We get this question a lot!
It is understandable – particularly given that the GDPR “Right to Erase Personal Data” option is so new but also because website owners are scared of what damage they might do to the workings of their site from carrying out this request. In this blog I will outline exactly how to delete user data from the point of the initial request through to deletion. WordPress do offer limited functionality for “Erase Personal Data” but for the purposes of this guide we will be using the GDPR Data Manager plugin which has extensive audit logging and disaster recovery to allay any fears for website owners of causing any damage to your all important data.
Completing this action in 5 simple steps:
- Download, install and activate GDPR Data Manager (in WordPress Plugin Repository)
- Select Plugin support if required – WooCommerce / Easy Digital Downloads
- Enter the email address provided by the user to find the relevant data
- Click the Verify Delete option
This is essentially all that’s involved for the data controller – sit back and relax!
From this point onward – it is in the hands of the user. The requester will receive an email link whereby they must download their data before running the delete option. All this is in the hands of the user (the data owner) which meets the criteria set out under GDPR. Audit records are stored on the website owners site for reference and if in the event of roll-back the plugin has a sync facility to restore any user actions that were lost when the site was rolled back.