First, What is GDPR?
The General Data Protection Regulation (GDPR) is the new reference text at European level for the protection of personal data. It strengthens and unifies data protection for individuals in the European Union.
This regulation will enter into account from May 25, 2018. If your site is not GDPR compliant, you risk heavy penalties. I think sites will be punished after a few months but it is still better to do it now 🙂
Who is concerned?
What should I do?
Make a site GDPR compliant is different for each site but here are some points to check:
1. Google Analytics
In order to be compliant with the new regulation, Google included a data processing amendment.
2. Your Forms
I don’t really understand why it has bad reviews, I think many users didn’t really understand its purpose or maybe it was not as good as it is now, but this plugin doesn’t make your site automatically GDPR compliant but help you a lot to make the task easier.
WP GDPR Compliance is very simple to use, you just need to activate it and go to Tools > WP GDPR Compliance. I use Gravity Forms on my site, so I added the checkboxes on all my forms and for the WordPress Comments too.
There is also WP GDPR Compliance who have a setting for WooCommerce.
You can take example of my page if you want: https://oceanwp.org/privacy-policy/
You can see in this post that it is not difficult to make a WordPress site GDPR compliant. You just have to keep in mind that every time you collect personal data from a European user, you have to let them know that their data is being collected.