Our Web Hosting Platform and their Security.
WP Engine continually monitors developments in data security, privacy, and compliance around the globe, and we have invested considerable resources in preparing for EU Regulation 2016/679 (“GDPR”). We have always upheld the core privacy principles behind GDPR, as evidenced by our early adoption of the EU-US and Swiss-US Privacy Shield programs, and take very seriously (and humbly) the trust our customers place in us when they choose to store personal data on our platform.
WP Engine will comply with GDPR’s requirements, both as a controller of our customers’ account data and a processor of the end-user personal data our customers store on our platform. In support of our customers’ compliance efforts, we have updated our terms to reflect the obligations we have as a processor under GDPR. (Such additional contractual obligations are commonly referred to as a Data Privacy Addendum or a “DPA.”) These changes became effective May 10, 2018, and our DPA already applies to you by reference in your existing agreement. We encourage you to view this changelog and familiarize yourself with our terms to better understand how we support you and protect the security and privacy of your data.
We also encourage our customers to begin assessing their own internal readiness if they haven’t already done so. A good resource for understanding the changes implemented by GDPR can be found here, or you can read the full text of the regulation.
DATA PRIVACY ADDENDUM (DPA) FAQ
Q: Do WP Engine’s terms include a Data Privacy Addendum?
A: No, the DPA does not need to be signed. The exact language of the GDPR says: “The contract … shall be in writing, including in electronic form.” It is an accepted tenet of contract law that a written agreement includes online or clickthrough terms, and GDPR even calls out electronic contracts as being perfectly acceptable.
You can find more information about cookies at: www.allaboutcookies.org and www.youronlinechoices.eu