The General Data Protection Regulation (GDPR) came into effect on May 25, 2018. The new law targets how businesses and the public sectors handle the information of 750 million European citizens. It is very crucial that you make your WordPress website GDPR compliant even if you’re not based on the EU. A typical WordPress site may collect user’s personal information in a number of ways and one of those is by adding forms on their website. The forms in websites collect personal information and you might want to ensure that the forms on your website are in compliance with the GDPR. So, today, we will learn how you can create GDPR compliant forms in WordPress.
But before we dive into the tutorial, one must know about the requirements in order to create GDPR compliant forms. You must ask users to give explicit consent for storing and using their personal information, allow your users to request access to their own personal information stored on your website, and allow your users to request deletion of their data from your website.
Create GDPR Compliant Forms in WordPress
For the tutorial, we will use a WordPress plugin – WPForms. WPForms is easy to use and also comes with built-in GDPR enhancement features, such as 1-click GDPR Agreement field for your forms, GDPR compliant data retention best practices, and easy entry management system to quickly find, export, or delete user data upon request.
After installing and activating the WPForms plugin, visit WPForms > Settings page and scroll down to the GDPR section. Checkmark the box next to GDPR Enhancements option to turn on the GDPR related features in WPForms.
After enabling the option, you will be provided with two more settings option: Disable User Cookies and Disable User Details. The first one contains a random unique identifier that helps WPForms add features like related entries, form abandonment and geolocation. The second option will stop WPForms from storing user IP addresses and browser information. Both of the settings options are optional. Once you’ve customized the options, click on the Save Settings button.
To create a new GDPR compliant form in WordPress, head over to WPForms > Add New page from your admin dashboard. Here, you have to enter a title for your form and select a template. These templates are ready-made forms that you can use as a starting point. This will bring out the WPForms builder interface. There will be a form preview on the right column of your screen and the left one will include fields that you can add to your forms.
Among the options provided on the left column, you need to click on the ‘GDPR Agreement’ to add it to your form. Clicking the option will display the customization option in the GDPR Agreement. You can change the title of the form field, agreement text, and use the description box to add details and links to your privacy policy or terms & conditions pages.
Save your changes and close the form builder once you’re happy with your form.
Now that you’ve created a GDPR compliance form, adding the form to your posts and pages is quite easy. You can either create a new post/page or edit the existing one. There will be a button – Add Form on the post edit screen to add the form you just created. Click on the button and a pop up would appear where you have to select the form you created. Click on the ‘Add Form’ button and then you’d be provided with the form shortcode in your post editor.
And that is it, you can either preview or publish your post and visit your website to see the plugin in action. As mentioned above, although the GDPR law exists in the EU, its reach is global. Therefore, you need to make your website as well as forms GDPR compliant if you have users/clients from EU.
Have anything to ask, add or share? Feel free to drop your comments below.
Reference: WP Beginner