Comment on Display Widgets Plugin Review by SEO Gold Coast Services.

Originally posted to the WordPress support forum…

I have a question regarding the visitor data you are tracking/storing and your terms at http://geoip2.io/terms.html: the site has been deleted.

Section 10. Privacy policy states:

We will collect website information by lawful and fair means and, where appropriate, with the knowledge or consent of the individual concerned. Before or at the time of collecting such information, we will identify the purposes for which information is being collected. We will collect and use such information solely for fulfilling those purposes specified by us and for other ancillary purposes, unless we obtain the consent of the individual concerned or as required by law. Website data should be relevant to the purposes for which it is to be used, and, to the extent necessary for those purposes, should be accurate, complete, and up-to-date. The following data is currently collected for analysis and in order to optimize GeoIP2.io’s performance:

Website and Page URL – Collected to track service usage by Country, Region and Domain; we reserve the right to blacklist certain domains that exceed reasonable service usage
Visitor’s User Agent and IP Address – Required to determine Visitor’s Country of origin

As a visitor to WordPress sites including some running the Display Widgets plugin, how are you for-filling this part of your privacy policy when I visit a site with the GeoIP2.io’s Geolocation tracking enabled:

with the knowledge or consent of the individual concerned. Before or at the time of collecting such information, we will identify the purposes for which information is being collected.

As “the individual concerned” how and when did you inform me you are collecting my user data and how did you gain my consent and how did you inform me the reason for collecting my data?

For the record you have tracked my data (check your logfile) and I didn’t receive a notification explaining any of this (no pop up or privacy policy explaining GeoIP2.io is tracking my visit).

You have my IP address (90.216.105.28), the user agent (Mozilla Firefox etc…), the webpage I connected from (one of my localhost test servers on my PC), it’s a WordPress Post (/embed-tests/) for testing WordPress embed code. You even know the folder (/str-2016-09/) on my PC I was running the test server from and that it’s running WordPress 4.8.

Example data you’ll have in your weblog:

90.216.105.28 - - [04/Jul/2017:10:46:24 -0700] "GET /api/update/?url=http%3A%2F%2Flocalhost%2Fstr-2016-09%2Fembed-tests%2F&agent=Mozilla%2F5.0+%28Windows+NT+6.1%3B+WOW64%3B+rv%3A54.0%29+Gecko%2F20100101+Firefox%2F54.0&geo=true&p=9&v=0&ip=127.0.0.1&siteurl=http%3A%2F%2Flocalhost%2Fstr-2016-09 HTTP/1.1" 403 3 "http://geoip2.io/api/update/?url=http%3A%2F%2Flocalhost%2Fstr-2016-09%2Fembed-tests%2F&agent=Mozilla%2F5.0+%28Windows+NT+6.1%3B+WOW64%3B+rv%3A54.0%29+Gecko%2F20100101+Firefox%2F54.0&geo=true&p=9&v=0&ip=127.0.0.1&siteurl=http%3A%2F%2Flocalhost%2Fstr-2016-09" "WordPress/4.8; http://localhost/str-2016-09"

I got the example by changing the GeoIP2.io URL (in the geolocation.php file) to one of my domains and checked it’s logs. You will have almost identical entries in your weblogs (only difference will be the time I connected).

Your terms also state:

“We will make readily available to customers information about our policies and practices relating to the management of such information.”

I guess I’m considered a customer?, please make available information about your policies and practices relating to the management of my information.

How do I gain access to the data you store about me?

I don’t want my data tracked by GeoIP2.io. How do I get you to delete the data and stop you from collecting anymore of my data? Note I’m with an ISP with dynamic IPs: my IP changes every time the router is turned off/on.

Can I suggest you do some serious research regarding privacy laws.

David

Update September 16th 2017 : I’ve released a Free Security Update/Upgrade of the Display Widgets Plugin.

More Comments on Display Widgets Plugin Review by SEO Gold Coast Services


Display Widgets Plugin Vulnerabilities

Sorry to hear of the problems.

In principle yes the hack could have compromised your site in other ways.

I never installed the Display Widgets Plugin v2.6.* on a live site, only …


Display Widgets Plugin v4.0.0 Release

I’ve released a Free Security Update/Upgrade of the Display Widgets Plugin which is called v4.0.0 and is malicious code free and extends the widget logic features. I’ll be supporting the …


Adopting the Display Widgets Plugin

Thanks for your kind words :-)

A couple of small inaccuracies in your comment above.

The WordPress plugin team didn’t delete/close/moderate my WordPress forum support posts, it was “Jan Dembowsi” (@jdembowsi) a …


Display Widgets Plugin v2.7 Download

There’s some info on the Display Widgets support forum about the 2.7 update, but you can’t get to it easily because the main Display Widget Plugin page is still closed …


How to Clean a Hacked WordPress Site

Sorry to hear your site is hacked, there’s probably tens of thousands of Display Widget v2.6.* users in the same boat!

I’ve not looked at a Display Widget Plugin v2.6.* hacked …


Display Widgets Plugin v2.6.3.1 Review

I said I wasn’t going to waste my time contacting the WordPress plugin team again, but I couldn’t help myself, the Display Widgets plugin developer is a hacker and is …


Display Widgets Plugin v2.6.1 Deleted from the Plugin Repository

Originally posted to the WordPress support forum…

WordPress has deleted the Display Widgets plugin again, (twice in a week!) this time because of version 2.6.1.

The cause is the code in the …


More Comments by SEO Gold Coast Services


Google Defamation Process

Most likely Google alone.

Google trusts what they are told via the defamation reports, there doesn’t appear to be any detailed checking on Google’s part!

So if someone makes a credible defamation …


Google Mobile Usability Test

SEO tools like SEOptimer are generally not very good, they are built by programmers who are human and they make mistakes, so I’d take the SEOptimer Usability Device Rendering F …


Twitter Permanent Suspension

When you said “I apply most of the tricks talked about in this article” does that mean you are following at least 400 Twitter accounts everyday and unfollowing them all …


Camping World Biloxi

This is a Camping World Biloxi SEO test.

The Camping World Biloxi Google search phrase sees around 1,900 searches a month, a number 1 Google listing for Camping World Biloxi would …


Revolution Slider JS Bloated

All because I avoid using flashy JS features via plugins like Slider Revolution to maximise pagespeed does not mean I don’t know how to use flashy Javascript features whilst minimising …


GTmetrix Website Speed Test Location

Regarding GTmetrix speed testing you have to take into account hosting location when comparing 2 websites targeting different countries.

My SEO Gold site which mostly targets the UK market is hosted …


Revolution Slider Images NOT Responsive

The Revolution Slider SEO Optimization article is a snippet of a larger article Optimized Images Load Faster and Consume Less Cellular Data which looks at a website created by a …


It’s Illegal to Threaten Someone Online

WoW! I critique the old out of date web design of a local Skegness business and James Smith (AKA: fake name) resorts to childish personal insults, why would you do …