Chapter 11

When should you publish the changes you’ve made?

Now that you hopefully have a good understanding GDPR, take another critical look at your website. Does your Privacy Policy cover everything important (even if not very specifically)? If someone requests to download or delete their personal data, do you have everything covered (including plugins and custom-built features)? Have you double-checked all your forms?

If the answer is yes, then you’ll probably want to publish the Privacy Policy and Privacy Tools pages immediately as well as enable all features of The GDPR Framework. Remember – GDPR also works retroactively. This means that it also applies to any data you have gathered before May 25th. So it’s better to start doing things properly right away.

If the answer is no, then you shouldn’t publish anything yet. If your visitors accept the Privacy Policy, but it’s missing something important, then you’ll need to ask for their acceptance again once you’ve updated the policy. If you allow your visitors wish to delete their personal data via the Privacy Tools page, but some data from a plugin is left in your database, then you might get in trouble. If this is the case, check back here in May and be prepared to do some additional work.

That’s all!

Congrats – you’ve taken the first major step towards GDPR compliance!

However, keep in mind that compliance is a process. It’s not something you can do once and never have to think about again. GDPR is here to stay and you’ll need to keep it in mind whenever you add new features to your website.

If you have additional questions, check out our knowledge base. If you can’t find answers there, post your question in the comments or to the WordPress.org support forum.

If you need help with making your site GDPR-compliant, we’re happy to help. 

← Previous | Next →