The EU General Data Protection Regulation (GDPR) is right around the corner, going into full effect on May 25. Luckily, bolstering GDPR compliance efforts on your business’s WordPress site doesn’t need to be a major headache – or financial burden.
There are a wide variety of tools and services available that can help you and your website meet the guidelines of the GDPR with minimal effort. Alongside useful GDPR consent form tools, there is a host of WordPress plugins available online that can take care of some of the modifications to your site necessary for GDPR compliance – such as your data storage and processing functions.
This article presents five plugins that can get your WordPress site GDPR compliant in a hurry:
1. WP GDPR
The WP GDPR plugin specializes in giving your users access to their personal data by creating a unique url that will be emailed to the user upon a request, allowing them to view the personal data stored on your website.
On this special page, users can also download all of their sensitive data currently stored on your site – a key requirement under the GDPR.
Similarly, users are also able to revise comments and issue requests for the removal of any individual pieces of data.
WP GDPR currently boasts integration with a number of popular add-ons, including:
- Gravity Forms
- Contact Form DB7
WP GDPR also offers integration directly for WordPress themes, providing theme creators an easy way to offer a products conveniently built for GDPR compliance.
- Allows users to request, access, download, update, or request the deletion of their data
- Provides site owners an overview of user data requests plus admin rights to delete data
- Determines which plugins collect personal data and requires an approval checkbox under GDPR requirements
- Currently available in English, Spanish, Swedish and Dutch
WP GDPR has two different pricing options depending on if you’ll use the plugin as an Individual (one website) or as a Business (multiple websites).
The Basic subscription of €20 per year for a single website grants:
- Access to all features
- One add-on
- One year of updates
- One year of support
For €50 per year, the Plus subscription contains:
- Everything in the Basic plan
- Support for all available add-ons
Those with more than one website have the pick of three different subscription models, each of which offers all features, all add-ons, continuous updates and priority support.
At €25 per month, the “Freelance” option is cheapest and covers up to twenty websites.
The “Pro” option beefs up the total number of websites covered to fifty for €50 per month.
Meanwhile, an “Agency” subscription runs a cool €80 per month but offers support for an unlimited number of websites.
2. WP GDPR Compliance
Not to be confused with the similarly named first entry on this list, the WP GDPR Compliance plugin does cover a lot of the same ground, prioritizing user consent and integration with vital WordPress form add-ons.
WP GDPR Compliance features integration with four key add-ons, with a promise of support for others like MailChimp and HTML Forms coming soon:
- Contact Form 7
- Gravity Forms
- Woo Commerce
- WordPress Comments
- Maintains consent logs for supported plugins
- Generates checkboxes to ask for explicit user consent
- Guarantees user privacy by encrypting audit logs and anonymizing data
- Supports English, German, Spanish, Swedish, Dutch and Czech
3. All-in-One GDPR
The All-in-One GDPR compliance plugin toolkit is designed to allow users to disable third party services or APIs at will.
It also automatically removes sensitive user data from the site database as well as any third party services or APIs that your site may be using through a “dynamic database crawler.”
All-in-One GDPR is compatible with the usual range of add-ons such as:
- Gravity Forms
Mailchimp is integrated through a single button that completely removes a user from a mailing list, while the aforementioned dynamic database crawler works to remove any sensitive personal data generated by WooCommerce or other e-commerce plugins.
Finally, All-in-One GDPR works to limit the amount of data stored through Gravity Forms, keeping your site’s database lean and more easily compliant with GDPR requirements.
- Creates a page where users can request access to their personal data, configure their privacy settings, or contact you or your designated Digital Privacy Officer (DPO) directly
- Generates a pop-up or banner-style cookie notice to log user consent and automatically inform users if the cookie notice has been updated
- Dynamically removes sensitive user information from your site’s database in addition to installed third party services and APIs
This paid GDPR compliance plugin comes with three pricing tiers, all of which include email support, unlimited integrations, and access to tutorials.
One payment of £49 buys you unlimited plugin updates for a single site, while laying down £75 adds full installation and set-up for your site.
For a whopping £500 billed annually, site owners will enjoy unlimited installations, prioritized feature requests, and priority phone support.
4. Ultimate GDPR Compliance Toolkit
True to its name, the Ultimate GDPR Compliance Toolkit for WordPress touts the ability to help business owners comply with all GDPR requirements.
Not to be outdone by its competitors, the Ultimate GDPR Compliance Toolkit features predefined integrations with tried and true add-ons such as:
- Contact Form 7
- Gravity Forms
- Events Manager
- Provides a dedicated form where users can access all of their personal data currently stored on your site
- Generates cookie consent boxes and blocks all cookies until consent is given
- Sends global email notifications to users in the event of a data breach
- English, German, French, Norwegian, Spanish, Polish, and Russian language versions
A regular license of the Ultimate GDPR Compliance Toolkit costs $39 and includes future updates as well as six months of support from the plugin authors at createIT. Such support includes access to the team at createIT with questions you might have, and support with any bugs or issues you might encounter – including with third party assets.
The extended license comes in at $120 and, unlike the regular license, allows you to use the plugin in an end product which can be sold to users.
No matter which option you select, six months of additional dedicated support from createIT can be had for $13.13, giving you priority access to the developers for up to a year after initially purchasing the plugin.
5. GDPR Compliance Suite
Last but not least, the GDPR Compliance Suite bundles together a collection of features designed to secure GDPR compliance.
The GDPR Compliance Suite is leaner than the other options on this list in terms of integrations with add-ons, with only WooCommerce listed as compatible.
However, an installation of WooCommerce is necessary to get the most out of this plugin, as only then can it obtain consent from users when creating an account or placing an order.
The GDPR Compliance Suite boasts an impressive list of features, but some highlights include:
- Automatically processes user requests for data erasure
- Allows users to submit requests for data rectification and creates a dedicated table for site owners to process such requests
A regular license for the GDPR Compliance Suite is $19, while the extended license, with the right to charge end users for products in which the plugin is applied, can be had for $190.
Like the Ultimate GDPR Compliance Toolkit, either option nets you six months of support from the authors of the plugin, with an additional six months of support costing $5.63.
Reading the full contents of the GDPR and translating the legalese into practical compliance solutions would be an astronomical undertaking. Luckily, you can save yourself time and effort by simply downloading and applying one of these ready-made plugins for your WordPress site.
The state of GDPR compliance of the proposed solutions/tools was checked at the time this article was written. Please remember to do your own due diligence when choosing GDPR-compliant vendors/tools, and always sign a Data Processing Agreement (“DPA”) with your processors/sub-processors.