Title: GDPR Author: Trew Knowledge Published: 2018年2月16日 Last modified: 2026年2月24日 --- プラグインを検索 ![](https://ps.w.org/gdpr/assets/banner-772x250.png?rev=1837142) ![](https://ps.w.org/gdpr/assets/icon.svg?rev=1837142) # GDPR 作者: [Trew Knowledge](https://profiles.wordpress.org/trewknowledge/) [ダウンロード](https://downloads.wordpress.org/plugin/gdpr.2.1.2.zip) * [詳細](https://ja.wordpress.org/plugins/gdpr/#description) * [レビュー](https://ja.wordpress.org/plugins/gdpr/#reviews) * [インストール](https://ja.wordpress.org/plugins/gdpr/#installation) * [開発](https://ja.wordpress.org/plugins/gdpr/#developers) [サポート](https://wordpress.org/support/plugin/gdpr/) ## 説明 This plugin is meant to assist a Controller, Data Processor, and Data Protection Officer (DPO) with efforts to meet the obligations and rights enacted under the GDPR. ### ドキュメンテーション [https://github.com/trewknowledge/GDPR/wiki](https://github.com/trewknowledge/GDPR/wiki) ### Collaboration You can send your pull request at [https://github.com/trewknowledge/gdpr](https://github.com/trewknowledge/gdpr) ### Shortcodes & helper functions [https://github.com/trewknowledge/GDPR/wiki/Functions-&-Shortcodes](https://github.com/trewknowledge/GDPR/wiki/Functions-&-Shortcodes) ### Features * Consent management * Privacy Preference management for Cookies with front-end preference UI & banner notifications * Privacy Policy page configurations with version control and re-consent management * Rights to erasure & deletion of website data with a double opt-in confirmation email * Re-assignment of user data on erasure requests & pseudonymization of user website data * Data Processor settings and publishing of contact information * Right to access data by admin dashboard with email look up and export * Right to access data by Data Subject with front-end requests button & double opt-in confirmation email * Right to portability & export of data by Admin or Data Subject in XML or JSON formats * Encrypted audit logs for the lifetime of Data Subject compliance activity * Data Subject Secret Token for two-factor decryption and recovery of data * Data breach notification logs and batch email notifications to Data Subjects * Telemetry Tracker for visualizing plugins and website data ### Settings **General** From the Settings options in the dashboard, you can select the Privacy Policy page for tracking and logging consent. On login, the user must consent to the Privacy Policy outlined on the site. If the user does not consent, the user will not be registered or logged in. If the site owner updates the Privacy Policy page content, the change will be logged and flagged to the admin that they must notify users on next login to seek re-consent. Additionally, the warning message can be dismissed in the event of a minor correction or mistake. Additionally, under General Settings the Admin can set the outgoing email limitation which would set the batch notification email limit per hour in the event of a Breach Notification. **Cookie Preference Management** Similar to consent management, users can opt in or out of cookies that are being used on the site. There are 3 formats of cookies that can be created which include: * **Always Active:** Cookies that are always active or are required for the site to function. * **Toggled:** Cookies that can be activated or blocked based on the user preference * **Opt-Out Link:** Cookies that require configuration from a third-party source in order to opt-out Depending on the user preference setting, you can use the `is_allowed_cookie( $cookie)` function to save and set the cookies. The cookie with the user approved cookies can be found at another cookie named `gdpr_approved_cookies`. There’s also a helper function called `is_allowed_cookie( $cookie )` that you can use to prevent setting up a cookie. **Consent Management** Consents can be registered on the settings page. They can be optional or not. By default, this plugin comes with a Privacy Policy consent that users need to agree with on registration. For optional consents, there’s a wrapper function `have_consent( $consent_id )` to help you display or hide something on the site depending if the user gave consent or not. Consents are logged to the user record for auditing or for access purposes. ### Requests Table & Rights of Data Subject **Right to Erasure Requests** 1. The Data Subject is able to submit a request to be erased from the site using a shortcode. 2. When a request is made, the Data Subject will receive an email confirmation to confirm the deletion request. 3. a. After email confirmation, the user request is added to the requests table for review by the Administrator. The Administrator can also add a user manually with an email look up and review. b. If the Data Subject has content published on the site for any post types or comments, they will be added to this table. If they do not have any content, they will receive a confirmation of erasure request and be provided a 6 digit Token for safekeeping after erasure in case of recover data needs. c. The requests table allows the Administrator to reassign any content to another user or delete it. d. In the event of comments, the Data Subject’s content would be made anonymous. 4. Admin can also manually add users to the erasure requests table with a manual email search **Right to Access Data Request & User Data Portability** 1. The Data Subject can place a request to download their data with the shortcode. 2. After requesting their data, the user will receive a double opt-in confirmation email then the plugin will generate an XML or JSON file, which will be emailed to them for download with an expiration time of 48 hours. **Right to Rectify & Complaint Requests** 1. The Data Subject can place a request to rectify data or file a complaint with the shortcode. 2. After making their request, the user will receive a double opt-in confirmation email and then add them to the table for admin to handle the request. ### Tools **Access Data** The Access Data tool allows the Admin to look up a user email and view the data of a particular user. The Admin can download and export the data in a JSON or XML format and provide to the Data Subject if manually requested. NOTE: This method should not be used without the Data Subject confirming their identity. **Audit Log** Everything the Data Subject does from registration, providing consent to the privacy policy, terms of service and other requests are logged and encrypted in a database. Data breach notifications are also logged to all Data Subjects upon confirmation by Controller. 1. Using the Data Subject’s email, you can look up and retrieve the user information and display it. 2. If the Data Subject has been removed from the site, this encrypted log is deleted from the database and saved as an encrypted file inside the plugin folder. If in the future, the Data Subject makes a complaint or there is a need to recover the data, the user can provide their email address and the 6 digit token they received from the deletion confirmation email to decrypt and retrieve the file. **Data Breach & Notifications** In case of a data breach, the Admin can generate a Data Breach Notification to users by logging the information and confirm the breach through a double opt-in confirmation email. The following information would be recorded in the audit log: 1. Nature of the personal data breach 2. Name and contact details of the data protection officer 3. Likely consequences of the personal data breach 4. Measures were taken or proposed to be taken Once the confirmation of the breach has been confirmed via email, the website will begin a batch email notification process to all users every hour until all users receive the notification. ### Telemetry Tracker The Telemetry Tracker feature will display all data that is being sent outside of your server to another destination. It will indicate the plugin or theme responsible, file and line where the data is being sent. WordPress Core and some plugins gather data from your install and send this data to an outside server. WordPress Plugin Repository does not allow plugins to do that, but premium plugins are able to do this because they are not bound by the Plugin repository rules. If you did not explicitly opt-in for this feature you should make a complaint. ### Important! Activating this plugin does not guarantee that an organization is successfully meeting its responsibilities and obligations of GDPR. Individual organizations should assess their unique responsibilities and ensure extra measures are taken to meet any obligations required by law and based on a data protection impact assessment (DPIA). ## スクリーンショット * [[ * Cookie settings page. * [[ * Cookie notification bar. * [[ * Cookie management modal. * [[ * Registration with consent checkboxes. * [[ * Consent management modal. * [[ * Privacy Policy page updated. Asking for re-consent. * [[ * User deletion review table. * [[ * Telemetry Tracker. * [[ * Audit Log sample. ## インストール 1. Upload the plugin to the `/wp-content/plugins/` directory 2. Activate the plugin through the ‘Plugins’ menu in WordPress 3. Fill out all sections of the settings page. ## FAQ ### What is GDPR? This Regulation lays down rules relating to the protection of natural persons with regard to the processing of personal data and rules relating to the free movement of personal data. This Regulation protects fundamental rights and freedoms of natural persons and in particular their right to the protection of personal data. The free movement of personal data within the Union shall be neither restricted nor prohibited for reasons connected with the protection of natural persons with regard to the processing of personal data. ### How do Businesses benefit from GDPR? * Build stronger customer relationships and trust * Improve the brand image of the organization and its brand reputation * Improve the governance and responsibility of data * Enhance the security and commitment to the privacy of the brand * Create value-added competitive advantages ### When is the GDPR coming into effect? It will be enforced on May 25th, 2018. ### Who does the GDPR affect? The GDPR applies to all EU organisations – whether commercial business, charity or public authority – that collect, store or process EU residents’ personal data, even if they’re not EU citizens. The GDPR applies to all organisations located within the EU, whether you are a commercial business, charity or public authority, institution and collect, store or process EU citizen data. It also applies to any organisation located outside of the EU if they also collect store or process EU citizen data. ### What is considered personal data? The GDPR defines personal data as any information or type of data that can directly or indirectly identify a natural person’s identity. This can include information such as Name, Address, Email, Photos, System Data, IP addresses, Location data, Phone numbers, and Cookies. For other special categories of personal data, there are more strict regulations for categories such as Race, Religion, Political Views, Sexual Orientation, Health Information, Biometric and Genetic data. ### What are the penalties for non-compliance? Organizations can be fined up to 4% of annual global turnover for breaching GDPR or €20 Million. This is the maximum fine that can be imposed for the most serious infringements. There is a tiered approach to the fines whereby a company can be fined 2% for not having their records in order (Article 28), not notifying the supervising authority and Data Subject about a security breach or for investigating and assessing the breach. ### Am I compliant just by activating this plugin? No, this plugin is meant to assist a Controller, Data Processor, and Data Protection Officer (DPO) with efforts to meet the obligations and rights enacted under the GDPR. Activating this plugin does not guarantee that an organisation is successfully meeting its responsibilities and obligations of GDPR. Organisations should assess their unique responsibilities and ensure extra measures are taken to meet any obligations required by law and based on a data protection impact assessment (DPIA). ## 評価 ![](https://secure.gravatar.com/avatar/8d726c063e218b6a62c8765ba27b08eaa688c09ad0449d46566ffd56ee3c66f5? s=60&d=retro&r=g) ### 󠀁[cool futures inside](https://wordpress.org/support/topic/with-ads/)󠁿 [alpharesellers](https://profiles.wordpress.org/alpharesellers/) 2020年2月26日 Very good experience, this plugin has some cool futures inside. ![](https://secure.gravatar.com/avatar/f0dcfc0aafb8cc7fe0b5acb4a3588184556aeae98dda817792ff419111c928ae? s=60&d=retro&r=g) ### 󠀁[Thank you for making better relations with a legal regulation and customers](https://wordpress.org/support/topic/thank-you-for-making-better-relations-with-a-legal-regulation-and-customers/)󠁿 [n381](https://profiles.wordpress.org/n381/) 2019年9月23日 Hello, Thank you for making this plugin and enabling WP websites better relations with a legal regulation and customers as well. I agree there are several possible issues and found that it is necessary to exclude gdpr-public.js and gdpr-public. css from scripts optimizations, disable security cookie scan/sanitization and so, the plugin will work. Tested with WP 4.99 ![](https://secure.gravatar.com/avatar/5d29502a91c4fa692244f314a72a03bd612dc78b99277553e1d411b54439c38f? s=60&d=retro&r=g) ### 󠀁[Not so good](https://wordpress.org/support/topic/not-so-good-38/)󠁿 [aquasshi](https://profiles.wordpress.org/aquasshi/) 2018年12月3日 The cookie consent banner’s OK button does not work some times. ![](https://secure.gravatar.com/avatar/60dacdac23fbf297b1e39d61440a3a69e7196da3feb584983cbc5dea4b78350a? s=60&d=retro&r=g) ### 󠀁[The best GDPR plugin available](https://wordpress.org/support/topic/the-best-gdpr-plugin-available/)󠁿 [Opace Digital Agency](https://profiles.wordpress.org/opacewebdesign/) 2018年11 月9日 We use this plugin as standard now on all WP websites we develop at Opace. Before the GDPR legislation came into force, I searched long and hard for a solution that would provide all of the necessary compliance measures and tested various plugins. Some provided part solutions and others simply failed to work. Finding one that provided a full cookie compliance and consent management solution was difficult. There are a lot of options and features available with this plugin, but it’s one that I would highly recommend for any website owner. ![](https://secure.gravatar.com/avatar/3e4c5ba0b499db9f57e03c5adf70fcfe0e26f1d37f9c7d6b78c3b63468f5b2c4? s=60&d=retro&r=g) ### 󠀁[Too Many Updates](https://wordpress.org/support/topic/too-many-updates-8/)󠁿 [Bliss7](https://profiles.wordpress.org/bliss7/) 2018年11月8日 I don’t understand why this plugin is having sooo many updates, like sometimes every day. My Wordfence is keeping on giving me email alerts (because that is what it does) on every single plugin update and this plugin is one of the highest, for updates( sometimes every single day). Imagine if you have many sites, then all of them having Wordfence keeps on “spamming” you with alerts. And usually, it is this plugin (and a few others). Why don’t you just update several iterations in the background, and then only put out the plugin for update on the WordPress platform. Instead of every single little change, followed by immediate upload :-/ Don’t get me wrong. Updating is good, like rain upon the earth, but too many updates is like too much rain every day, leading to a flood. ![](https://secure.gravatar.com/avatar/aeecb9dfe6110ff9811b5ebfdb43d41e988abe3c42aab0f707f1fbd17c524fd3? s=60&d=retro&r=g) ### 󠀁[Don’t work correctly and bad support](https://wordpress.org/support/topic/dont-work-correctly-and-bad-support/)󠁿 [valentinchevo](https://profiles.wordpress.org/valentinchevo/) 2018年10月22日 i apply custom code pour _ga but this plugin don’t work correctly and i helping support but no feedback, no help 🙁 [ 58件のレビューをすべて表示 ](https://wordpress.org/support/plugin/gdpr/reviews/) ## 貢献者と開発者 GDPR はオープンソースソフトウェアです。以下の人々がこのプラグインに貢献しています。 貢献者 * [ Trew Knowledge ](https://profiles.wordpress.org/trewknowledge/) * [ Fernando Claussen ](https://profiles.wordpress.org/fclaussen/) * [ Matthew Farlymn ](https://profiles.wordpress.org/matthewfarlymn/) “GDPR” は15ロケールに翻訳されています。 [翻訳者](https://translate.wordpress.org/projects/wp-plugins/gdpr/contributors) のみなさん、翻訳へのご協力ありがとうございます。 [“GDPR” をあなたの言語に翻訳しましょう。](https://translate.wordpress.org/projects/wp-plugins/gdpr) ### 開発に興味がありますか ? [コードを閲覧](https://plugins.trac.wordpress.org/browser/gdpr/)するか、[SVN リポジトリ](https://plugins.svn.wordpress.org/gdpr/) をチェックするか、[開発ログ](https://plugins.trac.wordpress.org/log/gdpr/)を [RSS](https://plugins.trac.wordpress.org/log/gdpr/?limit=100&mode=stop_on_copy&format=rss) で購読してみてください。 ## 変更履歴 #### 2.1.1 * Updating dependencies. * Fixing some code standards errors. * Fix tooltip styles affecting other parts of the admin panel. * Fixed a W3C validation error. * Fixed a “Headers Already Sent” error while doing cron jobs. * Added more accents to the array of replacements * Made possible to sort by consent in the admin users page. * Added “move up” and “move down” buttons for each cookies category. * Detect current language code and load correct recaptcha based on it. * Moved partials to templates so they can be overwritten by themes. * Fix issue where some modals would not close. * Fix issue where tapping the X on modals would jump. #### 2.1.0 * チェックボックスをラベルで囲み、同じ行に収まるようにします。 * 初期の WPML と Polylang の変換設定ファイルを追加します。 * いくつかのテキストが変わります。 * メール送信者を変更します。これによりうまくいけばSMTPの問題が解消します。 * トグルの隣に ON/OFF インジケーターを追加しました。 * Added close buttons to bars so they don’t stop users from accessing footer links. * バーボタンからチェックマークアイコンをなくしました。このチェックマークは一部の ユーザを混乱させました。 * [gdpr_preferences] のショートコードに追加のパラメータを追加しました。tab=”target” を使用すると、特定のタブでプライバシー設定ウィンドウを開くことができます。利用 可能なターゲットのプラグイン設定を確認してください。 * ユーザがサイトのメンバーであるかどうか、または自分の電子メールに基づいていない かどうかを開示しないように要求エラーメッセージを更新する。この変更はユーザのプライバシー を保護するためのものです。 * クッキー用の soft-optin オプションを追加しました。これにより、必要に応じて初回 訪問時にこれらの Cookie が許可されますが、ユーザーはオプトアウトすることができ ます。 * バーの代わりに同意モードの画面を使用するオプションを追加しました。このモーダル は v1 から見た目が良くなるように作り直されました。(v2 アップデート後に強くリクエスト されました) * 軽微なバグ修正。 #### 2.0.10 * ユーザから事前の同意を得ていない場合に新しい再同意バーが表示されないのを修正しま した。 * アクティベーションに関する PHP のバージョンチェックを追加しました。 #### 2.0.9 * PHPCS でコードを削除した後に発生したシンタックスエラーを修正しました。 * 実行前に登録済みの同意が空かどうかをチェックしていなかった機能を修正 #### 2.0.8 * Googlebotなどのボットからプラグイン生成マークアップを非表示にする設定を追加し ます。 * 新しいカテゴリを追加した後にCookieカテゴリを閉じるボタンが表示されない問題を修正 しました。ボタンが表示される前に保存が必要でした。 * Display cookie categories that do not have anything in the cookies used option. * 同意が登録されていない場合の警告を修正しました。 * スモールスタイルとマークアップの強化 * WPサーバの負荷を軽減するための少しのクリーンアップ。 ## メタ * バージョン **2.1.2** * 最終更新日 **2か月前** * 有効インストール数 **10,000+** * WordPress バージョン ** 4.7またはそれ以降 ** * 検証済み最新バージョン: **6.9.4** * PHP バージョン ** 5.6またはそれ以降 ** * 言語 * [Catalan](https://ca.wordpress.org/plugins/gdpr/)、[Croatian](https://hr.wordpress.org/plugins/gdpr/)、 [Czech](https://cs.wordpress.org/plugins/gdpr/)、[Dutch](https://nl.wordpress.org/plugins/gdpr/)、 [English (US)](https://wordpress.org/plugins/gdpr/)、[Esperanto](https://eo.wordpress.org/plugins/gdpr/)、 [Finnish](https://fi.wordpress.org/plugins/gdpr/)、[French (France)](https://fr.wordpress.org/plugins/gdpr/)、 [Galician](https://gl.wordpress.org/plugins/gdpr/)、[Greek](https://el.wordpress.org/plugins/gdpr/)、 [Norwegian (Bokmål)](https://nb.wordpress.org/plugins/gdpr/)、[Romanian](https://ro.wordpress.org/plugins/gdpr/)、 [Slovak](https://sk.wordpress.org/plugins/gdpr/)、[Spanish (Chile)](https://cl.wordpress.org/plugins/gdpr/)、 [Spanish (Spain)](https://es.wordpress.org/plugins/gdpr/)、[Swedish](https://sv.wordpress.org/plugins/gdpr/). * [プラグインを翻訳](https://translate.wordpress.org/projects/wp-plugins/gdpr) * タグ * [compliance](https://ja.wordpress.org/plugins/tags/compliance/)[GDPR](https://ja.wordpress.org/plugins/tags/gdpr/) [general data protection regulation](https://ja.wordpress.org/plugins/tags/general-data-protection-regulation/) [law](https://ja.wordpress.org/plugins/tags/law/)[privacy](https://ja.wordpress.org/plugins/tags/privacy/) * [詳細を表示](https://ja.wordpress.org/plugins/gdpr/advanced/) ## 評価 5つ星中4.3つ星 * [ 44 5-星レビュー ](https://wordpress.org/support/plugin/gdpr/reviews/?filter=5) * [ 5 4-星レビュー ](https://wordpress.org/support/plugin/gdpr/reviews/?filter=4) * [ 1 3-星レビュー ](https://wordpress.org/support/plugin/gdpr/reviews/?filter=3) * [ 1 2-星レビュー ](https://wordpress.org/support/plugin/gdpr/reviews/?filter=2) * [ 7 1-星レビュー ](https://wordpress.org/support/plugin/gdpr/reviews/?filter=1) [Your review](https://wordpress.org/support/plugin/gdpr/reviews/#new-post) [すべてのレビューを見る](https://wordpress.org/support/plugin/gdpr/reviews/) ## 貢献者 * [ Trew Knowledge ](https://profiles.wordpress.org/trewknowledge/) * [ Fernando Claussen ](https://profiles.wordpress.org/fclaussen/) * [ Matthew Farlymn ](https://profiles.wordpress.org/matthewfarlymn/) ## サポート 意見や質問がありますか ? [サポートフォーラムを表示](https://wordpress.org/support/plugin/gdpr/) ## 寄付 このプラグインが今後も改善できるよう応援しませんか ? [ このプラグインに寄付 ](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=S3P8NHLF4DLZN&source=url)