#43973 closed defect (bug) (fixed)
Email user once removal request completed - GDPR
Reported by: | garrett-eclipse | Owned by: | SergeyBiryukov |
---|---|---|---|
Milestone: | 4.9.6 | Priority: | normal |
Severity: | normal | Version: | 5.1 |
Component: | Privacy | Keywords: | gdpr has-patch commit |
Focuses: | Cc: |
Description
Hello,
With the GDPR requests the export request generates an email for the confirmation w/ link to the export, however the removal requests don't generate a completed email so the user is never notified or aware that their request was completed.
Please add a completed email sent to the user once the removal request was complete similar to the one for export requests (screen to be attached).
Thanks
Attachments (4)
Change History (23)
#2
@
6 years ago
- Focuses administration removed
- Milestone changed from Awaiting Review to 4.9.6
There is some misleading text that's shown to the user when they confirm their data export action.
The site administrator has been notified and will fulfill your request as soon as possible.
Either this text should be changed, or the confirmation email should be sent to the site administrator (or ideally the requestor too).
Moving to 4.9.6 for visibility.
#4
@
6 years ago
- Keywords needs-design added
I like this idea - sending an email to the user after their data has been erased - we will want to consider how to handle any exception messages that surface during the erasure.
This ticket was mentioned in Slack in #core by desrosj. View the logs.
6 years ago
This ticket was mentioned in Slack in #gdpr-compliance by allendav. View the logs.
6 years ago
#7
@
6 years ago
Hey @johnbillion - we have #43967 which will send an email to the admin prompting them to complete the request - this ticket is about notifying the user after the admin has completed the request.
Its a great idea, but not necessary i think for 4.9.6. Let's keep this for a subsequent release, ok?
https://wordpress.slack.com/archives/C9695RJBW/p1525883484000643
This ticket was mentioned in Slack in #core by iandunn. View the logs.
6 years ago
#9
@
6 years ago
- Keywords has-patch needs-testing added; needs-patch removed
43973.diff introduces an email notification to a user when an administrator completes their data erasure request. It introduces the wp_privacy_personal_data_erased
action, which fires after the erasure request completes successfully.
The patch also has two separate email bodies: one for when a site has a published privacy policy, and one for when a site does not.
This ticket was mentioned in Slack in #gdpr-compliance by desrosj. View the logs.
6 years ago
#11
@
6 years ago
@desrosj - this works nicely - I tried it with and without a published privacy policy and got both texts. I also tried successive ones and verified only the first erase for a given request generated an email.
I think we should hook this differently though. The wp_privacy_personal_data_erased do_action you've added to wp_ajax_wp_privacy_erase_personal_data will actually fire on every eraser and every page.
Instead, I recommend you 1) add the do_action to wp_privacy_process_personal_data_erasure_page in user.php instead (e.g. near the call to _wp_privacy_completed_request) and 2) don't bother with passing the $response to the action - the $request_id should be sufficient.
Lastly, there is inconsistent alignment in the email data array construction that i think violates WP coding standards, but otherwise this is good to go from my perspective.
#12
@
6 years ago
Thanks, @allendav. Adjustments made in 43973.2.diff.
#13
@
6 years ago
Looks good, tests well. Thanks for making the change. Just needs that array alignment cleaned up and then it is good to go.
Completion Email for Export Requests