Since May 25, 2018, European Union General Data Protection Regulation (aka GDPR) has been implemented and eventually affected the e-commerce business branch. But what is GDPR? Basically, it is a law that is aimed to protect European Union citizens’ personal data both inside and outside the European Economic Area. Consequently, all WooCommerce websites that function in the EU should be accustomed to the new law, thus, we are going to talk about making a WordPress e-commerce GDPR-ready website.
What would I need for WooCommerce GDPR website?
In order to make your WordPress GDPR website, you have to make sure that it meets all the GDPR rules and requirements. Well, a GDPR compliant WooCommerce website should ‘do’ the following:
Tell your website’s visitors who you are, which particular data you collect and why you do it, how long you are going to keep their data, as well as what third parties might receive it.
Before collecting any data from the users provide an easy to understand consent.
Allow users and visitors to easily access their personal data.
Allow users to delete their personal data.
Notify the users in case of the data breach.
Following these GDPR rules are indeed extremely important. Moreover, if you break a single rule, you will get a €20 million fine or 4 percent of your turnover (if this sum exceeds €20 million).
What do I need to do for GDPR using WooCommerce?
Well, to make your WooCommerce website GDPR compliant you have to work with the following sections and functions of your website:
Privacy Policy (Checkout page)
Terms and Conditions (Checkout page)
User registration (My Account page)
Product reviews (Single Product page)
Cart Abandonment (Checkout page)
Comment sections (Blog pages)
Contact forms (Contact Us page, widgets, etc.)
WooCommerce and WordPress opt-in forms (Newsletter, Lead magnets, etc.)
WordPress and WooCommerce Plugins & APIs (Payments, Email marketing, etc.)
Analytics (Google Analytics, Metorik)
Breach notifications
Making a WordPress GDPR Website
1. Terms and Conditions
Terms and Conditions are, basically, the legal rules which bind your business and your customers. Obviously, GDPR requires all websites to have a T&C page. Luckily, today you can easily make a Terms and Conditions page in WordPress. Here are some steps you have to follow in order to create a functional T&C page for your WooCommerce website:
Go to Settings > Checkout > Terms and Conditions > Select a Page
Add a link to your Privacy Policy to your Terms and Conditions page
Go to WooCommerce Checkout Settings and add a checkbox to your Checkout page
2. Privacy Policy
Privacy Policy is another must-have for a GDPR WooCommerce website. On the Privacy Policy page you have to provide your users with the information about the data you collect as well as how it is being kept and used. So in order to create a Privacy Policy checkbox for your checkout page you have to:
Make a Privacy Policy page
Add information about your business (including who you are, which particular data you collect, why you do it, how you store it, and how long you keep it) to your Privacy Policy page
Create a Privacy Policy link in the footer
Use one of the WooCommerce snippets in order to show the Privacy Policy on your checkout page
3. User Registration
For creating a GDPR compliant User Registration section you have to:
Create an Account page (Settings > Accounts > Enable customer registration on the “My account” page)
Using a WooCommerce snippet, add Privacy Policy checkbox to your registration page
Note that showing the Privacy Policy in this very section is obligatory. Moreover, you are allowed to collect only the information about your users which you require for your business.
4. Product Reviews
Obviously, product reviews have personal data, so we have to make this section GDPR compliant as well. The easiest way to do it is to allow the option of leaving product reviews only to registered users. For doing so you have to go to Settings > Products > General > Reviews can only be left by “verified owners.” And that is pretty much it, simple as it is.
5. WordPress Comments
In order to leave a comment, users are usually required to provide their email address, user name, etc. In order to make a comment section which meets all the GDPR requirements, just add a Privacy Policy checkbox to your Comments section or use a GDPR-compliant WordPress Comments plugin.
6. Cart Abandonment
As a rule, most Cart Abandonment plugins collect email addresses and phone numbers without a user’s consent, which is, obviously, against GDPR rules. That being said, you have to either get a GDPR-ready WooCommerce plugin or add a Privacy Policy link or checkbox to your Cart Abandonment section.
7. Contact Forms
Making your Contact Form GDPR compliant is a rather easy and fast step. All you have to do is to add a Privacy Policy checkbox. And that’s it! Your contact form is GDPR compliant.
8. WordPress & WooCommerce Opt-in Forms
An Opt-in form is that very form which is used for email advertising and marketing. First things first, make sure that you get rid of all the automatic opt-in forms on your website. Then find a GDPR customized opt-in form for your WordPress GDPR website and add a Privacy Policy checkbox.
9. WooCommerce and WordPress Plugins
Here you have to check whether all the plugins on your WooCommerce WordPress website are GDPR compliant. That means that you have to get only GDPR-ready WordPress plugins for your WooCommerce website.
10. WooCommerce Analytics
This step is rather simple. In order to make a GDPR compliant WooCommerce website you have to make sure that:
You use GDPR-compliant tracking software (Google Analytics, Metorik)
Your software providers meet all the GDPR requirements
You have provided those who handle your tracking information with your Privacy Policy
11. APIs
API is what enables you to access external software without leaving your website. It goes without saying that you must check whether your APIs are GDPR compliant as well as add them to your Privacy Policy.
12. Breach Notifications
In simple terms, data breach happens when the data is being passed to hackers, GDPR non-compliant bodies, third parties, or subcontractors. In this case you have to:
Secure your website
Subscribe to your API providers and third parties, so you can instantly know about all the information breaches
Narrow the data amount in your store
Always have an emergency plan in case of data breach
GDPR-ready WooCommerce Themes
Of course, the easiest and quickest way to create a GDPR WordPress website is with the help of a GDPR-ready WooCommerce theme. Most modern GDPR WordPress themes are already equipped with plugins, which meet all the GDPR requirements and rules. Here are some great GDPR WooCommerce themes.
Price: $99 Woostroid2 - Multipurpose WooCommerce Elementor theme is one of the bestsellers among GDPR-ready WooCommerce themes. The theme has a truly stunning eye-catching design as well as some cool features. For instance, Woostroid2 is equipped with:
Unique pages
WooCommerce package
Various skins
Jet plugins set
27/7 support
Elementor Page Builder
And last but not least, Woostroid2 is the ultimate bestseller that has lots of 5-star reviews.
Price: $114 The Bellatoi WooCommerce theme is another great option for a GDPR WooCommerce website. The theme has an elegant design, which makes it a great choice for a lingerie store. Besides, it is equipped with such important features as:
Price: $114 Bambino - Baby Store Responsive WooCommerce theme is as well among the fancy GDPR-ready WooCommerce themes, which have the power to make your e-commerce website the one and only. The theme is beautifully designed and equipped with such useful features as:
Different pages for all occasions
Drag-and-Drop Builder
Mobile First Paradigm
WooCommerce package
WordPress Live Customizer
Ajax filter
Mega Menu
Also, Bambino has great reviews from those users who have already tried it. You can find more GDPR-ready WordPress themes for your WooCommerce website here.
Final Thoughts
As you can see, making your e-commerce website GDPR compliant is extremely important. Moreover, it is a must. Otherwise you will have to pay a €20 million fine, which can have terrible consequences for your online business or possibly make you bankrupt. Luckily, creating a GDPR-ready website today is not a problem at all. All you have to do to make a GDPR WordPress website is follow those 12 simple steps mentioned above. Many modern WooCommerce themes are already equipped with some GDPR functions and plugins, which makes the process of making a WooCommerce GDPR website even simpler. That being said, you should not be afraid of this relatively new law, since following its rules and requirements is quite easy and definitely will not influence your business. So launch your GDPR WooCommerce website and enjoy your profitable online business.
The best hosting for a WordPress website. Tap our link to get the best price on the market with 82% off. If HostPapa didn’t impress you check out other alternatives.
Website Installation service - to get your template up and running within just 6 hours without hassle. No minute is wasted and the work is going.
ONE Membership - to download unlimited number of WordPress themes, plugins, ppt and other products within one license. Since bigger is always better.
Ready-to-Use Website service is the ultimate solution that includes full template installation & configuration, content integration, implementation of must-have plugins, security features and Extended on-page SEO optimization. A team of developers will do all the work for you.
Must-Have WordPress Plugins - to get the most essential plugins for your website in one bundle. All plugins will be installed, activated and checked for proper functioning.
Finest Stock Images for Websites - to create amazing visuals. You’ll get access to Depositphotos.com to choose 15 images with unlimited topic and size selection.
SSL Certificate Creation service - to get the absolute trust of your website visitors. Comodo Certificate is the most reliable https protocol that ensures users data safety against cyber attacks.
Rita Asta is a freelance writer who is fond of popular culture, blogging, modern technologies, e-commerce, web design, social media, video games development, and Sci-Fi.
Social Media Accounts:
LinkedIn, Facebook.
Get more to your email
Subscribe to our newsletter and access exclusive content and offers available only to MonsterPost subscribers.
Leave a Reply
You must be logged in to post a comment.