The General Data Protection Regulation, known as the GDPR takes effect on 25 May 2018.
If you own a WordPress website, you need to comply with this regulation.
In short, what Is The GDPR?
The GDPR regulation empowers EU citizens as they are given more control over their digital data. Data may include any/all sensitive personal information that can be used to identify, find or contact a person such as an address, phone number or email. The GDPR regulations replace the Data Protection Directive which was enacted in 1995. EU citizens now have the right to know if their personal data is being collected and what information about them is being stored. They also have the right to request access to this data, as well as ask organisations to update or delete their information.
Are all websites Affected By The GDPR?
If you collect personal information of EU citizens via online forms on your WordPress website, or via a woocommerce shop on your website, including the name, address and other identifying information of your website users or visitors in these forms, then you need to comply with the GDPR on these forms.
How To Make Your WordPress Website GDPR-Compliant
Under the GDPR, insecure gathering of Personal Identifying Information is a violation. If you do not already have an SSL certificate on your website to encrypt form data, get onto your hosting account provider and order what they recommend today. Most hosting companies will install this for you and assist you or advise you in forcing your site through the security certificate.
Next, you need to prepare an understanding of your online-data gathering activities.
- What sensitive information about your users do you collect?
- Where do you store this information?
- Why are you collecting this data?
You must request consent from your users before collecting their data. They should be informed that your online form asks for their data and that these data will be stored.
We can also update your wordpress websites security and check that your ssl cert is correctly installed and configured, update your core files and provide website theme updates if required to bring your site to current security standards for encryption and protection.