Documentation, Reference Materials and Tutorials for WPForms
Do you need to check that your forms are compliant with the European Union’s General Data Protection Regulation? The best way to ensure GDPR compliance for your specific site is always to consult legal counsel. In this guide, we’ll discuss general considerations for GDPR compliance in your WordPress forms.
What is the GDPR?
The GDPR, or General Data Protection Regulation, is a set of data collection regulations in the EU (effective as of May 25, 2018). Requirements under GDPR include requiring explicit consent before collecting or storing user data, as well as allowing the user to request access to or deletion of that data.
For full details, please see this official guide to GDPR.
Best Practices for GDPR Compliance
While your specific site may require unique considerations that should be addressed through legal consultation, there are a couple adjustments most sites can make to improve compliance with GDPR.
Ask for Consent
Before collecting or storing user data under GDPR, you would need to request their consent. The easiest way to do this is by adding a checkbox to your form.
To do this, first create a new form or edit an existing form. Then, add a Checkboxes field to this form.
Next, we need to delete all but one checkbox option from the Checkboxes field. After clicking on the new field to open its Field Options panel, you’ll be able to click the – (minus) buttons to delete extra checkboxes.
Once you have just one checkbox option left, you can add text for user consent. For this example, we’ll add “I consent to Example.com collecting and storing my data from this form“.
Last, we’ll delete the field label content and check the Required option. By requiring this checkbox, the form will not be allowed to submit unless the user grants this permission.
Be Prepared for Entry Data Requests
Under GDPR, users can request access to their entry data at any time. While your site may need to take additional considerations into account, one way to prepare for this is to provide an easy way for your users to submit these requests.
To delete entries, go to WPForms » Entries and select the form you need. Then check the box for any entry you’d like to delete and, within the Bulk Actions dropdown, select Delete.
If you’d instead prefer to delete all entries for a form at once, our Delete All option provides a quick and easy option.
For more details on entry management for your forms, please see our complete guide to form entries.
That’s it! We hope this guide helped you to begin creating GDPR compliant forms for your WordPress site.
Next, would you also like to customize your form’s notifications? Check out our tutorial on setting up automatic form notification emails for all the details.