In an earlier article, we talked about the new GDPR policy. On May 25, 2018, the European Union (EU) enacted the General Data Protection Regulation (GDPR) policy. Its aim is to give website users in the EU complete control over how their data is being used. It was also enacted to change how companies and businesses handle data privacy around the world.
A typical WordPress website collects what is known as Personally Identifiable Information (PII) from users in a number of ways. A form is one of such ways, be it at the point of registration or confirmation of an action. With this knowledge of GDPR in mind, your forms should be compliant with this regulation.
This article highlights how you can easily create these GDPR compliant forms on your WordPress website.
What makes a form GDPR compliant?
Getting to make a form GDPR compliant is quite easy, though you must know what it means for a form to be compliant. Not all forms meet this requirement, so it is important to know the key features or requirements of a GDPR compliant form. A form is said to be GDPR compliant when:
- Users have the option of giving explicit consent for using and storing their PII.
- Users can request the deletion of their data from your website at any time.
- Users can request access to their own personal information shared on your website.
Let’s see the step-by-step process of creating a GDPR compliant form. Come with me.
How To Make A GDPR compliant form
For its easy-to-use interface, we recommend that you use WPForms. If you don’t have this plugin activated already, you will need to install and activate it. Go to the Plugin repository on WordPress to download or click on “Plugins” to search for it from your WordPress dashboard.
After activating, visit WPForms >> Settings.
Scroll down to the GDPR section. Check the box next to GDPR Enhancements. After clicking on it, two new optional settings will be revealed namely “Disable user cookies” and “Disable user details”.
The former stops WPForms from storing user sessions. A cookie is a small bit of text that is downloaded to a computer or other device when a user visits a website. When a user visits the site again, the browser sends these cookies back to the website. It recognizes the user and ensures that they pick off where they left off by simulating their preferred browsing experience.
Each cookie contains a unique identifier that helps the plugin add features such as form abandonment, geolocation & related entries. Disabling these option means you also disable these features.
The second option is “Disable User details”. It will stop WPForms from storing user IP addresses and browser information. You can check them if you feel you don’t need these features. Remember to “Save Settings” to store your changes.
To create a form, go to WPForms >> Add New. You will be required to enter a title for your form and select a template. You can use these templates (ready-made forms) as a starting point. We will be creating a simple contact form for the purpose of this tutorial. Click on ‘Simple contact form’.
This will launch the WPForms builder interface. On the right column, you will see your form overview while on the left, you get to see all the fields that you can add to your form.
Please note that you can only add one GDPR agreement field to each form. The agreement field is always a required field and cannot be pre-checked in accordance with the GDPR law.
Click on the Save Button on top to store your settings.
How to add your GDPR compliant form to WordPress posts and pages
The ease of WPForms is that you can add forms anywhere on your website. You can create a new page/post or edit an existing one.
On the post edit screen, click on the ‘Add Form’ button, wherein a popup appears.
On this popup page, you can select the form you created earlier. On the bottom right section of the popup, click on the ‘Add Form’.
Click on Save to publish or save as draft. You can now check your post to see the form in action.
Using WPForms to manage data access and deletion
Like we highlighted earlier, a website that is GDPR compliant is one where users can request for access and also request for deletion of their data. To get WPForms to help you manage data access and deletion, you have to create a Data access/delete form.
To access all form entries, visit WPForms >> Entries page. Do note that you need to be a Pro user to be able to do this. On the top left corner of the screen, you can select the form you wish to view. WPForms will show you all entries submitted using that form. If you have a large number of entries, you can filter your search by entering a name, email address, IP address, or keyword. You can also export a single entry as a CSV file.
One Last Thing ……
GDPR is a very important regulation for all websites that collect information from EU residents. It is important to understand what it entails and how to make sure your website doesn’t fall foul of its laws. You can know what is there to know about GDPR by reading an article where it was discussed at length.
We hope this article helped you understand how you can easily create GDPR compliant forms in WordPress. Do you wish to make your website GDPR compliant and you don’t know to go about it? Get in touch with us and connect with us across social media platforms @MactavisDigital.
We have carved a niche for ourselves when it comes to web design and development, content production and copywriting, SEO and other digital services. We would love to hear from you.