Last updated - February 24, 2020
Generally GDPR guidelines can be confusing to WordPress and WooCommerce site owners. It is important to follow these guidelines if you are doing business with European Union citizens. A lot of WordPress WooCommerce site owners are probably wondering how to ensure GDPR compliance on their WordPress WooCommerce site. In this article, we will discuss a few strategies that will help you ensure GDPR compliance on your WordPress WooCommerce website.
Features to help you ensure GDPR compliance for WordPress
You need to ensure GDPR compliance if you are running a WordPress website or a WooCommerce store. The latest versions of WordPress come with a range of features to help you to comply to these requirements. Let us look at a few WordPress features that will help you ensure GDPR Compliance.
Comment cookie opt-in
When a user leaves a comment on your WordPress site, their name, email and website are stored by WordPress as a cookie. This will enable them to leave a comment easily next time without retyping their information. Now, GDPR requires to take consent from users before storing their information.
The latest versions of WordPress have an option to take the consent of users to store their information. On the Comment form, where users type a comment, there is a checkbox that requires them to give consent to save the details for the next time.
If you do not see this checkbox by default, you can enable it from Settings > Discussion on the WordPress admin panel.
If after enabling the opt-in form, you still can’t see it on the comment form, it might be an issue with the theme you are using. Try updating the theme and if it is still not working, you may have to contact their support team.
Export or Erase Personal Data
WordPress offers options to export or erase personal data based on your user’s request. As a site owner, you will be comply to such request from users with the help of these features. Under ‘Tools’, you can find two options ‘Export Personal Data’ and ‘Erase Personal Data’.
Based on the user request, you can quickly export or erase their data after an email verification step.
Please read our article on WooCommerce features that will help you with GDPR compliance for more information.
Cookie disclosure and acceptance notice
The plugin offers several options to customize the cookie notice and you can even animate the message box after the cookie is accepted. It is SEO friendly and compatible to WPML.
Enable easy request for personal data
With GDPR, you should allow your users to easily access the personal data that is collected and stored on your site. They should be able to do this easily if they want to request you for an export file or erasure. Now, how will you implement this? Are you going to handle all such requests through your email id? A better way would be to integrate a contact form to handle all the users’ personal data related requests. Some of the popular contact form plugins like Ninja Forms have already incorporated specific templates for such requests.
Prompt alerts on policy updates and data breach
One of the other important requirements of GDPR is to promptly inform users about any policy updates or data breaches. This is particularly important if you are collecting and storing customer information on your site. GDPR compliance plugins can help you with automatic notifications in these cases. Here is a plugin that you can use for this:
The plugin assists you in multiple ways to comply with GDPR. It will help you add GDPR consent field to some of the plugins that you may be using. With this plugin, you will also find features like encrypted audit logs and double opt-in mail. Another important feature is to make user data anonymous on request.
Hope you got a basic understanding on how to ensure GDPR compliance on your WordPress and WooCommerce site. Leave us a comment if you have a query.