WordPress GDPR Compliance Update & Privacy Policy Generator

WordPress GDPR Compliance Update & Privacy Policy Generator

In this video ministry some of the new features
coming to a new version of WordPress to help you have your website be GDPR compliant that
such a tongue twister hi my name is Adam from WPCrafter.com or make WordPress tutorial videos
for non-techies if you do your consider clicking on the subscribe button click on the bill
to not miss a thing but just jump on into it a new update is a forthcoming for WordPress’s
can be version 4.9.6 in it brings a couple new features that I’m going to show you and
I’m pretty excited and happy that that WordPress came through for all of us WordPress users
in a ministry that here in a moment if you’re not familiar with the GDPR leave a link to
this article I think out of all the articles I’ve read as it relates to WordPress and websites
this one I think is out really good it’s one of the best out there it’s from Tim stop who
happens to be a WordPress host for more premium hosting so leave a link to this article down
below essentially most of you unless you’ve been living under a rock this is all you’ve
been hearing about and you’ve been receiving numerous emails from twitter from Facebook
from all these different companies saying we’ve updated our privacy policies essentially
two of the main cornerstones of the GDPR is you have to let someone know and get their
permission whenever you collect personal identifiable information from them this would be if someone
left a comment on your WordPress website they filled out a contact form on your WordPress
website or maybe even just ordered something with WooCommerce and now you’re collecting
their personal information in addition to that you need to have a mechanism in place
if someone was to request A a portable data format of all the information you’ve collected
on them you have to have a way of providing that and you have to have a way of deleting
all the information that you have on them so you have to have that as well lastly you
also need to have a privacy policy that details out the ways of cool that you collect data
how long you start for and some other intricacies like that and a lot of these problems are
going to be solved thank goodness in this WordPress update so I downloaded the beta
was just released yesterday I don’t recommend using it on a live site but I’ll just show
you how this all works now in this video so there is a new option here underneath where
there’s couple new options under tools there’s a new option that says export personal data
in a race personal data to show you the workflow that and underneath settings there is a new
option here that says privacy so let’s first take a look at that so essentially this is
going to be a tool that will help you build a privacy policy now I’m in a show you it
right now actually just jump to it so what you could do is choose an existing page that
you want to be your privacy policy or click right here it says create new page and create
this new privacy policy page and it doesn’t do this for you you’re probably going to want
to link this into a footer menu so if your theme has a menu area in the footer you’re
gonna want to add a link to this to the footer for sure so let’s take a look at what this
template looks like so I’m a click on uses page and it’s gonna take me right on over
to it let’s eat out here it is let you know to actually update your menus that’s actually
very good so here let me click on edits and this will show us what WordPress does to this
privacy policy does not like your typical template that you might’ve seen before where
you could just change the URL in the business name and you’re good to go it’s not like that
there is a lot that you would actually need to change so here is it right here so everything
in yellow is what you’re going to want to look at pay attention to and change because
some of it has like this template the stuff word you’re just a postal completely remove
it and put your information in there but it gives you a format or framework for the sections
of information that should be in your privacy policy who we are and then it gives you guidance
on what to put there what personal data we collect and why we collected it gives you
some guidance there and there’s also little sections here that are not highlighted in
yellow and this is what WordPress has put there to stay there for you to help you with
some of the details of how WordPress fits into this privacy policy you can see right
here under what personal data we collect and why we collected it leaves this paragraph
for you to leave that says if you’re registered user and upload images to the website you
should avoid uploading images with X if GPS data location included so there’s these little
bets where it’s adding information that you’re definitely going to want in there so next
year some guidance on contact forms on comments and then here’s two paragraphs that WordPress
leaves and therefore for you that explains what happens when a comment is actually left
and actually words it for you the same thing here with cookies so if you’re wondering what
cookies are involved with WordPress well it’s actually written here for you and here is
as well embedded content on another website analytics you get a change all that because
that I’ve said he doesn’t know what analytics you have in their site note on analytics Google
has a feature to anonymize if I’m pronouncing that right the IP address so that in Google
analytics is mostly GDPR compliance who share your data with for most of us is going to
be nobody obviously how long we retain your data what rights you have over your data and
so there’s a section here now what you’re going to want to do here is you are going
to want to have a contact form on your website that people can use to request a copy of their
information and also the form will also give them the opportunity to request the removal
of their information so WordPress doesn’t plug in a contact form for you with all that
stuff Juergen have to add that I’m sure you could put a administrative email address if
you wanted to and some can just send the request to that if you wanted to do that way okay
where we send your data there’s info here your contact information additional information
solicits can be a great framework and I’m probably going to go through this framework
and fill it all out for me and it also acts kind of like a guiding framework for identifying
where you all that areas that you are collecting people’s information so this is part one of
what the new updates going to do now the second part is what I was showing you underneath
tools you can export personal data in a race personal data and it’s really cool how this
works and let me click on export personal data so like I said a moment ago you need
to either provide an email address where people can send the request to work Yorty have a
contact form then on that contact form people can requests for their data and then also
request for the removal of their data and this is the workflow someone requested from
you you now have their email address then what you do is you go in here you take their
email address or their WordPress username you put it right here and then you click on
send request and what that’s going to do is it’s going to send them an email to verify
that actual email address because someone can say you know send you a message and say
I want a copy of all my info and give you an email that might not be there really email
so you have to have this just process of verifying to find that that’s her actual real email
here’s what that email will look like when they receive it there and receive an email
like this is gonna say a request is been made to perform the following action on your account
export personal data to confirm this please click click on though the following link and
then there you have to click on this link to confirm that that is really their email
address then what happens is right here you’re going to see their request and it’s just going
to say that they confirmed the email address but then you actually have to come here and
click on this button that’s can essays send export link so right now WordPress doesn’t
do that part automatically for you unfortunately but I’m sure that my change in it Alex also
if someone confirms her email doesn’t really notify you of that and I’m wondering if it’s
that way on purpose because you might also have information in other locations that you
might want to add to this okay so then you will manually have to come back here and click
on send export link in this is what that emails gonna look like that they gets right here
it’s gonna say your request I don’t know why they do this Howdy thing high isn’t that hard
to just say hey Adam or hey so and so anyways Howdy your request for an export of personal
data has been completed so anyways is going to give them this a link it lets them know
this link is only going to be good for three days and it’ll tell them the exact date of
which this gets expired and automatically deleted so that your keeping their information
safe so all they do is they click on this and it’s going to download a zip file now
when they open up dead zip file this is what it’s going to okay so actually when they I
skipped it a spot when I click on that confirmation link in the prior email I’m sorry it takes
them to this page were Tennessee action has been confirmed so hopefully that gives a way
of customizing the so doesn’t have to have the WordPress logo or maybe some of our page
builders will give us more tools to customize this I’m sure someone’s going to have a way
of doing it all when actually there’s a link to the privacy policy how cool I didn’t even
notice that okay anyways so when they click on this it’s good to download a zip file and
this is what the date is going to look like so it’s his personal data export and here’s
the information about this report any comments that they’ve left so I left a test comment
on this website just to see if it would send me that information and you can see he does
so it is it collected my information in the browser I was using my IP address date and
time the actual comment it’s all actually there so it’s going to show lists of comments
and then here’s all the user information for the actual user account that is on the website
and it’s real simple just has their email and their name and all that kind of stuff
and the date that they actually registered so at that point you’ve done what your obligations
are if this is all the information that you’re collecting you’ve already done your obligation
which is great you go through the same process of someone wants their data deleted and the
only difference is you don’t go into the personal data you go into the erase personal data right
here and it goes through that same process so someone can erase their personal that it
someone can there is a process in place where someone can have their personal data race
now here’s the exciting thing this is coming to the core of WordPress which essentially
means that any plug-in or theme is going to be able to hook into this functionality so
for example some of the learning management systems we use LearnDash learn press what
they’re doing is they’re going to hook into this so once someone if you’re using one of
those plug-ins someone requests their data instantly show them their their data from
the learning management system as well so you’re gonna it it’s going to be so is so
easy to fulfill these requests that people actually have that may want to see their personal
data that you have on them and I imagine all of the e-commerce platforms WooCommerce easy
digital downloads they’re going to as well have hook into this one way of doing it so
it’s super simple for you so of all of your plug-ins that might capture personal info
identifiable information on people there going to be able to update their plug-ins and just
hook into this functionality so what you need to do is the website owner is become a lot
more simplified you need to get your privacy policy in place whenever you collect someone’s
personal information there needs to be an unchecked checkbox that says by submitting
this information you’re giving me permission to store your personal data and you link to
the privacy policy so that people can easily get to where you spell out what you do with
that personal data and so people just have to check that box so be before they place
an order before they put a contact form before they submit a comment all of these ways where
they could be giving information to you you just have to have that checkbox and it has
to be unchecked so once you’re good with that then you have a very clear way where someone
can request their data or request their data to be deleted in its pretty simple obviously
there’s third-party services that you need to take into consideration there is a gray
area as far as encryption of data you do want to have HTTPS on your website you want to
do that anyway but you also there is that gray area do you have to encrypt where the
data stored on your hosting provider and everything that I’ve read is you don’t need to do that
but then wherever that data goes from backups should have some kind of encryption them in
place but you can read I’m this is not legal advice this is not suggestions on anything
this is simply me showing you what is coming to WordPress very soon and I’m sure a lot
of the plug-in authors where you’re using their products are going to have blog posts
and email updates going out saying how they’re going to be hooking into this functionality
so you can expect that coming up but I definitely click on the link here to the contents the
blog and you can read some of what they put together you really have to do I’m not obviously
getting this information on who the GDPR applies to know all that I can tell you for me I am
going to put the effort into putting a really good privacy policy together on my website
spelling everything out I kinda like the transparency alike letting people know everything that’s
going on I’m totally cool with that and I’ll be adding the checkboxes where I need to add
the checkboxes and all that the only thing I’m a little resistant to is I do currently
on my website track when people do on my website now I don’t want to have to whenever someone
new comes my website say you know do you authorize me to do this I don’t want that user experience
on my website so I’m personally debating whether I really do need to track what people do on
my website just the pages they’re going to I think it’s actually unreasonable my personal
pain is is very unreasonable to force website owners to have to ask every single person
that when it could be safely assumed that anything you do on my website I’m tracking
what you’re doing based upon your IP address I I don’t and in the United States where I
am and where everything I do is your IP address illegally is not personally identifiable information
it’s different in the EU it’s not that way in the US so that’s the only thing that I’m
struggling with I don’t want to have to annoy every person that comes to my website with
that but then again I do want to be in full absolute compliance with the GDPR so we’ll
see what shakes down with that one for sure so anyways that is it for this video wanted
to show you what’s coming so there’s lots of other plug-ins out there that help you
would GDPR and that’s all nice I think I rather is just the WordPress problem and I preferred
the solution that WordPress’s can provide for it I’m sure this can be maybe third-party
plug-ins that enhance it but I think this is probably gonna work for most people this
is deftly going to work for me I’m glad that WordPress is taking it seriously they put
Gutenberg on the side to prioritize GDPR I mean bravo to WordPress for doing that I’m
so in there ahead of the game today’s the eighth on the 25th this all goes into effect
so they can get a cup around a bit rounds a beta testing and get this out there in 10
days there still ahead of the curve give everybody a week to put the privacy policy to gather
and waste that’s it for this video if you have any questions you can ask in the comment
section down below thank you for watching this video I’ll probably have some more stuff
coming out on the GDPR thanks for watching I’ll see you in the next video

51 thoughts on “WordPress GDPR Compliance Update & Privacy Policy Generator”

  1. OMG, THANK GOD, WordPress is setting this up! It makes WP a safe haven, because setting up for GDPR is just a real headache which I don't think anyone can truly be entirely compliant with. Especially, the small businesses who just don't have the manpower to get into compliance. What a rich blessing this is. I can see WP getting us totally hooked up and ready for GDPR over time. Thank you for posting this Adam. It's a real breath of fresh air to see this!

  2. All day today I was thinking on how to solve things on my sites that is now all of a sudden solved by the great community of wp. Thank you very much your review Adam. It is such a relief.

  3. Adam – I’ve been struggling with one idea that you mentioned: Do you really interpret the regulation as needing a checkbox to accept data storage on a form that already has a submit button? As long as I say on the form that when you press submit this form records personally identifiable data, surely the Submit button is explicit consent? How can you interpret pressing Submit any other way? I’m not arguing but I’m really wondering. What does the checkbox add?

  4. Thank you Adam for the early cover of this WordPress version, I have a question please: Is GDPR only for registered users? What about unregistered visitors of my website that are from EU? Can they (unregistered EU users) request for their data based on their IP address?

    Thank you in advance.

  5. Hello Adam, I build websites for clients. I sent them a GDPR warning mass email. In case one of my client breach the GDPR is the web developer liable? How can we developers protect ourselves from angry clients? Is there a sample disclaimer that client must sign to make us not liable?

  6. What do you think of the "GDPR Framework" plugin? It works in a similar fashion but I think it creates a better privacy policy, and lets you add a button that allows users (if you decide so) to directly download or delete their datas, saving you (the website owner) some time.

  7. I knew WordPress would roll out GDPR for us and that was why I was waiting patiently.. Thank you Adam for sharing

  8. Hi Adam, what happens to someone like me who uses disqus for commenting, do you recommended I switch back to WordPress commenting to be covered by GDPR because I dont really know if disqus is compliant.

  9. Hi Adam, what happens to someone like me who uses disqus for commenting, do you recommended I switch back to WordPress commenting to be covered by GDPR because I dont really know if disqus is a compliant.

  10. Do i have GDPR obligations for my users that are using my newsletter, or for the users that are subscribed to my notifications (Onesignal). Thanks.

  11. You specifically mention Learndash and Learnpress working on a solution. Lifterlms is conspicuous by its absence, as far as you know, are they lagging behind on this?

  12. Good this is tackled in the WP core. Maybe a little bit late, cause developers and their EU clients are struggling with this GDPR for months now. I am following some FB groups on this issue and there are more questions than answers.

  13. Nice video. Definitely a resource. It tells site owners what they need to do (especially for small sites).

  14. Great news! This will save a lot of time. Question: How will you add all the checkboxes you mentioned?

  15. Adam Preiser,

    What plugin/tool that you're using in this video?

    Do I still need use E-Comply or GPDR Tracker if use this? Thanks

  16. I sent you a message, but incase you don't see it could you review which plugin on the wordpress store is best to get this process done? There's tons already and any advice which is best would be great.

  17. Due to the updates WordPress has provided, would we still need to have cookie plugins, like you said, popping up to discourage protention clients or customers? Or will the privacy policy updates we make be ok?

  18. I am curious as to whom will send non-compliant websites a notice that they are being fined for non-compliance and what happens to the website owner if they do not pay the fine? Is "Uncle Guido" going to show up at their door and break their legs?!

  19. hi. I would like to know what about the hosting sites itself that have stats for the domain names website that we cannot change for example inmotion has visitors stats. How can we be gdpr comply if the hosting is the one collecting the visitors ip address. Before i bought inmotion hosting they told me they were gdpr comply today i found out they are not really dont know what to do now.

  20. Thank you for doing this video I've had a real hard time trying to get to grips with GDPR. One thing that I noticed is that even though I just updated to 4.9.6 that my privacy policy that it generated is different to the one you are showing i.e. no highlighted areas and a lot of missing text (nothing listed under analytics etc) do you have any idea as to why this is please?

  21. I get this from a business standpoint but as a book blogger that does not make any money on her self-hosted WordPress website, this is a huge headache. Add to that, the fact that I'm not even in the US but in South America makes it even crazier.

    This past week I disabled the comments on my blog just to make sure I'm GDPR compliant before anyone else put some info there. I don't get many commenters but there are some.

    Making the Privacy Policy as I type this because before this blew up I was living under a rock, apparently (LOL) and did not think that this would apply to me. According to some author friends, it does apply just for the fact that I had comments ON or Google Analytics… and I'm pretty sure I use cookies too because of GA.

    I have so many questions so this process it's taking a long time for me. I'm not a web developer so I'm pretty clueless about tech things and how to do them. I still need to make sure I know what data is stored and where for some things.

    This coming from WordPress has been a huge help to me, in particular. I don't have a newsletter installed as of now so that's going to be another hurdle to get over later, luckily MailChimp it's been pretty helpful too.

  22. Hi Adam,
    Great explanation. I was trying to find out how it did work the new features. But I am wondering, are you aware that this is only a small part of what is needed for GDPR?
    Besides the privacy policy (with all the information about everything you have that capture information and ways to opt out from it), you also need to have a cookie banner with an opt-out option (because not all of the EU countries follow the same rule, some just need to see the warning that the website use cookies, others do need an opt-out – like Germany and Italy for ex.), it is also needed that the cookies are blocked until consent given in all of the situations.
    Are you thinking about doing any videos about it?

  23. Hi Adam! Thanks for the video. Do you have any information how could you write privacy policy and cookies policy for different type of sites I'm struggling with how can you write a gdpr privacy and cokie policy Im planing to make portfolio website I need for that and I just want to put in contact section where people put their email and message

  24. I had to set up my site to monitor everything visitors even attempt to look at. Sadly I've had an issue with people from Russia and Ukraine trying to attack me.

  25. Thanks Adam, what bothers me about this is that if a hacker hijacks one of our user's email address, then they can use that to leverage all the personal information that we have on that user. Seems there should be some two-factor authentication of some kind in this process.

  26. I don't have wordpress; I already have a website created. {it's fully completed yet} I have a couple of questions.
    How and where can do I add the "privacy policy" and 'terms and conditions"?
    In order for me to add other much needed info and requests from customers to my web; I must have the above two added on.
    (SMH) I'm lost. Help.

  27. I really do find this videos interesting and motivating to take the GDPR seriously. I'm also happy you are there to make things easier and simply to your followers. You are a motivator. Any motivator need a motivator to inspire them to motivate others. I love to motivate people regardless of who they are. That's why i started my talkshow channel which give startups, creative minds or businesses the ability to share what they do with the public and this GDPR info is really useful and simple. I want to motivate so many people especially most women in Africa to wake up and focus on their dreams rather than sleeping and complaining about how things are difficult. Thanks for this.

  28. lots of detail here ! thank you ! this has been discouraging and to over whelming until now ! thanks again for your brilliant clarity , and helping with this. I hope the next wave we get hit by is more forgiving.👍

  29. Hey! Adamn it seems that GDPR plugin has been compromised /hacked and it's been more that 12 months not been updated do you know any other better alternative?

  30. Thank you for your amazing explanation of GDPR , this was very informative . Thumbs up and subscribed . Looks like a lot of plugin pp reading ahead .

Leave a Reply

Your email address will not be published. Required fields are marked *