Site Owner’s Guide to GDPR


This article is written in collaboration with a law agency. However, it is intended for general information purposes only. It does not constitute a client-attorney relationship or personalized legal advice.

In this guide, we will walk you through GDPR step by step and give you specific, detailed instructions on making your WordPress site compliant.

For each requirement, we well first explain the legal background in human-readable language. Then, we will show you how to implement the related requirements on your website using the WordPress GDPR Framework, a free open-source plugin we built exactly for this purpose. Finally, we will briefly go over the obligations that GDPR puts on your business in general.

We’ve also put together a knowledge base to answer more specific questions and discuss various annoying corner cases regarding GDPR and WordPress, WooCommerce, Easy Digital Downloads, Gravity Forms and other plugins.

Table of Contents

  1. GDPR: The important parts

  2. Getting started with GDPR Compliance

  3. Definitions you need to know

  4. Privacy Tools Page: Access, export and delete personal data

  5. Setting up the Privacy Policy

  6. Legal grounds for processing data

  7. Making your forms compliant

  8. Plugins and GDPR

  9. E-commerce

  10. Requirements to your business

  11. Publishing the updates to your site

  12. Knowledge Base

If you have a simple website, it’s entirely possible that you can take care of the compliance process by yourself and might not need to involve a developer or lawyer. However, if you have an e-commerce or membership site, we recommend getting in touch with a legal professional to help you with the nooks and crannies of GDPR. We can help with that – get in touch!

Ready? Get started!