latest version

Use and Features

Note

Before using this plugin, please read the explanation for the use of this plugin in:

GDPR standardizes data protection law across all 28 EU countries and imposes strict new rules on controlling and processing personally identifiable information (PII). From 25 May 2018 every website collecting data from EU citizens must need the GDPR requirements.

Use and its Features are as follows:

In your wordpress dashboard, navigate to GDPR:

../_images/plugin3.png

Ultimate GDPR

../_images/plugin4.png
  • Introduction

    • This will show a summary of the use and purpose of GDPR and features of the GDPR Plugin.
  • Available Shortcodes

    • Shortcodes that can be used to show features of GDPR.
  • System Requirements

    • System requirements for the plugin to work.
  • Forms skin

  • Export/import options

    • Export Plugin Settings - Export current plugin settings into a file. It can be imported to another website with GDPR plugin.
    • Import Plugin Settings - Import a file that have GDPR plugin settings. The current setting of the GDPR plugin will be overwritten.
    • Export Services - Export services from service manager.
    • Import Services to Service Manager- Import a file that has services saved.

Services Manager

This is where the cookies that are detected are saved. You can change the cookies’s details here. You can also make a customized cookie to be blocked from your site.

../_images/add21.png
  • Title - Used only for admin user to navigate through services.
  • Service name - Name of the service which will be displayed in table created using [render_cookies_list] shortcode.
  • Script names - Comma separated names of java-script scripts which are to be blocked, to prevent creation of unwanted cookies.
  • Cookie names - Comma separated names of cookies which are to be blocked. It’s important use actual name of cookie, not name of service.
  • Type of cookie - Pick the group the cookies belong.
  • First or Third party? - Option to choose if the cookie is created by the site or by a 3rd party.
  • Can be blocked? - Option for the cookie to be blocked.
  • Session or Persistent? - If cookie is deleted when session ends, or if it has set expiry date.
  • Expiry Time - Fill only if cookie is Persistent.
  • Purpose - Purpose of the cookie.
  • Is active? - Option to activate or deactivate. Only services which are active, are being blocked.

What Cookies are used on your website

Note

Functionality available since version 1.4

You can render the table with all cookies collected by your website with simple shortcode: [render_cookies_list]

Active cookies will be displayed in a table, like the following:

../_images/cookies-list.png

Note

Your website should be publicly accessible to correctly detect all cookies that are used on it

Terms and Conditions

Here you will set a page as the Terms and Conditions page, set conditions, and set the page where to redirect.

../_images/plugin7.png
  • Instructions - This is how to add a button for consent to accept the terms and condition on the page.
  • Require logged in users to accept Terms and Conditions (redirect) - Option to have the users logged in first to be able to accept the terms and conditions.
  • Require not logged in guest to accept Terms and Conditions (redirect) - Option to allow non-logged in users to accept the terms and conditions.
  • Page with existing Terms and Conditions - Select a page where the terms and conditions are written.
  • Page to redirect to after Terms accepted - The page where to redirect after terms and conditions are accepted.
  • Shortcode Button Styling - How the button for the shortcode looks. You have 2 options: Theme Default or Cookie box buttons
  • Set consent expire time [s] - Time, in seconds, when the terms and condition is still visible.
  • Terms version, eg. 1.0 (if you change it, user has to give consent again) - The version of the terms and conditions.
  • Convert the following text to Terms and Conditions link in all services templates, eg. ‘Terms and Conditions’ - You can make the word you set in the textbox as a link to the Terms and Conditions page.
  • Do not block user agents (eg. bots) containing the following texts (comma separated)
  • Download consents log - Button for the admin to download the consent logs of terms and conditions. The downloaded file will be in a .txt format.

Note

If Require logged in users to accept Terms and Condition is enabled, the user can’t be redirected to other parts of the site until the user logs in and accepts the Terms and Conditions.

Privacy Policy

Here you will set a page as the Privacy Policy page, set conditions, and set the page where to redirect.

../_images/plugin9.png
  • Instructions - This is how to add a button for consent to accept the privacy policy on the page.
  • Require logged in users to accept Privacy Policy (redirect) - Option to have the users logged in first to be able to accept the privacy policy.
  • Require not logged in guest to accept Privacy Policy (redirect) - Option to allow non-logged in users to accept the privacy policy.
  • WordPress Privacy Policy page - Link to create or use the default privacy policy of wordpress.
  • Page with existing Privacy Policy - Select a page where the privacy policy are written.
  • Privacy Policy Custom URL - URL link for the Privacy Policy that is not in the site.
  • Page to redirect to after Privacy Policy accepted - The page where to redirect after privacy policy are accepted.
  • Shortcode Button Styling - How the button for the shortcode looks. You have 2 options: Theme Default or Cookie box buttons
  • Set consent expire time [s] - Time, in seconds, when the privacy policy is still visible.
  • Privacy Policy version, eg. 1.0 (if you change it, user has to give consent again) - The version of the privacy policy.
  • Redirect to Privacy Policy first (if Terms and Conditions also redirect) - Option to show privacy policy first when user opens the site.
  • Convert the following text to Privacy Policy link in all services templates, eg. ‘Privacy Policy’ -
  • Do not block user agents (eg. bots) containing the following texts (comma separated)
  • Download consents log - Button for the admin to download the consent logs of privacy policy. The downloaded file will be in a .txt format.

Note

If Require logged in users to accept Privacy Policy is enabled, the user can’t be redirected to other parts of the site until the user logs in and accepts the Privacy Policy.

Right to be Forgotten

Here you can set details for when users request for deletion of stored data.

../_images/plugin10.png
  • Admin email to send new request notifications to - Where the email for the request is sent.
  • User notification email subject - Title of the Email sent for the request.
  • User notification email message - Content of the Email that is sent for the request.
  • Set custom URL to page containing Ultimate GDPR shortcode for e-mail confirmations (or leave empty for autodetect) - URL link to the page for e-mail confirmation.
  • [bbPress] Enter the existing user’s email whom the posts will be reassigned to (or leave empty to delete them when forgetting) - Email for whom the posts will be re assigned to.
  • Right To Be Forgotten requests list - List of users that sent the request.

This is the front end form:

../_images/plugin17.png

In the front end form, the user can choose which personal data on the site can be forgotten. With this, an email request will be sent to the website admin once the request is Submitted.

Note

The email that the user enters in the form is the email where the user will get his reply or notification for the request.


This is an sample Email for the request:

../_images/plugin18.png

Note

To add the front end form on a page, create a page and add this shortcode : [ultimate_gdpr_myaccount]

Data Access

Here you can set details for when users request for data access.

../_images/plugin11.png
  • Email to send new requests notifications to - Where the email for the request is sent.
  • Mail title - Title of the Email sent for the request.
  • Mail content - Content of the Email that is sent for the request.
  • Data access requests list - List of users that sent the request.

This is the front end form:

../_images/plugin23.png

Note

The email that the user enters in the form is the email where the user will get his reply or notification for the request.

This is an sample Email for the request:

../_images/plugin20.png

Note

To add the front end form on a page, create a page and add this shortcode : [ultimate_gdpr_myaccount]

Data Breach

Here you can set details for when there is a data breach in the site. An email will be sent informing about data breach to all users which left their email at your site.

../_images/plugin12.png
  • Mail title - Title of the Email sent for the request.

  • Mail content - Content of the Email that is sent for the request.

  • Collect user emails from services - Option to collect emails form the following plugins if enabled.

    • ARForms
    • Gravity Forms
    • Mailster
    • Woocommerce
    • WP User data
    • WP Simple Paypal Shopping Cart

Data Rectification

Here you can set details for when users request for data rectification.

../_images/plugin19.png
  • Email to send admin notifications to - Where the email for the request is sent.
  • User Mail title - Title of the Email sent for the request.
  • User Mail content - Content of the Email that is sent for the request.
  • Set custom URL to page containing Ultimate GDPR shortcode as the e-mail confirmation target page (or leave empty for autodetect)
  • Data rectification requests list - List of users that sent the request.

This is the front end form:

../_images/plugin22.png

The data the user adds in the Current data text area will be overridden/replaced by the data the user adds in Rectified data text area. Once submitted, an email will be sent to the site admin to notify him of the request.

An email to notify the user that the request is accepted will be sent once the admin of the site selected the email of the user he would like to approve the request and clicked on Send data to selected emails button.

Note

The email that the user enters in the form is the email where the user will get his reply or notification for the request.

Unsubscribe

Option to delete user’s data on their requested service once the user confirmed their email.

../_images/plugin28.png
  • Hide Unsubscribe Tab - This option hide the Unsubscribe tab of the GDPR shortcode.
  • Automatically unsubscribe users who confirmed their mail - Option to automatically unsubscribe the user without admin confirmation once the user confirmed their email.
  • Automatically send email about unsubscription to users who confirmed their email - Option to automatically send an email about the unsubscription once the user confirmed their email.
  • Email to send admin notifications to - Where the email for the request is sent.
  • User Mail title - Title of the Email sent for the request.
  • User Mail content - Content of the Email that is sent for the request.
  • Set custom URL to page containing Ultimate GDPR shortcode as the e-mail confirmation target page (or leave empty for autodetect)
  • Data rectification requests list - List of users that sent the request.

A confirmation email will be sent to the user’s email to confirm the request to unsubscribe to this service.

Note

The email that the user enters in the form is the email where the user will get his reply or notification for the request.

This is an sample Email for the confirmation:

../_images/plugin30.png

Services

A checkbox for consent can be added at the first field or at the last field of the form. These options can be added to the Services that gathers personal information from users.

../_images/plugin13.png

Services options

  • Recaptcha key (for myaccount shortcode submissions) - Used to add reCAPTCHA to your site.
  • Recaptcha secret key (for myaccount shortcode submissions) - Used for communication between your site and Google. Be sure to keep it a secret.

Note

To create a new Google reCAPTCHA for your site, click on this link.

Addthis:

  • [Addthis] Block Addthis cookies when user doesn’t accept Functionality cookies - Option to block Addthis cookies if Functionality cookie level is not set.

ARForms:

  • [ARForms] Description - What is shown in the page to describe the ARForms.
  • [ARForms] Inject consent checkbox to all forms - Option to add consent check box in all pages with ARForms.

bbPress:

  • [bbPress] Description What is shown in the page to describe bbPress.
  • [bbPress] Inject consent checkbox to all forms Option to add consent check box in all pages with bbPress.

BuddyPress:

  • [BuddyPress] Description - What is shown in the page to describe the BuddyPress.
  • [BuddyPress] Inject consent checkbox to all forms - Option to add consent check box in all pages with BuddyPress.

Contact Form 7:

  • [Contact Form 7] Description - What is shown in the page to describe the Contact Form 7.
  • [Contact Form 7] Inject consent checkbox to all forms - Option to add consent check box in all pages with Contact Form 7.
  • [Contact Form 7] Inject consent checkbox as the first field instead of the last - Option to add the consent checkbox at the first field in the Contact Form 7.

Events Manager:

  • [Events Manager] Description - What is shown in the page to describe the Events Manager.
  • [Events Manager] Inject consent checkbox to all forms - Option to add consent check box in all pages with Events Manager.

Facebook Pixel:

  • [Facebook Pixel] Block Facebook Pixel cookies when user doesn’t accept Advertising cookies - Option to block Facebook Pixel cookies if Advertising cookie level is not set.

Formidable Forms:

  • [Formidable Forms] Description - What is shown in the page to describe the Formidable Forms.
  • [Formidable Forms] Inject consent checkbox to all forms - Option to add consent check box in all pages with Formidable Forms.
  • [Formidable Forms] Inject consent checkbox as the first field instead of the last - Option to add the consent checkbox at the first field in the Formidable Forms.

Gravity Forms:

  • [Gravity Forms] Description - What is shown in the page to describe the Gravity Forms.
  • [Gravity Forms] Inject consent checkbox to all forms - Option to add consent check box in all pages with Gravity Forms.
  • [Gravity Forms] Inject consent checkbox as the first field instead of the last - Option to add the consent checkbox at the first field in the Gravity Forms.

Mailchimp:

  • [Mailchimp] Description - What is shown in the page to describe the Mailchimp.
  • [Mailchimp] Inject consent checkbox to order fields - Option to add consent check box in all pages with Mailchimp.
  • [Mailchimp] Inject consent checkbox as the first field instead of the last - Option to add the consent checkbox at the first field in the Mailchimp.

Mailster:

  • [Mailster] Description - What is shown in the page to describe the Mailster.
  • [Mailster] Inject consent checkbox to all forms - Option to add consent check box in all pages with Mailster.
  • [Mailster] Inject consent checkbox as the first field instead of the last - Option to add the consent checkbox at the first field in the Mailster.

Quform:

  • [Quform] Description - What is shown in the page to describe the Quform.
  • [Quform] Inject consent checkbox to all forms - Option to add consent check box in all pages with Quform.
  • [Quform] Inject consent checkbox as the first field instead of the last - Option to add the consent checkbox at the first field in the Quform.

Woocommerce:

  • [Woocommerce] Description - What is shown in the page to describe the Woocommerce.
  • [Woocommerce] Inject consent checkbox to order fields - Option to add consent check box in all pages with Woocommerce.
  • [Woocommerce] Inject consent checkbox to account forms - Option to add consent checkbox in Woocommerce register form.
  • [Woocommerce] Inject consent checkbox to checkout - Option to add consent checkbox in Woocommerce checkout page.
  • [Woocommerce] Additional checkout consent label - Text added here will be shown in the additional consent checkbox.
  • [Woocommerce] Inject additional consent checkbox to checkout - Option to add consent check box in checkout page (this consent isn’t required to be accepted by the user).

WP Comments:

  • [WP Comments] Description - What is shown in the page to describe the WP Comments.
  • [WP Comments] Inject consent checkbox to comments fields - Option to add consent check box in all pages with WP Comments.

WordPress Posts:

  • [WordPress Posts] Description - What is shown in the page to describe the WordPress Posts.

WP User data:

  • [WP User data] Description - What is shown in the page to describe the WP User data.
  • [WP User] Inject consent checkbox to User network signup form fields
  • [WP User] Inject consent checkbox to User register form fields
  • [WP User] Inject consent checkbox to lost password form fields

WP Job Manager:

  • [WP Job Manager] Description - What is shown in the page to describe the WP Job Manager.

WP Simple Paypal Shopping Cart:

  • [WP Simple Paypal Shopping Cart] Description - What is shown in the page to describe WP Simple Paypal Shopping Cart.

Note

If you would like to add the checkbox for consent in a different place than the one provided by the GDPR Plugin, click on this link for a sample on how to do it. The sample is using Contact Form 7 but you can do this with other forms.

This is how it would look on the page.

../_images/plugin14.png
../_images/plugin27.png

Pseudonymization

Here you can set which information are encrypted.

../_images/plugin15.png

Warning

This feature is experimental and may lead to irreversible data lost! After encryption, it may be impossible for anyone to decrypt your data. Read Instructions first, before setting the encryption.

  • Automatically encrypt new data - Option to automatically encrypt new data inputted in the site.

  • Automatically decrypt all data on the fly (if you have anything encrypted, this is recommended) - Option to automatically decrypt all data inputted in the site to the database.

  • Select data to encrypt - Select which data are encrypted in the site.

    • [Woocommerce] Pseudonymize first and last name - Option to encrypt the first and last name when using woocommerce.
    • [Woocommerce] Pseudonymize address information - Option to encrypt the address information when using woocommerce.
    • [Woocommerce] Pseudonymize billing email - Option to encrypt the billing email when using woocommerce.
    • [WP User data] Pseudonymize first and last name - Option to encrypt the first and last name when using WP user data.
    • [WP Simple Paypal Shopping Cart] Pseudonymize user order data - Option to encrypt the user order data when using WP Simple Paypal Shopping Cart.

Plugins

Here you can see which plugins are compatible with the GDPR plugin.

../_images/plugin16.png