GDPR and WordPress

GDPR & WordPress: Technical measures that you should implement

On 25.05.2018, the EU-GDPR came into force. We offer you an overview of the technical precautions that we consider important against the background of GDPR in order to operate your WordPress website in a legally secure manner.

Disclaimer

Our blog post is not legal advice! As part of our work as WordPress host , we have dealt very intensively with the applicable German data protection regulations and the EUGDPR . However, we are neither lawyers nor data protection experts. For the completeness, timeliness and accuracy of the measures and content provided by us, we assume no liability.

GDPR-remove questionable WordPress plugins and replace them with GDPR-compliant alternatives

If plugins have to establish a valid connection to another website and pass on data such as the IP address in the process, it becomes problematic. Such plugins should definitely be replaced with an EU-GDPR-compliant alternative - at least until the manufacturers publish a legally compliant version of their plugins.

Collect anonymous visitor statistics

Of course, we would also like to know what works particularly well on our website, what people like to read or share, how long visitors stays on a site or how high the bounce rate is. With the EU-GDPR the legal situation has been tightened a bit more. You must completely anonymize every visitor:in your website, as you did under the previous German Basic Data Protection Regulation. However, no personal data may be transferred to other services.

For this reason, we recommend Statify so that all anonymized personal data remains on your website and is not shared with any other services.

According to plugin , plugin does not process, send or store any personal data, such as cookies or IP addresses, outside of your website.

Use legally compliant avatars for blog and comments

Avatar Privacy by Peter Putzer offers the following features for the implementation of GDPR : First, it does not publish the hash of email addresses if there is no Gravatar account for it. On the other hand, it offers an opt-in or opt-out for the display of the Gravatar in comments and in the user profile. Also, the plugin provides new default avatars that are loaded from the local server instead of the gravatar.com servers in the USA.

An alternative is to completely disable gravatars on your own website:

However, in order to completely disable Gravatar in WordPress, you still need to make the following settings in the WordPress admin area under the menu item "Settings": Scroll down in the submenu under Discussions until you reach the Avatars section. Then uncheck the checkbox: "Avatar display - Show avatars". Click Save to apply the settings and clear your site's cache. Now your website should no longer communicate with wordpress.com .

Double opt-in procedure for comments

Here it is said in advance that the notification of further comments to the own comment already presupposes that data is passed on. If you want to exclude a negative interpretation of this "gray area", use the free plugin Subscribe to Double-Opt-In Comments. This way, the visitor has to actively confirm in advance that he really wants to receive notifications about follow-up comments.

Limit antispam protection to your own website

For example, Antispam Bee or Akismet can be used here. Antispam Bee can be used GDPR-compliant, if you observe the following setting of the plugin: The "Consider public spam database" function must be deactivated to prevent the IP addresses of your visitors from being transmitted to the Stop Forum Spam service. The language filter, which uses the Google API, is contrary to the assumption of many data protection unproblematic:

If the speech filter was activated, the first ten words of each comment are sent to the Google service for speech recognition. Three words of the comment content. Not the email address, not the name of the person commenting, not the IP address. Bottom line: no personal data and therefore no problem. - Simon Kraft, member of the plugin collective

WordPress backup plugins possibly replace with alternative solutions

To counteract the transfer of personal data to e.g. US servers and as a positive side effect to free up further performance capacities of your website, you should consider not using special WordPress backup plugins. There are also alternatives to a WordPress backup plugin, which you can consider here.

Use web server caching instead of WordPress caching plugin

Many caching plugins do a good job of caching your website. Caching allows the website to be delivered faster. However, caching also comes with loss of control over the data.

A legally compliant alternative, which also ensures that the performance-heavy plugins disappear, is to use the server-side cache.

The advantage: The data is already stored when it is delivered and, at least at Raidboxes, is only located on German servers with guaranteed ISO 27001 certification.

Prevent problematic social plugins

Share services often already use data as soon as your visitors is on the website with an active social plugin . Even if nothing has been shared yet, the data is already being passed on. This is critical in terms of GDPR .

Contact form plugins

According to the General Data Protection Regulation, sending a form requires the consent of the sender. Data includes not only the personal IP, but also the email address and the content itself. An opt-in for data storage consent can be implemented via an additional Acceptance Checkbox in Contact Form 7 and in Gravity Forms, for example, with the free plugin WP GDPR Compliance. Nowadays, however, all plugins of this type should have implemented the necessities regarding GDPR .

Newsletter & Email Marketing

In your newsletter forms, only the e-mail address should be a mandatory field, all other data such as first and last name should only be requested optionally. As with all forms, the double opt-in procedure also applies to the newsletter form, as well as the greatest possible transparency in the information about what exactly you intend to do or offer with the newsletter.

If you have not done so so far, then always use the double opt-in procedure! With the double opt-in, the email recipient must explicitly click on the link in a confirmation email a second time after the first registration in order to be included in the distribution list. This ensures that no one signs up for a newsletter in your name and that the actual subscription is also desired by you.

Technical measures outside your WordPress plugins

SSL encryption

SSL encryption is not mandatory in GDPR, but without an SSL connection a secure data transfer around your website is not possible. You can also learn more about SSL in our extensive Let's Encrypt SSL Compendium.

You don't want to set up the SSL certificate yourself? Then use, for example, SSL certificates from Let's Encrypt, which you can activate quickly and easily for your WordPress website for free via 1-click installation.

Create Google Analytics Opt-Out

In this context, it should be pointed out once again that the complete anonymization of visitors is mandatory. To ensure this, the frequently used Google Analytics must be extended by the following code line:

ga('set', 'anonymizeIp', true);

Should your javascript snippet have looked like this beforehand:

<script>
(function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){
(i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o),
m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)
})(window,document,'script','https://www.google-analytics.com/analytics.js','ga');
ga('create', 'UA-XXXXXXXX-X', 'auto');
ga('require', 'displayfeatures');
ga('require', 'linkid', 'linkid.js');
ga('send', 'pageview');
</script>

the code looks like this after adding it:

<script>
(function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){
(i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o),
m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)
})(window,document,'script','https://www.google-analytics.com/analytics.js','ga');
ga('create', 'UA-XXXXXXXX-X', 'auto');
ga('require', 'displayfeatures');
ga('require', 'linkid', 'linkid.js');
ga('set', 'anonymizeIp', true);
ga('send', 'pageview');
</script>




Furthermore, you must create a possibility in your privacy policy that visitors of your website can be completely excluded from the Google analysis. You can find a free opt-out plugin for Google Analytics called Google Analytics Opt-Out in the WordPress plugin directory. This installs a cookie which prevents analytics.js from collecting the data.

Anonymized IP addresses in blog comments

WordPress stores the IP addresses of comment writers by default. However, according to the EU-GDPR the collection of the IP address is not data protection compliant. You can use a small PHP code in your functions.php to prevent the future storage of IP addresses. We recommend to use a child theme for this, so that the code is still integrated after the next update of your theme. The code to insert is:

function  wpb_remove_commentsip( $comment_author_ip ) {
	return '';
	}
add_filter( 'pre_comment_user_ip', 'wpb_remove_commentsip' );

Finally, you need to manually delete existing IP addresses from your website's database retroactively. A good tutorial on how to do this can be found here.

Did you like the article?

Your rating helps us improve our future content.

Post a comment

Your email address will not be published. Required fields are marked with *.