Making WordPress.org

Opened 6 years ago

Last modified 4 years ago

#4224 reviewing enhancement

Can we provide a Data Export Request form/page similar to the Data Erasure Request form/page

Reported by: garrett-eclipse's profile garrett-eclipse Owned by: tellyworth's profile tellyworth
Milestone: Priority: normal
Component: Profiles Keywords: needs-patch
Cc:

Description

Hello,

Currently, the export process for WP.org is to contact dpo@… (which w/ #3660 will change to a wp.org email hopefully). It would be nice to provide a Data Export Request form/page similar to the existing Data Erasure Request form/page.
Data Erasure Request - https://wordpress.org/about/privacy/data-erasure-request/

And once created would be nice to have it linked directly from the Privacy Policy.

Aside from the above approach or in tandem the export and erase requests could be made via a button in the wp.org user profile. This approach would mitigate spam requests as the user would already be logged in to make the request.

I understand core doesn't provide this functionality as of yet so if core is blocking this type of implementation then the good news is these features are part of the V2 privacy roadmap and once it's made progress will circle back.
Core Ticket - https://core.trac.wordpress.org/ticket/44013
*As well there's an existing plugin that covers alot of the front-end on this which can be looked to for code - https://en-ca.wordpress.org/plugins/gdpr-data-request-form/

Thank you

Attachments (1)

Screen Shot 2020-05-06 at 4.42.15 PM.png (333.2 KB) - added by garrett-eclipse 4 years ago.
Prototype design of Privacy tab for providing privacy links (Privacy Policy, Cookie Policy, Data Erasure, Data Export)

Download all attachments as: .zip

Change History (12)

#1 @ocean90
6 years ago

Related: [7250]

#2 @garrett-eclipse
6 years ago

Thanks @ocean90 is there anything I can help with on the exporter?

This ticket was mentioned in Slack in #meta by garrett-eclipse. View the logs.


6 years ago

#4 follow-up: @garrett-eclipse
5 years ago

  • Keywords close 2nd-opinion added

Thanks to @tellyworth The Data Export Request is now available here - https://wordpress.org/about/privacy/data-export-request/

And linked from the Privacy Policy - https://wordpress.org/about/privacy/

If you would like to request access to your account data, please follow these steps:

  1. Visit https://wordpress.org/about/privacy/data-export-request/.
  2. Enter your email address.
  3. Click “Accept Declaration and Request Export”.

Note: If you have a WP.org account, it’s recommended you log in before submitting to associate your account with the request.

Relevant Ticket - #4528

I was going to close but just wanted to check and see if I should spawn a new ticket for this portion of the request;

Aside from the above approach or in tandem the export and erase requests could be made via a button in the wp.org user profile. This approach would mitigate spam requests as the user would already be logged in to make the request.

This ticket was mentioned in Slack in #meta by garrett-eclipse. View the logs.


4 years ago

#6 in reply to: ↑ 4 ; follow-up: @tellyworth
4 years ago

  • Keywords needs-patch added

Replying to garrett-eclipse:

Aside from the above approach or in tandem the export and erase requests could be made via a button in the wp.org user profile. This approach would mitigate spam requests as the user would already be logged in to make the request.

We could add a link from the profile page to the form, that's easy enough. If there's a core change coming to improve it then that'll help too.

@garrett-eclipse
4 years ago

Prototype design of Privacy tab for providing privacy links (Privacy Policy, Cookie Policy, Data Erasure, Data Export)

#7 in reply to: ↑ 6 @garrett-eclipse
4 years ago

  • Component changed from General to Profiles
  • Keywords close 2nd-opinion removed

Replying to tellyworth:

Replying to garrett-eclipse:

Aside from the above approach or in tandem the export and erase requests could be made via a button in the wp.org user profile. This approach would mitigate spam requests as the user would already be logged in to make the request.

We could add a link from the profile page to the form, that's easy enough. If there's a core change coming to improve it then that'll help too.

@tellyworth I've uploaded a screenshot of a prototype, thoughts? Seems this is BuddyPress Profile Groups so I don't believe I can patch via svn-meta and it'll need to be done through the Profile Editor in BuddyPress. If it's in the code please point me in the right direction.

#8 @garrett-eclipse
4 years ago

Note: All verbiage I used came directly from the existing privacy pages.

#9 @garrett-eclipse
4 years ago

One thing I left off was the Data Protection Officer email dpo@… but if it seems appropriate could be useful.

This ticket was mentioned in Slack in #meta by garrett-eclipse. View the logs.


4 years ago

#11 @tellyworth
4 years ago

  • Owner set to tellyworth
  • Status changed from new to reviewing
Note: See TracTickets for help on using tickets.