Retrieving a User's IP Address
- Reviews - The content is controlled by the users. The admin can choose to moderate it or not.
- Plugin Settings - Access Restriction - Restrict the ability to post reviews to selected roles.
- How To - Manage Reviews and Ratings (Edit, Delete, Hide, Publish and Approve).
General Compliance Tools
- Reviews Removal - The user can delete all of his/her submissions by using a link generated by the [cmr_delete] shortcode.
Learn more: Shortcodes
- Statistics - The admin can turn off IP address collection.
Learn more: Retrieving a User's IP Address
- Terms of Service - The admin can enable a disclaimer for first time users. Those who reject it won't be able to post reviews.
Learn more: Plugin Settings - Privacy