Privacy considerations 25 May 2018
If you run a website and especially if you are located in the EU you should have heard about this General Data Protection Rule (GDPR) by now and be prepared for it already. So we can’t and won’t go into detail about the GDPR here.
That has been done on numerous sites already in the past months. You’ll find info about it on the official EU GDPR website: https://www.eugdpr.org/.
You will surely find numerous good articles in your own language about how to comply with your website. In any case we can’t and are not allowed, not being lawyers, to provide any legal advice how it applies to your website as every website is different anyway. But we can tell you a bit about Zenphoto and data privacy.
Zenphoto as the CMS on your site
If you have enabled the search cache it caches search queries and their results in the database. But it does not cache any data about who performed the search.
Also a Zenphoto install does not “phone home”. There is a plugin to check for new releases and a plugin that can display the latest news from our site. But both just use the RSS feed from our site. We don’t collect any data from anyone.
Zenphoto sites in general
It is strongely recommended to setup your site with SSL which is a good idea anyway since it is becoming a SEO ranking factor now. Ask your host if your webspace supports it. Maybe it even supports the free Let’s Encrypt certificates. We also use them. More info on those on https://letsencrypt.org.
Including CSS or JS scripts from external sources can be a privacy issue since every request transfers data. This also applies to embeded webfonts. However it is not clear yet if this is really an issue. In any case you can easily host yourself if you must.
But any widget using external scripts from social media platforms like Facebook, Twitter and the likes could be privacy problematic.
You can easily check if a theme or plugin does load from exernal sources by using web inspectors all modern browser include or one of the various tracking script blocker plugins available for all browsers.
Enable the “Anyonymize IP” option on the Options > Security. The IP address is considered private information and it is strongely recommended to anonymize it (hashing may not be enough!). Some plugins may use it and also cookies may store it if you enabled the “IP tied cookies” option.
User accounts of a Zenphoto site only store the info you can see on the user account. If you run a multi-user Zenphoto site also make sure that all users have “User” rights assigned so they can access their own acccount to change it and also export their own user data. “User” rights is the minimum rights any user should have and you should have good reasons to revoke this right.
Especially form plugins involve user data being submitted and stored:
- comment_form: May also store the IP of a commenter
If you use these you should enable the new privacy confirmation option to add a checkbox for users to agree with data storage and usages. It is also recommended to limit the required form fields to the absolute minimum needed for the purpose. For example for a contact form an e-mail address, subject and the message itself would be enough. Data economy is the key word here.
Several official plugins may be problematic as they do use external scripts and/or store IP’s in order to work:
- class-Webdocs: Uses external services to display certain file formats.
- GoogleMaps: Uses Google scripts from Google’s servers and requires registering for an API key. So it may also collect some data from visitors. The openstreetmap plugin is an alternative.
- hitcounter: Storing a list of full IP’s to ignore could be problematic but it is optional.
- Matomo (formerly Piwik): This plugin itself does not do much but Matomo as a separate statistic tool collects various data. But you can set it up to comply with privacy: https://matomo.org/blog/2018/04/how-to-make-matomo-gdpr-compliant-in-12-steps/
- ipBlocker: Storing a list of full IP’s to block could be problematic but it is optional.
- rating: May store the IP address to avoid multiple ratings per visitor. There is an option to hash the IP which may not be fully legal. If this is not enabled it will use the general IP anomymize option setting which you should enable.
- reCaptcha: Uses scripts from Google’s servers and for sure transfers some user related data as it needs to check against its database.
- search_statistics: May store the IP related to processed search queries. Enable the general IP anonymisation to avoid this.
We can’t and haven’t checked all third party plugins but these are likely to be a problem as well:
- Akismet: It transfers data to servers (by Automattic, the company behind WordPress) in the US for spam checks
- GoogleAnalytics: Transfers data to US Google servers and requires registering. An alternative is selfhosting Matomo (formerly Piwik) for which Zenphoto 1.5. includes a plugin.
- Addthis: Uses external tracking scripts
Also any plugin involving social media and especially those calling scripts from those services may be problematic.
This text by www.zenphoto.org is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.
Code examples are released under the GPL v2 or later license