This plugin follows GDPR guidelines because it stores IP addresses to help identify and block harmful traffic, which is considered a legitimate interest under GDPR. There’s no link between the stored IP addresses and any personal details of visitors.
To align fully with GDPR, you should update your Privacy Policy to explain that you collect IP addresses for security reasons, these addresses are kept for up to 30 days, and then deleted. You’re not required to get visitor consent for this, but they should be informed through your Privacy Policy.
Since the purpose of storing the IP addresses is to prevent abuse of your website this complies with GDPR rules as you do not need consent in this case from your visitors. Article 6.f – https://gdpr-info.eu/art-6-gdpr/
There is nothing that connects the IP data to any other identifiable information about your visitors.
To be fully GDPR compliant you need to update your own Privacy Policy to inform your visitors that you are storing the IP information, The IP data is stored for a maximum of 30 days and is automatically purged. You only need to inform your visitors of this, you do not need to get their approval.
Here is a suggestion of wording for your privacy policy page:
“We use firewall software to protect our website from malicious software and attacks. As part of this, every visitor’s IP is logged for up to 30 days. This is to identify repeat suspicious behavior. This is in accordance with GDPR Article 6.f – https://gdpr-info.eu/art-6-gdpr/”
Joining Forces Against Cyber Threats with Security Ninja Pro
By choosing Security Ninja Pro, your website becomes a key player in an international alliance aimed at identifying and thwarting IP addresses linked to hacking efforts. This cooperative approach means that whenever an IP address is recognized for malicious behavior and blocked, the details are immediately shared with the network. As a result, each member site gains the ability to guard against these identified threats ahead of time, fostering a collective defense mechanism that enhances security for everyone involved.
Privacy and Data Sharing in the Global Network
Security Ninja Pro prioritizes your privacy while contributing to this global defense system. The only information sent to the central database when an IP is blocked includes the IP address itself, the site that implemented the block, and the reason behind the block. This streamlined data sharing ensures that we focus on monitoring and analyzing hacking trends without collecting or distributing any personal identifiable information. Whether it’s for a one-time offense or repeat hack attempts, only essential details are utilized to bolster our collective security measures.
In addition, websites have the option to opt-out of reporting to the central database if they prefer not to share information about blocked IPs. This ensures that participation in the network respects the preferences and privacy requirements of all users.
