WordPress.org

Making WordPress.org

Opened 7 months ago

Closed 7 months ago

Last modified 3 months ago

#4223 closed enhancement (fixed)

Can we link the Data Erasure Request form/page into the Privacy Policy

Reported by: garrett-eclipse Owned by: SergeyBiryukov
Milestone: Priority: normal
Component: General Keywords:
Cc:

Description

Hello,

Can we include a link to the Data Erasure Request form/page into the Privacy Policy, potentially at the end of the 'Retention of personal information' section.
Data Erasure Request - https://wordpress.org/about/privacy/data-erasure-request/
Privacy Policy - https://wordpress.org/about/privacy/

Currently, it's quite hidden and most users are completely unaware of it. In fact, flagging it in #core-privacy no one was really aware of its existence.

Thanks

Change History (12)

#1 follow-up: @garrett-eclipse
7 months ago

  • Keywords needs-privacy-review added

For the verbiage I would append the following as a new paragraph to the end of the 'Retention of personal information' section;

If you would like to request deletion of your account and associated data please follow the following steps:
1. Visit https://wordpress.org/about/privacy/data-erasure-request/
2. Enter your Email Address
3. Click 'Accept Declaration and Request Permanent Account Deletion'.
Note: If you have a WP.org account it's recommended you login before submitting to associate your account to the request.

Note: I'm not sure we need the note above, but from my testing the form if you are logged it it'll auto-populate the form and there's a note about needing to login if the email is associated with an account;
"Please Note: Before we can begin processing your request, we’ll require that you verify ownership of the email address. If the email address is associated with an account, we’ll also require you to log in to that account first."

I'm also unaware of the process after the request, is an email confirmation sent to the user prior to erasure? Does that only get sent if the user wasn't logged in?
*If anyone knows the process after the form is submitted that'd assist me in writing verbiage. Also I'm unsure if the process differs depending on if the user was logged in or not when they made the request.

I'm going to flag in #core-privacy to see if anyone has further thoughts on verbiage.

This ticket was mentioned in Slack in #core-privacy by garrett-eclipse. View the logs.


7 months ago

#3 in reply to: ↑ 1 ; follow-up: @SergeyBiryukov
7 months ago

Replying to garrett-eclipse:

I'm going to flag in #core-privacy to see if anyone has further thoughts on verbiage.

Is this good to go, or should we wait for more feedback from the team?

#4 in reply to: ↑ 3 @garrett-eclipse
7 months ago

Replying to SergeyBiryukov:

Replying to garrett-eclipse:

I'm going to flag in #core-privacy to see if anyone has further thoughts on verbiage.

Is this good to go, or should we wait for more feedback from the team?

Hi @SergeyBiryukov, our weekly meeting is today at 19:00 UTC in the #core-privacy channel so will get a final say and then update here. Appreciate your patience. Cheers

This ticket was mentioned in Slack in #core-privacy by garrett-eclipse. View the logs.


7 months ago

#6 follow-up: @dejliglama
7 months ago

Changed first line to remove follow following...

If you would like to request deletion of your account and associated data please follow these steps:
1. Visit https://wordpress.org/about/privacy/data-erasure-request/
2. Enter your Email Address
3. Click 'Accept Declaration and Request Permanent Account Deletion'.
Note: If you have a WP.org account it's recommended you login before submitting to associate your account to the request.

#7 @postphotos
7 months ago

Thanks @garrett-eclipse @dejliglama, this looks good to me!

#8 in reply to: ↑ 6 @garrett-eclipse
7 months ago

Replying to dejliglama:

Changed first line to remove follow following...

If you would like to request deletion of your account and associated data please follow these steps:
1. Visit https://wordpress.org/about/privacy/data-erasure-request/
2. Enter your Email Address
3. Click 'Accept Declaration and Request Permanent Account Deletion'.
Note: If you have a WP.org account it's recommended you login before submitting to associate your account to the request.

Thanks for the catch @dejliglama and @postphotos for reviewing and the tweak.

@SergeyBiryukov we brought this up in #core-privacy and aside from the minor tweak above everyone was happy with the verbiage so you're good to go. Thank you

#9 @SergeyBiryukov
7 months ago

  • Owner set to SergeyBiryukov
  • Resolution set to fixed
  • Status changed from new to closed

In 8361:

WordPress.org Main Theme: Privacy: Link to Data Erasure Request page from Privacy Policy.

Props garrett-eclipse, dejliglama, postphotos.
Fixes #4223.

#10 @SergeyBiryukov
7 months ago

  • Keywords needs-privacy-review removed

#11 @garrett-eclipse
7 months ago

Thanks @SergeyBiryukov for getting that up. Looks good on the live page. Cheers

#12 @SergeyBiryukov
3 months ago

In 8997:

WordPress.org Main Theme: Privacy: Link to Data Export Request page from Privacy Policy.

Props garrett-eclipse.
Fixes #4528. See #4223.

Note: See TracTickets for help on using tickets.