Workflow

WordPress cookies, GDPR and compliance guide

How to make your WordPress website GDPR compliant? Read more how to install cookie pop-up, cookie policy, privacy policy in WordPress.

Get WordPress cookie plugin!
image

The ultimate guide to WordPress GDPR compliant cookie consent

In this guide we will walk you through how to make your WordPress website GDPR and ePrivacy directive compliant. If you are one of WordPress website owners, then this guide is for you.

WordPress cookies guide agenda

To help you get a better overview of cookie consent, we will cover the following topics in this guide:

What is WordPress?

WordPress is the most popular CMS (content management system) in the world.

WordPress has a 40.3% market share among all CMS (as of February 2021).

And it is growing super fast - just from February 2020 it increased its share from 35.7%. Second place is held by Shopify - but only with 3.3%.

Some of the biggest brands are using WordPress to build their websites and blogs - such as TechCrunch, Microsoft, Etsy, Walt Disney, PlayStation and many others.

WordPress makes it easy to quickly build all types of websites, without a need to code.

WordPress and GDPR

According to the The General Data Protection Regulation (GDPR) and ePrivacy Directive you need make sure that your website is compliant.

Otherwise, you risk getting a fine - up to €20 million, or 4% of the organization's global yearly turnover, whichever is higher.

How to make WordPress site compliant?

To ensure compliance here are some of the documents and legal elements you need on your WordPress website:

  • Cookie pop-up
  • Privacy Policy
  • Collect email marketing consent
  • Consider links to third party websites
  • Terms & Conditions document

WordPress and cookie consent

As any other website, built on other platforms, WordPress sites require cookie consent as part of GDPR and ePrivacy directive.

WordPress checklist for cookie consent

To ensure cookie compliance on WordPress you need to:

  • Know what cookies you are using and why
  • Have a cookie pop-up
  • Have a cookie policy
  • Be aware of the difference between necessary and non- necessary cookies
  • Obtain consent from your website visitors before you set non-necessary cookies
  • Ensure your users can easily access and change their cookie settings
  • Have an audit trail, so you can document the cookie consents you obtained when users gave their consent (Legal Monster provides consent audit trail)

WordPress cookie plugin

To make your WordPress website GDPR compliant you need to use a cookie plugin.

Legal Monster offers a free and easy to use WordPress plugin.

Legal Monster WordPress plugin

Legal Monster’s plugin is really easy to install.

  • Download WordPress plugin
  • Upload the plugin and click “Activate”.
  • Go to the plugin in the WordPress dashboard, then you will need to create a free account on Legal Monster’s website.
  • Copy widget snippet from Legal Monster’s site to the plugin and click Save.
  • That’s it - now Legal Monster’s cookie plugin is installed on your WordPress site.

WordPress cookie policy

Your WordPress cookie policy needs to include:

  • Your company details, e.g., name, registration number, full company address, contact information.
  • A description of why, how and what you use cookies for.
  • A definition of what a cookie is.
  • A description of the different types of cookies on your website: Their purpose, provider, duration and how you use them, including but not limited to: Necessary or essential cookies, Non-necessary cookies, such as Analytical cookies, Marketing cookies, Third party cookies.
  • A link to your own privacy policy.
  • Your agreement with third party providers.
  • Information about how to opt-out of being tracked.
  • Make your WordPress cookie policy readable.
You can create WordPress cookie policy via Legal Monster.

WordPress privacy policy

As a WordPress website owner, you also need to have a privacy policy.

First of all, privacy policy should be available on your website. Second, it also should be available in all places where you collect personal information - for example WordPress sign-up forms, newsletter pop-ups and so on. Third, you need to prove that you gave users the option to read the privacy policy when their consent was given.

WordPress privacy policy checklist You need to have a privacy policy that clearly states:

  • Your company name, address, email, and other contact details as data controller
  • What personal data is collected from your users (the purposes) and what you are using this data for
  • Who you are sharing the data with
  • The data retention periods for the specific data collected
  • How to file a complaint and to whom
  • How the user can exercise their right to request data access, data deletion or data edits
  • Make sure your privacy policy is accessible when collecting your users information
  • Your privacy policy should be easy to read and understand
  • Make sure you can prove that you gave your users / customers the option to read the privacy policy through when their consent was given
Generate a free WordPress privacy policy template with Legal Monster.

Collect up to 5000 free consents per month with Legal Monster.

One way of keeping track of consents and the evidence you need is through a consent management solution that tracks your cookie consents.

With Legal Monster you can collect and document consent for all cookies used on your site. Our solution detects which cookies you use and collects compliant consents for those. With Legal Monster you get a full audit trail, so you can prove consents to a data authority if you need to.

Get WordPress cookie plugin!
image