| 1 | # How to Connect Your Plugin to Core's New Privacy Policy Content View |
|---|
| 2 | |
|---|
| 3 | ## Background |
|---|
| 4 | |
|---|
| 5 | In WordPress 4.9.x, new tools were added to make compliance easier with laws |
|---|
| 6 | like the European Union's General Data Protection Regulation, or GDPR for |
|---|
| 7 | short. Among the tools added is a means to create or designate a page |
|---|
| 8 | on your site as a Privacy Policy page. |
|---|
| 9 | |
|---|
| 10 | In addition to being able to create or designate such a page, when you |
|---|
| 11 | edit that page, a meta box will display suggested contributions to your |
|---|
| 12 | site's privacy policy from WordPress and participating plugins. |
|---|
| 13 | |
|---|
| 14 | Each plugin's contributions includes a Copy button to make it easy to |
|---|
| 15 | copy the text into the clipboard for pasting by the administrator into |
|---|
| 16 | and appropriate spot in the site's privacy policy. |
|---|
| 17 | |
|---|
| 18 | ## How It Works |
|---|
| 19 | |
|---|
| 20 | Plugins can hook translated text using a new function, |
|---|
| 21 | `wp_add_privacy_policy_content`, to inform administrators of how the plugin |
|---|
| 22 | collects, accesses, retains and/or shares personal data and/or how it |
|---|
| 23 | tracks users and visitors to the site. |
|---|
| 24 | |
|---|
| 25 | ## How To Phrase Your Plugin's Contributions |
|---|
| 26 | |
|---|
| 27 | To minimize the amount of editing administrators need to do, it is best |
|---|
| 28 | to phrase your plugin's contributions as if they are appearing on the site's |
|---|
| 29 | privacy policy and being read by the end user (i.e. not the admin.) |
|---|
| 30 | |
|---|
| 31 | For example: |
|---|
| 32 | |
|---|
| 33 | 'When you leave a comment on this site, we send your name, email address, |
|---|
| 34 | IP address and comment text to the example.com spam detection service |
|---|
| 35 | to prevent spam from appearing on this site. Example.com does not |
|---|
| 36 | retain your personal data.' |
|---|
| 37 | |
|---|
| 38 | ## What to Do |
|---|
| 39 | |
|---|
| 40 | A plugin should call `wp_add_privacy_policy_content` in the context of an |
|---|
| 41 | `admin_init` hook, and pass the text along e.g.: |
|---|
| 42 | |
|---|
| 43 | ``` |
|---|
| 44 | function my_plugin_privacy_declarations() { |
|---|
| 45 | if ( function_exists( 'wp_add_privacy_policy_content' ) ) { |
|---|
| 46 | |
|---|
| 47 | $content = sprintf( |
|---|
| 48 | __( 'When you leave a comment on this site, we send your name, email |
|---|
| 49 | address, IP address and comment text to the example.com spam detection |
|---|
| 50 | service to prevent spam from appearing on this site. Example.com does |
|---|
| 51 | not retain your personal data. |
|---|
| 52 | |
|---|
| 53 | The example.com privacy policy is <a href="%s">here</a>.', |
|---|
| 54 | 'my_plugin_textdomain' ), |
|---|
| 55 | 'https://example.com/' |
|---|
| 56 | ); |
|---|
| 57 | |
|---|
| 58 | wp_add_privacy_policy_content( |
|---|
| 59 | 'My Plugin Name', |
|---|
| 60 | wp_kses_post( wpautop( $content, false ) ) |
|---|
| 61 | ); |
|---|
| 62 | } |
|---|
| 63 | } |
|---|
| 64 | |
|---|
| 65 | add_action( 'admin_init', 'my_plugin_privacy_declarations' ); |
|---|
| 66 | ``` |
|---|
| 67 | |
|---|
| 68 | And that's all there is to it! Your plugin will now provide guidance to |
|---|
| 69 | the administrator as they assemble and update their site's privacy policy. |
|---|