GDPR Compliance of WordPress File Upload Plugin

As of May 25th 2018 the new General Data Protection Regulation (GDPR) of the European Union becomes effective. Any website storing personal data of EU citizens and residents needs to comply. Consequently its applicability is global.

WordPress File Upload plugin enables the upload of files and optionally additional data on a WordPress website. It can optionally transfer the uploaded files to an external destination, like FTP server or Dropbox. When data are submitted through the upload form of the plugin, they are stored in the website database. This happens in order to permanently associate the submitted data with the uploaded files. Many website owners require this information for their everyday business.

It is likely that data submitted through the plugin might be considered as Personal Data, for instance an upload form may request the name and email of a user together with the file. Even the uploaded files might be considered as Personal Data. This means that the plugin needs to comply with GDPR.

In this respect, version 4.5.0, compliant with GDPR, introduces many new features, related to personal data handling as follows:

  1. It asks for user consent before uploading files and submitting data.
  2. It does not store any submitted data in the database if consent is not given.
  3. If files are also considered to be personal data they are not stored anywhere.
  4. Users can review their consent status in their Profile page. They can revoke, give or clear consent status at any time.
  5. Users can ask copies of their stored data from administrators. The plugin provides an easy interface for administrators to export user data in a human-readable format.
  6. Users can ask to erase their stored data from administrators. The plugin provides an easy interface for administrators to erase user data of a specific user.

1. How to Enable Personal Data Protection

By default personal data protection features are disabled, so that the plugin maintains the same behavior as before.

Personal data protection can be enabled at any time by administrators from plugin’s Settings in Dashboard:

Personal Data option in Settings enables or disables the new relevant features.

This option allows websites not interested in complying with GDPR, for instance websites not having visitors from EU, to operate as before.

2. Uploader Shortcode Configuration

If data submitted through an upload form of the plugin are considered to be personal, then user consent is required before they can be stored.

The uploader shortcode needs to be configured accordingly so that it asks for consent by the user.

Depending on how user responds to consent:

  • If user gives consent, then data are submitted and stored normally as before.
  • If user denies to give consent, then data are submitted but are not stored in the website.

User consent is given only once. The plugin stores user’s response and acts accordingly for all future uploads, unless user’s consent status is changed.

2.1. Defining User Consent

So the first thing to do is define whether an upload form requires user consent, depending on the type of data submitted through it. A new tab has been added in visual editor of the plugin, Personal Data, for configuring consent attributes. Attribute Ask for Consent determines whether consent is required:

When Ask for Consent is activated, administrators can also determine which of the submitted data are considered as personal, only the additional user fields (default selection) or the files as well, through Personal Data Types attribute:

2.2. Consent Question Format

The format of the consent question can also be configured. Three options are provided through Consent Format attribute: checkbox, radio and prompt:

Checkbox Format

If checkbox option is selected (default), then the consent question will appear as a checkbox in the upload form, as follows:

If the checkbox is not clicked this means that the user does not give consent to store submitted data (the name) in the website. The administrator has the option to set the checkbox preselected by activating Checkbox Preselected option in the shortcode:

So the checkbox will show up preselected in the upload form.

Radio Format

If radio format is selected, then the consent question will include two radio buttons, Yes and No. The user will have to select one of the them:

In the case of radio format, if the user does not select any option and presses Upload Files button, a message will appear notifying that consent question was not completed and cancelling the upload, until a selection (Yes or No) is made:

Prompt Format

If prompt format is selected then no question appears in the upload form. Instead, a confirmation dialog appears when the user presses Upload File button, asking the user to give consent or not:

If Ok is pressed then consent is given. If Cancel is pressed then consent is not given and the upload continues.

2.3. Consent Question Position

Administrators can configure the position of the consent question (for checkbox and radio formats) from Placements tab as with all other plugin components:

Just drag Consent component to the place of preference.

2.4. Consent Question Text

Administrators can also configure the question text that will show up in the upload form from Consent Question for Checkbox attribute in Personal Data tab (it is not only for checkbox but for all formats):

They can also add a link inside the text which the user can click to read more information, e.g. a disclaimer or a legal notice. To add a link, surround a word with colons (:), for instance if :disclaimer: is added then it will show up as a link. The link URL can be defined in Consent Disclaimer Link attribute:

The upload form will show up like this:

3. Control of Personal Data

Based on the new GDPR guidelines, users have more control on their personal data. They can ask copies of their stored data, they can delete them or they can ask their personal data not to be kept in the website anymore whenever they want.

The plugin provides all these functionalities through easy interfaces for the users and for the administrators.

3.1. Change Consent Status

When the user answers consent question, this answer is stored by the plugin so that it does not appear again in consecutive uploads.

If the user wants to change its consent status, this can be done through the User Profile. The plugin has added a new section in User Profile, WordPress File Upload Consent Status, for this purpose:

Consent Status displays the current status of consent. The user has the option to change the consent status from the dropdown box below. The options are (depending on the current status):

  • to give consent
  • to revoke consent
  • to clear consent (so that consent question appears again in upload form)

The new status will be saved when Update Profile button is pressed.

3.2. Export Personal Data

Users can ask administrators for a copy of their personal data. The plugin provides administrators a separate tab in Dashboard area of the plugin, Personal Data, from where they can export stored data per user by pressing Export File Data of User button:

Administrators need first to select a user from Select User area, by typing the user name in the text box as shown below. As they type, users matching the text will appear in the list. Wildcard syntax is supported. So, by adding asterisks (*) before and after the text, all users containing this text will appear:

After they select a user from the list they can press Export File Data of User button. The plugin will extract the file data of the specific user from the database, store them in a comma separated values (.csv) file and display to the administrator a dialog for saving the file:

The administrator can save the file and send it to the user.

Erase Personal Data

There are occasions where users may choose to completely erase their personal data from the website upon request and administrators need to be able to do that.

The plugin provides the capability to administrators to erase stored data only of a specific user from Personal Data tab in Dashboard area of the plugin:

The administrator needs again to select a user as before and then press Erase All User Data button.

A question will appear to administrator to confirm the erase before it is executed:

If Yes is pressed then all personal data of user will be erased. This means the following:

  • Additional user data stored in database will be erased.
  • Database records showing this user as uploader will be modified to remove this information.

It is noted that files uploaded by the user will be preserved. Administrators need to delete them manually if this is requested by the user.

For additional information you can contact Iptanus.

The Iptanus Team

8 thoughts on “GDPR Compliance of WordPress File Upload Plugin”

  1. Can you share or post the instructions to FORCE the user to give consent before upload. eg NOT allow upload until consent is given?

      1. Could you please provide these to me as well? We would like a user to provide consent on every upload,not just the first time.


  2. As Ben asked before: I would also like to know if there is a way to force the user to give consent before upload. eg not allow upload until consent is given?

    That would be great!

Leave a Comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.