Table of Contents [TOC]
In May 2018, the European Union (EU) updated its data protection and privacy laws with the General Data Protection Regulation (GDPR). This new law affects any business that collects or processes personal data from EU residents.
WordPress websites need to be GDPR compliant as well. One step in complying with GDPR is to make sure your website has a cookie consent banner. The GDPR Cookie Consent plugin provides an easy way for WordPress websites to create a cookie consent banner and manage cookie consent.
Collecting cookie consent is a requirement for GDPR compliance, but luckily it’s easy to do if you use the right tools.
In this article, you will know indepth about WordPress GDPR compliance , cookie consent plugins and much more. we’ll cover the steps to make your WordPress website GDPR compliant by using the GDPR Cookie Consent plugin to create a cookie consent banner and manage cookie consent.
To add a cookie consent banner to your WordPress website, you need a plugin. There are several to choose from in the WordPress Plugin Directory. Some are free, and others are premium.Here’s how it works:
Users visit your site and are immediately presented with a prominent banner asking for their consent to use cookies.
Users accept or decline the terms, and the plugin records their answers and preferences in the WordPress database.
The plugin automatically adds cookies, JavaScript, tracking pixels, scripts and other items as outlined by the user’s preferences.
Your analytics software will record IP addresses but nothing more.
This is an effective way to get your WordPress website GDPR compliant quickly and easily.
These days the topic of concern is WordPress GDPR Compliance. You might have heard of the term GDPR being discussed everywhere around the web. To explain it in a simple way, it’s a law built for the data protection. The GDPR or General Data Protection Regulation is a new data privacy law effective from May 25th, 2018. It particularly provides the citizens control over their personal data and change the data privacy approach of the companies all across the globe. GDPR is one of the positive steps taken for the individuals and brands.
There are two main features of the GDPR:
For the better understanding let’s discuss it in detail;
Personal Data: Any piece of the data is considered as a personal data – like name, place, income, health information, date of birth, email, address, or even an IP address.
You can get yourself familiar with the articles below. This will make your transition to the GDPR less difficult.
?We recommend you to check out – The GDPR Checklist.
On the 25th May 2018, the General Data Protection Regulation (GDPR) comes into effect across all EU member states. The GDPR provides one framework data protection law representing a significant harmonization of data protection requirements and standards. Having just one horizontal framework law to deal with will benefit business, promote responsibility when dealing with personal data, and help ensure that the same data protection standards apply across the globe.
The digital age of consent and the circumstances in which an individual’s data protection rights can be restricted. Accordingly, it is important for all businesses and organizations to be aware that they will be required to comply with the data protection standards and obligations set out in both the GDPR and the Irish Data Protection Act 2018 (due to be published by the Government in early 2018).
The WordPress GDPR Compliance checklist have been designed to assist in particular the small and medium enterprise sector, who may not have access to extensive planning and legal resources.
If you process personal data as part of your business, the GDPR applies to you. It is important to remember that:
The involved personal data refers to “any information relating to an identified or identified natural person”:
For example, a simple operation of storing an IP address on your web server logs constitutes a situation in which you are processing a personal data of a user
It is basically done by any of these few steps:
Several GDPR enhancements are added by the WordPress core team to ensure that WordPress is GDPR compliant.This is perfectly true that due to the dynamic nature of various websites, there is no single plugin, platform or solution that can offer 100% GDPR compliance. The WordPress GDPR Compliance process depends on the type of website, the data you store, and how you process data on your site.
Yes, WordPress 4.9.6, the WordPress core software is GDPR compliant.
WordPress, by default store the commenters name, email and website as a cookie on the user’s browser. This allows the users to leave comments on their favorite blogs because those fields were per-populated.
Due to the GDPR consent requirement, WordPress has added the comment consent checkbox. By this a user can leave a comment without checking this box. This means that they would have to manually enter their name, email, and website every time they leave a comment.
Update: Note that If your theme is not showing any of the comment privacy checkbox, then please make sure that you have updated to the WordPress 4.9.6 and are using the latest version of your theme. Please ensure that you are logged-out when testing to see if the checkbox is there.
WordPress offers its site owners to honor user’s request for exporting the personal data as well as remove their personal data. The data handling features can be found under the Tools menu inside WordPress admin.
Built-in privacy policy generator now comes in WordPress. This offers a pre-made privacy policy template and guide you in terms of what else to add, as of to be more transparent with users in terms of what data you store and how you handle their data. In WordPress 4.9.6, you can now designate a privacy page on your site and it will show on your login and registration pages.
Without any other thoughts, GDPR will impact everyone having web presence. While the new GDPR regulations were designed to protect the rights of EU citizens and that’s right you all will be affected. This is regardless of where the online activities will take place and where your business is established. If your website is processing or collecting data from the users, then you must follow the GDPR guidelines.
Quoting few of the examples:
You can probably take a clear watch on where you are going with this.
Webmasters have time until May 2018 to comply with the regulations set by the GDPR. The penalty for non compliance can be up to € 20 million, or in the case of an undertaking, up to 4% of the total worldwide annual turnover of the preceding financial year, whichever is higher.
There are various slabs of penalties according to the seriousness of the breach, which have been described in the FAQ section of the GDPR portal.
If you haven’t disconnected your online presence then there’s a definite chance that you have heard of WordPress GDPR Compliance or this new law passed for the individuals and businesses.
There are six main ways in which this will affect website owners:
Let’s discuss about various GDPR compliance tools in WordPress, in detail.
Contact forms, comment forms, newsletter signups etc: There should be transparency in collecting the information from the users. The personal data you collect from your them via a form will already be covered by data protection legislation, but GDPR will make it sure that you have to put few extra safeguards in place. The personal data covered by the legislation includes not only names and addresses of individuals but also photos, such as avatars and photos they upload.
When collecting data via any form on your site, you must provide the details of how you will use this data. This means a pop-up, redirection to another page on your site, or an email with the information. You should provide your users with details of how to contact you to get access to their information or in any case if they want to delete it.
Checklist:
Sales data: In case you sell something via your website, you are obviously gathering the personal information of your users. For this you will not only need their names, email ids, but also credit or debit cards too. So, if you gather emails when making sale on your website then add those email addresses to the mailing list and tell your users about this. Gain their specific consent for holding their data and using it in a way.
Checklist:
Analytics Data: If you want to go with the SEO and conversion optimization, you will collect analytics data to measure the overall performance. GDPR covers this data and most of the software won’t attempt to track the individuals. If you are planning to track the sales in your analytics software, so please be careful not to track the level of individual customers.
Checklist:
Few instructions to the website owners:
Discussing few instructions that should be followed by a website owner in order to secure it’s users data:
The main aim of making a WordPress site GDPR ready is to protect the user’s data. Now, maybe for any of the reason you’re probably all reading this blog post, but each site may provide you different steps. We can give you the suggestions to get on the right track, as well as additional things to be aware of.
There you go now and you can find several plugins that can help automate some aspects of GDPR compliance for you. However, there is no plugin that can offer 100% compliance due to the dynamic nature of different websites.These wordpress gdpr compliance plugins simply assists website owners to comply with European privacy regulations (GDPR).
E-Just keep yourselves updated and be aware of any WordPress plugin that fully claims to offer 100% GDPR compliance. They specifically don’t know what they’re talking about, and it’s best for you to avoid them completely.
Below is our list of recommended WordPress GDPR plugins:
The plugin will help you become GDPR compliant. This plugin will show a notice with Accept and Reject options. The cookie value is automatically set to ‘null’. If a user clicks on ‘accept’ the value will be ‘yes’ and if he/she clicks on ‘reject’ the value is set to ‘no’. Developers checks this value to set cookie. Admin can add cookie details from the backend.
The plugin assists its website owners to comply with the GDPR regulations. WP GDPR Compliance currently supports Contact Form 7 (>= 4.6), Gravity Forms (>= 1.9), WooCommerce (>= 2.5.0).
The plugin allows you to automatically add share buttons to the pages, posts, blog page and product sites. You can also use the plugin as a widget. The share button automatically sends data to the users. They don’t need to click on share button.
The plugin is designed to help you prepare your website for the GDPR regulations related to cookies but there is no assurance that it will make your site 100% GDPR compliance.This plugin is just a template and needs to be setup by your developer for the better work platform.
Cookiebot | GDPR Compliant Cookie Consent and Notice –
This plugin offer customizable consent banner to handle the user consents and give its users opt-in and opt-out of the categories. This is one of the easy way to allow the users to withdraw or change their consent.
One of the best tool to make your website GDPR compliant. Allows its users to track, manage and withdraw the consent. Also it is developer-friendly. Everything can be extended, every feature and template can be overridden.
The plugin uses WordPress Corer tools for the GDPR compliance. Offers few tools to handle the privacy user requests. The plugin allows website administrators to display Data Request Forms in frontend and also can be easily integrated.
GDPR Compliance for MailChimp –
This addon creates an additional section on the Easy Forms for MailChimp form builder. All MailChimp forms will have a checkbox above the submit button accompanied by text so that you can customize to confirm the user consents to their data being submitted.
A plugin that offers an easiest way to make your Gravity Forms GDPR-compliant. This adds new privacy features to Gravity Forms where your users can automatically download, submit or delete their form submission for the site admin.
A plugin that allows its users to enable or disable services that can store or track user’s data. Also allows users to remove emails from MailChimp, remove personal data from WordPress site and allows admin to delete particular data.
Limit Login Attempts Reloaded –
Reloaded version of the original Limit Login Attempts plugin for Login Protection by a team
GDPR –
assist a Controller, Data Processor, and Data Protection Officer (DPO) with efforts to meet the obligations and rights enacted under the GDPR.
WP GDPR –
Make your website GDPR compliant and automate the process of handling personal data while integrating.
?GDPR Infographic (PDF)
? Full text of the General Data Protection Regulation
? Preparing Your Organisation for the GDPR – A Guide for SMEs
?Personal Data Security Guidance for Micro enterprises under the GDPR
?Rules for businesses and organizations
?General Data Protection Regulation Fact sheet
?The GDPR: Opportunities & obligations
Final Words:
As of now, you must be aware of the fact that GDPR is a pretty big term that is going to impact your entire WordPress website and businesses showing online presence. If your website is not compliant, don’t panic. Keep you work going, work towards the compliance and get it done asap! This is in general that not meeting up to the standards of WordPress GDPR compliance guidelines can tax your pockets heavily.
*Note: We are not lawyers. Nothing on this website should be considered legal advice. Due to the dynamic nature of websites, no single plugin or platform can offer 100% legal compliance. When in doubt, it’s best to consult a specialist internet law attorney to determine if you are in compliance with all applicable laws for your jurisdictions and your use cases.
Read Other Interesting Posts: