This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.
Helpful GDPR Resources
This post is to act as a store for lots of helpful GDPR resources and links that we keep referring back to. We’ll add to this post over time rather than writing new articles.
Information Commissioner’s Office / ICO
Everything about GDPR should start with the source of the oversight in the UK. This is a summary of links you may find useful that pertain to your website.
If you own a website and gather personal data, you should register as a data controller here. For limited companies under 250 employees, it’s just £35+vat per year.
- Guide to GDPR Intro
- Key definitions
- Principles of GDPR
- Consent – Grounds for getting personal data
- Contracts – Working with personal data
- Legal Obligation – What are obliged to do
- Legitimate Interest – Why a data controller would be processing personal information
- Right of access – A data subject’s (your customer) right to their information
- Right to erasure – Also known as the right to be forgotten
- Data protection by design
- Security
- International transfers of information
- Personal data breaches
- GDPR and children
In the News
BBC News overview on GDPR
20 April 2018
Google putting self-destruct timers on emails in Google Mail
25 April 2018
Company Advice
Suzanne Dibble on GDPR – Suzanne is a lawyer and an expert in GDPR
7 things to do if you’re a data processor
Website Advice
Willows Consulting article on GDPR for eCommerce
Complete WordPress GDPR guide from CodeInWP
For individuals
WooCommerce
How Automattic are tackling GDPR in WooCommerce Core
Major suppliers’ statements on GDPR
Dropbox Guidance Centre | Updated terms info
Google Privacy & GDPR | Google Analytics data retention settings
MailChimp GDPR Tools | GDPR-friendly pop-up forms
Plugins & Tools
These are not endorsements of any particular plugin and no plugins can provide GDPR compliance as it’s a much deeper issue. Always look at plugin reviews on wordpress.org before installing a plugin and check when it was last updated. To get the promoted features of a plugin, you may need to pay for the premium version.
Delete Me WordPress plugin review at WPTavern
Cookiebot – detailed consent plugin | Cookiebot pricing
- Free on less than 100 pages
- £8/domain/month less than 500 pages
- the responsibility of data controller (site owner) to sign up
WP-GDPR
WP-GDPR plugin – This may be replaced by what Automattic are doing with WordPress Core
Tools
Free Cookie Audit Tool from Attacat
Sets a Google Chrome extension. The site recommends you use Google Chrome Canary as a separate browser otherwise it can clear all the rest of the cookies in your browser, which is an issue if you want to retain them for easy login to other sites.
Podcasts
GDPR for Websites – by Agency Trailblazer
Creative Commons on this post only – no credit is needed to share this information with your organisation or to your customers. Sharing the content is for the greater good.
The following image is not under Creative Commons
