Introduction to the guide to create our policy of privacy

Hello, today I bring the guide to them to create our policy of privacy; when updating WordPress to version 4.9.6, I was with a pearl very appreciated in these days, a great help to fulfill the requirements of the new RGPD that in force enters the 25 of this month:

We were with the awaited functionality to easily migrate and/or to eliminate the data of the users according to its request, they also can directly do it from their zone of user, and also a great help so that she compliments our page of privacy point by point as a group that you will find in www.tupaginaweb/wp-admin/privacy.php (Adjustments - > Privacy) of your installation of wordpress:


We use this group of guide to create our policy of privacy.

We have suggested the sections that you will need. Under the headed one of each section you will find a brief summary of what information you would have to facilitate, which will help you to begin.

Some sections include content suggested for the policy, others will be complete with information of your subject and plugins.

Please, it publishes the content of your policy of privacy, assuring to you to eliminate the summaries, and adds to any information of your subjects and plugins.

Once you publish your page of policy, remembers to add it to your menu of navigation.

It is your responsibility to write up a policy of complete privacy, making sure that it reflects all the national and international legal requirements on privacy, and to maintain your up-to-date policy and needs.

Origin: WordPress


Who we are

In this section of the guide to create our policy of privacy you must indicate the URL of your site, as well as the name of the company, organization, or individual that there is behind, and some information of updated contact.

The amount of information that can be asked to you to reflect will vary following the local or national regulations of your business. For example, it is possible to be asked to you that you indicate a physical address, a registered direction, or the record number of your company.

Suggested text: The direction of our Web is:


What personal data we gather and why we gather them

In this section you would have to write down that personal data you compile of the users and the visitors of the site. This could include personal data such as the name, email address, personal preferences of the account; transactional data, as information of purchases; and engineering datas, as the information on the cookies.

Also you would have to consider any compilation and retention of sensible personal data, as regarding the health.

In addition to enumerating the personal data that you compile in this guide to create our policy of privacy, you must indicate why you compile them. In these explanations the legal foundation of the collection and conservation of your data or the active consent of the user must be indicated.

The personal data only are not created by the interactions of a user with your site. The personal data are also generated from technical processes as forms of contact, commentaries, cookies, analytical and incrustations of third parties.

By defect, WordPress does not collect any personal data on the visitors, and it only collects the data shown in the screen of the profile of user for the registered users. Nevertheless, some of your plugins can also collect personal data. It adds the excellent information next.



In this sub section of the guide to create our policy of privacy you would have to write down that information is captured in the commentaries. We have written down the data that WordPress compiles by defect.

Suggested text: When the visitors leave commentaries in the Web, we collected the data that are in the form of commentaries, as well as direction IP of the visitor and the user agent chain of the navigator to help the detection of Spam.

A created anonymous chain from your email address (also called hash) can be provided to the service of Gravatar to see if you are using it. The policy of privacy of the Gravatar service is available here:

After the approval of your commentary, the image of your profile is visible for the public in the context of its commentary.



In this sub section you would have to write down that information can be of the users who raise means archives. All the raised archives are normally accessible publicly.

Suggested text: If you raise images to the Web you would have to avoid to raise images with data of location (GPS EXIF) including. The visitors of the Web can unload and extract any data of location of the images of the Web.


Forms of contact

By defect, WordPress does not include a contact form. If you use plugin of contact form, sub uses this section to indicate what personal data how long capture when somebody sends a contact form and it conserves.

For example, you can indicate that you maintain the shipments of contact forms during a certain period with aims on watch to the client, but do not use the information sent through them with marketing aims.



In this sub section you must enumerate the cookies that your Web uses, including installed by your plugins, social networks and analytical. We have provided the cookies that WordPress installs by defect.

Suggested text: If you leave a commentary in our site you can choose to keep your name, email address and Web in cookies. This is for your comfort, so that you do not have to return to fill up your data when you leave another commentary. These cookies will last of a year.

If you have an account and you connect yourself to this site, we will install a temporary cookie to determine if your navigator accepts cookies. This cookie does not contain personal data and the navigator eliminates itself when closing.

When you initiate session, also we will install several cookies to keep your information from beginning of session and your options of screen visualization. The cookies of beginning of session last two days, and the cookies of screen options last a year.

If you select €œTo remember to me€, you beginning of session will last during two weeks. If salts of your account, the cookies of beginning of session will be eliminated.

If you publish or you publish an article will keep an additional cookie in your navigator. This cookie does not include personal data and simply it indicates YOU GO of the article that you finish publishing. Expired after 1 day.


Inlhelp content of other websites

Suggested text: The articles of this site can include inlhelp content (for example, videos, images, articles, etc.). The inlhelp content of another Web behaves exactly in the same way that if the visitor had visited the other Web.

These Web can collect data on you, use cookies, inlay an additional pursuit of third parties, and supervise your interaction with that inlhelp content, including the pursuit of their interaction with the inlhelp content if you have an account and you are connected to that Web.



In this sub section of the guide to create our policy of privacy you would have to write down what package of analytical you use, how the users can decide on the pursuit of analytical and a connection to the policy of privacy of your supplier of analytical, if he had it.

By WordPress defect it does not pick up any analytical data. Nevertheless, many accounts of lodging Web pick up some anonymous analytical data.

Also it is possible that you have installed plugin of WordPress that provides services of analytical. In that case, it adds to the information of that plugin here.


With whom we shared your data

In this section you must name and enumerate all the suppliers of third parties with which joint parties data of the site, including the partners, the services based on the cloud, the processors of payments and the suppliers of services of third parties, and to indicate what data joint parties with them and why.

It connects to his own warnings of privacy if it is possible.

By defect, WordPress does not share any personal data with anybody.


How long we conserved your data

In this section of the guide to create our policy of privacy you will have to explain during how long will conserve the collected personal data or process by the Web. Although it is your responsibility to establish inasmuch as time each data set will be conserved and why it conserves, that information must appear here.

For example, you can say that you maintain the entrances of the contact form during six months, the registries of analytical during a year, and the registries of purchases of clients during ten years.

Suggested text: If you leave a commentary, the commentary and its metadata are conserved indefinitely. This is so that we can recognize and approve successive commentaries automatically instead of to maintain them in a moderation tail.

Of users that is registered in our Web (if there are them), also we stored the personal information that they provide in its profile of user.

All the users can at any time see, publish or eliminate their personal information (unless they cannot change his name of user). The administrators of the Web can see and also publish that information.


Right what you have on your data

In this section you must explain what right has your usuary ones on their data and how they can exert them.

Suggested text: If you have an account or you have left commentaries in this Web, you can solicit to receive a file of export of the personal data that we have on you, including any data that you have provided to us.

Also you can solicit that we eliminate any personal data that we have on you. This does not include any data that we are forced to conserve with administrative aims, legal or of security.


Where we sent your data

In this section you would have to enumerate all the transferences of the data of your site outside the European Union, and to describe the means by which those data in agreement with the European standards of protection of data are protected. This could include your lodging Web, storage in the cloud or other services of third parties.

The European legislation of protection of data it demands that the data on the European residents that transfer themselves outside the European Union are safeguard with the same standards that if the data were in Europe.

Therefore, in addition to enumerating to where the data go, you must describe how one makes sure that you yourself or your suppliers third parties fulfill these norms, or through an agreement as binding Privacy Shield, clauses model in your contracts or corporative rules.

Suggested text: Perhaps the commentaries of the visitors a service of automatic detection of Spam reviews them.


Your information of contact

In this section you must provide a method of contact for specific questions of privacy.

If it is necessary that you have a person in charge of protection of data, also indicates here its name and its complete data of contact.


Additional information

If you use your Web with commercial aims and realise a compilation or personal data processing more complex, you would have to write down the following information in your warning of privacy, in addition to the information that already we have discussed.


How we protect your data

In this section you must explain what measures you have taken to protect the data of your users. This could include technical measures as the coding; safety measures as the identification of two factors; and measured as the formation of the personnel in the matter of protection of data.

If you have realised an evaluation of the impact in the privacy, you can mention it here also.


What procedures we used against the breaches of data

In this section you must explain what procedures you must in march to deal with the breaches data, or are real or potential, such as systems of internal information, mechanisms of contact or rewards by errors.


From what third parties we received data

If your Web receives data on the users of third parties, including the advertisers, this information must be included in the section of your warning of privacy regarding the data of third parties as we showed in the guide to create our policy of privacy.


What type of decision making automated and/or outlined we do with the data of the user

If your Web provides a service that includes the decision making automated €“ for example, to allow the clients to ask for credit or to add its data in an advertising profile €“ you must give account of which this is happening, and include information exceeds how that information is used, what decisions are taken with those added data, and what right they have the usuary ones on the decisions taken without human intervention.


Regulatory requirements of revelation of information of the sector

If you are a member of a regulated sector, or if you are subject to additional laws of privacy, it is possible that it is requested to you that you reveal that information here.


And this is everything:), you can extend the information of this guide on the matter to create our policy of privacy in In addition any doubt, you do not doubt in making it to me arrive in the commentaries or by means of the form of contact, thanks for your visit.