On 25th May 2018, a new European Union law called GDPR (The General Data Protection Regulation) came into effect. The law aims to give EU citizens control over their personal data and regulate the handling of user data by organizations.
Following the arrival of the GDPR, website owners around the world have been striving to make sure they comply with this new law. If your WordPress website is yet to comply with the GDPR requirements, keep reading. In this article, we’ll discuss some useful WordPress plugins that can assist you with GDPR compliance.
But before we move onto the plugins, let’s first look at how GDPR applies to WordPress sites and what the WordPress core software has done to be compliant.
How GDPR Applies To Your WordPress Site
Wondering how GDPR applies to your WordPress site?
Being the most popular CMS and publishing platform in the world, WordPress was bound to be largely affected by the GDPR.
If your website serves traffic from European Union countries, then the GDPR applies to you. It doesn’t matter whether you’re located in the European Union or you’re in any other country around the world.
The GDPR impacts WordPress website owners in several ways:
- WordPress sites collect user data under various scenarios, including contact forms, comments, and user registrations.
- Plugins and third-party software may collect and store personal user data
- Analytics, tracking and remarketing services such as Google Analytics and A/B testing solutions.
What Has WordPress Core Done About GDPR?
Starting with version 4.9.6, the core WordPress software is GDPR compliant. WordPress 4.9.6 introduced a number of tools related to data privacy. There’s a tool for users to request a copy of all the stored data associated with them and another for users to request deletion of that same data.
In Settings > Privacy, there’s an option to set/create your privacy policy page. Besides, the default WordPress comment form now shows a comment privacy opt-in checkbox. The above measures are enough to make a default WordPress blog GDPR friendly. However, if your site has additional themes, plugins, and other features, those will still need to be compliant.
To learn more about what the WordPress core team is doing, you can follow the GDPR compliance tag on the official Make WordPress Core website.
WordPress Plugins to Assist With GDPR Compliance
Without taking any more of your time, here are some awesome plugins to help you with GDPR compliance.
Please note, that just installing these plugins alone does not make your website fully compliant. Depending on the purpose of your site, you may still need to ensure you have the necessary configurations in place or contact a GDPR consultant or law firm to help.
GDPR Cookie Consent – FREE
If your website uses cookies that could be used to identify visitors, the GDPR requires you to first obtain consent from the users before cookies are set.
The GDPR Cookie Consent plugin helps you with this. Once activated, it displays an Accept/Reject notice and will only load the listed cookies when a user gives consent. The plugin has a shortcode that lets you display a list of recorded cookies in your privacy policy page. Besides, this plugin is fully customizable, so you can make it match with your website’s style.
WordPress GDPR – $19
This premium plugin is an all-in-one WordPress GDPR solution. It packs a bunch of nifty features such as the ability for users to erase all their data stored on your website, data breach notifications, send user information by email, privacy policy updates via email to users, users must accept cookies, translation ready and integration with various other plugins.
WP GDPR Compliance – FREE
This plugin helps comply with GDPR by adding a GDPR checkbox to Contact Form 7, WooCommerce, WordPress Comments and Gravity Forms. Users are then required to check the checkbox before they can submit forms.
The plugin also makes it possible for users to request their data stored on your website and they can also request for deletion of that data.
Ultimate GDPR Compliance Toolkit for WordPress – $19
Created by Polish agency createIT, this premium plugin brings several features to help you meet GDPR requirements. It includes dedicated forms for users to access or request deletion of their stored data. It also supports cookie consents, consent boxes for various forms as well as data breach notifications.
Additionally, this plugin is compatible with other third-party tools such as WooCommerce, Google Analytics, Gravity forms, Mailchimp, Contact Form 7, Facebook Pixels and many others.
The GDPR Framework – FREE
Here’s another free plugin with easy-to-use tools to assist with GDPR compliance. The plugin is fully documented and it comes with an installation wizard to get you started faster. It includes tools to manage user consent and generate a GDPR-compatible privacy policy template. You can also allow users and visitors to view, export and delete their stored data.
Furthermore, the plugin’s team, in collaboration with a top European law agency, have created a WordPress site owner’s guide to GDPR that includes detailed instructions on how to make your site GDPR compliant.
WP GDPR Compliance Suite WordPress – $19
This plugin includes over 15 modules to assist with GDPR compliance. Main features include privacy policy and terms & conditions consent, data breach notifications, cookie consent and the ability for users to access, modify and erase their personal data.
Also, the plugin comes with translation files and it’s compatible with a wide range of tools such as WooCommerce, WPML, Contact form 7, MailChimp, Facebook Pixels and Google Analytics.
GDPR – FREE
According to its description, this plugin was created to help a Controller, Data Processor, and Data Protection Officer (DPO) meet the requirements of the GDPR. Once activated, the plugin requires you to set a privacy policy page, which users will have to consent to before being logged in.
The plugin also includes features like data breach notifications, cookie management, right to access and erasure requests as well as audit logs. Another cool feature of this plugin is the Telemetry Tracker that shows you which data is being sent to outside servers by plugins, themes or WordPress core.
Conclusion
The GDPR is here to stay. Whether you’re based in the European Union or not, you need to comply so as to avoid running into any unwanted legal issues. Hopefully, the above plugins will make it easy for you to meet the GDPR requirements.
What steps have you taken to make your WordPress installation GDPR compliant?