In Stats for Update Manager I’ve added in the readme the notice that it is up to the plugin developer, serving updates using Update Manager and using stats, to do what they want to deal with GDPR (or other privacy law):
This plugin stores data about plugin updates in a table.
You can configure how much time this data is kept using
sfum_old_after filter (defaults to 4 weeks).
All the data is removed at plugin uninstall.
- URL of the site asking for updates, sha512 hashed
- plugin checked
- timestamp of the last check
Is up to you to decide if and to inform your plugin users that this data is kept.
In the plugin (mine) using the
UpdateClient my idea is to add this notice:
With the only purpose of keeping statistics about active installations of the plugin “Stats for Update Manager”, the server software.gieffeedizioni.it, serving updates for the plugin, store the hashed (pseudononimized) value of your hostname, along with the timestamp of the last check, for a maximum amount of time of 4 weeks.
What do you think about it?
Grammar checks are also welcome