GDPR no longer needs an introduction. It is omnipresent, from the many information evenings to the explanations on radio and TV. Everyone has an opinion about “GDPR”. This comes as no surprise because the impact of this regulation is difficult to underestimate.
Starting 25 May 2018 all companies that process personal data of EU citizens are obliged to be GDPR compliant, and personal data covers a broad spectrum! An IP address, cookies or Twitter feeds are also classified as personal data. The penalties for non-compliance with GDPR are very high. Reason enough to ensure that you take the necessary steps to make your website GDPR Ready. And we want to help you with this!
A lot of WordPress websites collect personal data through all kinds of forms and that’s exactly what this plugin wants to address.
On 1 February 2018 the new WP-GDPR plugin was released. The goal of this plugin is to make your WordPress website compliant with the new European Privacy Regulation that becomes enforceable on 25 May 2018.
When you want to store Personal data you need to have demonstrable permission from the person to collect his data and he needs to have the ability to
- view his stored data (15 GDPR – Right of access by the data subject)
- adapt (16 GDPRRight to rectification)
- request to delete (17 GDPRRight to erasure (‘right to be forgotten’)
- and transfer (20 GDPRRight to data portability) it.
Read the full regulation: https://gdpr-info.eu/
The open-source, core version of the plugin, handles the personal data saved through comments. It has following features:
- The administrator can edit or delete comments through the backend of the wp-gdpr plugin, where he has an overview of all requests.
- Two different views in the backend with data-requests and delete-requests.
- A complete list of the plugins that obtain personal data.
- It creates a page where users can request access to their personal data collected through the default WordPress comment-form.
- When a request is sent, the user will receive a mail with a unique URL on which he can view, edit and download his comments.
- Per comment, they can ask to delete his personal data. This request will trigger a mail to be sent to the admin (or dpo-email) who can decide whether to delete the comment or to make it anonymous.
- It adds a checkbox to the comment-form to ask permission to store the data.
- You can use the default text or implement your own.
While the team keeps developing new features for the core plugin, they also try to create integrations with existing plugins that obtain personal data. These are the current finished add-ons:
Gravity Forms is a widely popular premium form plugin that is used on many WordPress websites. Making an add-on to make all your Gravity Forms GDPR Ready was a no-brainer. The Gravity Forms add-on was released on February 16th 2018. Check it out here.
Contact Form DB 7
Contact Forms is probably the most used form plugin in WordPress because of its price: It’s free to use. One of the most popular add-ons for this plugin is CFDB7 which store your form entries in the database and thus collects personal data when you ask for an email address or a name. The CFDB7 add-on for WP-GDPR was released on February 26th of 2018. You can find the link here.
WooCommerce is the worlds most used e-commerce solution online. The plugin stores a lot of personal data and some of it is required by law to store. To make the WooCommerce plugin completely GDPR Ready and because of the requests, development has started on the add-on. It is targeted to be released somewhere in March 2018.
While its a very hard task to keep the core plugin updated and feature-rich, the team is doing their best to add the favourite plugins of their users. There is a dedicated add-on page on the website where users can request their own plugin integration or vote on existing requests. You can find the page here.
The team developing WP-GDPR are no lawyers by all means but are WordPress developers who followed courses for GDPR. They try their best to create an easy experience for users to make their website GDPR Ready. Once the core plugin is installed and configured though, you are well on your way to have your website GDPR Ready! They are also creating a tutorial page where tutorials are added to assist you.
More info about the plugin can be found on its official website https://wp-gdpr.eu