If you are not familiar with the term GDPR yet, here is what it means. GDPR stands for General Data Protection Regulation. It is a European Union (EU) law that became effective on May 25th, 2018. This law ensures to give EU citizens control over their personal data and change how companies and businesses handle data privacy around the world.  

With GDPR the users will know what kind of data is collected from them via cookies or otherwise and what happens to the data once collected in the website. It ensures the requirement of the consent of the user to do the same. Now if your website has any kind of forms in use, it is collecting personal information from the user directly which is against GDPR law.

The following requirements are needed to make a WordPress form GDPR compliant:

  • The user needs to be asked for their consent before collecting, using or sharing their information.
  • The user needs to have access to their information stored on the website.
  • The users need to know the purpose of the data being collected from them and how long it will be stored.
  • The users must have the authority to delete their data that is stored on the website.

How to Make a GDPR Compliant WordPress Form?

We have seen the requirements needed in a GDPR Complaint Forms now let us look at the steps involved in making the form. There are many plugins that can be used for the process, one of the best available contact forms is WPForms. This is a free version of this plugin available but if you want more features to opt for the pro version.

WPForms comes with built-in GDPR enhancement features such as one-click agreement forms of GDPR, best practices of GDPR data retention and easy management system for finding or deleting user data on request.

The first step is obviously installing the WPForms plugin in WordPress and activating it. After activation, click on the Settings in WPForms and scroll to GDPR section where you will find a GDPR Enhancement option.

Enabling this option will show you two more optional settings. One to Disable User Cookies, which will stop WPForms from storing user tracking cookies. And second, to Disable User Details, that will prevent the forms from storing IP addresses and browser information.

Enable GDPR enhancements

After making the changes, save the settings and now your plugin is ready to make a GDPR complaint contact form. Go to WPForms and click on the option Add new to create a new form. Give your form a name eg: Contact form and choose a template among the various templates available there.

Form title and template

Once you do this a WPForms builder interface will be launched and you can see a preview of your form on the right side of the page. On the left side, you will see many other features available that can be added to your form.


GDPR Agreement field in WPForms

You will see a GDPR Agreement option available there. Click on it to add it to your form, this will appear at the bottom of your form and will provide you the option to change its settings. Like changing the title of the form, also the description box can be used to add links to your privacy policy.

GDPR agreement field settings

With WPForms you can add these forms anywhere on the website. You can create a new one, edit an old one and simply add a form by clicking on the Add Form button available near the Add Media button on the post edit screen.Add form button

Click on and choose the form you want to add from the pop-up opened. Once you click Add Form, you can see the shortcode of your form in the editor space. Save the page and click on the preview button to see the WordPress form you created work.

Select and insert form in a WordPress post or page

Now if users wish to delete their data stored in the website they can do so by filling up the Data access or Delete form. Users can send you a request via these to quickly access and find their data or delete any data that they submitted to the website.

Managing data in WPForms

To access the form you need to visit WPForms and click on the option Entries. Here you can see all the forms created and can view or delete it with options available for the same under actions. If you click on the view button, you can see all the details available in the form about the user and also find options to Print and Export the same there. Searching for any specific form is also easy, you just have to enter their name, email address or keyword.

Managing a single entry

These were the simple steps involved in creating GDPR Compliant Forms for WordPress. Hope this article helped you understand how to create a form and the need and importance of the same.