WP Social Ninja GDPR Compliance

WP Social Ninja is a GDPR-compliant WordPress plugin that ensures the maximum possible data safety of its users. Here, we are breaking down in simple terms how WP Social Ninja collects, processes, and displays user-generated data that are publicly available.


WP Social Ninja connects your website with social networking platforms, review sources, and services such as Facebook, Instagram, YouTube, Google My Business, Twitter, Airbnb, etc. It helps you to choose what information you want to fetch and display from these sources. Moreover, WP Social Ninja is easy to use as it only displays data social media users allow to share publicly. We have made a list of common questions to help you understand how WP Social Ninja complies with the GDPR policy.


1. From where does our plugin fetch data?

WP Social Ninja makes authorized requests to the associated social media platforms such as Facebook, Instagram, YouTube, Twitter, etc. via their API. In the next stage, the social media sites then send back any content that is publicly available which their platform has been authorized by their users to share publicly.

2. What data is retrieved by WP Social Ninja?

WP Social Ninja requests that the data originates from the social media platform to which the relevant content was posted. When product users register with and post content on a social media platform, they consciously agree to the terms or conditions regarding specific data accessible to third parties via their developer API. However, users can restrict access to their data via their account settings on each social platform. For example, a Facebook user has privacy settings set to not allow any apps to access a specific type of data, then that data can not be retrieved by WP Social Ninja or any other.

3. Are these data personal?

The types of data retrieved and displayed by WP Social Ninja can vary. Moreover, all kinds of private data are excluded. A detailed description of the personal data that WP Social Ninja can display is given below:

Facebook Reviews

The plugin will never receive any personal information about an individual user either in reviews or ratings on Facebook. There is only one way to choose to display that information. It is to retrieve a specific type of Access Token (called a Page Access Token) which gives you access to the names, avatars, and reviews of people who review or recommend on a Facebook page that you own.

Instagram Feed (Pro version only)

For the Free version, no personal data will be displayed. For the Pro version, if the user is displaying a “User” feed, only the information provided by Instagram will be disclosed.

Twitter Feeds

Twitter feeds work the same just as all feed types. Only one personal information provided by Twitter is the name and avatar of the user who posted the Tweet.

The same is applicable for all the social networks and review platforms WP Social Ninja connects to.

4. Does WP Social Ninja track data?

WP Social Ninja doesn’t track any user data in our plugin, but under some special conditions, the social platforms from which the plugins request data may do. Let’s follow below-

Third-party Connections

While loading images or videos from social media sites, a request to retrieve the file from the social media platform may be made in the web browser that it’s hosted on. Moreover, any request made by your web browser includes your IP address, which the third party can then see that it’s being requested from. These requests are specifically made to resource-specific domains with the sole purpose of retrieving content. Furthermore, it does not pass any personal data beyond the IP address of the website user making the request.

5. Is any data forwarded to third parties?

WP Social Ninja doesn’t forward or share any third-party data received from each social media platform. We retrieve the data from the social platforms and display it on your website. Moreover, we do not send data to our own servers or anyone else’s. All data remains on your website.

Furthermore, WP Social Ninja does make some third-party connections to social media APIs (Application Programming Interfaces) and CDNs (Content Delivery Networks) to get content and also has the option to display third-party content. To retrieve images or videos when the requests are made, they make the person’s IP address viewing the content accessible to the third party.

6. How and where is the data stored?

When WP Social Ninja receives data from social media platforms, it will cache the data temporarily on your WordPress database (in the wp_options table). It’s a temporary cache and it will expire after the period established in WP Social Ninja settings (default is one hour). Moreover, once the cache expires, the plugin will make another request to get data from the social platforms, and the process will repeat.

In case of some exceptions, the data will be stored permanently. Let’s see-

  1. For Instagram Feed, we have a feature that creates a permanent/backup cache, which permanently caches the data unless it’s cleared from our plugin settings. It is set by default. However, can be cleared and/or disabled by the following setting: WP Social Ninja > Settings > Instagram Settings > Clear Backup/Permanent Cache.
  1. For Twitter Feed, we have a feature that creates a permanent/backup cache, which permanently caches the data unless it’s cleared from our plugin settings. It is set by default. However, can be cleared and/or disabled by the following setting: WP Social Ninja > Settings > Twitter Settings > Clear Backup/Permanent Cache.

7. Is it possible for the users to control whether their data is received and displayed in my feed?

Yes. You can do it by following two methods.

  1. On the corresponding social media platform, the users can change their privacy settings so that their data is no longer accessible by WP Social Ninja
  2. We have built-in moderation tools so you can exclude their content 

8. Does WP Social Ninja use cookies to store personal data?

No, WP Social Ninja does not use cookies to store personal data.