GDPR Compliance?

The plugin is GDPR compliant – The only detail relevant is the IP addresses that are stored in the database in the visitor log. This is done to detect repeat bad traffic.

Since the purpose of storing the IP addresses is to prevent abuse of your website this complies with GDPR rules as you do not need consent in this case from your visitors. Article 6.f –

There is nothing that connects the IP data to any other identifiable information about your visitors.

To be fully GDPR compliant you need to update your Privacy Policy to inform your visitors that you are storing the IP information, The IP data is stored for a maximum of 30 days and is automatically purged. You only need to inform your visitors of this, you do not need to get their approval.

Here is a suggestion of wording for your privacy policy page:

“We use firewall software to protect our website from malicious software and attacks. As part of this, every visitor’s IP is logged for up to 30 days. This is to identify repeat suspicious behavior. This is in accordance with GDPR Article 6.f –”

Tags: ,

Was this helpful?

Still need help?

If searching the knowledge base does not help you, please contact support.

Fast and easy to use WordPress Security

Instantly protect your website from 600+ million bad IPs

10% OFF

Subscribe to our newsletter

* We do not spam or share your email

Discount on any Security Ninja plan

and get

Hi and welcome back :-)

We won't spam you. Unsubscribe any time.

Wait! Before you go!

Get 10% discount for any WP Security Ninja plan!


Subscribe to our newsletter for new releases, discounts and general WordPress Security news. Sprinkled with other interesting stuff :-)