CSP REVIEW: wordpress.org
NOTE: Since the footer says that it's "Powered by Wordpress" my understanding is that that means that the Wordpress Privacy Policy would apply, which is what I'll review.
- Is the site equipped with a privacy policy? Yes
- Does the site attempt to comply with the GDPR? Can European Union inhabitants invoke their individual rights? Yes, see PP: "All of the information that is collected on WordPress.org will be handled in accordance with GDPR legislation."
- Does the site provide a list of personal data being collected by using the service? Yes, see PP
- Is the website owner known to have a bad reputation regarding privacy? No
- Can wikis use the external service, even if the visitor wants to deny any cookies or other form of tracking? Unsure
- Will wikis stay usable, even if the visitor blocks the external resource by using an ad blocker? Yes
- Is there a Data Protection Officer and/or Privacy Team that can be contacted by Miraheze? Yes, dpo@wordpress.org
- Is the site equipped with a security policy? Not quite, just says "This privacy policy describes how WordPress.org uses and protects any information that you give us. We are committed to ensuring that your privacy is protected."
- Does the site clarify their security measures to protect collected user data? Can the site assure measures are being taken to protect code injection into the loaded external resources? No
- Is the website owner known to have a bad reputation regarding information security? No
- Is there a Chief Information Security Officer and/or Security Team that can be contacted by Miraheze? Unclear, someone can probably be contacted via general support