GDPR compliant forms are nowadays the norm for WordPress. While this has caused some problems and stress for website owners, it’s really not that hard to get your site and forms up to speed with the latest GDPR laws proposed by the European Union. The law basically states that users must give explicit consent for the storage of personal information on any site they visit – this article will focus on GDPR compliant forms and how to integrate them into your website.
What is the GDPR law?
GDPR or the General Data Protection Regulation is a law designed by the European Union which started being implemented on the 25th of May 2018. The idea behind this law is to give European internet users more control over their personal data, how it’s handled and for what uses.
WordPress sites in general can and do collect personal information through different ways. By adding a form on your website you’re going to collect personal information, so you need to make sure that your website and forms are in full compliance with the new regulation.
What makes a form GDPR compliant?
In order to follow these new EU regulations, you need to add certain features to your contact forms and website:
-
- The ability to ask users for consent before storing and using their data and personal information
- Allowing users to access any of their information stored on your site
- Allowing users to delete or request the deletion of their personal information from your website.
Building a GDPR Form in WordPress
Since WordPress offers plenty of form plugins ready to use, free as well as premium, the best way to tackle the problem of GDPR forms is to get WPForms. This is one of the best contact form plugins and it also boasts GDPR-compliant features such as a one click agreement field, GDPR data retention best practices as well as an intuitive and easy to use data mangement system to delete, export or find user data when needed.
First thing you need to do is install and then activate your WPForms plugin. Once you activated it, click on WPForms and then on the Settings page. Here you will find the GDPR section where you will need to click on the GDPR Enhancements option.
Two more settings will show up once you check the GDPR Enhancements option.
The first one is “Disable User Cookies” which will prohibit the plugin from storing user information and sessions. The user cookie is built-in the plugin for features such as geolocation, form abandonment and similar entries. By disabling this cookie, these features are also disabled.
The second option, “Disable User Details” will stop your plugin from storing browser information as well as the IP addresses of users accessing your website.
With these features being optional, you can check or uncheck them if, depending on your needs. Once you’re done, just click on the “Save Settings” button.
To create your first GDPR WordPress form, simply go to WPForms and then click on Add New in order to create a new form. You can add a title for your form and select one of the ready-available templates. You can use the templates as a starting point and gradually edit them according to your needs.
The WPForms builder interface is intuitive and really easy to use. You can also see a live preview of your from in the right column while the left column displays all of the possible fields which you can integrate into your new GDPR form. To add a GDPR agreement to your form, simply click on the GDPR Agreement field and it will be added. In order to edit it, you simply need to click on it.
You can change the agreement text, form field title and add links to your T&C or privacy policy pages. Please note that on every form the GDPR field is obligatory and it cannot be pre-checked, according to the new GDPR regulations. Only one GDPR agreement field is possible on each form. Once you have your first GDPR compliant form looking the way you want, it’s time to save it by clicking on the save button.
Adding GDPR Forms to Pages and Posts
The WPForms plugin allows website owners to add forms just about anywhere on their website. To add your first form, just go to a page or post and click edit. On the page or post editing screen there’s an Add Form button. Click on the button and a popup will appear where you’ll be able to select the form previously created. Now, simply click on the Add Form button again and you’ll notice that the form’s shortcode has been added in your editor. Save your page or post and you’ll be able to see the form live.
Deletion Requirements and Data Access in WPForms
One of the main rules of the new GDPR regulations is to allow users to submit a request to delete their personal information after visiting your site. In order to do this, you’ll have to create a “delete personal information form” and place it somewhere in your privacy policy page. Your users will be able to use that form to request access to their stored information or to submit a request to delete it.
Luckily enough, WPForms boasts a great entry management system that allows website owners to look up and find data submitted through any form on the site. All submitted data can be viewed by accessing WPForms and then clicking on the Entries page. You will be able to switch between different forms by selecting one from the left corner of your page. Entries can be searched by entering a keyword, IP address, e-mail address or name.
