It’s something you’d rather put off until the last minute but is actually very important: making your WordPress website General Data Protection Regulation (GDPR) proof. Fortunately, this does not have to be a very complex hassle if you know how to set this up. Earlier we discussed six useful plugins that help you make your website AVG-proof. In this blog, we list the best-tested WordPress cookie plugins for you.
Cookies and the GDPR
To be fair, there are still plenty of websites that are not AVG-proof at all and also do not take into account cookie notifications or a correct implementation thereof. How GDPR and cookies relate to each other? The GDPR has been in effect for some time, namely since 25 May 2018. Broadly speaking, this means three things:
- And so you also have to make agreements for your WordPress website with other parties that have access to your website. Think of your hosting party, editorial members, administrators, and parties that, for example, have access to personal data through a plugin.
In fact, the cookie law already existed, which makes it mandatory for websites to ask their visitors for permission to collect privacy-sensitive data. The GDPR links this section to the entire privacy legislation, as it were, and immediately makes it a lot more serious. Especially in the sense that nowadays there are stricter controls and hefty fines can also be handed out.
How do I create a legal (WordPress) cookie?
Every website that receives visitors from Europe must request permission to collect privacy-sensitive data. First of all, it is important to know that the cookie law makes an exception for cookies that are not privacy-sensitive. These are often cookies that make a website work properly. For example, think of:
Websites use analytical cookies to, for example, keep track of visitor statistics. This gives them better insight into the functioning of the website. Analytical cookies have hardly any consequences for privacy.
Functional cookies are necessary for a service or webshop to function. These are, for example, files that keep track of what is in a shopping cart.
Do you only measure this kind of data? Then it is often not necessary to ask for permission from your visitors and you do not have to use a WordPress cookie plugin.
However, the cookies that almost always require consent are those related to tracking. These types of cookies keep track of individual surfing behavior and create profiles to enable targeted advertisements, for example. Tracking cookies continue to process personal data. But how do you then ask for permission?
According to the GDPR, consent is only valid if it is freely given, specific, informed, and unambiguous.
This means that:
- The visitors of your website should also be able to refuse permission for tracking
- It must be clear what exactly you are asking permission for
- Your visitors should be given enough information about what happens to their data after they give consent
- Visitors must actually give permission with an active act (‘who is silent, consents’ does not apply).
- Offer visitors a choice between ‘yes’ and ‘no’ by means of a clear banner. In this way, you at least meet the choice requirement for unambiguous consent.
- You are not allowed to place a cookie wall so that visitors are denied access if they do not accept cookies.
- You must be able to demonstrate that your visitor has actually given permission for their data to be tracked
WordPress cookie plugin top 3
It is also not possible for a plugin to find out what cookies you use on your WordPress website. That is why you will have to get started with placing a script that ensures that the cookies are placed correctly with your visitors. For example, you do not want certain cookies to be loaded even though the visitor has not given permission for this. The best cookie plugins are therefore the ones that offer the option of accepting or not accepting certain cookies.
WordPress cookie plugin 1: GDPR Consent
With the GDPR Consent plugin, you can prevent your website from collecting personal data before your visitor has given permission for this. The GDPR requires that visitors to your website must first give permission, but also that you may not use a cookie wall to implement this.
Your website must therefore continue to work, even if no permission has yet been given for cookies. For many WordPress websites, this means that some WordPress plugins (for example, Google Tag Manager, Adwords, Facebook Pixels, and Remarketing plugins) may only be activated after your visitor agrees.
With the GDPR Consent plugin, you can define ‘consents’ (permissions) and tick which plugins may be activated after approval has been given. Your visitors will see a narrow popup bar at the bottom of your website where they can give their permissions (eg for Remarketing, Statistics, and Advertisements).
Depending on those permissions, the plugins are turned on for that specific visitor. This plugin is released by Sowmedia on WpUpgrader.com, our English language platform.
WordPress cookie plugin 2: CookieYes
In terms of styling, this plugin has a lot to offer. You can completely customize the style of the cookie notice to match your WordPress website’s branding: change the colors, fonts, styles, position on the page, and even how it behaves when ‘Accept’ is clicked.
Furthermore, the plugin integrates seamlessly with the official Facebook Pixel, Instagram & Twitter Feeds, and Google Tag Manager.
WordPress cookie plugin 3: Complianz
Furthermore, periodic Cookie Scans are performed for changes in cookies, plugins, and 3rd Party services. Furthermore, this plugin also offers full integration with third-party software such as Google Tag Manager, Google Analytics, and the official Facebook Pixel.
for website maintenance service contact us.