Getting your WordPress site ready for GDPR

May 17, 2018

The General Data Protection Regulation (GDPR) is a new EU Regulation that comes into effect on May 25th. It’s complex to say the least, and results in some pretty heavy fines for non-compliance.

The regulation is related to the processing and recording of personal data and applies to all companies worldwide who work with personal data of EU citizens. It boils down to 3 main points at we see it:

  • The processing of personal data should be “adequate, relevant and limited to what is necessary for the purposes for which they are processed”.
  • The period for which the data is stored is limited to a minimum.
  • You must have the user’s explicit consent to gather their data or to pass it to a 3rd party via your website eg. PayPal, Mailchimp etc.

Today we have made some changes to our site in order to demonstrate compliance with the above. We’re also go to show YOU how you would add a consent checkbox to your WordPress website, specifically at the checkout in WooCommerce. Note that most contact form plugins allow you to easily add a checkbox field, and one or two already have a “consent” option.

Add a GDPR Consent Checkbox to WooCommerce Checkout

Adding an additional checkbox to the WooCommerce checkout is trivial. First, you need the plugin WooCommerce Checkout Manager

Once installed and activated, go to the main panel, select Billing, and choose to add a new field.

Create a new checkbox, that is required, with something like “I consent to my data being used in line with this website’s Privacy Policy” as the text.

Save the changes. Your checkout will now have an extra option, that the user MUST tick, to consent to their data being used by your company in whatever way you have defined in your Privacy Policy page.

In all likelihood WooCommerce and other plugins will be adding fields to help you comply with GDPR in the coming weeks, but this quick and simple fix will ensure you are covered now.