GDPR is the EU General Data Protection Regulation that will be in full force from 25th of May 2018. The best way to ensure GDPR compliance for your specific site is always to consult legal counsel.
In (very) short, GDPR states that if a website collects, store or use any data related to an EU citizen. You must comply with the following:
- Tell the user: who you are, why you collect the data, for how long and who receives it.
- Get a clear consent, before collecting any data
- Let users access their data, and take it with them
- Let users delete their data
- Let users know if data breaches occur
By default the quiz will collect data from the activity in the quizzes, like how long visitors took to answer the questions, which answers they selected and what was the result of the quiz. However, this data alone, should not be considered personal data. However, you can choose to track IP addresses of your users and ask them for more personal data like name and email. If you choose to collect this data you should make sure your website complies with the GDPR.
How does the plugin help with GDPR compliance
When building a quiz, if you choose to ask the users email and other data before they see their results, you can also display a ‘consent’ checkbox, that will be disabled by default and requires the user to check it to allow the data to be saved.
If you receive a message from a user requesting for the data you have stored about them, you can use the options available in the Statistics page, to filter the existing data by email and export that data to deliver to the user. You can also delete that data if the users requests you to.
WordPress will include a tool to manage users personal data requests. The plugin will also be compatible with these new builtin WordPress features, so you can manage the data from there.
These features should help the plugin remain GDPR compliant, but it’s up to you to make your website fully compliant.