You may already be aware of a new EU regulation, the GDPR (General Data Protection Regulation), that came into effect last week. This legislation applies to any website that deals with personal information of EU users. It gives the user the right to control the flow of their personal information, & there are fines in place for non-compliance.
All website owners should take the following steps to ensure that their website is GDPR compliant:
1) If you don’t already have one, you will need to create a Privacy Policy and post it on your website with details of the data you process and hold, what you do with it, whether you share it, how people can access their data and how they can delete it or have it deleted. The latest release of WordPress 4.9.6 has some new functionality built into the core that can help you do this: https://wordpress.org/news/2018/05/wordpress-4-9-6-privacy-and-maintenance-release
2) If your website uses contact forms they may need to be updated for compliance. This can be achieved by adding a *required checkbox to any form that needs to be compliant, to ensure that users are agreeing to your Privacy Policy.
3) If your site uses WooCommerce it will need to be updated for compliance. This can be achieved by adding a new paragraph to your Terms and Conditions page that links through to your Privacy Policy page.
4) If your site uses Membership registration it will need to be updated for compliance. This can be achieved by adding a *required checkbox field to the account registration form, to ensure that users are agreeing to your Privacy Policy.
5) If your website has comments enabled it will need to be updated for compliance. This can be achieved by adding a Privacy Policy checkbox to the comments form.
6) If you don’t already have an SSL certificate installed on your site, you likely need to address this for GDPR.
7) If your website allows people to sign up for a newsletter, the signup forms will need to be updated for compliance – even if it just redirects visitors to forms hosted on another site (eg. MailChimp).
8) If your site has any embedded 3rd-party website content or social media integration you may need to re-configure this to improve your GDPR compliance.
The following article has some great information on the GDPR, and how to make your WordPress website compliant: https://businessbloomer.com/how-to-make-a-woocommerce-website-gdpr-compliant-12-steps. If we developed your website and you have any questions about GDPR compliance, please contact us.
Recent Comments