Your eZ Publish database holds registered users as content objects, every article and page authored over the years, forum post history, form submission data, and in Scandinavian government deployments often sensitive citizen-facing records. Whoever migrates it has access to everything in it.
What Is Actually Inside an eZ Publish Database
eZ Publish uses an abstract content repository model where almost everything is a content object. Users are content objects. Articles are content objects. Forum topics are content objects. This means the personal data is distributed across the same core tables used for all content. The ezcontentobject table records every content item along with its author and creation metadata. The ezcontentobject_attribute table holds every field value for every content object in the system, including user profile fields such as phone numbers, addresses, and organization affiliations if those fields were configured. The ezuser table holds account credentials: login name, email address, and hashed password. The ezformtoken table and related form extension tables hold submitted form data. For sites running the eZ Forum extension, forum posts including private messages linked to user identities are stored in the content object tables. For Scandinavian government portals that used eZ Publish for citizen-facing services, these tables may contain legally protected personal data under GDPR and national data protection laws in Norway, Sweden, Denmark, or Finland.
All of this is in the database dump that any migration provider will extract and work from. The key question is who holds it, on what infrastructure, with what encryption, and with what deletion policy.
Your eZ Publish database during a migration with no documented data handling policy.
What Has Gone Wrong in Real Data Migrations
A contractor turned off the firewall for ten minutes while migrating data to ElasticSearch. This exposed the database to attackers who breached over 5 billion data records.
Keepnet Labs breach, documented by Caylent security research
Ten minutes. One shortcut during a migration window. For an eZ Publish government portal or media archive with tens of thousands of registered users, the exposure window during an insecure migration runs from the moment your database leaves your server to the moment it is formally deleted from the provider’s machine. For most freelancers, that moment is never formally defined.
Without proper encryption and access controls during a migration, you are essentially broadcasting sensitive information. Personally identifiable information exposed due to misconfigured permissions is not a hypothetical scenario.
Monte Carlo Data, September 2025
eZ Publish migrations present a broad credential surface. Your admin credentials provide access to the full content repository, all user accounts, all form submissions, and the eZ Forum data. Database credentials expose the entire abstract content model. Server access (SSH or FTP) exposes the file system including the var directory where user-uploaded files are stored. A provider holding all three has unrestricted access to everything your site has collected.
The Freelancer and Specialist Problem
The developer who migrated your eZ Publish site: your content object database is still in their work folder, no DPA, no deletion date.
eZ Publish migrations require deep familiarity with the content object model, the node tree, the field type system, the URL alias mechanism, and how to map all of this to WordPress. The number of developers with this knowledge is small and declining. Most who advertise eZ Publish migration services have not actually migrated the full database, have not dealt with complex content type hierarchies, and have no formal data protection process. Here is what you typically do not get from a marketplace freelancer.
- No Data Processing Agreement. GDPR Article 28 requires a signed DPA before any third party processes personal data. An eZ Publish database almost certainly contains personal data of EU residents. Without a DPA, your organization is in violation before the migration begins.
- No credential security policy. Your admin credentials, database connection string, and SSH details are typically sent via email and kept indefinitely. No encrypted vault, no deletion commitment, no audit trail.
- No data retention policy. The database dump downloaded for the migration stays on the provider’s machine after the job is done. There is no deletion date and no notification to you when it eventually disappears.
- No breach notification obligation. If the provider’s system is compromised while holding your data, they have no contractual obligation to notify you or the affected users.
- No professional liability. If the migration loses forum history, breaks the node tree structure, corrupts content object attributes, or triggers a GDPR investigation, a marketplace freelancer has no insurance and no contractual accountability.
- eZ-specific technical gaps. Most providers cannot correctly handle the
ezcontentobject_attributetable, theezurlalias_mlURL alias system, the eZ Tags taxonomy structure, or the eZ Forum content object hierarchy. The result is a migration that looks complete on the surface but is missing significant structured content and forum history.
How gConverter Does It
How gConverter starts every eZ Publish migration: signed legal documentation before any credentials are shared.
gConverter is a registered US company with full EU GDPR compliance for all European and international clients. For Scandinavian government and media organizations running eZ Publish, this is particularly relevant: we act as a Data Processor under GDPR Article 4(8) with a documented six-step security process applied to every migration.
Step 1: DPA before credentials
Before you share any access credentials, you receive a Data Processing Agreement for review and signature. For GC-ExtraSecurity clients, a Non-Disclosure Agreement is also executed. No data access is granted until both documents are countersigned. The DPA specifies what we process, the lawful basis, retention limits, and our liability in the event of a breach.
Step 2: Encrypted credential vault
Your eZ Publish admin credentials, database connection details, and server access are transmitted via an encrypted channel, never by email. Stored immediately in an AES-256 encrypted vault accessible only to the single assigned engineer. Deleted within 24 hours of job completion with written confirmation sent to you.
Step 3: Isolated staging environment
Your database is exported and transferred over TLS 1.3. For GC-ExtraSecurity clients, processing happens on a dedicated Hetzner EU server in Frankfurt, keeping all data inside the EEA throughout the migration. For standard clients, processing is on the assigned engineer’s encrypted machine (Apple FileVault AES-256). Your data is never on shared hosting and never alongside other clients’ data.
Steps 4 to 6: Logged migration, verified delivery, 30-day deletion
Every database query and file operation is logged. The migration is completed on staging and presented to you for review before go-live. After approval and launch, credentials are revoked and deleted immediately. All customer data is permanently deleted within 30 days using secure overwrite. Breach notification within 72 hours if required by GDPR Article 33.
Read the complete GDPR and Data Protection documentation →
Questions to Ask Any eZ Publish Migration Provider
- Will you sign a Data Processing Agreement before accessing any data? No DPA means no GDPR compliance and direct legal exposure for your organization.
- How do you handle eZ-specific data: ezcontentobject_attribute fields, ezurlalias_ml URL aliases, eZ Tags taxonomy, eZ Forum content objects? If they cannot answer specifically, they have not done it before.
- How are credentials transmitted and stored? Acceptable: encrypted channel and AES-256 vault. Not acceptable: email, Slack, or any plain-text channel.
- Where is my data processed during migration? Specific server location, encryption method, and access policy.
- When and how is my data deleted after completion? A timeline and a deletion method, not just “we will delete it eventually.”
- Do you carry professional liability insurance? Without it, no financial recourse if a breach or content loss occurs.
- What is your breach notification procedure? Without a documented procedure, they have no obligation to tell you if your data is compromised.
Technical Quality Matters Too
Security is the non-negotiable foundation. But a secure migration that loses your forum history, drops content object attributes, or breaks the node tree URL structure is still a failed migration. A complete eZ Publish to WordPress migration by gConverter covers all content objects mapped by type, all field values from ezcontentobject_attribute imported to ACF Pro fields, the full node tree reconstructed as WordPress page hierarchy, eZ Forum content migrated to wpForo 360° AI, all user accounts with profile fields, eZ Tags taxonomy imported as custom taxonomies, URL aliases preserved or redirected, and SEO metadata transferred to Yoast SEO.
For the full technical picture: Why Publishers Are Moving From eZ Publish to WordPress →
To discuss your specific site: eZ Publish to WordPress migration at gConverter →
What Our Clients Say
Went FAR above and beyond to help us work through this project. We are thrilled with the final result and they were professional, great to work with, and responsive every step of the way. Would highly recommend.
Anna P., Wilmington NC – Customer Lobby, January 2026
Extremely professional and efficient, we had very good contact, the work was done in due time.
Timoti F., Berlin DC – Customer Lobby, February 2024
eZ Publish content objects, node tree, and forum history – all verified in WordPress.
The Bottom Line
An eZ Publish database built up over a decade of publishing contains years of user data, editorial records, form submissions, and community forum posts. For Scandinavian government portals and media organizations, the data protection obligations that apply to this database do not pause during migration. They apply to every minute the database is in a third party’s possession.
gConverter is US-registered and EU GDPR-compliant, with signed legal agreements before access, AES-256 encryption at rest, TLS 1.3 in transit, EU server options, and 30-day data deletion with written confirmation. Before the job starts, you have a signed DPA. While it runs, your data is encrypted, isolated, and logged. When it ends, your data and credentials are gone from our systems.