According to this you GDPR should store as little data as possible. We'll help you with that! With our special hosting tool WordPress Session Eraser you can determine with a few clicks in which interval the WordPress sessions of your users can be deleted.
A session in WordPress is nothing more than a kind of personal access card that the registered user receives on your website for the duration of the registration - similar to a visit to the Bundestag. There you get a card for the duration of your stay, on which information is recorded such as:
- Level of access authorization (restriction to certain areas, etc.)
- Duration of your visit
In principle, the WP session is nothing else. Equivalent to the Bundestag example, in WordPress the session data of your users are the following:
- IP address
- User level (admin, editor, author etc.)
- How long the session is valid
- In addition, the session contains a hash, so that each session is unique (a user can also be logged in from several devices).
If a user actively logs out or the validity period has expired, the session is deleted - at least this is the normal case. However, there are some Themes and Plugins (e.g. certain shop or memberThemes), which do not delete these sessions from the database and thus store user data longer than required or allowed.
This is where our WordPress Session Eraser comes in.
The WordPress Session Eraser deletes the WordPress sessions of all your users from the database after a predefined interval. You can set this interval in your BOX settings in our dashboard for each BOX individually.
The defined interval is always absolute. This means: If you set the interval to "8 hours", the sessions will be deleted at the following times:
By automatically deleting unnecessarily stored session data you implement the GDPR basic principle of data economy. With the WordPress Session Eraser you take another step towards GDPR-conformity.