But don’t worry!
Step 1: Update WordPress
If you haven’t updated your WordPress website, make sure you do so to take advantage of this new feature.
There will be suggested headers that include the features your WordPress website might use to collect user information, such as:
- Comment forms
- Contact forms
It’s CRUCIAL that the information you write accurately represents how you collect personal information and how you will use it.
Step 3: Collect the Required Data
You’ll have to specify the methods of data collection and data protection you might use through WordPress plugins, themes, or third-party services on your site.
No matter what WordPress theme or plugin you use, you’re required to disclose your website’s data usage policies, namely:
- Contact forms data usage
- Analytics data usage
- Ads data usage
International laws like the European Union’s General Data Protection Regulation (GDPR) have provisions that apply to WordPress websites outside the EU.
It’s best to use WordPress plugins that are already compliant with GDPR, such as the WP AutoTerms Plugin.
If you accept website visitors from different regions, let them know how you comply with international privacy laws.
You can also use Google Analytics to track browsing data and collect personal information from website visitors.
It’s well known that Google Analytics collects personal information such as IP addresses, user identification, and cookies to track user behavior.
To remain compliant with GDPR, you must make personal data anonymous before processing and storing them.
A noticeable banner or pop-up on the website must also ask for users’ CONSENT before tracking their data.
If you want to host ads using third-party ad networks like Google Adsense, you need to notify users that you’re using cookies or web beacons to collect personal information.
Names, phone numbers, and email addresses submitted through contact forms are personal information that needs to be protected.
Under national and international privacy laws, WordPress contact forms should:
- Obtain the user’s consent to store information for commercial purposes
- Disable tracking tools
- Ensure data processing agreement with form providers when using Software as a service (SaaS) based solutions
If you’re using a plugin like WPForms, making a GDPR-compliant contact form is as simple as adding a consent checkbox.
Adding Via Widget Settings
If your WordPress site allows widgets on the footer sidebar, go to Appearance > Widgets.
Click on the navigation menu widget to bring up the list of informational pages on your website.
Select Create a New Menu at the top of the page and enter a name for your menu link.
You can also add items like your about page, terms and conditions, and other legal pages. Once you’re satisfied, you can click Save Menu to confirm your changes.
Go to Appearance > Widgets and click the + icon to add a navigation menu widget that will add the custom menu you made earlier from the widget settings.
Manually Adding a Link
What if your WordPress theme doesn’t allow you to add a widget on your footer menu or a footer area?
You can also manually add a new menu link using HTML code. You’ll need to edit the footer.php of your WordPress website.
In the footer.php, add the following code in any location on the document’s HTML between the <body> and </body> tags:
It’s basically a statement that legally requires the site owners to protect any personal data they collect from users.
- Information collected from users who visit the site
- Data collection methods, e.g., site logs, third-party tools, web beacons, cookies
- Third-party services and advertising programs
- External links to the privacy policies of third-party advertiser websites
- How to opt-out pages and block cookies
- Company contact information that customers can use for further inquiries.
Most websites collect data from site visitors for different purposes. As a result, many countries have regulations that require websites to disclose how they collect user data.
However, state laws such as the California Consumer Privacy Act (CCPA) and the California Online Privacy Protection Act (CalOPPA) include provisions for data privacy.
The European Union’s General Data Protection Regulation (GDPR) also recently took effect in May 2018, which aims to regulate data collection from EU residents.
Any website that collects data from users residing in EU member states is subject to the GDPR.
Regardless of where an entity is based, state and international laws on data privacy still apply.
There are also WP plugins that simplify the process of making legal pages, so you can generate professional disclaimers, policies, and more for your website!
- The type of information you collect from users
- The data collection method, such as cookies, comment forms, registration, etc.
- Any third-party services or advertisers that collect information from users
- Links to affiliated third-party services and programs
- Contact information that users can get in touch with
Frequently Asked Questions (FAQs)
Below are commonly asked questions about privacy laws that you need to know:
What Is the GDPR (General Data Protection Regulation)?
The European Union (EU) established GDPR to set requirements for collecting and processing personal data from individuals residing in the EU.
The scope of this privacy law covers any entity that targets data related to people within the EU, regardless of where the entity is based.
It means that even if you’re a US-based website, as long as you accept EU users, you must comply with GDPR regulations.
If found in violation of GDPR provisions, you can be fined up to tens of millions of euros.
What Is the CCPA (California Consumer Privacy Act)?
The California Consumer Privacy Act of 2018 (CCPA) gives users a certain amount of control and freedom over how businesses handle their personal data.
The CCPA requires businesses to provide notices regarding their privacy practices to users.
Under this law, California residents can enjoy privacy rights that allow them to protect their personal information, opt out of data sharing, and delete any data collected from them.
Nowadays, you would be hard-pressed to operate a website without encountering legislation on data privacy and protection.
If you want to avoid legal issues, you should comply with privacy laws like the GDPR and the CCPA.