We’re rolling out updates to our privacy features and policies in the coming weeks. You’ll have more control over your personal information and more detail on what information we keep and what we do with it. The updates will also make sure we comply with new privacy laws, and will help you do the same for your own website or store.
Our New Privacy Features
Over the past several months, we’ve upgraded many of the privacy-related features on WordPress.com, Jetpack, WooCommerce, and other Automattic products. We want to give you more visibility into the personal data we use and more control over the data you share with us.
In recent weeks, we’ve added:
- More detailed information on the data our products collect and use, like the information you’ll find in the new Jetpack Privacy Center, as well in-product notifications for privacy-related information.
- Opt-outs for data uses, like the ability to turn off Automattic’s first-party analytics system on your Jetpack site.
- Additional contracts (Data Processing Agreements) for paid users who require them to comply with data protection and privacy laws. If you need a Data Processing Agreement, let us know by contacting support for your product.
Over the coming weeks we plan to launch:
- A way for users to request access to their personal data.
- Account closure for WordPress.com accounts.
- Opt-outs for Automattic’s first party analytics system for WordPress.com users.
- An updated cookie policy that explains the cookies we use in our services.
We’re also releasing features to help you and your site meet the requirements of new privacy laws, like Europe’s new General Data Protection Regulation (“GDPR”) that goes into effect on May 25, 2018. You can read the full text of the GDPR, as well as the European Commission’s summary. Our new features include: a new “cookie and consent” notification that WordPress.com and Jetpack site owners can add to their sites, and tools for our WooCommerce.com merchants to manage data access and deletion requests from their customers.
These updates are in addition to the privacy protections we’ve always had in place to help you control your content, keep it secure, or even move your site to another WordPress host.
What’s New in Our Policies?
We also updated our Privacy Policy and our Terms of Service. Here are some of the updates you’ll see:
- We GDPR-ized our Privacy Policy. You’ll now see sections explaining your data protection and privacy rights, how long we keep information, and how we handle transfers of personal data outside the EU.
- We included WooCommerce.com and Polldaddy in our Automattic-wide Privacy Policy. No more fragmenting: we’re retiring WooCommerce.com and Polldaddy’s separate privacy policies — our privacy practices should be straightforward and easy to understand, so now you only have to understand one.
- We included more real-world, concrete examples in our Privacy Policy to give you a clearer picture of how we collect and use personal information. There’s specific information about how we make Reader recommendations, how Gravatar works, and how we use information for our marketing.
- We added a new Privacy Notice to explain the data that we collect, on behalf of our users, about visitors to our users’ websites.
- We updated our Terms of Service to reflect the importance of data protection and privacy laws. Our Terms of Service (and those for Automattic Ads) require that our users comply with applicable laws and regulations as the site owners, and, for added clarity, we included privacy and data protection laws as one of the specific examples.
Our new Privacy Policy and Terms of Service will take effect on May 25, 2018. We’re releasing them now to give you time to take a look at them. If you continue to use our services on or after May 25, 2018, you acknowledge that your use will be subject to our new Privacy Policy and you agree to be bound by our new Terms.
And there’s more to come! We’ll announce more detailed information about privacy features on privacy.blog — follow us there for the latest.