Welcome back to “The Complete WordPress GDPR Guide” post series. In parts one and two, we covered the basics of GDPR, and the key principles of GDRP respectively. Reading the first two posts is not mandatory. However, If you just landed on this page for the first time, we recommend that you do read them to get the most out of this guide. Either way, after reading this post, you will understand what are the core WordPress GDPR features, and how to use them.


We all know that WordPress is most popular content management system available today. With a very short learning curve and an amazing price tag of free, it is no miracle that WordPress is “running the Internet” today, by serving as the back-end of almost 30% of all Internet sites.
That means that many small business owners rely on WordPress to serve the customers online everyday.

That also means that WordPress developers had to address GDPR regulations by adding features to WordPress core. Therefore a WordPress GDPR Compliance Team has been assembled and he is focusing on creating a comprehensive core policy, plugin guidelines, privacy tools and documentation. Their work is focused on four key areas

  • Add functionality to assist site owners in creating comprehensive privacy policies for their websites.
  • Create guidelines for plugins to become GDPR ready.
  • Add administration tools to facilitate compliance and encourage user privacy in general.
  • Add documentation to educate site owners on privacy, the main GDPR compliance requirements, and on how to use the new privacy tools.

You can read more on WordPress.org site.

Core WordPress GDPR features

With all that hard work and efforts, it is now time to understand which GDPR features added to WordPress core, starting with the simple fact to you must upgrade your WordPress site to version 4.9.6, or later to use these features

  1. Commenters now have the ability to remain anonymous by choosing not to save their information as a cookie.
  2. One-Click privacy page setup. Simply choose a page of your site to act as an official privacy page.
  3. Site owners can now either export or erase a user’s data from the WordPress core and participating plugins.

Let’s review each of the WordPress GDPR features mentioned above…

Feature #2 – One-Click privacy page setup

Having trouble creating you own privacy policy? Don’t know where to start? This feature is just for you.

Simply navigate to settings–> privacy in your WordPress admin dashboard, and create a new privacy policy page.

WordPress will automatically create a page for you with the most basic information and paragraphs you need to include in your privacy policy.


  1. You still have to tweak and fine tune the privacy policy content to match your site and your business needs, however this will give you head start.
  2. Don’t forget to add the new page to your navigation menu and make it publicly visible on your site! 

So far we covered two of the three core WordPress GDPR features. Let’s move on to the third one.

Feature #3 – Export or erase user’s data

With WordPress 4.6, you can export or erase user’s personal data easily.

This process is required by GDPR because each user can now ask for a copy of the data collected on him, and he has the right to have it completely erased.

To use this tool simply go to tools –> export personal data in your WordPress admin dashboard and follow the instructions on the screen. The result will be something similar to the one show in the following image.

Footnote: To erase user data, follow the same process. However, this time go to tools –> erase personal data in your WordPress admin dashboard.

Summary – Core WordPress GDPR features

In this post, we covered three very important WordPress GDPR features that were added the WordPress core. The comments cookie, the privacy page and lastly, data export & erase.

It is clear that these features aren’t enough as they do not address all GDPR requirements (for example consent). However, it is a very good start. With the commitment from WordPress core development team and some time there is no doubt that, we will see more features and tools added to WordPress core in the future.

For those of you who do not want to wait that long, I recommend that you take action and subscribe to our messenger hub, or visit us again soon for the next part of this post series. In post number 4 I will give detailed review of some 3rd part plugins and tools that will greatly assist you in making sure your WordPress site is GDPR ready.

Stay tuned!

We use cookies to give you the best online experience. By agreeing you accept the use of cookies in accordance with our cookie policy.

Privacy Settings saved!
Privacy Settings

When you visit any web site, it may store or retrieve information on your browser, mostly in the form of cookies. Control your personal Cookie Services here.

These cookies are necessary for the website to function and cannot be switched off in our systems.

In order to use this website we use the following technically required cookies
  • wordpress_test_cookie
  • wordpress_logged_in_
  • wordpress_sec

For perfomance reasons we use Cloudflare as a CDN network. This saves a cookie "__cfduid" to apply security settings on a per-client basis. This cookie is strictly necessary for Cloudflare's security features and cannot be turned off.
  • __cfduid

Decline all Services
Accept all Services

Pin It on Pinterest

Share This