Welcome back to “The Complete WordPress GDPR Guide” post series. In parts one and two, we covered the basics of GDPR, and the key principles of GDRP respectively. Reading the first two posts is not mandatory. However, If you just landed on this page for the first time, we recommend that you do read them to get the most out of this guide. Either way, after reading this post, you will understand what are the core WordPress GDPR features, and how to use them.
We all know that WordPress is most popular content management system available today. With a very short learning curve and an amazing price tag of free, it is no miracle that WordPress is “running the Internet” today, by serving as the back-end of almost 30% of all Internet sites.
That means that many small business owners rely on WordPress to serve the customers online everyday.
That also means that WordPress developers had to address GDPR regulations by adding features to WordPress core. Therefore a WordPress GDPR Compliance Team has been assembled and he is focusing on creating a comprehensive core policy, plugin guidelines, privacy tools and documentation. Their work is focused on four key areas
- Add functionality to assist site owners in creating comprehensive privacy policies for their websites.
- Create guidelines for plugins to become GDPR ready.
- Add administration tools to facilitate compliance and encourage user privacy in general.
- Add documentation to educate site owners on privacy, the main GDPR compliance requirements, and on how to use the new privacy tools.
You can read more on WordPress.org site.
Core WordPress GDPR features
With all that hard work and efforts, it is now time to understand which GDPR features added to WordPress core, starting with the simple fact to you must upgrade your WordPress site to version 4.9.6, or later to use these features
- Commenters now have the ability to remain anonymous by choosing not to save their information as a cookie.
- One-Click privacy page setup. Simply choose a page of your site to act as an official privacy page.
- Site owners can now either export or erase a user’s data from the WordPress core and participating plugins.
Let’s review each of the WordPress GDPR features mentioned above…
Feature #2 – One-Click privacy page setup
- Don’t forget to add the new page to your navigation menu and make it publicly visible on your site!
So far we covered two of the three core WordPress GDPR features. Let’s move on to the third one.
Feature #3 – Export or erase user’s data
With WordPress 4.6, you can export or erase user’s personal data easily.
This process is required by GDPR because each user can now ask for a copy of the data collected on him, and he has the right to have it completely erased.
To use this tool simply go to tools –> export personal data in your WordPress admin dashboard and follow the instructions on the screen. The result will be something similar to the one show in the following image.
Footnote: To erase user data, follow the same process. However, this time go to tools –> erase personal data in your WordPress admin dashboard.
Summary – Core WordPress GDPR features
It is clear that these features aren’t enough as they do not address all GDPR requirements (for example consent). However, it is a very good start. With the commitment from WordPress core development team and some time there is no doubt that, we will see more features and tools added to WordPress core in the future.
For those of you who do not want to wait that long, I recommend that you take action and subscribe to our messenger hub, or visit us again soon for the next part of this post series. In post number 4 I will give detailed review of some 3rd part plugins and tools that will greatly assist you in making sure your WordPress site is GDPR ready.