Just a reminder that I’m not a lawyer– just a web designer with WordPress experience who’s been mulling over my Privacy Page. Do you get those pesky SPAM comments on your blog posts? Do you get thousands of them and have installed a plugin to block them into oblivion? Well, like you I’ve had the same problem and am considering how to discuss this in my Privacy Policy.
WordPress has offered a guideline for discussing SPAM defense in the sample Privacy Policy that is a feature of 4.9.6.
Where we send your data
Visitor comments may be checked through an automated spam detection service.
SPAM defense is just a tiny bit more complicated that that. Whenever someone adds a comment to a blog post, it’s possible that the identification data left by the person or bot (a name, email, website, IP address, etc.) is compared to a large database used by the plugin’s developers. Not only may the comment be compared to a database, it’s possible that the data may be retained in the developers’ database.
One of the common plugins with any WordPress installation (it may already be installed by your hosting company) is Akismet. Akismet is one of the many services owned by Automatic. Their Privacy Policy is quite lengthy because it covers the user (who has an account with Akismet/Automatic) as well as the website visitor. (see policy)
I’ve changed the recommended text on my website to add where data goes if a SPAM defender is in place.
Where we send your data
Visitor comments may be checked through an automated spam detection service. The plugin may delete any comment, including SPAM, and the identification data from this site. The Privacy Policy for the developer and data passed through this plugin is available at (insert the website address).
Why would I do that? If the world is expecting websites to be more transparent about data, then I think there’s a fair amount of transparency in providing an answer about data submitted in the comment fields.
I don’t often suggest homework at the end of a blog post, however yours is to think about where else your website sends data.
