Data Handling Best Practices

The WordPress open source project thrives on transparency. Whenever possible, we prefer to do all of our work in public, sharing as much information as possible with the community and the project as a whole.

In our work to organize events that provide a fantastic attendee experience, however, we collect personal data that must be kept safe.

All information collected on WordCamp.org is covered by the WordPress.org Privacy Policy. WordCamp organizers are expected to ensure the security and protection of the personal data that they have access to.

When considering how to handle personal data, please be sure to always:

  • Only request personal information (in registration questions, speaker applications, etc) that the team absolutely needs to make the event a success.
  • Restrict access to information to a “need to know” basis within the organizing team.
  • Ensure that passwords to devices accessing information meet or exceed security recommendations
  • Shred hardcopy information when no longer required.
  • Delete spreadsheets or documents that contain personal data, as soon as they’re no longer needed for the organizing of the event.
  • Refuse to share information with any vendor whose data handling policies do not match or exceed those of WordPress.org, or for any reason other than WordCamp organizing necessities.
  • Notify us if you discover or suspect that the security of data collected via WordCamp.org/WordPress.org has been compromised.