[wordpress插件] DivertDigital GDPR转移数字GDPR

With upcoming General Data Protection Regulation (GDPR) websites have requirements to protect personal data of their users.

随着即将颁布的《通用数据保护条例》（GDPR），网站要求保护其用户的个人数据。

This plugin offers following:

该插件提供以下内容：

1. Pseudonimization of user private data (including WooCommerce if installed)
2. 伪造用户私人数据（包括WooCommerce，如果已安装）

3. Newsletter consent trail
4. 新闻稿知情同意书

5. Download all user data
6. 下载所有用户数据

7. Forgetting user personal data
8. 忘记用户的个人数据

This plugin is considered in BETA stage due to lack of testing.

由于缺少测试，因此该插件被认为处于BETA阶段。

Please BACKUP your site befor usage.


请备份您的网站以供使用。


Please read the Installation section and report your plugin issues to zed@divertdigital.com.


请阅读“安装”部分，并将您的插件问题报告给zed@divertdigital.com。


To hire our agency to help you with site rebranding/development or other GDPR requirements please contact us through our site https://www.divertdigital.com or email tristan@divertdigital.com directly.

要雇用我们的代理商来帮助您解决网站品牌重塑/开发或其他GDPR要求，请通过我们的网站https://www.divertdigital.com或直接发送电子邮件至tristan@divertdigital.com与我们联系。

Pseudonimization

假牙化

Pseudonimization is process of encrypting sensitive data with encryption algorithm to prevent access to that information by unauthorised users.

伪密码化是使用加密算法对敏感数据进行加密的过程，以防止未经授权的用户访问该信息。

We are using ChaCha20-Poly1305 to encrypt data to allow for better compatibility for older Word Press sites.

我们使用ChaCha20-Poly1305加密数据，以便更好地兼容旧版Word Press网站。

Unfortunately AES requires PHP 7.1 which is not present at many hosts.

不幸的是，AES要求PHP 7.1在很多主机上都没有。

After checking the encrypt option in settings for each user is generated key in wp-content/enc_keys.

在检查每个用户的设置中的加密选项后，将在wp-content / enc_keys中生成密钥。

This is explained more in the FAQ section.

常见问题解答部分对此进行了详细说明。

All personal data for the user and WooCommerce will be encrypted and decrypted automatically so no visible change should be identified.

用户和WooCommerce的所有个人数据将被自动加密和解密，因此不应识别任何可见的更改。

Article 25 EU GDPR “Data protection by design and by default”


欧盟GDPR第25条“通过设计和默认方式保护数据”


Article 32 EU GDPR “Security of processing”

欧盟GDPR第32条“加工的安全性”

a>

a>

Newsletter consent trail

新闻稿知情同意书

Consent trail is required to demonstrate that user has consented to processing of personal data.

需要

同意跟踪以证明用户已同意处理个人数据。

This part of plugin allows easy consent trail generation as PDF files in wp-contentewsletter_consents by doing predefined actions.

插件的这一部分允许通过执行预定义的操作，以wp-content / newsletter_consents中的PDF文件的形式轻松生成同意跟踪。

Plugin handles cases of when subscribe is pending (user needs to confirm email) and when subscription is confirmed.

插件处理以下情况：订阅何时挂起（用户需要确认电子邮件）以及确认订阅。

See the Newsletter consent for configuration

请参阅新闻通讯的同意进行配置

Article 7 EU GDPR “Conditions for consent

欧盟GDPR第7条“同意的条件

”

”

Download all personal data

下载所有个人数据

This is required functionality to allow user access to all of his personal data.

这是必需的功能，允许用户访问其所有个人数据。

This is represented as a button in a profile area once enabled.

启用后，将其表示为配置文件区域中的按钮。

Article 15 EU GDPR “Right of access by the data subject”


欧盟GDPR第15条“数据主体的访问权”


Article 20 EU GDPR “Right to data portability

欧盟GDPR第20条“数据可移植性权利

”

”

Forgetting user personal data

忘记用户的个人数据

Users need the ability to remove all personally identifiable data from the website.

用户需要能够从网站上删除所有个人身份数据。

All personal data is set to N\A (Not Available).

所有个人数据均设置为N \ A（不可用）。

Users can access this functionality through the button on profile area, while admins have that option as bulk action.

用户可以通过个人资料区域上的按钮访问此功能，而管理员可以将该选项作为批量操作使用。

This GDPR requirement has very big implications as the data has to be removed even from the backups!

由于甚至必须从备份中删除数据，因此GDPR要求也具有很大的意义！

More info in FAQ section.

常见问题解答部分中的更多信息。

Article 17 EU GDPR “Right to erasure ('right to be forgotten')”

“>欧盟GDPR第17条“删除权（“被遗忘的权利”）”

User data downloading

用户数据下载

Plugin by default downloads WordPress data and WooCommerce private data.

默认情况下，插件会下载WordPress数据和WooCommerce私有数据。

You can add additional data to json array by running an action.

您可以通过执行操作将其他数据添加到json数组。

function yourFunctionName(&$data){    
  function yourFunctionName（＆$ data）{    
// Gather your data for current user    
//收集当前用户的数据    
$userData = array(        
$ userData =数组（        
'some_sample_data' => 'This is probably retrieved from database',        
'some_sample_data'=>'这很可能是从数据库中检索的，'        
'some_other_data' => 'Some other data you offer in download.',        
'some_other_data'=>'您在下载中提供的其他一些数据。'，        
'notice_for_devs' => 'Please be sure to get all user data in your system'    
'notice_for_devs'=>'请确保获取系统中的所有用户数据'    
);    
）;    
$data['custom_user_data'] = $userData;
$ data ['custom_user_data'] = $ userData;
} add_action('dd_gdpr_userdata_additional', 'yourFunctionName');
Newsletter Consent Installation
To enable newsletter consent PDF creation modify the code in you plugin or theme functions.php to include calls to action
} add_action（'dd_gdpr_userdata_additional'，'yourFunctionName'）; 
通讯同意安装要启用通讯同意，请修改插件或主题函数中的代码。php以包含号召性用语
do_action('dd_gdpr_newsletter_subscribe_pending', $email_address, (new \DateTime())->format('Y-m-d H:i:s'), $ip);
do_action（'dd_gdpr_newsletter_subscribe_pending'，$ email_address，（new \ DateTime（））-> format（'Y-m-d H：i：s'），$ ip）;
do_action('dd_gdpr_newsletter_subscribe_confirmed', $email, $firedAt, $ip);
do_action（'dd_gdpr_newsletter_subscribe_confirmed'，$ email，$ firedAt，$ ip）;
 
Our example below which integrates MailChimp for WordPress and uses Mail Chimp Webhook to confirm registration
下面的示例集成了WordPress的MailChimp并使用Mail Chimp Webhook确认注册
function init(){    
  function init（）{    
add_action('mc4wp_form_subscribed', [$this, 'newsletter_subscribed'], 10, 4);    
add_action（'mc4wp_form_subscribed'，[$ this，'newsletter_subscribed']，10，4）;    
add_action('parse_request', [$this, 'parse_mailchimp_webhook']);
add_action（'parse_request'，[$ this，'parse_mailchimp_webhook']）;;
}
}
function newsletter_subscribed($form, $email_address, $data, $map) {    
函数newsletter_subscribed（$ form，$ email_address，$ data，$ map）{    
// Create PDF for consent proving    
//创建PDF以进行同意证明    
$status = $map[array_keys($map)[0]]->status;    
$ status = $ map [array_keys（$ map）[0]]->状态；    
$ip = $map[array_keys($map)[0]]->ip_signup;    
$ ip = $ map [array_keys（$ map）[0]]-> ip_signup;    
if ($status === 'pending') {        
如果（$ status ==='pending'）{        
do_action('dd_gdpr_newsletter_subscribe_pending', $email_address, (new \DateTime())->format('Y-m-d H:i:s'), $ip);    
do_action（'dd_gdpr_newsletter_subscribe_pending'，$ email_address，（new \ DateTime（））-> format（'Y-m-d H：i：s'），$ ip）;    
} else if ($status === 'subscribed') {        
} else if（$ status ==='subscribed'）{        
do_action('dd_gdpr_newsletter_subscribe_confirmed', $email_address, (new \DateTime())->format('Y-m-d H:i:s'), $ip);    
do_action（'dd_gdpr_newsletter_subscribe_confirmed'，$ email_address，（new \ DateTime（））-> format（'Y-m-d H：i：s'），$ ip）;    
}
}
}
}
function parse_mailchimp_webhook() {    
函数parse_mailchimp_webhook（）{    
if($_SERVER['REQUEST_URI'] != '/mailchimp_webhook') {        
if（$ _ SERVER ['REQUEST_URI']！='/ mailchimp_webhook'）{        
return;    
返回;    
}    
}    
$type = $_POST['type'];    
$ type = $ _POST ['type'];    
if ($type != 'subscribe') {        
如果（$ type！='subscribe'）{        
return;    
返回;    
}    
}    
$firedAt = $_POST['fired_at'];    
$ firedAt = $ _POST ['fired_at'];    
$email = $_POST['data']['email'];    
$ email = $ _POST ['data'] ['email'];    
$ip = $_POST['data']['ip_signup'];    
$ ip = $ _POST ['data'] ['ip_signup'];    
do_action('dd_gdpr_newsletter_subscribe_confirmed', $email, $firedAt, $ip);    
do_action（'dd_gdpr_newsletter_subscribe_confirmed'，$ email，$ firedAt，$ ip）;    
exit();
出口（）;
}
}