Note: This article contains general information and is not a substitute for professional legal advice. In all circumstances the best way to ensure GDPR compliance for your site is to consult legal counsel.
The GDPR, or General Data Protection Regulation, is a set of data collection regulations in the EU that require businesses to protect the personal data and online privacy of citizens (effective as of May 25, 2018).
The type of data that is protected by GDPR includes the following:
- Basic identity (name, address, ID numbers, etc.)
- Web data (location, IP address, etc.)
- Racial or ethnic data
- Health and genetic data
- Political opinions
- Sexual orientation
Further information about GDPR can be found by clicking here.
GDPR Requirements
Requirements under GDPR include the following:
- Secure explicit consent before collecting or storing user data
- Grant the user the right to access to or deletion of all data collected
- Report breach notifications to appropriate authorities within 72 hours (unless the breach is harmless to individual data)
- Appoint a data protection officer within your company (not required for small businesses)
Those who do not adhere to the regulations set forth in this policy will face significant legal liability and costly fines.
WS Form GDPR Features
WS Form can help make your forms and website GDPR-compliant.
Adding Consent Checkboxes
When you request information from a website visitor, GDPR requires that you provide opt-in (not opt-out) checkboxes that explain why you need the data you are requesting and what you will do with it, as well as checkboxes requesting consent for using the data provided.
In order to do this, you can add a checkbox when editing your form as follows:
- Drag and drop a Checkbox field to your form. We recommend putting this just above your Submit button.
- In the sidebar click the Checkboxes tab.
- Replace Checkbox 1 with your GDPR-compliant text. For example, I consent to #blog_name storing my submitted information so they can respond to my inquiry. #blog_name will get replaced with the name of your website.
- Delete Checkbox 2 and Checkbox 3 rows.
- Click the Save button at the bottom.
Data Erasure Request
GDPR requires you provide users with a method of deleting their data from your records. WordPress has an Erase Personal Data feature that is seamlessly integrated with WS Form.
To create a data erasure request form:
- Click Add New from the WS Form administration menu.
- Click the GDPR tab at the top.
- Click the Data Erasure Request template.
- Click Publish when the form is created.
- Add the form to your website.
For more information about the WordPress Erase Personal Data feature, click here.
Data Export Request
GDPR requires you provide users with a method of requesting their data from your records. WordPress has an Erase Personal Data feature that is seamlessly integrated with WS Form.
To create a data export request form:
- Click Add New from the WS Form administration menu.
- Click the GDPR tab at the top.
- Click the Data Export Request template.
- Click Publish when the form is created.
- Add the form to your website.
For more information about the WordPress Export Personal Data feature, click here.