wordpress gdpr plugins

Top WordPress GDPR Compliance Plugins Compared

wordpress gdpr plugins
To better understand what WordPress GDPR Compliance Plugin is and why it is important, firstly, let us explain what GDPR is. The General Data Protection Regulation (GDPR) is the European Union’s law on the use of personal data. It protects the personal data of individuals by enforcing their rights to it. Every public sector that collects and processes the personal data of EU residents are under this law.

As of May 25th, 2018, businesses within and outside of the EU must be GDPR compliant. Any entity that collects the personal data of individuals within the EU are under the law. Data subjects have a right to how their data is processed.
Important to realize, websites owners are responsible for the protection of users’ privacy. If a website is not compliant with the GDPR, it runs the risk of attracting a penalty of heavy fines. Websites built on the WordPress platform are by no means left out of it. The aim of this article is to show you how to make your website GDPR compliant.

Content:

  1. Privacy policy statement
  2. Cookie consent management
  3. How to make your WP website GDPR compliant
  4. 7 best WP GDPR plugins
  1. GDPR compliance solution from WP core

Privacy policy statement

As a business and website owner, you should make a list of the kind of personal data you collect from your client.
Your Privacy Policy should indeed explain the data you collect. It should also state:

  • How you give users the right to information on the use of their personal data.
  • The measures your website should take to protect their data.
  • How individuals should have access to update or delete their personal information.

It is important to make your privacy policy statement available to users on your website.
The statement will inform users about your policy on their personal data. By adding all needed data usage information, you will show your compliance with the GDPR.

Cookies are small files that are downloaded to the user’s device while visiting a website. They are often used for website analytics, which means they target users’ personal information.
Cookies usually identify an individual. Thus, the workings of a cookie involve personal data and are subject to GDPR compliance.
Your cookie consent management should give users:

  • The options to accept or decline the cookie
  • Lots of information on the benefits and privacy demands of the cookie.
  • The power to opt-out of using previously accepted cookies.

How to make your WordPress website GDPR compliant

Above, we looked at 2 primary GDPR considerations (Privacy Policy and Cookie Consent). In addition to these, here are other important aspects you should address:

  • Your plugins need to be GDPR complaint. If you have plugins that collect and process user data, you need to explain how they use data in the privacy policy. In addition, you should give users the option to opt out of having their data processed this way.
  • Limit data collection and ensure users agree before submitting data. Only collect the data you need. Also, put an agreement checkbox under each form with text like – “I have read and understood the privacy policy“.
  • Only send marketing emails to people who have given consent. If your email list contains people who haven’t opted in, it’s wise to remove them. Otherwise, you will be breaching GDPR laws.

You can surely make your WordPress site GDPR compliant by integrating GDPR compliance plugins. As a website owner, you have to select the most fitting GDPR plugins from the available ones. You should make this selection based on the data processing your website does.
A single plugin may not address all the rules of the data regulation law. But a combination of two or more can make your website compliant.
From here on, we will show you seven of the best plugins to buy/download and install for GDPR.

7 Best WordPress GDPR plugins

We have gathered the best GDPR plugins that will enable you to make your site GDPR compliant. In addition, we  will give a summary of their various features. This will guide your decision on the ones that are most compatible with your site and privacy policy.

1. Total GDPR Compliance

Total GDPR Compliance
The Total GDPR Compliance plugin is built with the EU’s GDPR law in full consideration. The plugin has features that match all of the regulatory demands. It is all EU GDPR compliance in one plugin.

Best features of Total GDPR Compliance:

  1. It has more than 30 cookie templates. As a result, it offers more options for cookie notice display.
  2. It is responsive and is supported on mobile devices with various resolutions.
  3. There is a button that allows a user to accept the website’s privacy policy.
  4. The plugin gives users the right to request for saved personal data via email
  5. A link is provided for users to see the privacy policy of the website.

2. GDPR

Plugin

GDPR is a WordPress plugin made for site managers to enact GDPR compliance. Thus, it offers a general privacy policy page for tracking and logging consent to the site. In addition, users may decide to give consent, or forgo using the site.
Also, cookie management on this plugin allows users to accept or opt out of cookies. Notably, all consent given by users are logged for access and audit purposes. Further, users can request access to their stored data, as well as request that the data be erased.

Best features of GDPR

  1. GDPR keeps records of user data in an encrypted form, throughout the data’s life.
  2. When data bridge notifications are recorded, a batch email is sent to notify data subjects.
  3. Data subjects have a right to access data using a button on the user interface. The action is verified with a double opt-in confirmation email.
  4. Users have a right to delete personal website data with a double opt-in confirmation email.
  5. Data subjects receive secret tokens for two-factor decryption and recovery of data

3. GDPR Framework

Framework

The GDPR framework gives you the information and tools needed for general GDPR compliance. Therefore, administrators do not have to deal with the complexities of GDPR law.  For instance, it generates a GDPR compatible privacy policy template to work with for your website.

Best features of the GDPR Framework

  1. There is an assigned page for Data Subject Access Request. Further, you can allow both registered and unregistered users to view and delete data by enabling that page.
  2. Keeps track of, manages and withdraws user consent.
  3. It can automatically delete or hide the identity of users’ personal data.
  4. The GDPR Framework comes with a helpful installation wizard. As a result, it makes it easy for the user to start using the plugin.
  5. The plugin is recorded and integrates with ClassiDocs. It also integrates with WooCommerce, Contact Form 7, Gravity Forms and Formidable Forms.

4. WordPress GDPR

WordPress GDPR

WordPress GDPR All-in-One plugin has all the features and tools to make your website GDPR compliant by itself. Significantly, it supports integration with third-party plugins. Such plugins include WooCommerce, Google Analytics, FaceBook Pixels, Mailster and Contact Form 7. It is fully compatible with WordPress Multilingual Plugin(WPML), WordPress 3.8.1 and PHP 5.6.

Best features of WordPress GDPR

  1. Request Data Archive and Data Rectification
  2. Digital Millennium Copyright Act (DMCA), Cookie Popup, and Media Credits.
  3. Privacy Policy Update Emails and Data Breach Notifications
  4. Contact Data Protection Officer and Forget me features
  5. Comprehensive Documentation and Newsletter Unsubscribe

5. Ultimate  WordPress GDPR Compliance Toolkit

Ultimate GDPR

Ultimate GDPR Compliance Toolkit is a feature rich plugin that can make your WordPress website GDPR compliant by itself.
It evidently offers exclusive user data protection right to users. For instance, you can add consent boxes for every form on the website. Also, plugin blocks cookies until it gets user consent. Further, users have access to export their records. By filling out dedicated forms, they can export their data as text or JSON file and have them sent to their email.
In addition, user data can be encrypted and is stored using a unique identification name.

Best features of Ultimate GDPR Compliance Toolkit

  1. The plugin’s cookie scanner detects all cookies and therefore blocks any unwanted ones.
  2. Ultimate Compliance Toolkit is in union with a wide range of WordPress plugins and tools.
  3. The plugin has an auto-update functionality that surely takes care of all occurring updates.
  4. It also enhances Google Analytics integration in a way that complies to GDPR.
  5. There are over 15 different cookie notice skins and over 34 different cookie box styles.

6. WP GDPR Compliance

WP GDPR Compliance

WP GDPR Compliance enforces ‘absolute consent’ on the WordPress website by setting tick boxes for that purpose. In addition, it supports major plugins such as Contact Form 7, WooCommerce, and WordPress Comments. Thus, it allows users to agree with your terms and data policies across the site.

Best features of WP GDPR Compliance

  1. It gives visitors full control over the activities on the website by adding consents.
  2. Visitors have the right to access the website as anonymous users.
  3. It adds checkboxes to supported plugins for user consent.
  4. Users only gain access to data through encrypted user data records and a double opt-in email.
  5. It keeps a record of all consent for supported plugins.
  6. ‘Right to access’ through encrypted audit logs and double opt-in mail.

7. Delete Me – WordPress GDPR Compliance Plugin

Delete Me plugin

Delete Me is a GDPR compliance plugin that enables WordPress users to delete their profile from the website.

When a user needs to delete their details, they confirm their credentials and can proceed to delete all user posts and comments.  Thereafter, it redirects the user to the landing page as proof of successful data erasure.

Best features of Delete Me

  1. For a user to delete his account, the plugin shows a button that will require the user’s password for identity confirmation.
  2. There is also an option to enable or disable the delete link on users’ “Your Profile” page.
  3. The administrator can select some roles on the platform that should have the privilege to delete themselves.
  4. Enable a feature known as “Network Wide” to delete a user from an entire multisite network. Otherwise, disable the feature to delete users from the current site only.
  5. Users can specifically delete themselves from WordPress.

GDPR compliance solution from WordPress Team

The GDPR compliance team is refining and revising privacy tools and laws, for one thing. Thus, the latest releases of WordPress core are not final.
As from releases of WordPress (4.9.6), you can find a GDPR compliance privacy feature, which is the privacy policy publication settings. Above all, WordPress support offers website owners a valuable guide on GDPR compliance.

Privacy Policy

The wordpress.com support team advises website owners to publish a transparent privacy policy statement. Surely, this should inform users how their data will be used.
You may publish your privacy policy statement by logging in to your admin dashboard, then go to Settings >> Privacy.
Privacy Policy

As shown in the image above, you surely have the option of creating a default page having the privacy policy. Otherwise, you can select it from an existing Page post.

Cookie Consent Banner

Users operating on all levels of the free WordPress.com plan have their cookie consent widget automatically enabled. On the other hand, users with self-hosted wordpress.org websites may add the cookie consent banner to your website. You can do this generally by installing one of the major GDPR plugins we listed above.

GDPR compliance in third-party plugins

It is your duty as a site owner to make sure you install the right third-party plugins. Whatever it takes, the plugins you use should handle data in a GDPR compliant way. In other words, ensure the plugins you use are transparent about their use of personal data.

Conclusion

In this article, we aimed at showing you how to make your WordPress website compliant with the GDPR law. In addition, we explained the GDPR law and how it operates.

Different websites clearly have lots of reasons for collecting user data. As a result, it may be hard for a single plugin to offer a complete solution for your site. On the other hand, we have clearly given you the best 7 feature-rich WordPress GDPR plugins. Buying and installing them is a smart way to make your website comply with the GDPR law with a few clicks.

Disclaimer: To clarify, this article does not constitute legal advice. You may wish to be sure that your business is in full compliance with GDPR regulations. Thus, you may decide to get legal advice.
For more step by step WordPress tutorials follow our WordPress blog.

More Resources: