Tue. Dec 10th, 2019

Host your Website

Read and learn

FatCow Web Hosting $1.00/mo* Trust your web hosting to the #1 web host provider, GoDaddy!

GDPR Compliance For WordPress – A Website Developers Goldmine

1 min read



Coming very soon, the GDPR will add all sorts of requirements on most website owners. Here are some initial things that I am planning on implementing.

***This is not legal advice***

Here are links to some referenced articles:

GDPR for websites


How we’re tackling GDPR in WooCommerce core

This is going to be a potential goldmine for website developers that take the time to have a full understanding of the GDPR and can help website owners be compliant.

33 thoughts on “GDPR Compliance For WordPress – A Website Developers Goldmine

  1. Hello Adam. I have a question about GDPR policy. My question is that for those who are creating an affiliate website, do we need to the GDPR policy or just leave it alone? In fact, most of the gurus that I look at don't even talk about the privacy policy, disclosure policy, and affiliate policy. I want to cover myself if someone buys a product from affiliate off my site and they get hurt from the product, I don't want that person to come and sue me.

  2. I have Google Adsense on my website. They are asking me to take action, all I am ending up with are long text documents. I do have a Privacy Policy page, but I think I will need to add this popup.

  3. By far the best presentation I've seen on GDPR so far, and I quite agree with the spirit of the law also. Every site I've developed I have pushed for as much data transparency as feasible.

    Also well done for highlighting the jurisdictional issues. The over-reach issue is highly concerning imo, at least in principle.

    As I understand it (and I'm not a lawyer either), the EU does not rule outside of the jurisdictions of it's consenting member states. I believe it's a concept called sovereignty.

    HOWEVER, there is nothing to stop the EU, or any of it's member states or their citizens from attempting to take a non-EU company to court (for whatever reason, GDPR or other). This does not mean the target jurisdiction has to comply, but… depending on the jurisdiction, courts or judges may or may not decide to honour the proceeding.

    Any sensible state IMO would ignore any foreign order, and any exception should be constitutional.

  4. The thing with cookiebot banner is that according to GDPR, you cannot install ANY cookies on people's website without first getting consent. So, use a tool like cookiebot or be 100% not complient.
    Now, you don't need to block the page completely and force people to click on OK… you can just show cookiebot on top of the page and disable all the cookies until people opt-in. If they don't opt-in, so no cookies will be installed. In practical terms, That means people won't be able to show Adsense unless people tick the box. It's crazy, but that's how the regulation is right now.

  5. Great Great video man! Your videos never disappoint! A quick question I always wanted to ask, which software/program do you use to make your video like this one, where you can show yourself in a small circles window 🙂 Thank you!

  6. If I go Private with my settings do I still need to worry about GDPR, I am thinking on doing that to freeze my account so I have the option to work on it later if I want to start it back up then.

  7. Hello. Nice intro, however you did not mention how you are responsible for data protection as well. You need to have encrypted storage and – possibly – a key vault holding website database credentials.
    Some US providers are going to provide file system encryption, however you should encrypt data at rest as well. Otherwise you shall need to implement the incredibly painful "warn every contact by 72 hours if your website is breached" policy.

  8. Number 1 is VERY IMPORTANT!! Picked a bad theme (HB Themes) for my business site several years back now paying the price. Horrible developer with no updates and little to no support. On the brighter side, I found Astra! 😉

  9. OK. Now let's look at the other side of the question. Is Joe Blow REALLY a resident of the EU? That is really a bigger question and needs to be fed back to the EU. There is no way that I will release info to "Joe Blow" just because he tells me he lived in France! And I definitely won't delete it. There needs to be an official request that comes from an OFFICIAL source within the EU that verifies that Joe Blow not only lives in the EU but is also an official resident of the EU. Maybe Joe is from Chicago but has a summer home in the south of France. He requests from the French address/internet node. If you think that YOU will be getting requests, what about the EU?
    Good idea, EU, but not practical—unless they have the OFFICIAL procedures in place to handle this, and the budget!

  10. Hi Adam, I am setting up a affiliate website where I basically share information but also share links to Amazon and another bunch of website products and services.
    My question is; I live in UK, and started to work as a affiliate marketer, do I have to add these GDPR popups on my website? And if so, how do I go about doing it.
    Thanks

  11. You hate the EU Andrew? How nice. I don't recall saying or doing anything to offend you – oh well. As for your opinion on GDPR, I suggest you read into it. The news on both sides of the Atlantic is full of data breaches where personal data has been compromised or openly sold. The companies that lose or sell personal data rarely end up being victims of fraud, but the poor individuals who's data is released do. GDPR makes information about me 'my' intellectual property. I decide who has access to it, what they can do with it and how long they can keep it. If I give my name and address when ordering something online, I give it for that purpose only, I expect them to protect that information and I do not automatically give them permission to sell it on to others who then harrass me with unwanted offers.

    I'm in the UK (Scotland to be precise), we will shortly be leaving the EU but i'm delighted the UK goverment see the real value of GDPR and decided to adopt it here, in full. As an information security manager, I admit to having a vested interest in data protection but i've also seen first hand how easy it is to Google someone and really mess up their lives. You may be in the US but GDPR will ultimately help protect you too by raising awareness of data protection in much the same way that car (automobile) airbags invented in the US improved vehicle safety and helpd to save EU lives.

    Rant over 🙂

  12. I understand why you say that this is a goldmine for developers. However, the matter of the fact is that when a client pay us for that "service", they are doing it because there is a gun to their heads. Literally, the government is using coercion and force to impose website owners to pay fo it. It's basically a blackmail. It's a crime-less punishment. But, of course, there is no such thing in regards of government cameras on the streets, where they film you and give absolutely zero fucks about your consent.

  13. Went home thinking about this…and at first it felt a bit of an inconvenience to web professionals. But the reality is that…

    It shows how EU government cares and looks after the best interests of its citizens. I wish ours would show a bit more of that attention to its citizens.

  14. Most of this should already be taken care of with decent privacy policies and terms and conditions, if your website has these then most of these regulations shouldn't change anything

  15. Adam, thank you. I'm sorry this is not a correction by any means, but I kept on hearing this term on the video and reading it on the comments. Are we talking about disclosure not a disclaimer?

    Again, like you I am no lawyer… but it is my basic understanding that a disclosure is more in the sense of giving heads up. "Hey i'm getting paid to advertise this… or proceed at your own risk" type of thing. A disclaimer in the other hand is more of a "hey this is what i'm covering my bottom with, doing my best to comply but you can't come after me." type of thing.

  16. Another great video Adam thank you for the thumbs up on this. and I will give you one piece of advice and one piece of advice only. Do not take any ones advice and that included this piece of advice I've just given you 😉

  17. I have created an add on for gravity forms, allowing to double opt in for senders and auto-deleting form entries after a specific time, together with a time stamp protocol to prove that the user really wanted to get information from you, making it even more GDPR compliant. Helps effectively against spam, too, and ensures you only get mails from real humans.
    To check, see https://albertbrueckmann.de/produkte/addon-double-opt-in-for-gravity-forms/

  18. There is one question that I have namely how does the GDPR effect Companies that do not allow PayPal for EU Members at all, like for example Elegant Themes?

    I just ask this because from what they have told me they have no other way tho collect there Data for the WAT Taxis, witch is in my eyes a bit of a strange all most suspicious reason for not allowing it.

    Plus as the gave me this information I was Addressed by my Real first name. With out me haven even an Account on there Page.

    Further more my conversation with them was over there Websites internal private chat function and if I am not completely wrong I should not have Access to unless I do have an Account there.

Comments are closed.

Copyright © All rights reserved. | Newsphere by AF themes.