The internet is buzzing with panic about GDPR compliance at the moment, and rightly so, the deadline is nearly here. But is GDPR compliance really that hard? We've got the info you need to make your Formidable forms GDPR compliant!
GDPR compliance is all about protecting privacy
This is something that we at Formidable support 100%. But protecting privacy in an information-driven world has its complications!
Before you continue reading, start with part 1: how to make GDPR Compliant WordPress forms. You'll learn more about how to get "explicit consent" from users submitting your forms and the basics of the "Right to Access" and "Right to be Forgotten". Today I want to delve deeper into those last two points, and give a step by step guide to meeting those specific requirements.
Please note that GDPR does not apply to forms that do not collect or store personal data. If you're running an anonymous survey, poll, or quiz that does not collect personal data, your forms are not affected.
What do these GDPR requirements mean?
Right to Access. You must provide a way for users to request access to, and view the data you have collected from them.
Right to be forgotten. You must also give users a way to withdraw consent and delete personal data collected from them.
GDPR may be European law, but its reach extends worldwide. GDPR compliance isn't limited to companies within the EU, but also to any company collecting data from users inside Europe. If you are a California-based company, but have users from France filling out your forms - GDPR affects you!
6 steps to improve GDPR compliance
Formidable's front-end editing is allows you to setup ways for logged-in users to easily edit or delete their data. This covers the "Right to Access" and "Right to be Forgotten".
1. Allow front end editing
On the settings page for your form, scroll down to 'Permissions'. Check the Allow front-end editing of entries box. Determine which user role can edit their own submissions and which user role can edit responses submitted by other users.
2. Build a data management View
This View will be used to display all data submitted via your form. It gives your users a simple overview of their data and allows them to manage it.
You should create an "All Entries" View and select the correct form to display data from. In the content box, insert fields that allow a user to recognize different submissions at a glance. Fields like a title, date or address should be used so each submission is immediately identifiable from the list.
3. Filter your View by the current user
Your View needs to be filtered by the current user, so that each user only sees their own entries.
**Pro Tip** If you haven't already got a UserID field in your form, go to the form builder page for the form that is connected to your View and add one now.
Scroll down to the Advanced Settings for your View. In the 'Sort & Filter' section click the '+Add' button next to "Filter Entries". Set up the filter so it says 'User ID is equal to current_user'.
4. Allow editing of submitted data
First you will need to make a note of the page ID where your form is published. Your permalinks structure may show the numeric page ID in the browser bar. If not, edit that page, and the ID will be visible in your browser address bar.
Once you have that page ID, add an edit link to the View's Content box - Replace 'y' with the Page ID where your form is published:
[editlink label="Edit" page_id=y]
5. Allow users to delete their data
Formidable also allows users to delete their own entries. Simply add the deletelink shortcode into your View Content box like this:
[deletelink label="Delete"]
This shortcode automatically retrieves the appropriate entry ID from the View or form where it is inserted.
6. Publish your View on an "Account" page.
Once your View is complete, create an "Account" or "Data Management" page on your website. Insert your View shortcode on this page, and link to this page from your privacy policy. You can even add this page to your main navigation if you like. Since the page only loads data for the current user, there is no risk of private data being visible to logged-out or unregistered visitors.
Your users can visit this page and see a list of all their previous submissions. They can click the "Edit" link to update any entry they choose or the "Delete" link to remove that data permanently.
Bonus steps
Don't save IP addresses - Did you now that many forms which do not appear to collect personal information still are not GDPR compliant? This is because many forms save IP data by default and Formidable is no exception. IP address saving can be disabled easily though. Simply go to your Formidable -> Global Settings page and scroll to the bottom. Check the box for "Do not store IPs with form submissions." - and you're done!
Don't save entries - If you have a contact form that emails the data or a form that sends the data to another site, there may be no reason to store entries on your server. In this case you can disable storing of entries completely. Just check the box on the settings page for your form.
Auto delete entries - Did you know you can auto-delete entries after 30 days with the Form Action Automation and API add-ons? This step may help GDPR compliance in cases where users submitting forms are not logged-in. If users cannot manage their own entries, auto deletion of data can help you comply with GDPR.
The GDPR deadline is almost here so don't delay. Make your WordPress site and data collection 100% compliant today!
Not using Formidable Forms yet? Make the switch to the WordPress forms builder with the GDPR compliance solution you need.
How to Create an Anonymous Survey in WordPress
How To Use the Mailchimp GDPR Marketing Options
How to Make GDPR Compliant WordPress Forms
Great article, Nathanael. Here's my two questions:
For sites and shops that only cater US customers, can you recommend a way to block visitors by location? I think that would be enough of an added measure for most of my projects.
Any thoughts on the comment in a previous GDPR post about deleting user info from email hosts?
I believe the WordFence plugin allows you to block users from specific countries - which should be enough for many US based companies to comply with GDPR.
Email stored on a host is something that would need to be investigated on a case by case basis - especially if you use IMAP. Personally I use POP3 connections to make sure all messages are downloaded to my local machine and not stored online.
I have a question. Forgive my ignorance on this one. If I already do not save entries or ip addresses... how am I able to do your 6 steps. There is no data to dish up in my case correct?
If your form does not save entries then there is no action you need to take on the Formidable side of things - although you should ensure that no form data is stored online on your email server...
Ok. That's what I thought. So, all the forms come to my email and I could make sure I delete them but how do I prove that? Is that enough?
I very much appreciate the simple way of explaining this topic. Now, part of GDPR compliance is allowing users to delete personal information. Using Formidable Pro and Formidable Registration, how do I allow users to not just edit but delete their profile?
Can you please open a ticket in our help desk with this query?
Hello, I am in Mexico, nor my site nor my businees has relation to EU countries, so if I block EU contires by not allwoing EU IP's will be that sufficient to pass on GDPR ?
So far as I understand it, yes, this should be sufficient.
However, this comes with a disclaimer - I'm not a legal professional, so you should research carefully how GDPR applies to your specific circumstances. Always double check!
Hi, and thanks for your explanatory article.
Right now my website only collects names and e-mail addresses of non registered users and I am based in EU. I guess I could use the auto-delete function in order to be GDPR compliant but I actually need to keep those data. What can I do to allow users to still access and delete their data without being registered users?
Regards
Hi Antonio,
I'm afraid registration/login is required to allow users to access and delete their data - - its the only practical way for the system to know which data belongs to which user.