內容簡介
GDPRess 是一款免費的 WordPress 外掛,旨在提高網站的 GDPR 合規性,通過消除外部請求來保護用戶的個人數據,避免因使用嵌入資源而違反隱私法規。
【主要功能】
• 掃描首頁的第三方腳本和樣式表
• 下載或排除第三方資源的請求
• 解析樣式表並下載字型文件
• 確保使用本地副本的腳本和樣式表
外掛標籤
開發者團隊
② 後台搜尋「GDPRess | Eliminate external requests to increase GDPR compliance」→ 直接安裝(推薦)
原文外掛簡介
GDPRess can be downloaded for free without any paid subscription from the official WordPress repository.
In January 2022 a German court ruled that a website owner was in breach of GDPR and should pay a € 100,- fine, because embedded Google Fonts were used, essentially transferring the user’s personal data (IP address) without the user’s prior consent.
What’s embedding?
When an external (i.e., loaded from another server, besides your own) resource is embedded into a webpage, it basically means that the resource behaves as if it’s loaded from the same server hosting the webpage.
Why is using embedded resources in breach of GDPR?
Because of the way the internet works. When a browser (i.e., computer) requests a file (e.g., an image or a font file), the server needs the IP address of that computer to send it back. All these requests (including the IP address) are logged in a so-called access.log.
Once this IP address leaves the European Union, your website is violating the GDPR.
What does this plugin do?
GDPRess scans your homepage for third party scripts (JS) and stylesheets (CSS), and:
Allows you to download or exclude them from downloading.
Parses the stylesheets for loaded font files, downloads them, and rewrites the stylesheet to use the local copies.
Makes sure the local copies of each script/stylesheet are used in your site’s frontend.
In short, it makes sure no requests are made to external/embedded/3rd party scripts and stylesheets.
