GDPR Compliance with Ninja Forms

Ninja Forms offers a variety of features that will help make GDPR compliance easier with your WordPress forms. Specifically, these features will help you:

Please be advised that this is not legal counsel. Qualified legal counsel should be sought where there are specific questions about GDPR compliance. These features are only meant to facilitate compliance by reducing the steps a website administrator needs to take to meet common standards under the GDPR.

Informing Users that a Form Collects Personal Data

The Right to Access states that a user must be informed if data is being collected, what data is being collected, how, where, and for what purpose. This information is best detailed in a privacy policy. An HTML field can be placed on any of your WordPress forms in which personal data is being collected to notify users of such and to link to your privacy policy.

Requesting Explicit Consent

Requesting the explicit consent of every user before any data collection takes place is a fundamental requirement of GDPR compliance. Requests must be in clear, plain, easily understandable language free of legalese. It also must stand alone from other matters or requests and not be buried in other text.

Single Checkbox and Checkbox List fields are the clearest way to confirm explicit consent. Setting them to Required means a user cannot submit the form unless consent has been granted:

Note that a checkbox is not required for every form that collects personal data. A checkbox isn’t required if the only actionable use for the data collected is communicated clearly via HTML field. If there may be additional actionable uses, then additional explicit consent is required.

For example, a newsletter signup form that links to your privacy policy and communicates clearly via HTML field that the intended use of the data collected is only to send newsletters, does not require an additional consent checkbox. The user is granting explicit consent by submitting the form for its stated use.

If additional actionable uses of the collected data may exist, for example also emailing marketing materials, then an explicit consent checkbox would be required.

Marking a Field as Personally Identifiable Information

By default, all stock User Information fields in your builder except for Zip, City, US States, and Country are marked as personally identifiable information. Any field created using a Single Line Text field can be marked as personally identifiable information. To do so:

  1. Enable Developer Mode.
  2. Click into the Single Line Text field’s settings and expand the Advanced settings.
  3. Toggle on (green) the “This field is personally identifiable data” setting.


Deleting Personal Data on Request

The Right to Be Forgotten stipulates that for GDPR compliance, users must be provided a quick and painless way to withdraw consent and have collected data purged.

1. Accepting a request

There is a stock form template, Delete Data Request, that can be placed on any page of your website. It can be found under Ninja Forms > Add New

There is also a Delete Data Request action that can be added to any of your WordPress forms:

Both the form template and the action hook into the WordPress Erase Personal Data feature. That is located in your WordPress dashboard under Tools > Erase Personal Data.

2. Complying with the request

When a user submits the Delete Data Request form or any form containing the action, that request will be viewable in your WordPress dashboard under Tools > Erase Personal Data.

With all new requests, WordPress sends a verification email to the email address provided in the form to confirm the email belongs to the submitter. At this time, the request will be labeled as Pending verification:



Once confirmation is received from the requester, the status will change to Verified and the request can be granted by clicking Force Erase Personal Data.

Exporting Personal Data on Request

Both the Right to Access and Data Portability requirements for GDPR compliance stipulate that data subjects are able to request, obtain, and/or transfer possession of collected data at any time. That data must also be provided to them in an electronic format free of charge on request.

1. Accepting a request

There is a stock form template, Export Data Request, that can be placed on any page of your website. It can be found under Ninja Forms > Add New:

There is also a Export Data Request action that can be added to any of your WordPress forms:

Both the form template and the action hook into the WordPress 4.9.6 Export Personal Data feature. That is located in your WordPress dashboard under Tools > Export Personal Data.

2. Complying with the request

When a user submits the Export Data Request form or any form containing the action, that request will be viewable in your WordPress dashboard under Tools > Export Personal Data.

With all new requests, WordPress sends a verification email to the email address provided in the form to confirm the email belongs to the submitter. At this time the request will be labeled as Pending verification:



Once confirmation is received from the requester, the status will change to Verified and the request can be granted by clicking Download Personal Data.

Disabling the Storage of Personal Data, or Setting it to Expire

It may be advantageous to you in some cases to elect not to store personal data at all, even if your WordPress forms may contain fields that ask for it. This is possible using the Store Submission feature. You can either elect not to store any data for a given form, or to store only data from specific fields.

To turn data storage off completely for a form, navigate to the Emails & Actions tab of the form, and toggle off the Store Submission Action (grey):

To disable data storage by field:

  1. Click onto the Store Submission action, expand the Advanced settings, and be sure “Save All” is highlighted in blue
  2. Select the form fields under “Except” that you do not wish to save data for

 

To set submission data to expire after a set amount of time, toggle on the Set Submissions to Expire setting and enter a value in days. Submission data will auto-delete after that many days.