With the introduction of GDPR in Europe in May 2018, the issue of cookie consent, user data and privacy became a major topic of discussion among people who make money online through websites and blogs. What steps do these people need to take to make sure they are compliant with this?
The GDPR legislation was in reality aimed more at larger companies who collect a lot of user data rather than bloggers and niche site owners. However, the law technically still applies to anyone whose website collects any user data and so it is still a good idea to take some steps to make sure your site complies with this legislation.
GDPR technically applies to any websites which collect data from users in Europe, which in reality is going to include all websites, whether they are based in Europe or not. However, it is easy to get your site GDPR compliant by taking a few simple steps and using a free WordPress plugin to show the relevant popups to any new visitor to your site.
Using the Cookie Consent Plugin by Termly
There are several good plugins we can use to do this, but in this article we will focus on using the GDPR Cookie Consent Banner by Termly. This is a free, fantastically simple and easy to use plugin with which you can very quickly have a cookie consent popup working on your WordPress website.
The menus are simple and easy to navigate, with only 3 major tabs in the plugin interface. It is perfect for users who just want to “set and forget” their cookie consent option, getting it done in a few minutes and getting on with building their website.
It is simply a matter of installling and activating the plugin and navigating through the three main options tabs, configuring the self explanatory settings as needed and Saving them to activate the popup on their site.
Here are the general setup steps:
- Head to Plugins….Add New and install and activate the GDPR Cookie Consent Banner by Termly
- A new Cookie Consent option will now appear in your Settings Tab.
- There are 3 main settings tabs within your Cookie Consent option – General, Content and Style. Simply navigate through each of these, setting the options as you want them
- General Settings – The top two settings here are the most important; the rest can usually be left as they are for most users.
- Close – set when the popup closes – when clicked, when scrolled, or after a certain time. I prefer on scroll since the user can just browse as normal and the popup will disappear.
- First Page Only – It can be a good idea to tick this box, since it makes sure the cookie consent only pops up the first time a unique user visits your site and does not keep popping up on every page they go to.
- You can also selectively exclude certain pages, posts, and visitors from certain regions from displaying or seeing the popup. Save settings when done.
- Content Settings – set up what the cookie popup actually says and where it links off to.
- More Info Target – Set whether the link to the more info page opens in the same window or a new tab. Save settings when done.
- Style Settings – What the cookie popup actually looks like. Often better to leave most of these as they are. Here are some useful options:
- Position – Set where the popup appears – top, bottom, or in corners as a box.
- Use X Close – Use an “X” cross to close popup instead of an “OK” or something else.
- Colors – Set the colors of the popup, text, links and buttons.
Once you have set all these options as you want them, save them and visit your site to see how the cookie popup looks. You should now have a GDPR compliant cookie consent feature on your WordPress website!
A More Advanced Solution
If you are wanting a paid solution which offers a more complete and legally rigorous GDPR compliant cookie consent solution, then the Iubenda service is another option worth considering. This offers the possibility to have legally watertight privacy and cookies drawn up by a qualified legal professional, as well as creating the standard cookie consent banners or popups.
See the excellent video below from Alex at WP Eagle for a guide to using the Iubenda service. The more advanced features do incur an annual fee for each site but offer a more rigorous form of compliance that may be useful for larger sites.
A guide on how to set up the plugin is also contained in the video above. Here are the steps:
- Sign up for the free Iubenda service on their website.
- Login to your account and adjust your settings accordingly of how you want the plugin to look where you want it to appear on the page.
- Once you have the settings as you like them, click the Plugin option and the site will generate some code you need copy to paste into the plugin on your website.
- Login to your WordPress website, and install and activate the free Iubenda plugin under Plugins….Add New.
- Paste the code you got from the website into the plugin. It will generate the cookie popup as you specified it on your site.
- Save settings, exit, and test that the cookie popup now works on your site.
Cookie Consent is Important for GDPR
As we mentioned at the top, cookie consent is important for GDPR purposes, since cookies are classed as user data and therefore if you are collecting cookies, you need to have a policy that explains what you do with this data.
Aggregate user data is also important for things like Google Analytics, to see where your users are coming from, what pages they are visiting, how long they are staying on the site and what devices they are using, and so on.
This helps site owners see what content is doing well, which markets are most important for them and more. But bloggers and niche site owners generally have no interest in collecting and selling individual personal data on users. They just need to see the broad trends and aggregate data to see how their site is doing and optimize it accordingly.
For this reason, getting your site GDPR compliant is more a tick box exercise for smaller site owners, and you don’t need to spend too much time worrying about it. GDPR is aimed primarily at the bigger companies like Facebook who do have an interest in people’s personal data, and have come under fire for the not entirely transparent way they have collected and used user data in the past.