Posted on

How to Create GDPR Compliant Forms in WordPress

Do you want to create GDPR-compliant forms in WordPress?

European Union’s new GDPR law requires explicit user consent to store personal information so that users can have more personal control over their data stored on websites.

In this article, we will show you how to easily create GDPR-compliant forms in WordPress.

How to Create GDPR compliant forms in WordPress

What is GDPR?

The General Data Protection Regulation (GDPR) is a European Union (EU) law that became effective on May 25th, 2018. This new law aims to give EU citizens control over their personal data and change how companies and businesses handle data privacy around the world.

For more details, see our ultimate guide to WordPress and GDPR compliance which will answer all your GDPR-related questions in plain English.

A typical WordPress site may collect users’ personal information in a number of ways. One of which is by adding forms to the site. Most forms collect personal information, and you may want to make sure that your WordPress forms comply with GDPR.

What is Required to Make a Form GDPR Compliant

In order to make your WordPress forms GDPR compliant, you will need to add the following features:

  • Ask users to give explicit consent for storing and using their personal information.
  • Allow users to request access to their own personal information stored on your website.
  • Allow users to request the deletion of their data from your website.

Having said that, let’s take a look at how to easily create GDPR-compliant WordPress forms. You can click the links below to jump ahead to any section:

How to Make a GDPR Compliant Form in WordPress

We recommend using WPForms to make GDPR-compliant WordPress forms. It is the best contact form plugin for WordPress and has built-in GDPR enhancement features.

For instance, you get a 1-click GDPR Agreement field for your forms, GDPR-compliant data retention best practices, easy entry management system to quickly find, export, or delete user data upon request.

First, you need to install and activate the WPForms plugin. For more details, see our step-by-step guide on how to install a WordPress plugin.

For this tutorial, we’ll use the WPForms Pro version because it includes the disable user cookies and user details options. However, you can also use the WPForms Lite version to create a GDPR-compliant form.

Upon activation, you need to visit WPForms » Settings page and enter your license key. You can find the license key in the WPForms account area.

Entering the WPForms license key

Next, you’ll need to scroll down to the GDPR section.

There, you need to check the box next to the GDPR Enhancements option.

Enable GDPR enhancement option

Enabling the GDPR Enhancements option will reveal two more GDPR-related settings.

The first option, ‘Disable User Cookies,’ will stop WPForms from storing user sessions. This cookie contains a random unique identifier that helps WPForms add features like related entries, form abandonment, and geolocation. Disabling it will also disable those features.

The second option, ‘Disable User Details,’ will stop WPForms from storing user IP addresses and browser information. Both of these settings are optional, and you can check them if you feel that you don’t need these features.

Don’t forget to click the ‘Save Settings’ button to store your changes.

Select Form Template and Add GDRP Agreement Field

WPForms is now ready to create GDPR-compliant forms in WordPress. You can now go to WPForms » Add New page to create a new form.

You will be asked to enter a title for your form and select a template. These templates are ready-made forms that you can use as a starting point. In this tutorial, we’ll use the ‘Simple Contact Form’ template.

Add a new form

This will launch the WPForms builder interface.

You will see your form preview in the right column, and on the left, you will see all the fields that you can add to your form.

Add the GDPR agreement field

Simply drag the ‘GDPR Agreement’ field and add it to your form.

You will now see it appear at the bottom of your form. If you click on it, more options will appear in the settings panel on the left.

Edit the GDPR agreement

You can change the title of the form field and agreement text, and then use the description box to add details like a link to your privacy policy or terms and conditions pages.

Note: The GDPR Agreement field is always a required field, and it cannot be pre-checked to comply with the GDPR law. You can only add one GDPR agreement field to each form.

Next, you can go to the Settings » Confirmations tab in the form builder. Here, you’ll get different options to select when a user submits a form. For instance, you can show a message, a page, or to redirect users to another URL.

Edit form confirmation settings

Once you are satisfied with the form, don’t forget to store your changes.

Adding GDPR Compliant Form to WordPress

WPForms allows you to easily add forms anywhere on your website.

You can simply click the ‘Embed’ button at the top of the form builder to get started.

Click the embed button

Next, a popup will open, which will ask you to create a new page or select an existing page.

We’ll use the ‘Create New Page’ option for this tutorial.

Embed a form in page

After that, you’ll need to enter a name for your page.

Once that’s done, simply click the ‘Let’s Go’ button.

Enter the name of the page

Your form will now appear in the WordPress content editor.

Another way to add forms to any page or post is using the WPForms block. Simply add the block to your content and select your form from the dropdown menu.

Add a WPForms block in wordpress

You can now save or publish your post or page.

Simply visit your website to see your GDPR-ready WordPress form in action.

GDPR form preview

Managing Data Access and Deletion Requirements with WPForms

One of the requirements for GDPR compliance is to give users access and allow them to request the deletion of their data.

To do that, you can create a ‘Data access/delete form’ and add it to your privacy policy page. Users who wish to access their stored data or want it to be deleted can use that form to send you a request.

WPForms has an excellent entry management system that allows you to quickly find any data submitted via your forms.

You can access all form entries by visiting WPForms » Entries page from your WordPress dashboard and selecting the form you wish to view.

View form entries in WPForms

WPForms will show you all entries submitted using that form. You can search for a form entry by entering a name, email address, IP address, or keyword.

From here, you can simply click the ‘Delete All’ option at the top to remove form entries.

Delete form entries

You can also delete individual entries or click the view button to see all data stored for that entry.

Disabling User Details for Specific Forms

With WPForms, you get full control over which forms can store user data. You can disable user details to be stored for each individual form.

First, you’ll need to go to WPForms » Settings from your WordPress dashboard and scroll down to the ‘GDPR’ section.

Here, ensure that the ‘Disable User Details’ option is unchecked.

Disable user details is unchecked

Don’t forget to click the ‘Save Settings’ button when you’re done.

After that, you can change each form’s settings in the form builder.

All you have to do is head to Settings » General in the form builder. Next, click the ‘Advanced’ section to expand it. From here, simply click the toggle for the ‘Disable storing user details (IP address and user agent)’ option.

Disable storing user details-settings

This will prevent extra user information from being stored for individual forms.

We hope this article helped you learn how to easily create GDPR-compliant forms in WordPress. You may also want to see our article on how to track user engagement in WordPress using Google Analytics and the ultimate WordPress SEO guide for beginners.

If you liked this article, then please subscribe to our YouTube Channel for WordPress video tutorials. You can also find us on Twitter and Facebook.

The post How to Create GDPR Compliant Forms in WordPress first appeared on WPBeginner.

Posted on

9 Best WordPress GDPR Plugins to Improve Compliance

Are you looking for a GDPR plugin to ensure your WordPress site complies with regional laws?

All websites that collect data related to people in the European Union need to be GDPR-compliant. There are several WordPress plugins that can help you with that.

In this article, we will share some of the best GDPR plugins for WordPress that you can use to make your website GDPR-compliant.

The best GDPR plugins for your WordPress site

What Is GDPR and Why Does It Matter?

GDPR stands for General Data Protection Regulation. It is a European Union (EU) law that gives individuals in the EU specific rights over accessing and controlling their data on the internet.

GDPR applies to all organizations globally that collect or process data relating to individuals in the EU. For instance, if you live in the United States and run a business website or online store with customers in Europe, then you need to comply with GDPR.

Due to the dynamic nature of websites, no single plugin can offer 100% GDPR compliance. However, many popular plugins have added GDPR-friendly options to ensure that your website follows the law.

Disclaimer: we are not legal experts, but we have written the ultimate WordPress GDPR guide that you can refer to for more details. When in doubt, always consult an Internet law attorney.

With that said, here are the best WordPress plugins that have GDPR compliance options.

1. MonsterInsights – GDPR-Friendly Google Analytics

The MonsterInsights Google Analytics plugin

MonsterInsights is the best Google Analytics plugin for WordPress. It lets you easily add Google Analytics tracking code to your site and displays powerful reports within your WordPress admin.

With MonsterInsights, it’s easy to anonymize or even disable personal data tracking. GDPR requires you to get explicit consent before you collect or process personal identifying information from EU residents, such as IP addresses.

To automatically anonymize data, simply use the MonsterInsights EU Compliance addon.

MonsterInsights EU Compliance Addon

What if you want to track personalized data using Google Analytics? Then, you simply need to get consent from your users. This can also be easily done with MonsterInsights.

The MonsterInsights EU Compliance add-on integrates seamlessly with the Cookie Notice plugin. That plugin is included below at #3 on our list. This means MonsterInsights will not load the analytics script until the user gives explicit consent.

Plus, MonsterInsights is compatible with Google Analytics’ built-in cookie opt-out system as well, and it works seamlessly with Google Analytics’ Chrome browser opt-out extension.

Pricing: MonsterInsights costs $99.50 per year. This includes the EU Compliance addon.

You can read our complete MonsterInsights review for more details.

2. WPForms – GDPR-Friendly Contact Forms

WPForms

WPForms is the best contact form plugin for WordPress with built-in GDPR compliance.

You can use WPForms to create all sorts of forms, including contact forms, registration forms, order forms, booking forms, surveys, and more.

To make your forms compliant, just go to the plugin’s Settings page and check the box next to the GDPR enhancements option.

Now, you can disable user tracking cookies and the IP address storage option. It will apply the GDPR Enhancement settings to all your forms, and you can also manage the settings in each form manually.

Enable GDPR settings in WPForms

You can also enable extra GDPR options. These include disabling user tracking cookies and disabling storing details of the user’s browser and operating system.

Another option with WPForms is to turn on GDPR protection for individual forms instead of all your forms. To do this, you just need to check a box in the setting for each form.

WPForms also lets you add a special ‘GDPR Agreement’ checkbox field to your forms. You can add this to your form just like any other field.

GDPR Agreement field in WPForms

Pricing: WPForms costs $39.50 per year. There’s also a free version of WPForms that’s GDPR-compliant.

3. Cookie Notice for GDPR & CCPA

Cookie Notice for GDPR & CCPA

Cookie Notice for GDPR & CCPA is a free WordPress cookie notification popup plugin that lets users give or refuse consent for you to use cookies. It helps you comply with GDPR and CCPA (the California Consumer Privacy Act).

You can customize the cookie notice for your users and include links to your privacy policy or legal pages. It’s quick and easy to get Cookie Notice up and running on your site.

For step-by-step instructions, just see our guide on how to add a cookies popup in WordPress.

The plugin is SEO-friendly and compatible with WPML if you have a multilingual website. It also integrates seamlessly with MonsterInsights and holds on to Google Analytics code until a user consents.

Pricing: Cookie Notice is completely free. There’s no premium version.

4. OptinMonster – GDPR-Friendly Popups and Lead Gen Forms

OptinMonster – The best WordPress popup plugin

OptinMonster is a lead generation tool and one of the best popup creators for WordPress. It lets you create a wide range of email newsletter signup forms and optins that you can display in different ways on your site.

With OptinMonster, you can ensure that your email signup forms are GDPR-compliant. It’s easy to add a privacy policy field with a customizable checkbox. Users can then only submit the form once they’ve checked the box.

If your organization is audited for GDPR compliance, then OptinMonster also has a GDPR Audit Concierge team that can help you out. Plus, their friendly customer service team is always happy to answer questions about GDPR.

Even better, OptinMonster lets you target visitors based on their location. That way, you can ensure you’re showing GDPR-compliant optins to customers in EU countries.

Pricing: OptinMonster costs $9 per month (billed annually). For geolocation targeting, you need the Growth plan, which costs $49 per month.

5. GDPR Cookie Consent (CCPA Ready)

CookieYes

GDPR Cookie Consent covers CCPA as well as GDPR. It lets you create an alert bar on your site with Accept and Reject options so that the user can decide whether to accept or reject cookies.

With this plugin, it’s straightforward to customize the cookie notice with your choice of colors, fonts, styles, positioning, and more. You can put the cookie notice bar at the top or the bottom of your website.

Note that you need to list the specific cookies that the plugin restricts. The plugin can’t automatically block all cookies, or it could break your website.

Pricing: The basic version of GDPR Cookie Consent is free. You can upgrade to the premium version for $100 per year.

6. Complianz

Complianz

Complianz lets you easily create cookie notices for different regions (EU, UK, US, or Canada). You can use it to create a GDPR ‘cookie wall’ and other types of banners.

With Complianz, there’s a built-in option to scan your site for cookies. This lets you automatically add cookie descriptions to your site.

Complianz has a simple, user-friendly setup process. It takes you step by step through getting the plugin up and running on your site.

The premium version lets you view statistics, use A/B testing to improve your cookie accept ratio, generate legally approved documents, and more. It’s also compatible with WordPress multisite networks.

Pricing: Complianz premium costs $59 per year for a single website. There is also a limited free version.

7. Real Cookie Banner

Real Cookie Banner

Real Cookie Banner is a free consent management WordPress plugin. It lets you add legal information to your cookie banner to get user consent and avoid legal problems.

It offers over 100 templates to add the cookie banner notice to your site quickly. And moreover, there are several customization options to change the color, text effects, and more. You can see the preview of the banner before saving your changes.

The plugin has a content blocker feature that works with most WordPress themes and plugins. It makes sure you have full control to display content after getting consent from your website visitors.

It provides you with the knowledge and a checklist to make a cookie banner that makes your site fully GDPR-compliant. Real Cookie Notice supports multiple languages, and you can add the cookie notice in your language.

Pricing: Real Cookie Notice is free. The Pro version costs €59 per year for a single website.

8. GDPR Cookie Compliance (Moove)

GDPR Cookie Compliance (Moove)

GDPR Cookie Compliance is a plugin that lets users enable or disable cookies on your site.

The cookie consent notice is fully customizable and editable, so you can use your own text, logo, colors, and fonts.

The premium version includes a ‘cookie wall’ that prevents users from seeing your site until they accept or reject cookies. You can also target users based on location and see stats about how many users accepted your cookies.

You need to add the scripts that use cookies into the plugin’s settings. Otherwise, it can’t block them.

Pricing: The basic version of GDPR Cookie Compliance is free. The premium version offers more features and costs £59 (GBP) per year for a single site.

9. Cookiebot

Cookiebot

Cookiebot is a highly customizable WordPress GDPR plugin. It lets you display a consent banner on your website to manage user consent required by GDPR, ePR, CCPA, and global legislation.

It provides a cookie policy to display on your site with all relevant and updated information. You can also display exclusive optins for users with a specific age.

The plugin runs regular website scans to delete third-party cookies. It holds the cookie and user tracking until the user consents to ensure compliance.

The plugin supports multiple languages for your consent banner and cookie declaration. Cookiebot gives you a secure storage facility to keep your cookie information that you can present as proof when needed.

Pricing: Cookiebot is a free, open-source plugin. The premium Small plan of the plugin costs €12 per month.

Which Is the Best GDPR Plugin for WordPress?

The plugins you need for GDPR depend entirely on your needs.

If you are not sure which to pick, then here are the absolute must-have plugins:

  • Use MonsterInsights to add and control your Google Analytics tracking easily. It’s the best Google Analytics tool for WordPress, making it very straightforward for you to comply with GDPR policies about analytics data.
  • Use WPForms to create GDPR-compliant contact forms, registration forms, booking forms, and more. Adding GDPR compliance to your forms is as simple as checking a box.
  • Use OptinMonster to target the users in the EU region and show the GDPR-compliant popups.
  • Use Cookie Notice for GDPR & CCPA to display a cookie notification on your site. It integrates with MonsterInsights and has many different options to customize how cookie consent works on your site.

We hope this article helped you learn about the best GDPR plugins for WordPress. You may also want to check out our other WordPress guides that can help improve your overall website.

Best WordPress Guides to Improve Your Website

If you liked this article, then please subscribe to our YouTube Channel for WordPress video tutorials. You can also find us on Twitter and Facebook.

The post 9 Best WordPress GDPR Plugins to Improve Compliance first appeared on WPBeginner.