WordPress 4.9.6+ GDPR Compliance Review

wordpress vs gdpr

WordPress 4.9.6+ GDPR Compliance Review


Since version 4.9.6 WordPress includes 4 new tools for GDPR compliance. These are the result of WordPress developers’ effort to become GDPR compliant. Many of our clients have asked whether they need anything more than the GDPR features provided by WordPress. We decided to check to what extent these changes covering the GDPR requirements. Below you will find summary of our comparative tests of WordPress core’s GDPR features and Ultimate GDPR Compliance Plugin.

Ultimate GDPR Compliance Toolkit vs. WordPress Core – Similarities and Differences

Here’s a look at the similarities and differences between the two options:

1. WordPress

WordPress has developed features to help website owners comply with GDPR. Everyone that has upgraded their WordPress to version 4.9.6 or later can take advantage of these features and they include: 

  • Privacy Policy – WordPress provides a general template for a privacy policy so you don’t have to type everything up.
  • Opt-in Checkboxes – Comments and cookies opt-in checkboxes ensure you have permission to collect and store data provided by website visitors.
  • Export Data – GDPR requires websites to provide users access to all of the personal data. This process usually involves users filling out a form to request data. The admin sends the confirmation request from a dedicated dashboard. Once the user confirms the request, the admin sends all the data in an email. The user can click on the link provided in the email to download the data.
  • Delete the Data – Users can request erasure of all the information collected. The process is similar to the data export request. Users can submit the form to request deletion. The admin must send a confirmation request. Once they have permission, they must delete data. This form and system is also provided through the WordPress platform.

WordPress covers most of the basics of GDPR so you can make your website compliant with the plugin. However, using alternative solution, you can take it a step further.

2. Ultimate GDPR Compliance Toolkit

Ultimate GDPR is one of the most comprehensive GDPR plugins available today. It can take care of all your compliance requirements. Here’s a look at its most attractive features:

  • Privacy Policy – Ultimate GDPR supports the basic privacy policy features provided by WordPress. Our plugin also provides a ‘Accept Privacy Policy’ button, which automatically registers the acceptance. You can also make acceptance a requirement. This option directs the user to the Privacy Policy page until they agree.
  • Erase Data – We provide a ‘Right to Be Forgotten’ option with our plugin. This allows users to make direct requests to erase They can do that through a dedicated form in their website. The admin can accept the request and carry out the action without any further requirements.
  • Personal Data Access – This is the same option ‘Export Personal Data’ option. Users can request their information by filling out a single form. The process is simpler and less time consuming than the process required by the WordPress “Export Data” feature.
  • Pseudonymisation – This option isn’t offered by the WordPress. Our platform allows you to encrypt all the information easily. This ensures the data is protected.
  • Services Consent – WordPress offers opt-in checkboxes for comments forms. To comply with GDPR, all forms can only collect information if they have explicit consent. A website can have several forms and Ultimate GDPR can add opt-in check boxes to all. We cover 20 such forms integrations.
  • Cookies – WordPress core doesn’t collect cookie consent, which means it is not fully compliant with GDPR. Our plugin automatically scans your website for cookies. These cookies are then grouped under different categories so users can consent to cookies they find acceptable. Our plugin informs users about cookies, gains their consent, record their consent, and inform them about changes in cookie consent.
  • Terms and Condition – This is similar to Privacy Policy. WordPress only supports Privacy Policy while our plugin supports both Terms and Conditions and Privacy Policy, also with Ultimate GDPR Compliance toolkit you can register users’ acceptance for both documents.
  • Breach Notification – This option allows admins to send out notifications to all users if there’s a breach in website security.
  • Data Rectification – Our plugin allows users to edit any data collected by the website. All the data will be updated automatically.
  • Data Portability – Users can request transferring data or downloading it at any time through the website. The information is provided in a portable, easy-to-read format.

As you can see, Ultimate GDPR Compliance toolkit provides more comprehensive assistance for your GDPR compliance. It’s still possible to make your website 100% GDPR Compliant using basic WordPress core features, however it would require additional development, especially for Cookies management, Pseudonymisation and Breach notification. If you need All-in-One solution – the Ultimate GDPR Plugin will suit you better. Once the plugin is in place, your website is ready for EU audiences.

GDPR stands for General Data Protection Regulation. It was implemented in May, 2018 and helps protect people’s privacy and control how companies process the information they collect. GDPR was implemented by the EU and affects nearly everyone across the world. If your website serves and collects data from EU citizens, you need to follow GDPR rules.

About the article Author:

Hi, we are createIT!

As a passionate group of professionals with a love for Web and mobile technologies, we have been successfully serving our clients for the past 15 years. Through these years we have continuously striven to create the best IT solutions our clients seek.

Our 70+ developer team creates cutting-edge complex B2B and B2C web systems and apps as well as delivers top-notch direct outsourcing services.

We work in multiple frameworks but we hold special feelings and are experts in PHP (Symfony, OXID, WordPress), JavaScript (React, AngularJS), Flutter and Blockchain. We do enjoy working in the scalable cloud environment like AWS.

We are located in Warsaw, Poland, in the heart of Europe. Concentrated on delivering durable web solutions of high integrity, we do not always try to be the cheapest. However, thanks to our location you will be surprised how reasonable our prices are.

Fluent in English we offer services worldwide. Among others, in countries such as the U.S.A., Great Britain, Germany, Australia, Sweden and Poland.

Need help?

  • Looking for support from experienced programmers?

  • Need to fix a bug in the code?

  • Want to customize your webste/application?


Your email address will not be published.

createIT Contact