About us
In this section you must indicate the URL of your site, as well as the name of the company, organization, or individual behind it, and some updated contact information.
The amount of information you may be required to disclose will vary depending on your local or national business regulations. For example, you may be asked to provide a physical address, a registered address, or your business registration number.
What personal data we collect and why we collect it
In this section you should note what personal data you collect from users and site visitors. This could include personal data such as name, email address, personal account preferences; transactional data, such as purchase information; and technical data, such as information about cookies.
You should also be aware of any collection and retention of sensitive personal data, such as data relating to health.
In addition to listing the personal data you collect, you must indicate why you collect it. These explanations must indicate the legal basis for the collection and storage of data or the active consent of the user.
Personal data is not just created by a user’s interactions with your site. Personal data is also generated from technical processes such as contact forms, comments, cookies, analytics and third party embeds.
By default, WordPress does not collect any personal data about visitors and only collects the data displayed on the user profile screen for registered users. However, some of your plugins may also collect personal data. Add relevant information below.
Comments
In this subsection you should note what information is captured in the comments. We have noted the data that WordPress collects by default.
Media
In this subsection you should note what information can be displayed from users uploading media files. All uploaded files are normally publicly accessible.
contact forms
By default, WordPress does not include a contact form. If you use a contact form plugin, use this subsection to indicate what personal data is captured when someone submits a contact form and for how long you keep it. For example, you can indicate that you keep contact form submissions for a certain period for customer service purposes, but do not use the information submitted through them for marketing purposes.
cookies
In this subsection you must list the cookies that your website uses, including those installed by your plugins, social networks and analytics. We have provided the cookies that WordPress installs by default.
Analytics
In this subsection you should note which analytics package you use, how users can decide about analytics tracking, and a link to your analytics provider’s privacy policy, if any.
By default, WordPress does not collect any analytics data. However, many web hosting accounts collect some anonymous analytics data. It is also possible that you have installed a WordPress plugin that provides analytics services. In that case, add that plugin’s information here.
With whom we share your data
In this section you must name and list all third-party providers with whom you share site data, including partners, cloud-based services, payment processors, and third-party service providers, and indicate what data you share with them and why. that. Link to your own privacy notices if possible.
By default, WordPress does not share any personal data with anyone.
How long we keep your data
In this section you must explain for how long you will keep the personal data collected or processed by the web. While it is your responsibility to establish how long each data set will be retained and why you are retaining it, that information should be listed here. For example, you can say that you keep contact form inputs for six months, analytics logs for one year, and customer purchase logs for ten years.
What rights do you have over your data?
In this section you must explain what rights your users have over their data and how they can exercise them.
Where your data is sent
In this section you should list all transfers of your site’s data outside of the European Union and describe the means by which that data is protected in accordance with European data protection standards. This could include your web hosting, cloud storage, or other third-party services.
European data protection law requires that data about European residents that is transferred outside of the European Union be safeguarded to the same standards as if the data were in Europe. Therefore, in addition to listing where the data goes, you should describe how you ensure that you or your third-party providers comply with these standards, whether through an agreement such as a Privacy Shield, model clauses in your contracts, or binding corporate rules.
Contact information
In this section you must provide a contact method for specific privacy issues. If it is necessary for you to have a data protection officer, also indicate their name and full contact information here.
Additional Information
If you use your website for commercial purposes and engage in more complex personal data collection or processing, you should note the following information in your privacy notice, in addition to the information we have already discussed.
How we protect your data
In this section you must explain what measures you have taken to protect the data of your users. This could include technical measures such as encryption; security measures such as two-factor identification; and measures such as staff training on data protection. If you have conducted a privacy impact assessment, you can mention it here as well.
What procedures we use against data breaches
In this section you should explain what procedures you have in place to deal with data breaches, whether actual or potential, such as internal reporting systems, contact mechanisms or compensation for failures.
From which third parties we receive data
If your website receives user data from third parties, including advertisers, this information should be included in the third party data section of your privacy notice.
What kind of automated decision making and/or profiling we do with user data
If your website provides a service that includes automated decision-making – for example, allowing customers to apply for credit or add their data to an advertising profile – you must report that this is happening, and include information about how that information is used. , what decisions are made with that aggregated data, and what rights users have over decisions made without human intervention.
Regulatory disclosure requirements of the sector
If you are a member of a regulated industry, or if you are subject to additional privacy laws, you may be required to disclose that information here.