Giving you more control
From being able to opt‑out from our analytics system, to being able to request a copy of the data that Jetpack has associated with your account, Jetpack designs and develops features with GDPR compliance in mind.
Tools for ongoing compliance
We offer multiple tools to help you make your site compliant, such as our Privacy Policy Helper to help you construct a custom policy, as well as features that make it easier for users to delete or export their data if they want.
Keeping personal data secure
We store Jetpack data on servers worldwide so as to ensure Jetpack’s stability and speed, while also ensuring that data is transferred out of the EU in accordance with the GDPR (more info in our FAQ below).
Frequently Asked Questions
What is the GDPR?
The GDPR is a European law that grants some personal data rights to individuals in the European Union. Its requirements apply to many sites and online businesses who collect, store, and process personal data about individuals in the EU.
The GDPR, among other things, requires companies and site owners to be transparent about how they collect, use and share personal data. It also gives individuals more access and more choice when it comes to how their own personal data is collected, used, and shared.
You can read the full text of the law here.
How does Jetpack comply with the GDPR?
Jetpack and its parent company Automattic take data privacy and the GDPR very seriously. We respect the GDPR’s principles of minimizing the amount of data we collect, being transparent about what data we collect and how we use it, complying with EU law in regards to any data that is transferred to non-EU countries, and not keeping data longer than we need it for the purpose it was collected. You can read more about the data we collect, how data is used and shared, and how long data is retained in our Privacy Policy.
Does Jetpack transfer data out of the EU?
Like many companies we sometimes transfer data out of the EU. In general, transfers of personal data out of the EU are covered by the Standard Contractual Clauses where there isn‘t already an adequacy agreement in place with the receiving country. We also include the Standard Contractual Clauses in our Data Processing Agreement, which you can request from your Privacy Settings.
How can I get a Data Processing Agreement (DPA)?
You can request a DPA from your Privacy Settings
How does the Schrems II Ruling about the Privacy Shield affect my Jetpack site?
In Schrems II the European Court of Justice found that the Privacy Shield was not valid under the GDPR as a means of legally transferring data from the EU to the US. In the same ruling the court upheld the SCCs as being legal and valid. Jetpack never transferred data under the Privacy Shield, it always relied on the SCCs, so the ruling did not affect Jetpack’s data transfers.
How do I find out more about what data Jetpack is collecting about my site’s visitors
We publish a Privacy Notice to provide you with an overview of the data we collect from your site visitors when you install and use Jetpack or other services from Automattic. You can also find detailed descriptions of the exact data that’s collected, and who it’s collected from, for each Jetpack module in the Jetpack Privacy Center.
Where can I learn more about Jetpack and the GDPR?
Check out this blog post for more detailed information about Jetpack, your site and the GDPR.
Who do I contact for more questions about Jetpack and the GDPR?
If you have more specific questions about Jetpack and the GDPR feel free to reach out to us and we’ll be happy to help.
Do you see any information missing on this page?
Please let us know how we can make this page better.
