Helpful GDPR Resources

This post is to act as a store for lots of helpful GDPR resources and links that we keep referring back to. We’ll add to this post over time rather than writing new articles.

Information Commissioner’s Office / ICO

Everything about GDPR should start with the source of the oversight in the UK. This is a summary of links you may find useful that pertain to your website.

If you own a website and gather personal data, you should register as a data controller here. For limited companies under 250 employees, it’s just £35+vat per year. 

• Guide to GDPR Intro
• Key definitions
• Principles of GDPR
• Consent – Grounds for getting personal data
• Contracts – Working with personal data
• Legal Obligation – What are obliged to do
• Legitimate Interest – Why a data controller would be processing personal information
• Right of access – A data subject’s (your customer) right to their information
• Right to erasure – Also known as the right to be forgotten
• Data protection by design
• Security
• International transfers of information
• Personal data breaches
• GDPR and children

In the News

BBC News overview on GDPR
20 April 2018

Google putting self-destruct timers on emails in Google Mail
25 April 2018

GDPR content at The Guardian

Company Advice

Suzanne Dibble on GDPR – Suzanne is a lawyer and an expert in GDPR

7 things to do if you’re a data processor

Website Advice

Willows Consulting article on GDPR for eCommerce 

Complete WordPress GDPR guide from CodeInWP [Updated 2021]

For individuals

Individual rights under GDPR

WooCommerce 

How Automattic are tackling GDPR in WooCommerce Core

Major suppliers’ statements on GDPR

Amazon Web Services

Dropbox Guidance Centre | Updated terms info

Facebook Business on GDPR

Google Privacy & GDPR | Google Analytics data retention settings

MailChimp GDPR Tools | GDPR-friendly pop-up forms

Microsoft 365

Plugins & Tools

These are not endorsements of any particular plugin and no plugins can provide GDPR compliance as it’s a much deeper issue. Always look at plugin reviews on wordpress.org before installing a plugin and check when it was last updated. To get the promoted features of a plugin, you may need to pay for the premium version.

Delete Me WordPress plugin review at WPTavern

Cookiebot – detailed consent plugin | Cookiebot pricing

• Free on less than 100 pages
• £8/domain/month less than 500 pages
• the responsibility of data controller (site owner) to sign up

WP-GDPR

WP-GDPR plugin – This may be replaced by what Automattic are doing with WordPress Core 

Tools

Free Cookie Audit Tool from Attacat

Sets a Google Chrome extension. The site recommends you use Google Chrome Canary as a separate browser otherwise it can clear all the rest of the cookies in your browser, which is an issue if you want to retain them for easy login to other sites.

Podcasts

GDPR for Websites – by Agency Trailblazer

Creative Commons on this post only – no credit is needed to share this information with your organisation or to your customers. Sharing the content is for the greater good.

The following image is not under Creative Commons

Infographic Source/