id summary reporter owner description type status priority milestone component version severity resolution keywords cc focuses 44186 Possibles enhancements to 4.9.6 privacy tools mnzhc "-- User should start a request from frontend User can create his own request starting from privacy page. Form are similar to the change password and login forms. Maybe, in first time, wordpress do not provide directly the form, but let developer start a request from a form submission hooking to a specific hook or using a function provided by the core. -- Automatic request processing User could receive first email without admins starts or confirm the process as for change password request. For large websites is unthinkable they rely on the wordpress system to manage privacy requests if tasks of this kind has to be done by admins, they will go for other plugins to do that. We need to include an options to disable automatic request processing and let things as in 4.9.6. -- Automatic send data As for request processing, user could confirm the link on the second email and get directly the datas without admins work. -- User should see their data on a webpage (Frontend Personal Data Profile Page?) I guess the zip download has been long discussed.. but in my personal opinion is a real bad practice. We are talking about privacy and data protections and we should not stimulate the proliferation of pieces of personal datas spreading in internet and devices. I’m thinking of a request started from a mobile device, the user can have his own datas and can delete it from your website. But this in some case this is not a real data erasure, but it is just a data transfer as, after the request, on his download folder of the mobile device it has a PDF containing a lot of personal informations like Addresses, Family Status, Accounts name, Phone numbers, etc… People are not educated to take care of their personal datas.. Using a web page to show the personals data we could achieve more than one goal: - we strength the overall privacy avoiding data proliferations - people will remain on the website (marketers will love it) - we could get granular erasure of datas - user can update datas -- Granular erasure of data As 4.9.6 the request of deleting personal data is an all or nothing actions. People can request to delete all the data from the website and maybe delete his / her account. People may want to delete just some part of the datas (maybe a second address, the family status, their phone number) but let other to be processed for their sake (they want to be in your interest based newsletter). And again for the sake of the website admins, the relationship with the user will continue. Example of an overall process. - User start a data export request - Website send an email to be confirmed - User confirm the email - Website send a second email with the link to see (and eventually download and erase) the personal datas - On the Frontend Personal Data Profile Page the user delete an address, his marital status and update the phone number. Every single step in the process could be automatic or manual depending on admins preferences. " enhancement new normal Awaiting Review Privacy 4.9.6 normal