What is GDPR?

Note: This article contains general information and is not a substitute for professional legal advice. In all circumstances the best way to ensure GDPR compliance for your site is to consult legal counsel.

The GDPR, or General Data Protection Regulation, is a set of data collection regulations in the EU that require businesses to protect the personal data and online privacy of citizens (effective as of May 25, 2018).

The type of data that is protected by GDPR includes the following:

  • Basic identity (name, address, ID numbers, etc.)
  • Web data (location, IP address, etc.)
  • Racial or ethnic data
  • Health and genetic data
  • Political opinions
  • Sexual orientation

Further information about GDPR can be found by clicking here.

GDPR Requirements

Requirements under GDPR include the following:

  • Secure explicit consent before collecting or storing user data
  • Grant the user the right to access to or deletion of all data collected
  • Report breach notifications to appropriate authorities within 72 hours (unless the breach is harmless to individual data)
  • Appoint a data protection officer within your company (not required for small businesses)

Those who do not adhere to the regulations set forth in this policy will face significant legal liability and costly fines.

WS Form GDRP Features

WS Form can help make your forms and website GDPR-compliant.

Adding Consent Checkboxes

When you request information from a website visitor, GDPR requires that you provide opt-in (not opt-out) checkboxes that explain why you need the data you are requesting and what you will do with it, as well as checkboxes requesting consent for using the data provided.

In order to do this, you can add a checkbox when editing your form as follows:

  1. Drag and drop a ‘Checkbox‘ field to your form. We recommend putting this just above your Submit button.
  2. In the sidebar click the ‘Checkboxes’ tab.
  3. Replace ‘Checkbox 1’ with your GDPR-compliant text. For example, ‘I consent to #blog_name storing my submitted information so they can respond to my inquiry’. #blog_name will get replaced with the name of your website.
  4. Delete ‘Checkbox 2’ and ‘Checkbox 3’ rows.
  5. Click the ‘Save’ button at the bottom.

Data Erasure Request

GDPR requires you provide users with a method of deleting their data from your records. WordPress has an ‘Erase Personal Data’ feature that is seamlessly integrated with WS Form.

To create a data erasure request form:

  1. Click ‘Add New’ from the WS Form administration menu.
  2. Click the ‘GDPR’ tab at the top.
  3. Click the ‘Data Erasure Request’ template.
  4. Click ‘Publish’ when the form is created.
  5. Add the form to your website.

For more information about the WordPress ‘Erase Personal Data’ feature, click here.

Data Export Request

GDPR requires you provide users with a method of requesting their data from your records. WordPress has an ‘Erase Personal Data’ feature that is seamlessly integrated with WS Form.

To create a data export request form:

  1. Click ‘Add New’ from the WS Form administration menu.
  2. Click the ‘GDPR’ tab at the top.
  3. Click the ‘Data Export Request’ template.
  4. Click ‘Publish’ when the form is created.
  5. Add the form to your website.

For more information about the WordPress ‘Export Personal Data’ feature, click here.