How to ensure GDPR compliance with 3rd party plugins

Disclaimer

This article is written in collaboration with a law agency. However, it is intended for general information purposes only. It does not constitute a client-attorney relationship or personalized legal advice.

Making sure that all the various plugins from various developers around the world are GDPR-compliant is one of the biggest challenges the WordPress ecosystem faces regarding GDPR. Unfortunately, we’re not yet exactly sure how this is going to work out.

For now, The WordPress GDPR Framework provides tools and a simple to use API for plugin authors to make their plugins compliant. However, an official GDPR working group has now been put together by the WordPress team. They are working on making WordPress itself compliant as well as providing some tools to help site owners. The compliance of plugins is something that they will also need to address. This means that it might make more sense for plugin authors to wait for the official release instead of doing the same work twice.

But then again, we don’t really know when the official compatibility update will be released. If the update is released too late, will plugin authors have enough time to make their plugins compliant? We also don’t know which problems the core team addresses and which ones they will consider to be out of scope.

The same applies basically for all other major plugins. We can assume that they will put at least some sort of effort towards GDPR compliance (if they don’t, then we’ll do it ourselves!). However, we don’t know when these updates will be released and we don’t know which problems they solve and which problems they will consider out of scope.

As a site owner, there’s not much you can do right now – the options are either to wait or to hire a developer to implement compatibility for your 3rd party plugins using The WordPress GDPR Framework right now.

We at Codelight don’t really plan to wait with this – we are going to make our customers’ sites compatible before the 25th of May (that’s a time-consuming process in itself anyway). If compatibility for core and plugins is added later, then we will modify The WordPress GDPR Framework to work with the existing compatibility tools.

Make sure you sign up to the newsletter below and we’ll notify you of any important developments in this area!

Page:

GDPR Framework WordPress Plugin Knowledge Base
Page:

CCPA Framework Developer Documentation
Page:

Welcome to the GDPR, CCPA, LGPD Frameworks WordPress Plugin Knowledge Base
Page:

Plugin Setup
Page:

CCPA Framework Plugin Setup

A-C
- about
- activate
- activation
- anonymize
- cache
- ccpa
- change
- children
- consent
- contact
D-E
- developer
- documentation
- donotsell
- download
- dpo
- e-commerce
- edd
- eu
- exclude
F-J
- faq
- form
- formidable
- forms
- gdpr
- general
- gravity
- guide
- install
- installation
- instructions
K-O
- key
- legal
- lgpd
- license
- localization
- logs
- move
- ninja
- officer
- owner's
P-Q
- payment
- paypal
- plugin
- policy
- premium
- pricing
- principles
- privacy
- privacytools
- pro
- processing
R-S
- renew
- seal
- security
- setup
- shortcodes
- site
- standards
T-Z
- terms
- tools
- transfer
- translate
- translation
- translations
- welcome
- wizard
- woocommerce
- wordpress
0-9
- 7

Related articles