The General Data Protection Regulation (GDPR) has been in effect since May 25th 2018. The GDPR is changing the face of data privacy, putting greater control in the hands of users and stricter guidelines at the feet of businesses.
One of the biggest adjustments that business owners and marketers face is getting consent from users to collect, store, and use their information.
Under the GDPR, consent must be:
- Actively given — Users need to take action, such as checking an unticked box
- Specific and unambiguous — Users should be informed in plain and clear language of exactly what they’re offering their consent for.
- Separate from other terms and incentives — consent needs to be freely given, rather than incentivized or bundled with other offers of consent.
- Easy to withdraw from — You must include information stating that the consumer can easily withdraw their consent and provide them with instructions on how to do so.
Although the GDPR is based in the European Union (EU), businesses operating outside of the EU must update their methods of obtaining consent if they process data from EU citizens.
However, gathering proper consent from users doesn’t need to be a headache for business owners and marketers. In fact, implementing GDPR-friendly consent mechanisms can be easy (and inexpensive) with online forms that come equipped with consent measures.
Here are five form providers that could help your business stay on the right side of the GDPR:
Mailchimp is building GDPR-friendly forms that can be used to help you obtain and document user consent. Using Mailchimp sign-up forms will enable you to set up customizable GDPR-friendly fields that will include active opt-ins for different categories.
- Customizable fields
- GDPR-friendly language suggestions
- Easy information storage, so you can prove consent whenever necessary
- Easy to update and delete a contact’s personal information
- Privacy Shield Framework allows for easy, legal transfers of information to the U.S.
If your business relies heavily on marketing, Mailchimp is a great platform to get started on. In addition to GDPR compliant forms, it boasts advertising on three major platforms (Google, Facebook and Instagram), and gives campaign reports and performance tracking to help you analyze your results. On top of that, it’s fully integratable across several platforms.
Free – $199/month
Mailchimp offers three pricing plans — ‘New Business,’ ‘Growing Business,’ and ‘Pro Marketers,’ so you can fit your membership to your business’s marketing needs and budget.
2. Gravity Forms
Gravity Forms is another plugin that helps your website with GDPR compliance. You can easily add a checkbox to these forms that allows the consumer to opt in to marketing efforts, data collection, website terms, and privacy agreements.
- Users can use Gravity View for data requests
- Integration with WP GDPR by Appsaloon and WP GDPR Compliance by Van Ons — specific plugins that help with GDPR compliance
- Plugins and codes for protective measures such as preventing IP addresses from being saved and encrypting sensitive data
- Add-ons to help create surveys, quizzes and even recorded videos
- Enable clickwrap agreements on email forms
- Easy integration with an array of apps and online services
Because of the added features and plugins, Gravity Forms requires a little more work to organize and set up, but it allows subscribers to easily customize forms for a range of needs.
$59 – $259
With a range of pricing and plans to choose from, you can easily find something that fits your budget. Gravity Forms is $59 for the Basic license, $159 for Pro, and $259 for Elite.
3. Ninja Forms
If you’re overwhelmed by the idea of additional plugins, Ninja Forms might be a better option. Ninja Forms doesn’t require any other plugins or add-ons to ensure your forms are GDPR compliant, making it a simple but effective option.
- Toggle off the “store submissions” options if you don’t wish to retain certain data
- Once data is stored, Ninja allows you to access that data so you can export or delete it
Ninja Forms are extremely developer friendly, allow you to create highly-creative forms with ease, and they’re even translation friendly for international businesses marketing to consumers in several different languages.
Free – $499/month
Ninja Forms has a basic license that’s available for free, but if you want the added features, you can try their premium versions for $29 to $499 a month.
4. Contact Form 7
Contact Form 7 is one of the oldest forms on the list, and an extremely popular option due to its reputation for reliability.
- Create checkboxes for active opt-ins for specific conditions
- Link checkboxes to your privacy center
- Toggle-off the feature that saves data if you don’t want to store certain information
- You can also download Flamingo by Takayuki Miyoshi to store the submission data safely — Flamingo allows you to easily search through and delete the data as needed
While it’s not as user-friendly as other plugins, it’s very customizable using HTML.
Contact Form 7 is currently free, making it a great option for smaller businesses just starting out.
5. WP Forms
WP Forms is arguably the most user-friendly way to create consent forms. You can create your first forms within minutes of activation, and it includes ready-made templates to get started.
- The drag and drop feature is an easy way to customize your form templates without the hassle of HTML building
- Like other form building plugins, WP Forms makes storing and deleting data easy, and allows businesses to request active consent prior to form submission
WP Forms offers ease-of-use and customizability for business owners and marketers.
Free – $449
While you can build basic consent forms using the free version, to incorporate GDPR compliance features, the paid versions ranging from $39 to $449 are a better option. Paid versions allow for add-ons for conditional logic and submission management which make compliance easier.
WP Forms also offers a 14-day money back guarantee.
The state of GDPR compliance of the proposed solutions/tools was checked at the time this article was written. Please remember to do your own due diligence when choosing GDPR-compliant vendors/tools, and always sign a Data Processing Agreement (“DPA”) with your processors/sub-processors.