As an investor in various WordPress (Bertha.ai , Atarim plus a few plugins on wpplugins.com) and Web solutions and a web development agency owner,
I have vast experience in both making solutions (Product Owner) and using solutions (Product User).
As a plugin developer and solution provider its a tough call – do I give my users an opportunity to opt in to a mailing list so I can send them updates or just hope for the best that they notice the (discrete) update notice in the plugins page – I don’t and, as long as I own the say in my plugins – will never put an admin notice in the dashboard of WordPress – it’s annoying, intrusive and well, just a bit rude. I cannot stand the notices in the dashboard interrupting my workflow when I am building out web sites for my agency clients so I don’t see why I should put my plugin clients through the same hell.
I know that out of the thousands of plugins out there – most are free and the few that have premium options use the dashboard to promote, encourage and tease new features and pricing for premium versions – one of the teases is that you don’t get admin notifications in your dashboard.
Companies that do this not so well are Awesome Motive – its a perpetual round up of admin notifications – update this upgrade that – give us a 5 star review of that – and when you see they have loads of plugins and useful ones at that – like Easy Digital Downloads, ALL In One SEO, WP MAIL SMTP to name just a few – your admin dashboard can be quite difficult to navigate when using just these three with all the prompts coming out of nowhere, sitting in your posts page and ya know, just getting in the bloody way.
If you sell a lot of plugins, its always going to be hard to upsell them, let alone, let people know when there is a crucial update for security purposes. So, I get that some admin notices are necessary. But, it all just gets lost in the melee.
A better way in my view, is to opt-in to a mailing list for said plugins and be notified on your email. One of the companies that does this well and asks you to specifically opt-in is Freemius – which has been a favorite of mine since I owned and operated The Elegant Market Place as they truly help plugin developers make money from their hard work
As a WP admin or someone who builds sites for clients, you can opt-in to receive emails from product owners who use the Freemius system to sell their freemium plugins and themes and, you can get to know about security vulnerabilities in advance of anyone else when they release a patch. This way, you’ll be ahead of the curve and can take steps to protect your sites before any public knowledge of the vulnerability is released. It’s a win WIN!
As both a consumer and product maker, I see no reason NOT to opt-in. I want to keep the sites I build, maintain and use as safe as I possibly can and keep my business running with great care plans and a great solution for my non technically minded clients. If I don’t know or take steps to know that a plugin needs a crucial update – that is on me.
What about Privacy and Data protection?
There are many rules around Data Protection* and, as far as I am concerned when I opt-in to a list, I know I am protected by the rules so, if I want to opt-out (why would you opt-out of security notifications though?) I can – and I can ask any online supplier to delete my data. I have no concerns about the way Freemius holds, or uses my data. I have been online for years now and frankly, what is out there, is out there – there is nothing I can do about it now or in the future. That doesn’t mean I don’t read privacy policies or even have them myself. My Good Friends over at Termageddon help me keep compliant on that score and I Know for a fact that Freemius are very pedantic about privacy.
Simply put, it is my view that companies like Freemius – who sell for multiple vendors – have a responsibility to tell you when something is wrong or you need a security update – the only way they can do that is by asking you to opt-in and you take the sensible decision to do so – because you know its the right thing to do for you, your customers and the continuation of your business.
*GDPR applies to any company that processes the personal data of individuals in the EU, regardless of whether the company is based inside or outside the EU.
GDPR requires companies to get explicit consent from individuals before collecting, using, or sharing their personal data. Companies must also provide individuals with clear and concise information about their rights under GDPR, and ensure that individuals can easily exercise their rights.
GDPR imposes significant fines for companies that violate its provisions, including up to 4% of a company’s global annual revenue or €20 million (whichever is greater), whichever is greater.
GDPR also gives individuals the right to file a complaint with the supervisory authority if they believe their rights have been violated.
CCPA
The California Consumer Privacy Act (CCPA) is a state law that came into effect on January 1, 2020. It strengthens data privacy rights for California residents and imposes new obligations on companies that collect, use, or sell the personal data of California residents.
CCPA applies to any company that does business in California and meets one or more of the following thresholds:
Has annual gross revenues in excess of $25 million;
Possesses the personal information of 50,000 or more California consumers, households, or devices; or
Derives 50% or more of its annual revenues from selling the personal information of California consumers.
CCPA requires companies to provide California residents with clear and concise information about their rights under CCPA, and ensure that individuals can easily exercise their rights.
CCPA gives California residents the right to know what personal information is being collected about them, the right to know how that information is being used, the right to delete their personal information, and the right to opt-out of the sale of their personal information.
CCPA imposes significant fines for companies that violate its provisions, including up to $7,500 for each violation or actual damages, whichever is greater.
CCPA also gives California residents the right to file a complaint with the Attorney General if they believe their rights have been violated.
PIPEDA
The Personal Information Protection and Electronic Documents Act (PIPEDA) is a Canadian federal law that came into effect on January 1, 2004. It establishes rules for the collection, use, and disclosure of personal information by organizations in the course of commercial activity.
PIPEDA applies to any organization that collects, uses, or discloses the personal information of individuals in the course of commercial activity.
PIPEDA requires organizations to obtain the consent of individuals before collecting, using, or disclosing their personal information. Organizations must also provide individuals with clear and concise information about their rights under PIPEDA, and ensure that individuals can easily exercise their rights.
PIPEDA imposes significant fines for organizations that violate its provisions, including up to $100,000 per violation.
PIPEDA also gives individuals the right to file a complaint with the Privacy Commissioner of Canada if they believe their rights have been violated.
Earnings disclaimer: I am the Co founder of Bertha AI – I am in investor in Atarim. I own WP PLUGINS PLUS and Somebody’s Hero, should you sign up for these services, I will inevitably benefit from that sign up.
All other links are NOT affiliate links