### [Creating GDPR Compliant Forms](https://wpforms.com/docs/how-to-create-gdpr-compliant-forms/)

**Published:** November 23, 2023
**Author:** Umair Majeed

**Excerpt:** Learn how to use the GDPR features in WPForms.

**Content:**

Do you need to check that your forms are compliant with the European Union’s General Data Protection Regulation? The best way to ensure GDPR compliance for your specific site is to always consult legal guidance.

This guide will cover general considerations for GDPR compliance in your WordPress forms.

- [What Is the GDPR?](#what-is-gdpr)
- [Best Practices for GDPR Compliance](#compliance)
    - [Disabling User Cookies](#user-cookies)
    - [Disabling User Details](#user-details)
    - [Asking for Consent](#consent)
    - [Preparing for Entry Data Requests](#preparing-for-entry-requests)
- [Frequently Asked Questions](#faq)

This article contains general information. However, in all circumstances, we strongly recommend you consult directly with legal counsel familiar with the GDPR regulations to review your specific use of WPForms.

---

## What Is the GDPR?

The GDPR, or General Data Protection Regulation, is a set of data collection regulations in the EU (effective as of May 25, 2018). Requirements under GDPR include requiring explicit consent before collecting or storing user data, as well as allowing the user to request access to or deletion of that data.

For full details, please see WPBeginner’s [ultimate guide to WordPress and GDPR](http://www.wpbeginner.com/beginners-guide/the-ultimate-guide-to-wordpress-and-gdpr-compliance-everything-you-need-to-know/ "The Ultimate Guide to WordPress and GDPR Compliance – Everything You Need to Know").

### Why Use GDPR-Compliant Forms?

GDPR compliance is required if you are collecting personal information from anyone residing within the European Union.

## Best Practices for GDPR Compliance

While your specific site may require unique considerations that should be addressed through legal consultation, there are a couple of adjustments most sites can make to improve compliance with GDPR.

WPForms makes it super easy to make your forms GDPR compliant. Not using WPForms? [Click here to get started today!](https://wpforms.com/pricing/ "WPForms Pricing") You can also explore our [GDPR-Compliant form template](https://wpforms.com/templates/gdpr-contact-form-template/ "GDPR-Compliant form template") to help you get started quickly.

Before getting started, you’ll first need to make sure WPForms is [installed and activated](https://wpforms.com/docs/install-wpforms-plugin/ "How to Install the WPForms Plugin") on your WordPress site and that you’ve [verified your license](https://wpforms.com/docs/verify-wpforms-license/ "How to Verify Your WPForms License").

Then, we recommend enabling the GDPR enhancement features within WPForms. You can do this by going to **WPForms » Settings** and opening up the **General** tab.

![WPForms general settings](https://wpforms.com/wp-content/uploads/2021/10/WPForms-general-settings.png)Then, scroll to the section titled **GDPR** and toggle on the **GDPR Enhancements** option.

![GDPR enhancements checkbox](https://wpforms.com/wp-content/uploads/2021/01/GDPR-enhancements-option.png)Once this option is turned on, you’ll see two additional options appear: **Disable User Cookies** and **Disable User Details**.

![Disable user cookies and details](https://wpforms.com/wp-content/uploads/2021/01/disable-user-cookies-and-details.png)If you are using the WPForms Lite plugin, then the **Disable User Cookies** and **Disable User Details** options aren’t displayed.

In WPForms Lite, user cookies are not used and the additional user details described below are not collected.

We’ll go over each of these options below.

### Disabling User Cookies

WPForms will, by default, assign every user a UUID (Universally Unique Identifier). The UUID is a random number that does not contain any user information and is stored in a cookie in the user’s browser.

The UUID cookie is required for several features in WPForms:

- Related Entries (these are displayed on individual entry pages, and link to other entries submitted by the same user)
- [Geolocation addon](https://wpforms.com/docs/how-to-install-and-use-the-geolocation-addon-with-wpforms/ "How to Install and Use the Geolocation Addon with WPForms")
- [Form Abandonment addon](https://wpforms.com/docs/how-to-install-and-use-form-abandonment-with-wpforms/ "How to Install and Use the Form Abandonment Addon with WPForms")

When the **Disable User Cookies** option is enabled, these features (if in use) will be disabled and no cookies will be used by WPForms.

![Disable user cookies](https://wpforms.com/wp-content/uploads/2021/01/disable-user-cookies.png)### Disabling User Details

WPForms will automatically collect some additional details when a form is submitted. Here are those details and what they include:

- **IP Address**: a unique identifier for any device that connects to the internet ([more details](http://www.wpbeginner.com/glossary/ip-address/ "WPBeginner.com: What is an IP Address"))
- **User Agent**: the browser and operating system being used (as an example, [you can view your own user agent here](https://www.whatismybrowser.com/detect/what-is-my-user-agent "WhatIsMyBrowser.com: What is my User Agent"))

If you’d like, you can decide to disable this feature site-wide or on a form-by-form basis.

#### Disabling User Details Site-Wide

When the **Disable User Details** option is enabled, none of these extra user details will be collected in any of your forms.

![Disable user details](https://wpforms.com/wp-content/uploads/2021/01/disable-user-details.png)#### Disabling User Details on a Form-by-Form Basis

If you’d prefer, you can control whether or not user details are stored for each individual form. To do this, you’ll need to leave the **Disable User Details** option to the **OFF** position.

![Disable user details off](https://wpforms.com/wp-content/uploads/2021/01/disable-user-details-off.png)Then, open the form builder and go to **Settings » General**.

Scroll to the **Advanced** section, and you’ll see an option labeled **Disable storing user details (IP address and user agent)**. Selecting this option will prevent extra user information from being stored on this individual form.

![Disable storing user details settings](https://wpforms.com/wp-content/uploads/2021/10/disable-storing-user-details-settings.png)### Asking for Consent

Before collecting or storing user data under GDPR, you would need to request the user’s explicit consent and explain why you need this information in plain language. The easiest way to do this is by adding an agreement checkbox to your form.

When **GDPR Enhancements** are enabled, the **GDPR Agreement** field will become available in your form builder to assist with this. To use this field, you’ll need to [create a new form](https://wpforms.com/docs/creating-first-form/ "How to Create Your First Form") or edit an existing form.

Then, under the **Standard Fields** section in the form builder, click the **GDPR Agreement** field to add it to your form.

![GDPR agreement field](https://wpforms.com/wp-content/uploads/2021/10/GDPR-agreement-field-1.png)There are specific features that make this field different from a [standard checkbox agreement](https://wpforms.com/docs/how-to-add-a-terms-of-service-checkbox-to-a-form/ "How to Add a Terms of Service Checkbox to a Form"). We’ll go over the differences below:

1. **Always required:** This checkbox will always be required, and there is no setting option to remove the requirement.
2. **No default option to check the checkbox:** GDPR requires that a consent box can not be [checked by default](https://wpforms.com/docs/how-to-add-default-values-for-form-fields/#multiple-choice "How to Add Default Values for Form Fields"). Instead, the user must be allowed to choose whether to check the box or not.
3. **Only a single checkbox:** There is no way to add additional checkbox options to this field.

Here is an example of how your GDPR compliant form might look on the frontend:

![GDPR form example](https://wpforms.com/wp-content/uploads/2021/01/GDPR-form-example.png)If you’d like to add a detailed disclaimer, terms of service text, or link to an external document, be sure to check out our tutorial on adding a [terms of service checkbox](https://wpforms.com/docs/how-to-add-disclaimer-terms-of-service-agreement-formatting/ "How to Add Disclaimer / Terms of Service Agreement Formatting") to a form. Also, check out our [customizable GDPR contact form template](https://wpforms.com/templates/gdpr-contact-form-template/ "customizable GDPR contact form template") to speed up your form creation process.

### Preparing for Entry Data Requests

Under GDPR, users can request access to their entry data at any time. While your site may need to take additional considerations into account, one way to prepare for this is to provide an easy way for your users to submit these requests.

For example, you may consider adding a data request form to your site’s privacy policy page. Alternatively, you might add this option within your site’s contact form.

#### Managing Entries

If you need to locate entries with a specific name, email, or other keywords, you can use the entries [search and filter options](https://wpforms.com/docs/how-to-search-and-filter-form-entries/ "How to Search and Filter Form Entries") to quickly narrow down results.

If you need to delete entries, go to **WPForms » Entries** and select the form you need. From here, check the box next to any entry you’d like to delete and, within the **Bulk Actions** dropdown, select **Delete**. Then, click the **Apply** button to delete the entry.

![Delete form entry](https://wpforms.com/wp-content/uploads/2021/01/Delete-Form-Entry-2.png)Once you’ve deleted an entry, it will be completely erased from your site’s database.

If you’d prefer to delete all entries for a form at once, our [Delete All](https://wpforms.com/docs/how-to-delete-all-entries-for-a-form/ "How to Delete All Entries for a Form") option provides a quick and easy solution.

For more details on entry management for your forms, please see our [complete guide to form entries](https://wpforms.com/docs/complete-guide-to-form-entries/ "A Complete Guide to Form Entries").

## Frequently Asked Questions

#### Where is entry data stored?

Entry data is handled completely on your site where WPForms is installed. WPForms provides 100% privacy for your entries, so we do not collect any entry data on our end.

If you’d like more technical details, please check out our tutorial on [storing entries in your site’s WordPress database](https://wpforms.com/how-to-save-your-contact-form-data-in-wordpress-database/ "How to Save Your Contact Form Data in WordPress Database").

You can also choose to include entry details in [automatic form notification emails](https://wpforms.com/docs/setup-form-notification-wpforms/ "How to Set Up Form Notification Emails in WPForms").

#### Can I prevent entries from being stored to my site?

Yes, with all [WPForms license levels](https://wpforms.com/pricing/ "WPForms Pricing page"), you can choose whether or not to store entries. This option is set within each individual form, and entry storage is enabled by default.

To disable entry storage, you’ll need to open the form builder and go to **Settings » General**.

Then, scroll to the **Advanced** section and select the **Disable storing entry information in WordPress** option. Once this option is selected and the form is saved, entries for this form will no longer be stored in your site.

![Disable entry storage](https://wpforms.com/wp-content/uploads/2021/10/disable-entry-storage.png)If you choose to disable entry storage, be sure to [set up notification emails](https://wpforms.com/docs/setup-form-notification-wpforms/ "How to Set Up Form Notification Emails in WPForms") so that entry details can still be collected.

#### Can I access GDPR enhancements in both WPForms and WPForms Lite?

Absolutely, everyone has access to GDPR enhancements no matter which version of WPForms is used.

#### How can I be sure my site is GDPR compliant?

Compliance details will vary from site to site, and potentially even from one form to the next. This is why in all cases we recommend seeking legal counsel familiar with GDPR to review your specific site and form use.

#### Does WPForms Lite use cookies for form submissions?

No, WPForms Lite does not use the user cookies described in this guide. It also does not collect the additional user details mentioned in the GDPR enhancement settings, such as IP address and browser/device information.

That’s it! We hope this guide helped you to begin creating GDPR compliant forms for your WordPress site.

Next, would you like to customize your form’s emails? Be sure to check out our tutorial on [setting up automatic form notification emails](https://wpforms.com/docs/setup-form-notification-wpforms/ "How to Set Up Form Notifications in WPForms") for all the details.

**Categories:** Form Creation, Extending

---