Ultimate GDPR – get user consent logs - createIT

Get a free advice now!

    Pick the topic

    Developer OutsourcingWeb developingApp developingDigital MarketingeCommerce systemseEntertainment systems

    Thank you for your message. It has been sent.

    Tags

    Ultimate GDPR – get user consent logs

    Ultimate GDPR – get user consent logs

    Challenge: how to comply with article 7 of GDPR

    Solution: store consents of users and add an option to export them

    GDPR EU (General Data Protection) is a regulation on data protection and privacy in the European Union. In this article, we’re going to focus on Art. 7 GDPR: Conditions for consent. How to comply with privacy regulation when using WordPress CMS on your site? There are multiple plugins for this, the subject of this article will be the Ultimate GDPR & CCPA plugin -> https://www.createit.com/gdpr/

    In Article 7(1), GDPR clearly outlines the explicit obligation of the controller to demonstrate a data subject’s consent. The burden of proof will be on the controller, according to Article 7(1).

    Recital 42 states: “Where processing is based on the data subject’s consent, the controller should be able to demonstrate that the data subject has given consent to the processing operation.”

    How to understand it in plain language? A WordPress administrator / website owner, needs to have the ability to provide logs that include user consents. The WP plugin will store users’ consents. Possible use-cases:

    • Cookie Consent (clicking “I agree” on the cookie bar)
    • Privacy Policy Consent (checking privacy checkbox on registration)
    • Terms and Conditions Consent (agreeing with terms policy by checking the checkbox)
    • Services Consent Checkboxes (consent that is freely given, specific, informed, and unambiguous)

    Here is an example consent log of a user that accepted cookie settings by clicking “Accept cookies”. The record includes consent_time and consent_level . The user id and email are stored for a logged-in WordPress user.

    id: 2
    type: ct-ultimate-gdpr-cookie
    user_id: 2
    email: [email protected]
    user_ip: 
    user_agent: 
    time: 1654774775
    data: {"consent_declined":false,"consent_expire_time":1686310775,"consent_level":5,"consent_time":1654774775,"consent_id":2}
    
    white text and buttons over black background

    Save IP address or User Agent

    In addition, you might want to store the IP address and User Agent value for users of your website. This is doable as well. The Ultimate GDPR plugin includes this as an additional option. Let’s see usage examples:

    Black text over white background with buttons and empty boxes to write text
    Notepad window with code
    Notepad window with code

    A logged WordPress Administrator has the option to download all consents that are stored in the database. The button for the download can be found in specific sections of the plugin. See the screenshots below:

    WordPress cookie consent options
    WordPress Privacy Policy options
    WordPress dashboard services tab
    WordPress dashboard Terms and Conditions options

    Individual user consents

    Here is article 7 (point 1) of the GDPR regulation:

    “Where processing is based on consent, the controller shall be able to demonstrate that the data subject has consented to processing of his or her personal data.”

    To meet GDPR requirements, we would like to have the option to:

    • be able to export consents for an individual user
    • allow data access (user can ask to see what data we’re storing)
    • preview the consent log data
    • send a summary with the stored data for the user’s email address

    All those options are available to use. The instruction is attached below:

    WordPress dashboard Ultimate GDPR & CCPA options
    WordPress dashboard Ultimate GDPR & CCPA options with code fragments
    Screen divided into several windows with code

    Since 2018, when GDPR was introduced in Europe, the cookie bar has been the default element of every website. Website owners inform visitors about the used cookies and private data required for providing particular services. Sometimes we witness dark patterns that force user consent or mislead website visitors. To comply with the GDPR regulation, remember about:

    • not using checked by default opt-in checkboxes
    • naming your company in content terms
    • telling users about their right to withdraw consent
    • storing records of user consent
    • making sure processed user data is necessary for the service

    Right to be forgotten

    Another important GDPR article, popularly called: ‘the right to be forgotten’ is defined as Art. 17 GDPR – Right to erasure:

    The data subject shall have the right to obtain from the controller the erasure of personal data concerning him or her without undue delay and the controller shall have the obligation to erase personal data without undue delay(..)

    We can easily meet this requirement by adding the Ultimate GDPR shortcode:

    to the page. The “Forget me” form will display as one of the tabs in the GDPR My Account page.

    Data removal form with black text over white background, checkboxes and a submit button

    The important features for a website that wants to comply with GDPR law are: personal data access, requests for data access or deletion, policy consent, cookie consent, services consent, data breach notification, pseudonymization and data portability. Other nice to have features include: privacy center, cookie scanner and integration with popular WordPress plugins.

    The Ultimate GDPR plugin for WordPress provides an easy to manage panel to set up all of the above features. The settings can be customized to suit your business needs. This GDPR Compliance Toolkit can be used with default options to support typical use cases or be heavily customized by applying Wp-admin Dashboard Settings. More info: https://www.createit.com/gdpr/

    That’s it for today’s tutorial. Be sure to follow us for other useful tips and guidelines and don’t forget to subscribe to our newsletter.

    WordPress dashboard Ultimate GDPR & CCPA options panel

    Disclaimer

    Disclaimer: We are not lawyers and this item cannot replace lawyer’s advice. We have tried to make it as accurate as possible to handle GDPR requirements, but if you need a definitive legal advice for your business, you have to hire an attorney.

    Comments
    0 response

    Add comment

    Your email address will not be published. Required fields are marked *

    Popular news

    How to Get and Use the ChatGPT API
    • Dev Tips and Tricks

    How to Get and Use the ChatGPT API

    April 25, 2024 by createIT
    eCommerce growth – is your business ready?
    • Services
    • Trends

    eCommerce growth – is your business ready?

    April 8, 2024 by createIT
    Digital marketing without third-party cookies – new rules
    • Technology
    • Trends

    Digital marketing without third-party cookies – new rules

    February 21, 2024 by createIT
    eCommerce healthcheck
    • Services
    • Trends

    eCommerce healthcheck

    January 24, 2024 by createIT
    Live Visitor Count in WooCommerce with SSE
    • Dev Tips and Tricks

    Live Visitor Count in WooCommerce with SSE

    December 12, 2023 by createIT
    Calculate shipping costs programmatically in WooCommerce
    • Dev Tips and Tricks

    Calculate shipping costs programmatically in WooCommerce

    December 11, 2023 by createIT
    Designing a cookie consent modal certified by TCF IAB
    • Dev Tips and Tricks

    Designing a cookie consent modal certified by TCF IAB

    December 7, 2023 by createIT

    Support – Tips and Tricks
    All tips in one place, and the database keeps growing. Stay up to date and optimize your work!

    Contact us