GDPR Solution For Your WordPress Site
GDPR Solution For Your WordPress Site
You may be wondering, “what is General Data Protection Regulation [GDPR] and do I need it?” and also how it will affect your WordPress website. Sozo Hosting is happy to offer you a GDPR Solution for your WordPress site.
This article will introduce you to GDPR and how to use it but it is our recommendation that you seek professional legal advice in regards to GDPR compliance for your particular website(s).
What Is GDPR And Do I Need It?
As of May 25, 2018 any website that is not compliant with GDPR’s requirement could face fines up to 4% of your company’s annual revenue or €20 million (whichever is greater). That being said, it is important that you know that before you are fined, you will first receive a warning, then next will be reprimand, following that will be a suspension of data processing and then finally fines if you continue to violate the GDPR requirements law.
Why GDPR All Of A Sudden?
Many of you are probably wondering why all of these legal regulations after all of these years of online websites? The reason is actually for your benefit and others… For years, many companies have been recklessly handling your private data and your personal information has been taken from those who have been breaching websites that store your personal data and it’s continuing to happen more and more and is way out of control.
These laws were set up mostly for large companies such as Amazon, Facebook, Google and others to force them to take your personal privacy more seriously.
What Are The GDPR Requirement?
The full GDPR regulation is 200 pages long so rather than reposting the full law text we have given you a link here: https://gdpr-info.eu/
Here are the main items that you will need to consider:
Explicit Consent – if you’re collecting personal data from an EU resident, then you must obtain explicit consent that’s specific and unambiguous. In other words, you can’t just send unsolicited emails to people who gave you their business card or filled out your website contact form because they DID NOT opt-in for your marketing newsletter – this is called SPAM and is considered illegal. For it to be considered explicit consent, you must require a positive opt-in (i.e no pre-ticked checkbox), contain clear wording (no legalese), and be separate from other terms & conditions.
Rights to Data – you must inform individuals where, why, and how their data is processed / stored. An individual has the right to download their personal data and an individual also has the right to be forgotten meaning they can ask for their data to be deleted.
This will make sure that when you hit Unsubscribe or ask companies to delete your profile, then they actually do that.
Breach Notification – organizations must report certain types of data breaches to relevant authorities within 72 hours, unless the breach is considered harmless and poses no risk to individual data. However if a breach is high-risk, then the company MUST also inform individuals who’re impacted right away.
Data Protection Officers – if you are a public company or process large amounts of personal information, then you must appoint a data protection officer. Again this is not required for small businesses so be sure to consult an attorney if you are unsure.
How Do I Make My WordPress Site GDPR Compliant?
There are several steps involved to making your WordPress site GDPR compliant, but the first thing to do is make sure you have updated your WordPress system to 4.9.6, then after you have done that, update all of your plugins.
Now that everything is up to date, you need to purge any private data that you may have gathered prior to this article. WordPress 4.9.6 has added some new tools to help you with your compliance and under the “Tools” menu item you will find an “Export Personal Data” link that will allow you to save all data that you currently have to your computer and you will also see a new “Erase Personal Data” link which will enable you to easily remove any stored data.
Most of your plugin providers will have updates that include their own GDPR compliant fixes but you can go the extra mile and download a ” GDPR Cookie Consent” plugin that will ensure that your visitors know that your WordPress website stores cookies [which is does if you are using Google Analytics on your site].
WooCommerce / Ecommerce
The WooCommerce team has prepared a comprehensive guide for store owners to help them be GDPR compliant.
WordPress Plugins for GDPR Compliance
There are many WordPress plugins that can help automate some aspects of GDPR compliance for your WordPress website, but keep in mind that no plugin can offer 100% compliance due to the ever-changing nature of these types of websites. And beware of any WordPress plugin that claims to offer 100% GDPR compliance because that is not possible.
Here is a list of a few more WordPress plugins for automating GDPR compliance:
- MonsterInsights– if you’re using Google Analytics, then you should use their EU compliance add-on.
- WPForms– by far the most user-friendly WordPress contact form plugin. They offer GDPR fields and other features.
- Cookies Notice– popular free plugin to add an EU cookie notice. Integrates well with top plugins like MonsterInsights and others.
- Delete Me– free plugin that allow users to automatically delete their profile on your site.
- OptinMonster– advanced lead generation software that offers clever targeting features to boost conversions while being GDPR compliant.
- Shared Counts– instead of loading the default share buttons which add tracking cookies, this plugin load static share buttons while displaying share counts.
The final step to GDPR is to ensure that your hosting provider has the utmost security measures in place. Even if you take all of these steps listed above, there’s no way to ensure that all data collected by your website is safe so you need to know that your hosting provider has the best security in place to keep data thieves out of your site.
Sozo Hosting provides WordPress hosting and a portfolio of security offerings to help businesses mitigate these internet security threats. Sozo’s portfolio of security offerings include virtual private networks (VPN), cleaning infected websites, a web application firewall (WAF) and intrusion prevention system (IPS), a content distribution network (CDN) to manage traffic and optimize performance, real-time DDoS mitigation, and continuous monitoring.
How Can We Help
We can give your website a Face Lift with a new WordPress design adding the GDPR Compliant plugin.
Sozo Hosting has been a leader in hosting solutions since 2001 and can assist you in your server needs. Whether you need a cloud server for your WordPress needs (see specials on this https://sozohosting.com/cloud-servers/linux-cloud-hosting/ link) or a shared WordPress hosting plan (see specials on this https://sozohosting.com/wordpress-hosting/ link ), we are here to provide you Managed Hosting and Managed Services to fit your budget! Please click on this contact link https://sozohosting.com/contact-us/ for more information.