Do your WordPress cookies comply with the data privacy laws? - Photo by Format from PexelsWordPress is one of the most popular content management systems (CMS) and have many users from all over the world. Maybe you also use it for your own website? But are you aware of whether your WordPress cookies comply with the GDPR, ePR, CCPA and other data privacy laws around the world?

If you are not sure, it is a very good idea to make sure that your website complies with the legislation, so you do not risk getting fines. Actually, you risk being fined up to €20 million – or 4% of your organisation’s yearly turnover.

Why is it important to protect personal data?
Every individual is entitled to their privacy. Therefore, organisations and business collecting data from their uses are required to protect their users from misuse and abuse of this data.

Maybe you think: “I do not abuse or misuse the collected information”. But often the data is also distributed to third parties (for example if you use Google Analytics, social media buttons and embedded videos). And you also need to give your users the opportunity to opt out of these kinds of cookies.

Why is data valuable to third parts?

Data has become one of the most valuable things for third parts, as they can use people’s data to target advertising directly to you. When people see an ad on Google or Facebook, they have most likely visited pages that are related to the product of the service, which is featured in the ad. Therefore, data has become very valuable for third parts.

The user is becoming the product

You can in some way say that the user has become the product that third parts are making money from. When users are giving up their data to third parts, they also allow that the data can be used to commercial purposes. In that way third parts can benefit from the data and use it to make money, as data has become very valuable.

Go through your data processing activities
It is different from website to website how to make sure that it is compliant, but in this article, you get some of the tips to find out.

First of all, you can go through your entire WordPress website and find out where the website collects data, where this data is stored and for how long. Examples of places where data is collected is:

  • IP-addresses, cookies, GPS-locations
  • E-commerce checkout pages and registration pages
  • Google Analytics, Hotjar and similar services

This way you get an overview of the ways in which your website collects personal data from your visitors.

Use a WordPress plugin
The easiest way to become GDPR- ePR and CCPA compliant is to install a WordPress plugin like for example Cookiebot. If you install a plugin like this, your website visitors will be met by a consent banner when they visit your site. The banner allows for your visitors to opt in and out of cookie categories, and this is a key element in the different data privacy laws.

The plugin works by scanning the entire website to find all cookies and other tracking tools. After this, the cookies and tracking tools are blocked, until your visitors have actively chosen which categories to activate.

Consider investing in a lawyer
If you find it hard to navigate in the different rules and legislation on the area, it can be a good investment to contact a lawyer. This way, a professional can investigate your specific situation and make sure that you comply with all rulings.

CookiebotCookiebot is an online solution developed by Usercentrics that automatically makes your website cookie compliant with several legislation around the world – among others the GDPR and CCPA. Cookiebot provides you with expert knowledge and the most relevant information about ePrivacy and cookie consent for you as a citizen.


Please enter your comment!
Please enter your name here