From May 25, 2018, the GDPR (General Data Protection Regulation) has been made mandatory for (a) websites based in the European Union or EU and (b) websites from around the globe who receive visitors from the EU. The GDPR has laid down certain guidelines to be followed, failing which steep penalties and fines are levied. As a website owner, it is important to comply with these norms to avoid attracting any penalty/fine and make your customer feel safe. While we usually recommend site owners to talk to a lawyer or a GDPR-professional for ensuring compliance with the regulations. Here is a quick to-do list that can help you make your WordPress website GDPR compliant.
Check your WordPress version – It should be 4.9.6 or higher
To help WP users, the developers released version 4.9.6 of WordPress which added some important features ensuring GDPR compliance:
- An opt-in for comments cookies
- Options to export and erase personal data (available under tools on your dashboard)
As a WordPress user, you might be already aware of the importance of keeping the core, plugins, and themes updated at all times. If your business is not leaving you with enough time to install these updates when they are released, then you might want to consider a WP Hosting plan offering automatic WordPress updates.
Option to add or delete personal information
You have to provide the users with an option to add or delete their personal information stored with you. A contact form can be created to receive such requests from users.
Notify users about updates in policy or incidents of data breach
If your website has user accounts or sends newsletters, then you are mandated to inform users of any changes in policy. Further, you have to notify the users of any data breach incidents.
These tips can help you make your WP website GDPR compliant to a great extent. However, you must remember that every website needs to take different steps to ensure compliance. Hence, talking to a lawyer or a professional can ensure that you don’t overlook any regulation. The online community expects your website to ensure the security and privacy of their data. Get your website GDPR-compliant and live up to the trust endowed upon you by your customers.