wordpress gdpr plugins

Top WordPress GDPR Compliance Plugins Compared

wordpress gdpr plugins

Introduction

The General Data Protection Regulation (GDPR) is the European Union’s law on the use of personal data. It protects the personal data of individuals by enforcing their rights to it. Every public sector that collects and processes the personal data of EU residents are under this law.
As of May 25th, 2018, businesses within and outside of the EU must be GDPR compliant. Any entity that collects the personal data of individuals within the EU are under the law. Data subjects have a right to how their data is processed.
Websites owners are responsible for the protection of users’ privacy. If a website is not compliant with the GDPR, it runs the risk of attracting a penalty of heavy fines. Websites built on the WordPress platform are by no means left out of it. The aim of this article is to show you how to make your website GDPR compliant.

 

Content:

  1. Privacy policy statement
  2. Cookie consent management
  3. How to make your WordPress website GDPR compliant
  4. 7 best WordPress GDPR plugins
  1. GDPR compliance solution from WordPress core

 

Privacy policy statement

As a business and website owner, you should make a list of the kind of personal data you collect from your client.
Your Privacy Policy should explain the data you collect. It should also state:
  • How you give users the right to information on the use of their personal data.
  • The measures your website should take to protect their data
  • How individuals should have access to update or delete their personal information

 

It is important to make your privacy policy statement available to users on your website.
The statement will inform users about your policy on their personal data. By including all required data usage information, you will show your compliance with the GDPR.

 

Cookies are small files that are downloaded to the user’s device while visiting a website. They are often used for website analytics, which means they target users’ personal information.
Cookies usually identify an individual. Thus, the workings of a cookie involve personal data and are subject to GDPR compliance.
Your cookie consent management should give users:
    • The options to accept or decline the cookie
  • Enough information on the benefits and privacy demands of the cookie.
  • The ability to opt-out of using previously accepted cookies.

 

How to make your WordPress website GDPR compliant

Above, we considered 2 primary GDPR considerations(Privacy Policy and Cookie Consent). In addition to these, here are other important aspects you should address:
  • Your plugins need to be GDPR complaint. If you have plugins that collect and process user data, you need to explain how they use data in the privacy policy. In addition, you should give users the option to opt out of having their data processed this way.
  • Limit data collection and ensure users agree before submitting data. Only collect the data you need. Also, put an agreement checkbox under each form with text like – “I have read and understood the privacy policy”.
  • Only send marketing emails to people who have given consent. If your email list contains people who haven’t opted in, it’s wise to remove them. Otherwise, you will be breaching GDPR laws.
You can make your WordPress site GDPR compliant by integrating GDPR compliance plugins. As a website owner, you have to select the most suitable GDPR plugins from the available ones. You should make this selection based on the data processing your website does.
A single plugin may not address all the rules of the data regulation law. But a combination of two or more can make your website compliant.
From here on, we will show seven of the best plugins to buy/download and install for GDPR.

 

7 Best WordPress GDPR plugins

We have gathered the best GDPR plugins that will enable you to make your site GDPR compliant. In addition, we provide a summary of their respective features. This will guide your decision on the ones that are most compatible with your site and privacy policy.

 

1. Total GDPR Compliance

Total GDPR Compliance

The Total GDPR Compliance plugin is built with the EU’s GDPR law in full consideration. The plugin has features that match all of the regulatory requirements. It is all EU GDPR compliance in one plugin.

 

Best features of Total GDPR Compliance:
  1. It has more than 30 cookie templates. As a result, it offers more options for cookie notice display.
  2. It is responsive and is supported on mobile devices with various resolutions.
  3. There is a button that allows a user to accept the website’s privacy policy.
  4. The plugin gives users the right to request for saved personal data via email
  5. A link is provided for users to see the privacy policy of the website.

 

2. GDPR

GDPR Plugin

GDPR is a WordPress plugin made for site managers to enact GDPR compliance. Thus, it offers a general privacy policy page for tracking and logging consent to the site. Additionally, users may decide to give consent, or forgo using the site.
Also, cookie management on this plugin allows users to accept or opt out of cookies. Significantly, all consent given by users are logged for access and audit purposes. Further, users can request access to their stored data, as well as request that the data be erased.

 

Best features of GDPR
  1. GDPR keeps records of user data in an encrypted form, throughout the data’s life.
  2. When data bridge notifications are recorded, a batch email is sent to notify data subjects
  3. Data subjects have a right to access data using a button on the user interface. The action is verified with a double opt-in confirmation email.
  4. Users have a right to delete personal website data with a double opt-in confirmation email.
  5. Data subjects receive secret tokens for two-factor decryption and recovery of data

 

3. GDPR Framework

GDPR Framework

The GDPR framework gives you the information and tools needed for general GDPR compliance. Therefore, administrators do not have to deal with the complexities of GDPR law.  For instance, it generates a GDPR compatible privacy policy template to work with for your website.

 

Best features of the GDPR Framework
  1. There is a dedicated page for Data Subject Access Request. Further, you can allow both registered and unregistered users to view and delete data by enabling that page.
  2. Keeps track of, manages and withdraws user consent.
  3. It can automatically delete or hide the identity of users’ personal data.
  4. The GDPR Framework comes with a helpful installation wizard. This makes it easy for the user to start using the plugin.
  5. The plugin is documented and integrates with ClassiDocs. It also integrates with WooCommerce, Contact Form 7, Gravity Forms and Formidable Forms.

 

4. WordPress GDPR

WordPress GDPR

WordPress GDPR All-in-One plugin has all the features and tools to make your website GDPR compliant by itself. Significantly, it supports integration with third-party plugins. Such plugins include WooCommerce, Google Analytics, FaceBook Pixels, Mailster and Contact Form 7. It is fully compatible with WordPress Multilingual Plugin(WPML), WordPress 3.8.1 and PHP 5.6.

 

Best features of WordPress GDPR
  1. Request Data Archive and Data Rectification
  2. Digital Millennium Copyright Act (DMCA), Cookie Popup, and Media Credits.
  3. Privacy Policy Update Emails and Data Breach Notifications
  4. Contact Data Protection Officer and Forget me features
  5. Comprehensive Documentation and Newsletter Unsubscribe

 

5. Ultimate GDPR Compliance Toolkit

Ultimate GDPR

Ultimate GDPR Compliance Toolkit is a feature rich plugin that can make your WordPress website GDPR compliant by itself.
It offers exclusive user data protection right to users. For instance, you can add consent boxes for every form on the website. And the plugin blocks cookies until it gets user consent. Further, users have access to export their records. By filling out dedicated forms, they can export their data as text or JSON file and have them sent to their email.
In addition, user data can be encrypted and is stored using a unique identification name.

 

Best features of Ultimate GDPR Compliance Toolkit
  1. The plugin’s cookie scanner detects all cookies and blocks any unwanted ones.
  2. Ultimate Compliance Toolkit is compatible with a wide range of WordPress plugins and tools.
  3. The plugin has an auto-update functionality that takes care of all occurring updates.
  4. It enhances Google Analytics integration in a way that complies to GDPR
  5. There are over 15 different cookie notice skins and over 34 different cookie box styles.

 

6. WP GDPR Compliance

WP GDPR Compliance

WP GDPR Compliance enforces ‘absolute consent’ on the WordPress website by embedding tick boxes for that purpose. Significantly, it supports major plugins such as Contact Form 7, WooCommerce, and WordPress Comments. Thus, allowing users to agree with your terms and data policies across the site.

 

Best features of WP GDPR Compliance
  1. It gives visitors full control over the activities on the website by adding consents.
  2. Visitors have the right to access the website as anonymous users.
  3. It adds checkboxes to supported plugins for user consent.
  4. Users only gain access to data through encrypted user data records and a double opt-in email.
  5. It keeps a record of all consent for supported plugins.
  6. ‘Right to access’ through encrypted audit logs and double opt-in mail.

 

7. Delete Me

Delete Me plugin

Delete Me is a GDPR compliance plugin that enables WordPress users to delete their profile from the website.
When a user needs to delete their details, they confirm their credentials and can proceed to delete all user posts and comments.  Thereafter, it redirects the user to the landing page as evidence of successful data erasure.

 

Best features of Delete Me
  1. For a user to delete his account, the plugin shows a button that will require the user’s password for identity confirmation.
  2. There is an option to enable or disable the delete link on users’ “Your Profile” page.
  3. The administrator can select some roles on the platform that should have the privilege to delete themselves.
  4. Enable a feature known as “Network Wide” to delete a user from an entire multisite network. Otherwise, disable the feature to delete users from the current site only.
  5. Users can delete themselves from WordPress.

 

GDPR compliance solution from WordPress Team

 

The GDPR compliance team is refining and revising privacy tools and laws. Thus, the latest releases of WordPress core are not final.
As from recent releases of WordPress (4.9.6), you can find a GDPR compliance privacy feature, which is the privacy policy publication settings. WordPress support offers website owners a valuable guide on GDPR compliance.

 

Privacy Policy

The wordpress.com support team advised website owners to publish a transparent privacy policy statement. This should inform users how their data will used.
You may publish your privacy policy statement by logging in to your admin dashboard, then go to Settings >> Privacy.

 

Privacy Policy

As indicated in the image above, you have the option of creating a default page having the privacy policy. Otherwise, you can select it from an existing Page post.

 

Cookie Consent Banner

Users operating on all levels of the free WordPress.com plan have their cookie consent widget automatically enabled. For users with self-hosted wordpress.org websites, you may add the cookie consent banner to your website. You can do this by installing one of the major GDPR plugins we listed above.

 

GDPR compliance in third-party plugins

It is your responsibility as a site owner to ensure you install the right third-party plugins. Whatever it takes, the plugins you use should handle data in a GDPR compliant way. Ensure the plugins you use are transparent about their use of personal data.

 

Conclusion

In this article, we aimed at showing you how to make your WordPress website compliant with the GDPR law. We explained the GDPR law and how it operates.
Different websites have several reasons for collecting user data. As such, it may be difficult for a single plugin to offer a complete solution for your site. In the article, we have suggested to you the best 7 feature-rich WordPress GDPR plugins. Purchasing and installing them is a smart way to make your website comply with the GDPR law with a few clicks.
Disclaimer: This article does not constitute legal advice. You may wish to ensure that your business is in full compliance with GDPR regulations. In that case, you may decide to get legal advice.
For more step by step WordPress tutorials follow our WordPress blog.