Wondering “hot to make WordPress website GDPR compliant?” Here are the best WordPress GDPR compliance plugins – GDPR cookie consent WordPress plugin and GDPR privacy policy WordPress plugin – for your use.
Make WordPress Website GDPR Compliant
You can follow WordPress GDPR Recommendations to make WordPress website GDPR compliant. The General Data Protection Regulation (GDPR) is a regulation in EU law on data protection and privacy in the European Union (EU) and the European Economic Area (EEA).
GDPR addresses the transfer of personal data outside the EU and EEA areas. The GDPR’s primary aim is to give control to individuals over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU.
As per the the regulation, data controllers must clearly disclose any data collection and declare the purpose for data processing. They must also state how long data is being retained and if it is being shared with any third parties or outside of the EEA.
Data subjects have the right to request a portable copy of the data collected by a controller in a common format, and the right to have their data erased under certain circumstances.
The purpose of the GDPR is to encourage site owners to be thoughtful about the personal data they collect and how they use that data. Some of the steps you can take as a site owner are to:
- Publish a Privacy Policy: Your Privacy Policy should let your users know what data your site is collecting about them, how they are being tracked and their options for opting out, and provide information on the best way to contact you.
- Provide Site’s Visitors to Access/Delete their Data: You must tell people what personal data you have collected about them when they ask, and that you delete that data upon request. The easiest way to implement this requirement is to provide some way for your site’s users to contact you with these requests, either via a contact form, an email address you include in your Privacy Policy, or even just through comments left on your site.
- Enable the Cookies & Consent Widget
- Install Third Party Plugins That are GDPR Ready
- Must Seek Permission before Sharing the Personal Data of your Site’s Visitors
Best GDPR WordPress Plugins
One of the easiest and effective way to make WordPress website GDPR compliant is to install third party plugins that are GDPR ready. These plugins make sure that the website is handling data in a way that is in line with the GDPR.
Here are 5 best WordPress plugins to make a website GDPR compliant:
- GDPR Cookie Consent (CCPA Ready)
- Cookie Notice for GDPR & CCPA
- WP GDPR Compliance
- Complianz – GDPR/CCPA Cookie Consent
- GDPR Cookie Compliance (CCPA, PIPEDA ready)
Let us learn about these plugins in detail:
1. GDPR Cookie Consent (CCPA Ready)
Download: https://wordpress.org/plugins/cookie-law-info/
The GDPR Cookie Consent plugin will assist you in making your website GDPR compliant. It also support for cookie compliance in accordance with The California Consumer Privacy Act (CCPA) which is a state statute intended to enhance privacy rights and consumer protection for residents of California. The plugin comes with a host of features some of which are listed below.
The plugin will enable a notice with Accept and Reject options. The cookies are not rendered by default and only upon user consent. (The cookie value will be set to ‘null’ by default; it takes a value ‘yes’ when the user clicks ‘Accept’ and ‘no’ upon ‘Reject’. Your developer can check this value to set a cookie accordingly.)
It also has a Cookie Audit module so you can easily show what cookies your site uses and display them neatly in a table on your Privacy & Cookies Policy page. The plugin can be configured to have a CCPA ‘Do Not Sell My Personal Information’ control to the cookie notice.
This plugin adds a subtle cookie banner to your website either in the header or footer so you can show your compliance status regarding the new GDPR law.
2. Cookie Notice for GDPR & CCPA
Download: https://wordpress.org/plugins/cookie-notice/
Cookie Notice allows you to elegantly inform users that your site uses cookies and helps you comply with the EU GDPR cookie law and CCPA regulations. The plugin comes with multiple features such as customizable message, redirects users to specified page for more information, multiple cookie expiry options, link to privacy policy page, WordPress privacy policy page synchronization and option to accept the notice on scroll.
3. WP GDPR Compliance
Download: https://wordpress.org/plugins/wp-GDPR-compliance/
This plugin assists website and webshop owners to comply with European privacy regulations known as GDPR. Activating this plugin does not guarantee your site fully complies with GDPR.
It has many effective features, such as add Consents and give your visitors full control, keeping a consent log for supported plugins, adding checkboxes to supported plugins for explicit visitor consent and “right to acces” through encrypted audit logs and “right to be forgotten” by anonymising user data.
WP GDPR Compliance supports Contact Form 7 (>= 4.6), Gravity Forms (>= 1.9), WooCommerce (>= 2.5.0) and WordPress Comments.
4. Complianz – GDPR/CCPA Cookie Consent
Download: https://wordpress.org/plugins/complianz-GDPR/
Complianz is a GDPR/CCPA Cookie Consent plugin that supports GDPR, DSGVO, CCPA and PIPEDA with a conditional Cookie Notice and customized Cookie Policy based on the results of the built-in Cookie Scan.
The plugin can configure a Cookie Notice for your specific region: European Union, United Kingdom, United States or Canada. Or use one Cookie Notice worldwide. It can also configure specific cookie consent per subregion, for example: European Union + DSGVO or USA + CCPA, with cookie consent and conditional cookie notice with custom CSS and customizable templates.
It gives you the proof of consent; user consent registration that respects the GDPR data minimization guideline and it can automatically detect if you need a Cookie Notice (also called a Cookie Banner or Pop-Up). It also features Do Not Sell My Personal Information (DNSMPI) Page for CCPA – if required.
5. GDPR Cookie Compliance (CCPA, PIPEDA ready)
Download: https://wordpress.org/plugins/GDPR-cookie-compliance/
The plugin can be very helpful to prepare your website for cookie compliance related to GDPR, PIPEDA, CCPA, LGPD, AAP, cookie law and consent notice requirements.
The plugin is optimised for WCAG/ADA compliance and give the users full control over cookies stored on their computer, including the ability for users to revoke their consent. It cana lso set the position of the Cookie Consent Banner: at the top or bottom of the pages and includes both ‘Accept’ and ‘Reject’ buttons. It has its own consent expiration settings and includes link to Privacy Policy page.
The plugin is especially useful in preparing your site for the following cookie law, data protection and privacy regulations:
- GDPR: The General Data Protection Regulation (European Union)
- PIPEDA: The Personal Information Protection and Electronic Documents Act (Canada)
- CCPA: The California Consumer Privacy Act (California, United States)
- AAP: Australia’s Privacy Principles (Australia)
- LGPD: The Brazilian General Data Protection Law (Brazil)
- DSGVO, CNIL, PECR, DPA and other cookie law, data and privacy regulations
NOTE: The GDPR is a regulation, not a directive, it is directly binding and applicable, but does provide flexibility for certain aspects of the regulation to be adjusted by individual member states.