Home
GDPR in WordPress Regulation application guide!

GDPR in WordPress Regulation application guide!

No Comments Entrepreneurialism

Hosting Mautic QuickStart -50% with support in Spanish
24 hours and free training

Send up to 1,000,000 emails/year. Mautic support in Spanish 24 hours, 365 days

I was already ahead of you a few days ago, talking about the news in WordPress 4.9.6, about the native implementation of RGPD in WordPress to comply with the newly released European standard for the control and management of user, customer and visitor data on your website.

Now it’s time to get to work and configure your WordPress installation to comply with the General Data Protection Regulation mandatory for websites hosted on servers in Europe.

It is possible that if you are reading this article you have not yet applied the necessary changes for your site to comply with this standard, but you must be aware that the fines will be important in this regard, we are talking about sanctions ranging from €10,000,000 to €20,000,000 for websites that do not comply with this directive. You are ready?

This article is not about the legal aspects surrounding the GDPR but only its basic application in WordPress. For more advanced issues you should consult your manager on these matters.

GDPR in WordPress

The RGPD applies to any person, administrator or company that manages personal data of users either manually or in an automated way, even if it is only to serve them to third parties.

If your website managed with WordPress uses contact, registration, comment, newsletter subscription forms, or in any way (through specific cookies) captures user data, you must implement the necessary measures so that the website complies with this normative.

This article is not about how the RGPD works or its legal scope, but how you can make WordPress respect this standard and that the data of those who visit your site are properly protected.

WordPress 4.9.6 introduced features that are normally intended for “older versions” but atypically and so that WordPress installations were not exempt from complying with the standard, it introduced functions for data control and its adaptation to the RGPD.

What does WordPress 4.9.6 add regarding the RGPD?

  • It incorporates a functionality so that anonymous users who post comments can choose whether or not to save their information in a cookie.
  • It has tools so that a Privacy Policy page can be created.
  • Improves handling of user data so that website administrators can export or delete a user’s data at their request.
See also  What are 200 response codes? -

Plugin to configure GDPR

I must tell you that before writing this article, long before GDPR was incorporated into WordPress 4.9.6, I was already testing each and every one of the plugins that were emerging to apply GDPR on a WordPress website.

With this I want to tell you that there are already a few plugins for GDPR! and as time goes by, new versions will emerge, variations of versions that are possibly better than the one I suggest in this article.

In the end, what it is about is that you apply the new regulation and that you avoid claims or sanctions, and for this you can do it manually or using plugins, you decide, but if you want to start with one, I propose the plugin clickGDPR data o “RGPD / LOPD Adaptation” of clickDatos, which is in Spanish and is quite simple to apply and meets the requirements demanded by the EU in terms of data protection.

Click on the image to go to the plugin link

This plugin makes your WordPress meet the requirements of the General Data Protection Regulation.

Plugin Features:

  • It facilitates the management of user consent through a checkbox.
  • Configure the Privacy Policy page for cookies with notices if they do not exist.
  • Add data protection clauses to all forms made with the Contact Form 7 plugin.
  • Add a Cookies Policy warning banner with an acceptance button.
  • It has a form search engine and a selection of legal clauses.
  • Show notice of page without SSL (https).

What notice is shown on the dashboard with the plugin active if your website does not have SSL installed and active?

SSL is not activated on your website. Thanks to this protocol, sensitive information cannot be used by an attacker who has managed to intercept the data transfer of the connection.

It is evident that you must pay important attention to the installation of an SSL Certificate. Keep in mind that as of July 2018, Google will show by default as “insecure sites” those that do not use SSL (https) as the default protocol.

Users can choose whether or not the cookies used on the site are available.

There are 3 cookie formats that can be created and they include:

  • Permanently active: Cookies always active, necessary for the website to work.
  • Switch: Cookies can be enabled or blocked based on user preferences.
  • Via acceptance link: Cookies that require configuration by third parties to accept them.
See also  Email read confirmation

Summarizing: What exactly does the clickData GDPR plugin do on the web?

  • Create the Legal Notice, Cookies Policy and Privacy Policy pages with the data that is filled in the LOPD form for forms.
  • Insert a Cookies Policy notice or banner with different customization possibilities and placement in the header, footer, right or left.
  • Insert the data protection clauses in the forms made with the Contact Form 7 plugin.

Basically with these aspects you can already take into account that your website complies with the RGPD, although you should also pay attention to the wording of the Privacy and Cookies Policy and adapt your texts, if you had already created them, to the new regulations. included in the regulation.

The plugin installation is like any other, and you can do it from the WordPress dashboard, Plugins, Add new, look for it by “GDPR / LOPD Adaptation”you install it and activate it.

One of the configurations that the plugin has is the Cookies Policy notice or banner, which if you did not have it active on your website (it is mandatory since 2014) is the ideal time to do so.

The configuration that is suggested for this notice is shown in the following screenshot.

Click on image to enlarge

With this setting applied, when a new visitor passes through your website they will see the following notice at the bottom of the page.

Click on image to enlarge

You can also activate the checkbox for acceptance of clauses in the section Forms of the plugin being able to activate/deactivate the following options:

  • Enable information treatment clause.
  • Enable clause for people over 18 years of age.
  • Enable clause to collect information for commercial purposes.

Click on image to enlarge

In section pages of the plugin you can add the legal data of your company name (personal or business) and add them in the available form so that later, when saving changes, they are applied in the corresponding pages.

Click on image to enlarge

Installation and configuration video

I tell you the details of use and configuration of the plugin in the following video so that you can follow the process from scratch and apply it to your WordPress website.


If you additionally need to inform your registered users that you have applied changes in the Privacy and Cookies Policies to adapt your website to the RGPD, you can use the plugin WP Email Users to send an email to your users notifying them of the changes.

See also  Remove spammers or inactive users in WordPress

BONUS: Cookie Addon for Google Chrome

One of the things that the plugin mentioned in this article allows you to do is manage the legal text for the Cookies Policy.

Cookies found by website visitors always raise doubts. Its correct management is necessary to comply with the RGPD.

Well, in order to know what cookies your website collects and thus cite them in your legal text, you can use the following addon for Google Chrome.

With this Chrome extension you can see which cookies you generate and you can know which ones to include in your legal texts of the Cookies Law affected by the new RGPD.

Useful to know which cookies are really the ones you collect directly or through third-party scripts or plugins.

Conclusions

The arrival of the new General Data Protection Regulationapplicable to any website that operates in Europe or is hosted on a geolocated server in the EU, makes it necessary to add features to WordPress so that your readers, buyers or visitors can exercise their rights over the data and communications they maintain with your site. .

If you use other CMS besides WordPress to manage your web projects, we have other guides that may interest you:

Applying the RGPD in WordPress is relatively simple, since through plugins or manually you can apply it in a few minutes.

Another issue is that you also have to analyze what type of data you collect, what scope and level of privacy that data has to know what level of application of the regulation you should apply. Ultimately, remember that it is always good to consult your Legal Advisor on these types of issues that are beyond the scope of this article.

Help us improve our content by sharing your opinion

Member of the technical support team.
Coordinator of contents in the Blog and in Youtube.
Technical support in CyberProtector. Teacher at University

Related posts:

  1. Configure the file upload size in PrestaShop
  2. numbers appear instead of images or signs
  3. K2 tab with tabs
  4. Put transparent background on blog posts.

Related Posts

Loading Facebook Comments ...
Loading Disqus Comments ...