GDPR is less complicated than it first seems. At the end of this post, I’ll list the different plug-ins I use.
The first thing to do is audit what information you hold.
Do you hold any personal data anywhere?
If so, where?
Do you need them anymore? (If not, delete them!)
Mine is here: https://lollipopsandrainbows.co.uk/privacy-notice/
I can adapt to suit your site.
Make sure that first-time visitors to your site know the score. Install a pop up with an OPT-IN selection.
With GDPR implicit consent isn’t good enough. Users have to give EXPLICIT consent.
Do you hold any information in third party accounts/apps?
Do you have a mailing list?
If you do, check out your provider’s Privacy Notice, be clear on what they say. Know their policies to build your own policy.
However, if you feel you are carrying around dead weight in your mailing list, feel free to ask them to opt-in again.
Finally, do you actually need to register with the ICO?
There’s actually an awesome quiz on the ICO website which will tell you if you need to register with them. You can find the quiz here: Do I need to register with the ICO?
The Plug-ins I have been using:
CookieBot – CookieBot isn’t a free service unless you have a small website but, in my experience, it’s working wonders. It scans your website and details every cookie and categorises them into necessary and unnecessary. Your visitor then gets to choose whether he accepts all cookies or just necessary ones.
Prices start from FREE for a site with less than 100 subpages. Most long term bloggers would probably be looking at between 500 and 5000 subpages which will cost £17 per month. It’s not the earth, but, you don’t really want to be forking out every month unless you monetize your site.
WP GDPR Compliance – This plug-in is really simple, although, I’m not sure I like it that much but have yet to find a better alternative. WP GDPR Compliance simply adds a check box underneath the comment box to confirm that the commenter consents to the handling of their details.
Have you done these things? If not, I would recommend doing so as soon as possible. Or even book someone to do it for you.
Have I missed anything? If so, let me know in the comments below.
Have you found any good WordPress Plug-ins to help with GDPR compliance?