5 Plugins to make your WordPress website AVG (GDPR) proof
With the upcoming enforcement of the new privacy law (called AVG or GDPR), there are all kinds of plugins on the market that help you prepare your WordPress website for the AVG (GDPR). In this article, we discuss six handy WordPress plugins that help you make your WordPress website AVG-proof!
Delete Me (free)
The AVG prescribes the ‘right to be forgotten’. If an individual asks you to remove his / her personal data, you have to do that fairly quickly. Of course, you can do that by hand, but with the WordPress plugin Delete Me you offer your visitors the opportunity to arrange this yourself (at least, as far as your website is concerned). Think of deleting all posted messages and links from one user, but also all their reactions to articles.
This plugin is particularly useful if you have a member website, for example, or an active user group that reacts a lot to your articles. Please note that you may use additional plugins on your WordPress website that store user data in a different way (or elsewhere). They are not removed by this plugin.
The plugin Gravity Forms is our favorite plugin to build advanced forms for your WordPress website. Form submissions are stored in your WordPress website, but can also be emailed or forwarded to external parties, such as your email marketing software. If your submissions are transferred directly to another system, it may not be necessary to keep the submissions on your WordPress website.
The AVG writes that user data should not be stored unnecessarily, and then the plugin Wider Gravity Forms Stop Entries is very useful. This plugin removes the entries directly from your WordPress database so that the form submissions can only be found in your external systems (or your mailbox). A disadvantage is that you do not have a backup of entries, for example when you discover that the link with an external system is no longer working. You can read an alternative below.
Save your Gravity Forms submissions on your website? Then you can secure this data extra by encrypting it. The WordPress plugin Gravity Forms Encrypted Fields ($ 27) does this for you. User data is stored encrypted in the database by this plug-in. Then you can set which people are allowed to view which entries. This can be especially useful if, for example, you collect personal data with increased risk (such as BSN or medical data), which does not need to be seen by all WordPress administrators and editors.
WP GDPR Compliance (free)
The AVG requires an ‘explicit consent’ from your visitors to be able to process their data. Such an explicit consent is expressed, for example, in the checking of a checkbox. And you really need that approval, whether it is to subscribe to a newsletter, fill in a contact form, or respond to a message. Is your checkbox checked by default? Then you go against the principle of ‘privacy by default’.
Enforcing that explicit consent in your WordPress website is mostly manual work. Make sure your checkboxes, with which users agree with your conditions, are not checked by default. For the plugins Contact Form 7, WooCommerce and WordPress Comments, there is, fortunately, the plugin WP GDPR Compliance, which places these tick marks for you. The creator of this plugin reports that he will support more plugins in the future.
Policy Genius (free)