Get access to free tutorials, exclusive content and more.

A Step-by-Step Guide to GDPR-Compliant WordPress Forms

For many small businesses and digital marketers, navigating the maze of GDPR-compliant WordPress forms can be daunting. All the rules around consent, transparency, data minimization, and individual rights can seem complex and overwhelming.

It doesn’t have to be.

This guide provides practical steps to ensure your WordPress forms are GDPR compliant, helping you foster customer trust.

Recognizing the supreme importance of GDPR compliance, Ninja Forms generously offers all related features at no cost. In the following sections, we’ll illuminate how to use these features effectively.

In this article

  1. GDPR explained: In brief.
  2. Asking for consent: How to create GDPR-compliant WordPress forms
  3. Bonus: Make your Mailchimp WordPress form GDPR-compliant

GDPR explained: In brief.

Simply put, GDPR is the EU’s gold standard that empowers internet users to control their personal data. Really it comes down to transparency and user rights. Here’s the lowdown:

  • Transparency First – Understand what data you’re collecting and secure it like Fort Knox. After all, cyber threats are everywhere!
  • User Rights – Every individual deserves to know the data you’ve got on them, how you’re using it, and guess what? They can ask for a copy or even its deletion!

Now that you have the low down let’s get down to form building.

Asking for consent: How to create GDPR-compliant WordPress forms.

Before you create your GDPR-compliant WordPress form, you must be able to answer all three of the following questions: What data are you collecting? How will the data be used? And how will you store that data?

Once you can answer these, head over to your WordPress privacy settings ( WP admin > Settings > Privacy ) and add them to your privacy policy.

Step 1. Create your GDPR-compliant WordPress form.

Now that you’ve created your privacy policy, it’s time to build your form with Ninja Forms. To begin, go to Ninja Forms > Add New, and select one of the pre-made templates. Next, add new fields or modify existing ones.

Ninja Forms form templates. GDPR compliant WordPress forms

 

Now enable any form fields you want to be anonymized. Toggle the THIS FIELD IS PERSONALLY IDENTIFIABLE DATA button under the Advanced setting to anonymize the data. By default, all User Information fields are set as personally identifiable data.

make form fields as personally identifiable data

Step 2. Add the GDPR agreement.

In your form layout, simply drag and drop (or click) the HTML field option. Once you’re in the HTML editor, paste the following text:

I consent to having this website store my submitted information so they can respond to my inquiry. Learn more in <a
href="yoursite.com/privacy">our privacy policy</a>.

GDPR HTML layout field

 

Customize the text as needed, but ensure you update “yoursite.com/privacy” with your actual privacy policy link. Add a Checkbox field and make it required. Doing this will prevent data from being submitted unless it was explicitly granted.

Checkbox asking for consent

That’s it. Pretty easy, right?

The next step of the GDPR compliance journey is exploring and erasing user data.  You can find out how in our step-by-step guide on automating WordPress GDPR export and delete requests. There you will learn how to generate export data and delete request forms in just one click.

Bonus: Get your Mailchimp WordPress form up to GDPR standards

If you use WordPress and Ninja Forms but love Mailchimp’s GDPR features, don’t worry! You can emulate Mailchimp’s detailed marketing and legal settings using just two Ninja Form fields with our Mailchimp add-on. Here’s how:

  1. Setting Up in Mailchimp: Begin by creating a custom field in Mailchimp, naming it something like “GDPR Consent.” When you link your WordPress forms to Mailchimp, connect your consent checkbox to this new field. This action ensures every subscriber’s consent is saved in Mailchimp.
  2. Consent for Communication: Add a checkbox list to your form, asking users for their preferred contact methods – be it email, phone, or both.
  3. Legal Text and Style: Add an HTML field to your form for any legal details, like how to unsubscribe or links to privacy policies. Adjust the text to resemble Mailchimp’s look.
  4. Reuse and Record: You can save and reuse these settings for other forms.

With these enhancements, your WordPress forms will swiftly align with GDPR requirements, ensuring your users recognize and value your commitment to transparency.

Success! Your WordPress Forms are Now GDPR-Compliant

In today’s article, we showed you how straightforward it is to create a GDPR-compliant WordPress form using the Ninja Forms core plugin. Want to delve deeper? Check out our detailed guides:

Ninja Forms doesn’t just stop at GDPR compliance. Our core plugin boasts a myriad of free features, like unlimited forms and submissions to customizable emails and submission exports. Seeking a versatile form builder? Dive deeper into what makes Ninja Forms your ultimate solution.