Admit it, you still have no idea what GDPR means for your WordPress site

Admit it, you still have no idea what GDPR means for your WordPress site

So, you run a WordPress site, and your business is driven by your ability to publish content easily in that system. And today, you’re still not quite sure if GDPR applies to you, and how. You don’t collect any personal data, and you don’t process any transactions. You’re in the clear! Right? Well… Maybe not. […]

Read Full Article Here

A Beginners’ Guide to Privacy Policies

A laptop showing the EU flag with a padlock inside.

Among the important web development trends of 2018, user privacy and how websites handle collected data is at the top of the list. With the imminent introduction of the General Data Protection Regulation (GDPR), it’s more important than ever to ensure you have a privacy policy in place that adheres to its guidelines. Failing to do so could mean incurring severe penalties.

Fortunately, user privacy isn’t an impenetrable topic. There are a few key elements you’ll need to consider, as well as some tools that can help you put the optimal policy in place. There’s the obligatory WordPress plugin solution, but also comprehensive third-party offerings that constantly update based on changes made to your site’s elements.

In this post, we’ll explore what a privacy policy is and why you need one. Then we’ll cover five different ways to implement a privacy policy on your website. Let’s get started!

What a Privacy Policy Is

In a nutshell, a privacy policy is a legal document outlining your approach to managing user data. It explains what data you collect, how it’s used, where it’s stored, and anything else appropriate that your users need to know about the privacy of their collected data. For example, we have our own privacy policy linked to within the footer of every page:

Privacy policies are part of the same family as ‘cookie notices’ (i.e. website banners displaying whether a site collects cookie information). This is because both are implemented to clearly inform users that their data is being collected, as well as why and how.

As you can imagine, privacy policies can run to either a few lines or reams of detailed legal verbiage (although that would likely hamper the reader’s understanding). In short, you’ll usually find the following:

  • Clarification on what constitutes a user, the website, and any other relevant party.
  • Information on how data is collected on your site.
  • An overview of how the collected data is used once it’s been obtained.
  • What the visitor can do to make sure their data is deleted.

You may find that some privacy policies don’t include some of this information currently. However, as we’ll explain, all websites will shortly be required to add these elements, with heavy penalties facing those who do not comply.

Why a Privacy Policy Is Necessary For WordPress Websites

As we mentioned, the EU Cookie Law is almost a precursor to initiatives being introduced this year. The GDPR radically overhauls compliance for practically every website, and in contrast to the current Cookie Law, will include stiff penalties for those not complying with the directive.

While the GDPR, Cookie Law, and implementing a privacy policy, in general, is platform-agnostic, for WordPress users the waters become a little more muddied. For starters, there are many cogs that turn to drive the entire platform – elements such the plugins and themes you use will log data, for example.

What’s more, many users will have third-party tools and solutions that help them manage a site day-to-day, which is to be expected. If you or your clients use tools such as Google Analytics or InspectLet, these will also capture user data, meaning your privacy policy needs to reference this too.

It’s definitely a minefield, but one you will have to traverse if you want to stay on the right side of the law. Our advice is that if you’re considering this option solely based on the amount of work it will take to implement, it’s not a wise idea. The GDPR will mean authorities have the power to dish out millions of dollars worth of fines to non-complying sites. In short, the buck stops with you.

5 Solutions For Implementing a Privacy Policy on Your Website

Let’s take a look now at how to implement your privacy policy simply and effectively. Each of the solutions below is GDPR-friendly and are comprehensive enough (or have the scope) to handle any custom user privacy situation you or your clients may have. Let’s take a look!

1. Manually Create a Privacy Policy

First off, there’s nothing wrong with manually creating your own privacy policy if you feel it’s warranted. After all, it’s usually just a detailed statement of how you’ll capture and use visitor data. For websites with either zero or very little in the way of data collection, this method may be ideal.

We’ve mentioned what a privacy policy should contain already, but just to reiterate, you should include:

  • Details on the information you collect, and how you do so.
  • Why you’re collecting the information.
  • Whether third-party services associated with your site collect information, and the details (such as ad networks).
  • Clear guidance on whether users can opt out of data collection, and contact details in order to discuss things further.

However, unless you get the wording exactly right, your privacy policy could land you in hot water should any data breaches occur. Of course, you could get your privacy policy looked over by a legal professional, but you may find more value in a dedicated service. Let’s take a look at the rest of the options.

2. iubenda

The iubenda website.

In our opinion, iubenda is the most comprehensive and easy to use service available, and we really like the concept. Because many websites (especially WordPress-powered ones) are made up of many moving parts, you’ll likely have various data collection points throughout your site’s code. Keeping tabs on all of these could be difficult, but iubenda’s module-based system makes the process a breeze.

In short, you’ll piece together your privacy policy from a comprehensive list of services, resulting in a complete, ready to roll page that can be embedded or linked to as you wish. What’s more, each module is updated automatically when required. It’s going to be a great timesaver for high-traffic sites, or those handling sensitive data. However, it’s probably overkill for smaller blog-type sites.

As for pricing, it’s incredibly reasonable at its core. Ultimately, while there’s a free plan, you’re likely better off purchasing a license starting at $27 per year for one site, or a multi-license for $9 per month.

3. Shopify Privacy Policy Generator

The Shopify Privacy Policy Generator is (unsurprisingly) from the Shopify team – a leading non-WordPress specific ecommerce solution. Given that their business is heavily-focused on leveraging user data, it makes sense that they provide helpful tools for their user base. This particular service will be suitable for any e-commerce site owner, and what’s more, it’s completely free to use.

In a nutshell, this solution is just like creating your own privacy policy. Once you provide some essential details, you receive a tailored privacy policy in text form, which you can then paste into a post or page:

The Shopify Privacy Policy Generator.

It’s arguably the quickest and simplest solution available, which makes it great for Minimum Viable Products (MVPs) and startups in need of a quick launch. However, because it’s essentially a one-size-fits-all solution, it could miss out vital aspects of your site. In addition, it’s not WordPress-specific, so it won’t offer the same detail as other policies.

4. Auto Terms of Service and Privacy Policy

The Auto Terms of Service and Privacy Policy plugin.

As for WordPress plugins, Auto Terms of Service and Privacy Policy is one of the best available for creating clear-cut, and comprehensive privacy policies. By using this plugin, you’ll be amending the Terms of Service (TOS) and privacy policy of Automattic – the developers of WordPress – meaning it’s totally free to use.

It’s similar to Shopify, in that you’re adding your own details to a template privacy policy. However, Auto Terms of Service and Privacy Policy allows you to configure a more robust solution tailored to the specific requirements of your website. It’s also extremely easy to use.

Overall, Auto Terms of Service and Privacy Policy is going to be great for those needing a quick way to protect themselves temporarily, and the fact that it’s a WordPress plugin is a major plus.

5. TermsFeed

The TermsFeed website.

Finally, we have TermsFeed. This is one of the more popular third-party privacy policy generators, and it works in a similar vein to iubenda. In essence, you select what to include, and TermsFeed generates a privacy policy you can link to or embed, which is then updated automatically.

The main perk of TermsFeed is the vast number of different policies you can generate:

Examples of the policies you can create with TermsFeed.

We’d arguably put this aspect ahead of iubenda’s, although both services are pretty similar overall. However, where TermsFeed falls down is its ambiguous approach to pricing. While there’s a clause-limited free service, premium policies require a one-time payment that is calculated upon creation. Because of this, it’s likely not going to be a solution for the budget-conscious.

Conclusion

Making sure you have a privacy policy in place before ‘GDPR doomsday’ should, naturally, be a high-priority task. It’s not necessarily easy, but one you’ll want to undertake given the potential to be fined for a misstep.

This post looked at five ways to create a GDPR-friendly privacy policy for your website. Let’s recap them quickly:

  1. Manually create a privacy policy. If you can access the legal know-how, writing your own privacy policy is a great option.
  2. iubenda. A comprehensive service ideal for the vast majority of websites.
  3. Shopify Privacy Policy Generator. This solution can’t be beat for a quick e-commerce privacy policy template.
  4. Auto Terms of Service and Privacy Policy. As WordPress plugins go, this is a must-have for generating a quick privacy policy.
  5. TermsFeed. While this is also a comprehensive solution, you’ll likely need a decent budget to create your privacy policy.

Do you have a question about how to implement a privacy policy on your WordPress website? Ask away in the comments section below!

Featured image: mohamed_hassan.

John Hughes

John is a blogging addict, WordPress fanatic, and a staff writer for WordCandy.

The post A Beginners’ Guide to Privacy Policies appeared first on Torque.

Read Full Article Here

WPWeekly Episode 317 – Minor Major Major Minor Release

WPWeekly Episode 296 – Gutenberg, Telemetry, Calypso, and More With Matt Mullenweg

In this episode, John James Jacoby and I discuss Adobe’s acquisition of Magento, feedback regarding WordPress 4.9.6, when 4.9.7 might ship, an unofficial WordCamp app for iOS, and whether or not it’s time for WordPress auto updates to occur for every version. I describe what it’s like having poison ivy on my face and my continuing woes with lawn care equipment.

Stories Discussed:

Adobe to acquire Magento for $1.68B
WordPress 4.9.7 will include patch to fix an issue that caused fatal 500 errors
You can use the WordPress logo on bakery goods to celebrate WordPress’ birthday
Marcel Schmitz Releases Unofficial WordCamp for iOS App
Music: A Gutenberg-Powered Theme
GDPR for WordPress Developers: Announcing the (Free) Anonymization Addon   
BuddyPress 3.0.0 “Apollo”

Picks of the Week:

Panic Mode the card game. A cooperative card game of office politics during Disaster Recovery for up to 8 players.

WPWeekly Meta:

Next Episode: Wednesday, May 30th 3:00 P.M. Eastern

Subscribe to WordPress Weekly via Itunes

Subscribe to WordPress Weekly via RSS

Subscribe to WordPress Weekly via Stitcher Radio

Subscribe to WordPress Weekly via Google Play

Listen To Episode #317:

Read Full Article Here

How WordPress Users Can Survive the GDPR

How WordPress Users Can Survive the GDPR

The thing that attracted many of us to WordPress is that it allows you to do a lot with an extremely small budget. Where, previously, a team of developers might spend weeks or months working to enable some specific functionality, and a team of designers might spend a similar amount of time to achieve a certain look, suddenly an ordinary person, with no coding ability, could find plugins and themes that would allow them to achieve the same thing within a few hours.

Read Full Article Here

WordPress 4.9.6 Released With User Data Export and Removal Tools

WordPress 4.9.6 Released With User Data Export and Removal Tools

WordPress 4.9.6 has been released and is considered a privacy and maintenance release. Traditionally, minor versions contain security and bug fixes. This release is different as it includes a number of privacy related features such as:

  • Privacy Policy page template/creation
  • User Data Request Handling
  • User Data Export and Removal tools
  • Cookie Opt-in for Comments
  • Other features related to GDPR Compliance

Earlier this month, I reviewed the privacy features in 4.9.6 and since that post was published, the team has made a number of adjustments. For example, site admins will receive an email when a user confirms a personal data export or removal request and the text on the privacy policy template page has been simplified. 

The privacy features in WordPress 4.9.6 are largely the result of a new team of volunteers that was formed earlier this year. The team is already hard at work on improving these features for future versions of WordPress.

In addition to privacy enhancements, more than 50 bugs have been fixed. ‘Mine’ has been added as a filter in the WordPress Media Library and when viewing a plugin in the backend, it will display the minimum PHP version that’s required.

The WordPress Development team has published an update guide that provides links to technical information related to features in 4.9.6. In addition, there’s a guide available for Theme Authors as styling adjustments may be necessary.

As this is a minor release, sites are in the process of updating automatically. If you encounter an issue with 4.9.6, please report it on the Support Forums.

Read Full Article Here

Big Updates: WordPress, WPMU DEV, and the GDPR

Everything You Wanted to Ask a GDPR Expert but Were Afraid to Ask

The next version of WordPress drops today, version 4.9.6, and it is all about data privacy and getting ready for the EU’s General Data Protection Regulation (GDPR). You’ve probably been inundated with notifications about updated privacy policies and information on the GDPR the last few weeks and months, which actually went into effect back in […]

Read Full Article Here

Torque Toons: How To Prep Your WordPress Site for GDPR

Torque Toons: How To Prep Your WordPress Site for GDPR

4 easy steps to GDPR compliance.

Don’t forget to check out our other editorial toons!

Doctor Popular is an artist and musician living in San Francisco. As a full disclaimer, he is neither a doctor nor popular.

The post Torque Toons: How To Prep Your WordPress Site for GDPR appeared first on Torque.



Read Full Article Here

WordPress 4.9.6 RC1 Released

WordPress 4.9.3 Rescheduled for February 5th

WordPress 4.9.6 Release Candidate 1 is available for download and addresses some of the issues that have been reported in beta 1. Since the beta’s release, there have been 30 bugs fixed.

Many of the fixes in this release are focused on the new privacy tools that help with GDPR compliance. The verbiage has been changed in multiple areas to make explanations and actions clearer. For example, the Privacy Policy introduction text has been shortened and more user friendly.

One notable bug fix is that site administrators now receive an email when a Personal Data Export/Removal request is confirmed. In a future version of WordPress, it’s possible that the notification bubbles will be extended to display confirmed requests.

A full list of changes in this release can be found on Trac. This minor release needs more testing than usual due to the privacy tools and enhancements introduced. Please test 4.9.6 on staging site or local server and if you encounter any issues, report them on the Alpha/Beta/Release Candidate section of the forums.

Read Full Article Here