Solid Security GDPR Recommended Text

What personal data we collect and why we collect it

Cookies

Suggested text:

Some forms on this site require the use of Google's reCAPTCHA service before they can be submitted. If you consent to this service, a cookie is created that stores your consent. This cookie deletes itself after thirty days.

 

Security Logs

Suggested text: 

The IP address of visitors, user ID of logged in users, and username of login attempts are conditionally logged to check for malicious activity and to protect the site from specific kinds of attacks. Examples of conditions when logging occurs include login attempts, log out requests, requests for suspicious URLs, changes to site content, and password updates. This information is retained for 60 days.

 

Who we share your data with

Suggested text: 

For security, use of Google's reCAPTCHA service is required which is subject to the Google Privacy Policy and Terms of Use.

Suggested text: 

A QR code image is generated for users that set up two-factor authentication for this site. This image is generated using a SolidWP-hosted API. In the process of generating this image, your username is sent to the API. This data is not logged. For privacy policy details, please see the SolidWP Privacy Policy.

 

When running Security Check, solidwp.com will be contacted as part of a process to determine if the site supports TLS/SSL requests. No personal data is sent to solidwp.com as part of this process. Requests to solidwp.com include the site's URL. For solidwp.com privacy policy details, please see the SolidWP Privacy Policy.

Suggested text: 

This site is scanned for potential malware and vulnerabilities by the iThemes Site Scanner. We do not send personal information to the scanner; however, the scanner could find personal information posted publicly (such as in comments) during the scan.

 

In order to ensure file integrity, Solid Security pulls data from wordpress.org, solidwp.com, ithemes.com and amazonaws.com. No personal data is sent to these sites. Requests to wordpress.org include the WordPress version, the site's locale, a list of installed plugins, and a list of each plugin's version. Requests to solidwp.com and amazonaws.com include the installed SolidWP products and their versions. For wordpress.org privacy policy details, please see the WordPress Privacy Policy. For solidwp.com privacy policy details, please see the SolidWP Privacy Policy. Requests to amazonaws.com are to retrieve content added and managed by SolidWP which is covered by the Amazon Web Services Data Privacy policy.

 

How long we retain your data

Suggested text: 

Security logs are retained for 60 days.

 

Where we send your data

Suggested text: 

This site is part of a network of sites that protect against distributed brute force attacks. To enable this protection, the IP address of visitors attempting to log into the site is shared with a service provided by solidwp.com. For privacy policy details, please see the SolidWP Privacy Policy.

Have more questions? Submit a request