In general, we can distinguish two types of websites for the GDPR:
- Websites without user accounts
- Websites with user accounts
GDPR plugins for WordPress websites without user accounts
A cookie banner that gives website visitors the possibility to choose which cookies they want to accept.
- Cookiebot – banner with a lot of options and a clear manual.
Ask for consent in forms to process data.
- WP GDPR Compliance – adds checkboxes to Contactform 7, Woocommerce, WordPress Comments, whether you are logged in or not.
GDPR plugins for WordPress websites with user accounts
A cookie banner and asking for consent obviously applies to these websites too, but you may want to add additional functionality.
- Delete me – Users can delete all data related to their account themselves.
- GDPR Compliance – Displays data for logged in users, that’s all.
Various GDPR related information that’s useful for WordPress users
- Google Analytics
- Activate Google Tag Manager and use the function to anonymize IP addresses. See this Youtube video as well (from 5.40).
- Turn data collection off.
- Do not track pages with forms.
- Google Fonts
- Google says they are working on compliance, but as we wrote this post, there are still a lot of uncertainties, as you can read on Github.
- Website cookies
- WordPress’ own cookies
- You can read everything about WordPress’ own cookies in the codex.
- Mailchimp is email marketing software, often used in combination with WordPress. Their website has a lot of information on the GDPR.
Do you automatically comply to the new privacy law after installing one or more of these GDPR plugins?
The very short answer to this is: no. Plugins can help you get started, but you need to sort out some stuff manually too. This means you cannot take this blog post as legal advice.