GDPR is less complicated than it first seems.  At the end of this post, I’ll list the different plug-ins I use.

The first thing to do is audit what information you hold.

Do you hold any personal data anywhere?
If so, where?
Do you need them anymore?  (If not, delete them!)

Next, create a privacy policy. (This is the ultimate one!  It’s important to let people know the how’s, what’s, when’s, where’s and why’s behind you collecting their data.)

Mine is here: https://lollipopsandrainbows.co.uk/privacy-notice/
I can adapt to suit your site.
Making sure you have a valid and up to date cookie policy is also useful.  Again, mine is here: https://lollipopsandrainbows.co.uk/cookies

Make sure that first-time visitors to your site know the score. Install a pop up with an OPT-IN selection.

With GDPR implicit consent isn’t good enough.  Users have to give EXPLICIT consent.
Say goodbye to notices that say “By continuing to browse this site you accept our privacy policy/agree to terms” etc. etc.

Do you hold any information in third party accounts/apps?

Check out their privacy notices.  They should all have them in a clear, prominent space for their visitors.  You can link to them in your own Privacy Policy.

Do you have a mailing list?

If you do, check out your provider’s Privacy Notice, be clear on what they say. Know their policies to build your own policy.

You don’t HAVE to scrap your whole mailing list.  To be honest, as long as everyone opted in in the first place, you’re covered.  Although it may be a good idea to send out an email explaining the introduction of GDPR, showing them your Privacy Policy.

However, if you feel you are carrying around dead weight in your mailing list, feel free to ask them to opt-in again.

Finally, do you actually need to register with the ICO?

There’s actually an awesome quiz on the ICO website which will tell you if you need to register with them. You can find the quiz here: Do I need to register with the ICO?

The Plug-ins I have been using:

CookieBotCookieBot isn’t a free service unless you have a small website but, in my experience, it’s working wonders.  It scans your website and details every cookie and categorises them into necessary and unnecessary.  Your visitor then gets to choose whether he accepts all cookies or just necessary ones.

Prices start from FREE for a site with less than 100 subpages.  Most long term bloggers would probably be looking at between 500 and 5000 subpages which will cost £17 per month.  It’s not the earth, but, you don’t really want to be forking out every month unless you monetize your site.

WP GDPR Compliance – This plug-in is really simple, although, I’m not sure I like it that much but have yet to find a better alternative. WP GDPR Compliance simply adds a check box underneath the comment box to confirm that the commenter consents to the handling of their details.

Have you done these things? If not, I would recommend doing so as soon as possible. Or even book someone to do it for you.

Have I missed anything?  If so, let me know in the comments below.

Have you found any good WordPress Plug-ins to help with GDPR compliance?