The new data protection regulation of the European Union, better known as GDPR (General Data Protection Regulation). Approved from 25th May 2018, all the companies and pages that store user data of the EU (even if it is only an email address captured through a contact form) must comply with this regulation. If you have a page created on the WordPress platform, you are more interested in this than anyone else.
WordPress is one of the most popular tools on the internet for the creation of web pages in a simple and freeway. So much so, that thousands of small companies use it in their corporate websites. The problem, that being so used by people who do not have to be experts, has become one of the systems that receives the most cyber-attacks. And this is a great disadvantage in terms of compliance with the GDPR: if your website does not use the latest version of WordPress GDPR and you have not made some key changes, you may face possible fines (4% of the company turnover).
If you just found out, calm, we will help you here to adapt your page to this new situation and, in the process, improve the security of your WordPress, which has already been questioned so many times. The process is less painful than you imagine, you just need a little patience and follow these steps.
1. Adapt your forms and legal texts
The main aspect that you have to take into account when updating your page is in the ‘cookies’ and in the legal notices. To adapt your system to the new regulations, you must review all these texts, as well as the consent forms to adapt them to the new regulations.
Until now, you could put a general message in the forms and in the notice of the ‘cookies’, but from this Friday you will have to specify what data you are going to collect and for what before this gives you its consent. Comments boxes, contact forms, subscriptions, ‘cookies’ … Everything must adapt to the new situation.
2. Notify your subscribers
Once the previous process is finished, it is good that you update your list of subscribers, if you have them, and notify them of the new panorama by telling them about the changes. The truth is that it is not a change that comes only by the GDPR, but you can take advantage of this fact to do so. Surely these days you have received hundreds of ‘e-mails’ from other companies warning you of changes in their privacy policies. You should do something similar.
3. Access, download and deletion of data
Another key of the new regulations is that from now on, any web or platform must give the user a clear space in which to request access to the data stored in it, download it and, if it wants, to eliminate it. That is what is called ‘data portability’.
4. Check ‘plugins’ and ‘themes’
Last but not least, it is recommended to have all the ‘plugins’ and ‘themes’ that you have installed on your page so that they are also adapted to the GDPR. Obviously, there will be some more important than others, depending on, among other things, the functions they do.