On May 25, 2018 the European Union is enacting the General Data Protection Regulation (GDPR). All website owners are obliged to follow this regulation to protect the privacy of their visitors. The following document explains what YOOtheme Pro, WordPress and 3rd party services mean for your visitors' privacy, what data is collected and what necessary steps you should take to make your websites GDPR compliant.
Disclaimer: This information is not a legal advice and is for informational purposes only. Learn more about the GDPR from the European Commission’s Data Protection page.
Warp themes do not store any personal information. There are no tracking-cookies created or saved by the theme.
In any Warp theme you can make use of 3rd party services, for instance, Google Fonts, Google Analytics, etc. These services as well as WordPress are all working on making their products and services GDPR compliant. This document only focuses on their officially recommended solutions. Here is a short overview:
|3rd Party Service||Possibly used in|
|Google Fonts||Style customizer|
The use of Google Fonts is unauthenticated, and no cookies are set. The requests go to Google Fonts resource-specific domains, which are separate from google.com and do not contain any credentials from Google services. The requests for CSS assets are cached one day, and font files themselves are saved for one year. As a result, only few requests are sent to Google Fonts. More detailed information can be found in the Google Fonts Privacy FAQ.
So there is just 1 CSS request per font family, per day, per browser, containing just the IP address. Thus, Google has created sufficient conditions to protect your visitors' privacy.
If you still don't want to use Google Fonts, you can easily disable them by selecting System Fonts in the Style Customizer. You can also add your own custom fonts, for more information read the Less customization documentation.
Google Analytics provides settings for customizing cookies, sharing data, IP anonymization and other privacy controls. On May 25, Google will also introduce a data retention control to define how long the data is stored and a user deletion tool to remove visitors' data. It is the website owner's responsibility to make their Analytics settings GDPR compliant.
The Google Analytics script can be added in the Additional Scripts field in the Warp settings. Make sure to enable IP Anonymization.
This is a legacy feature, which will not be developed any further. We recommend using a 3rd party extension which offers more privacy settings instead.