bookmark_borderWordPress, Gravity Forms, and GDPR Compliance

If you’re on this page, you’ve probably heard about GDPR compliance, but aren’t quite sure how your forms or WordPress site in general. Your best option is always to consult legal counsel, but we’ll try to get things clarified for you in the meantime.

What Is GDPR Compliance?

On May 25, 2018, new regulations will go into place within the EU that pertain to data collection. You can find the full overview via official sources, but here’s the gist:

In the simplest terms, what GDPR (General Data Protection Regulation) does is protect users from unauthorized data collection by requiring explicit consent. If data is being collected and stored, the individual providing the information needs to be aware of it and give permission before any action is taken.

Along with providing permission to collect data, the GDPR requires that users are able to request access to their data and have it removed if requested.

How Can I make Gravity Forms and My WordPress Site GDPR Compliant?

Once again, we’re not lawyers so you’ll want to confirm this with legal counsel, but here’s our recommendation:

Providing Consent

The easiest way to comply would be to add a required checkbox to any forms that need to be compliant. Adding a simple checkbox field that states something along the lines of “I consent to my submitted data being collected and stored” will usually do the trick.

Be sure to make it a required field, and the first part is done. This way, you’ll know that every submission is compliant because without providing consent, the submission would not complete.

Data Requests

Part of GDPR compliance also requires that users are able to request access to their data at any time. To handle this, the data could be requested manually or automatically using either a bit of custom code, or an add-on such as GravityView. Data modifications would be as simple as editing the form entry.

We hope we’ve clarified things a bit for you on making your forms GDPR compliant. If you have any additional questions, feel free to reach out to support. Of course, for specific details on the legal requirements, it’s always best to talk to a lawyer.