WooCommerce GDPR: How to Make a WordPress E-commerce Website GDPR Compliant

1. What would I need for WooCommerce GDPR website?
2. What do I need to do for GDPR using WooCommerce?
3. Making a WordPress GDPR Website
4. GDPR-ready WooCommerce Themes
5. Final Thoughts

---

Since May 25, 2018, European Union General Data Protection Regulation (aka GDPR) has been implemented and eventually affected the e-commerce business branch. But what is GDPR? Basically, it is a law that is aimed to protect European Union citizens’ personal data both inside and outside the European Economic Area. Consequently, all WooCommerce websites that function in the EU should be accustomed to the new law, thus, we are going to talk about making a WordPress e-commerce GDPR-ready website.

---

What would I need for WooCommerce GDPR website?

In order to make your WordPress GDPR website, you have to make sure that it meets all the GDPR rules and requirements. Well, a GDPR compliant WooCommerce website should ‘do’ the following:

1. Tell your website’s visitors who you are, which particular data you collect and why you do it, how long you are going to keep their data, as well as what third parties might receive it.
2. Before collecting any data from the users provide an easy to understand consent.
3. Allow users and visitors to easily access their personal data.
4. Allow users to delete their personal data.
5. Notify the users in case of the data breach.

Following these GDPR rules are indeed extremely important. Moreover, if you break a single rule, you will get a €20 million fine or 4 percent of your turnover (if this sum exceeds €20 million).

---

What do I need to do for GDPR using WooCommerce?

Well, to make your WooCommerce website GDPR compliant you have to work with the following sections and functions of your website:

• Privacy Policy (Checkout page)
• Terms and Conditions (Checkout page)
• User registration (My Account page)
• Product reviews (Single Product page)
• Cart Abandonment (Checkout page)
• Comment sections (Blog pages)
• Contact forms (Contact Us page, widgets, etc.)
• WooCommerce and WordPress opt-in forms (Newsletter, Lead magnets, etc.)
• WordPress and WooCommerce Plugins & APIs (Payments, Email marketing, etc.)
• Analytics (Google Analytics, Metorik)
• Breach notifications

---

---

Making a WordPress GDPR Website

1. Terms and Conditions

Terms and Conditions are, basically, the legal rules which bind your business and your customers. Obviously, GDPR requires all websites to have a T&C page. Luckily, today you can easily make a Terms and Conditions page in WordPress. Here are some steps you have to follow in order to create a functional T&C page for your WooCommerce website:

• Go to Settings > Checkout > Terms and Conditions > Select a Page
• Add a link to your Privacy Policy to your Terms and Conditions page
• Go to WooCommerce Checkout Settings and add a checkbox to your Checkout page

---

2. Privacy Policy

Privacy Policy is another must-have for a GDPR WooCommerce website. On the Privacy Policy page you have to provide your users with the information about the data you collect as well as how it is being kept and used. So in order to create a Privacy Policy checkbox for your checkout page you have to:

• Make a Privacy Policy page
• Add information about your business (including who you are, which particular data you collect, why you do it, how you store it, and how long you keep it) to your Privacy Policy page
• Create a Privacy Policy link in the footer
• Use one of the WooCommerce snippets in order to show the Privacy Policy on your checkout page

---

3. User Registration

For creating a GDPR compliant User Registration section you have to:

• Create an Account page (Settings > Accounts > Enable customer registration on the “My account” page)
• Using a WooCommerce snippet, add Privacy Policy checkbox to your registration page

Note that showing the Privacy Policy in this very section is obligatory. Moreover, you are allowed to collect only the information about your users which you require for your business.

---

4. Product Reviews

Obviously, product reviews have personal data, so we have to make this section GDPR compliant as well. The easiest way to do it is to allow the option of leaving product reviews only to registered users. For doing so you have to go to Settings > Products > General > Reviews can only be left by “verified owners.” And that is pretty much it, simple as it is.

---

5. WordPress Comments

In order to leave a comment, users are usually required to provide their email address, user name, etc. In order to make a comment section which meets all the GDPR requirements, just add a Privacy Policy checkbox to your Comments section or use a GDPR-compliant WordPress Comments plugin.

---

6. Cart Abandonment

As a rule, most Cart Abandonment plugins collect email addresses and phone numbers without a user’s consent, which is, obviously, against GDPR rules. That being said, you have to either get a GDPR-ready WooCommerce plugin or add a Privacy Policy link or checkbox to your Cart Abandonment section.

---

7. Contact Forms

Making your Contact Form GDPR compliant is a rather easy and fast step. All you have to do is to add a Privacy Policy checkbox. And that’s it! Your contact form is GDPR compliant.

---

8. WordPress & WooCommerce Opt-in Forms

An Opt-in form is that very form which is used for email advertising and marketing. First things first, make sure that you get rid of all the automatic opt-in forms on your website. Then find a GDPR customized opt-in form for your WordPress GDPR website and add a Privacy Policy checkbox.

---

9. WooCommerce and WordPress Plugins

Here you have to check whether all the plugins on your WooCommerce WordPress website are GDPR compliant. That means that you have to get only GDPR-ready WordPress plugins for your WooCommerce website.

---

10. WooCommerce Analytics

This step is rather simple. In order to make a GDPR compliant WooCommerce website you have to make sure that:

• You use GDPR-compliant tracking software (Google Analytics, Metorik)
• Your software providers meet all the GDPR requirements
• You have provided those who handle your tracking information with your Privacy Policy

---

11. APIs

API is what enables you to access external software without leaving your website. It goes without saying that you must check whether your APIs are GDPR compliant as well as add them to your Privacy Policy.

---

12. Breach Notifications

In simple terms, data breach happens when the data is being passed to hackers, GDPR non-compliant bodies, third parties, or subcontractors. In this case you have to:

• Secure your website
• Subscribe to your API providers and third parties, so you can instantly know about all the information breaches
• Narrow the data amount in your store
• Always have an emergency plan in case of data breach

---

GDPR-ready WooCommerce Themes

Of course, the easiest and quickest way to create a GDPR WordPress website is with the help of a GDPR-ready WooCommerce theme. Most modern GDPR WordPress themes are already equipped with plugins, which meet all the GDPR requirements and rules. Here are some great GDPR WooCommerce themes.

Woostroid2 - Multipurpose WooCommerce Elementor Theme

Demo | Download | Hosting

Price: $99 Woostroid2 - Multipurpose WooCommerce Elementor theme is one of the bestsellers among GDPR-ready WooCommerce themes. The theme has a truly stunning eye-catching design as well as some cool features. For instance, Woostroid2 is equipped with:

• Unique pages
• WooCommerce package
• Various skins
• Jet plugins set
• 27/7 support
• Elementor Page Builder

And last but not least, Woostroid2 is the ultimate bestseller that has lots of 5-star reviews.

---

Bellatoi WooCommerce Theme

Demo | Download | Hosting

Price: $114 The Bellatoi WooCommerce theme is another great option for a GDPR WooCommerce website. The theme has an elegant design, which makes it a great choice for a lingerie store. Besides, it is equipped with such important features as:

• WordPress Live Customizer
• GPL
• Bootstrap
• Google Fonts
• Product sorting
• Products Carousel
• Categories Tabs

---

Bambino - Baby Store Responsive WooCommerce Theme

Demo | Download | Hosting

Price: $114 Bambino - Baby Store Responsive WooCommerce theme is as well among the fancy GDPR-ready WooCommerce themes, which have the power to make your e-commerce website the one and only. The theme is beautifully designed and equipped with such useful features as:

• Different pages for all occasions
• Drag-and-Drop Builder
• Mobile First Paradigm
• WooCommerce package
• WordPress Live Customizer
• Ajax filter
• Mega Menu

Also, Bambino has great reviews from those users who have already tried it. You can find more GDPR-ready WordPress themes for your WooCommerce website here.

---

Final Thoughts

As you can see, making your e-commerce website GDPR compliant is extremely important. Moreover, it is a must. Otherwise you will have to pay a €20 million fine, which can have terrible consequences for your online business or possibly make you bankrupt. Luckily, creating a GDPR-ready website today is not a problem at all. All you have to do to make a GDPR WordPress website is follow those 12 simple steps mentioned above. Many modern WooCommerce themes are already equipped with some GDPR functions and plugins, which makes the process of making a WooCommerce GDPR website even simpler. That being said, you should not be afraid of this relatively new law, since following its rules and requirements is quite easy and definitely will not influence your business. So launch your GDPR WooCommerce website and enjoy your profitable online business.

---

---

Read Also

For Web Developers’ Notice: EU GDPR Brings End of the Era of Digital Feudalism

Why is GDPR Vital for Your WordPress Website? 7 Important Steps to Take Right Now

What Web and Business Experts Say About Implications of GDPR Regulation [Checklist Inside]

132 WooCommerce Themes at $19 per month: ONE by TemplateMonster