SECURITY MONITORING AND AUDITING
We use the WP Activity Log plugin as a security monitoring and auditing plugin to create a log of data about the ways that our web site is used by those who have login access to it. This information is collected and retained by the web site administrator for, as the name might suggest, security and auditing purposes.
Once activated, the plugin logs a timestamped record of when a logged-in user takes the following actions:
- Logs in and out;
- Creates, deletes or modifies or views a post (be it a page, post or a post with a custom type);
- Creates, deletes or modifies tags;
- Creates, modifies, deletes, or approves comments;
- Creates, modifies or deletes widgets and menus;
- Creates, modifies (this including changing the password), deletes a user or views another users’ profile;
- Installs, activates, deactivates, or uninstalls a theme or plugin;
- Changes system settings such as reading, general, or permalinks;
- (remove as applicable) Takes actions on a multisite network such as creating a new site, creating a new user on the network, adding a user to a site, changing its role, etc;
- (remove as applicable) Takes actions on a BBPress forum such as creating a new forum, deleting entries, changing forum settings, etc;
- (remove as applicable) Takes actions on a WooCommerce installation such as creating a new product, changing store settings, modifying the product, etc.
The timestamped record includes the following information:
- The user’s login name
- The user’s actual name as entered when their account was set up
- The user’s WordPress role (Author, editor, etc)
- The IP address from which the user accessed the site
- The time and date of each action detailed above while the user was logged in.
The data captured by the WP Activity Log plugin is stored by the website administrator for a period of 6 months solely for security and auditing purposes.
Information captured by WP Activity Log is accessed only by the administrators of the web site and is stored on the web site’s database. These administrators may be located outside the European Union.
Information captured by the WP Activity Log is not shared with third parties except in the case of security investigations or law enforcement requests.
We have installed additional security to protect your data.