We have a privacy policy that covers your use of this web site and our customer data use. However, if you’re interested in how using Relevanssi affects the GDPR compliance of your own site, here we have answers for you.
In general, Relevanssi doesn’t store any information about users and doesn’t share any information outside your own server. There are, however, two exceptions.
Logging
If you enable logging, Relevanssi will log all search queries, except from those users you block in the settings. The logs will always include the user ID and if you so desire, the user IP address. It’s not currently possible to disable the logging of user IDs.
These are personal information, and need to be reported on your privacy policy, if you have search logging enabled.
Relevanssi includes tools to remove data from the logs. If you use the WordPress privacy tools to remove user’s data completely from the system, that will automatically remove all log entries with their user ID. Relevanssi can’t automatically remove log entries for searches users do when they are not logged in, as Relevanssi cannot connect IP address to user ID.
Attachment indexing
Relevanssi doesn’t share any information outside your server, except when you index attachment content. That Relevanssi can’t do on your own server. In order to index attachment content, the attachment is sent to a Relevanssi indexing server. These servers are hosted by Digital Ocean (their privacy policy) and are in the US or in EU. You can choose which server you use.
Indexing attachments with personal information would mean that the personal information is being shared with third parties. This is why it is forbidden to use Relevanssi attachment indexing to index files that contain personal information. We do not know what is in the files you index on our servers and thus can’t stop you from doing it, but it is still forbidden to do so.