The EU’s General Data Protection Regulation (GDPR) act will come into effect on May 25th, strengthening your individual right over your personal data. To comply with GDPR, every company that processes consumer data and uses cookies to track visitor activities must offer access to one’s personal data, as well as the right to have said data removed permanently.  As WordPress updates to it’s latest version (4.9.6), it adds some new GDPR features to the WordPress admin panel for your attention.

What Are Cookies And Why Do They Matter?

Cookies are small files which are stored on a user’s computer. They are designed to hold a modest amount of data specific to a particular client and website and can be accessed either by the web server or the client computer. This allows the server to deliver a page tailored to a particular user, or the page itself can contain some script which is aware of the data in the cookie and so is able to carry information from one visit to the website (or related site) to the next.

There is a lot of concern about privacy and security on the internet. Cookies do not in themselves present a threat to privacy since they can only be used to store information that the user has volunteered or that the web server already has. Whilst it is possible that this information could be made available to specific third-party websites, this is no worse than storing it in a central database.

How GDPR Will Affect Cookies

Not all cookies are used in a way that could identify users, but the majority are and will be subject to the GDPR. This includes cookies for analytics, advertising and functional services, such as surveys and chat tools.

To become compliant, organisations will need to either stop collecting the offending cookies or find a lawful ground to collect and process that data. 

Implied consent is no longer sufficient. Consent must be given through a clear affirmative action, such as clicking an opt-in box or choosing settings or preferences on a settings menu. It must be as easy to withdraw consent as it is to give it and sites will need to provide an opt-out option. 

Export & Erase Personal Data

In your admin panel, within the left-hand sidebar under Tools, you will find 2 new options – Erase and Export Personal Data. These options are fairly self-explanatory – using the erase data option will delete all data for a selected user on your website. Order details and any other personal information pertaining to that user will be removed permanently. Likewise using the export option will give you the ability to transfer that same data for a user to another location.

Privacy Policy

The new Privacy Policy page will allow you to easily create a privacy policy for your users to sign up to when they visit your site. This also includes helpful information and suggestions for you when writing your policy. To navigate here, just highlight the Settings option within the left-hand toolbar and you’ll find the Privacy option.