No answer means for me that it could be not GDPR compliant… so I need to uninstall it.
Moderator
Jan Dembowski
(@jdembowski)
Forum Moderator and Brute Squad
Sorry, to interject but what do you mean when you wrote this?
Is the tool GDPR compliant?
That’s akin to saying “SOX compliant” which did not actually mean anything.
The personal information is stored by WordPress and that, in terms of GDPR, is being looked at in the WordPress core group.
You can see that on the make.core blog via this tag.
https://make.ww.wp.xz.cn/core/tag/gdpr-compliance/
Is iThemes Security storing any personal data (like IP address) within the wordpress installation or on any other server?
Tim
(@timwakeling-1)
I too would appreciate an official answer from iThemes Security on GDPR compliance, but I can tell you this for a start: iThemes Security does store IP addresses in your WordPress database, and I think it even shares them for its Network Protection. So those aspects of it might be a worry. HOWEVER I believe GDPR has specific exceptions for the use of personal data to maintain the security of the site. I’m struggling to find the paragraph in the legislation right now but I’ve read about it recently. It would make sense; after all, part of the point of GDPR is to keep users’ data safe, so it would be counter-productive if it was also illegal to use security software to prevent unauthorised access to that data.
On that basis I think I’m happy to continue using iThemes Security, but I would nonetheless appreciate an official post from them telling me exactly what data they collect and store, and how to control that.
Tim
