13 Genius Privacy Plugins to Make WordPress GDPR Safe
13 Genius Privacy Plugins to Make WordPress GDPR Safe
Privacy Plugins
Privacy Plugins
The GDPR cannot be solved with one or more WordPress plugins.
Just as little as marital problems or climate change. 🤷♂️
However, plugins can help you to implement one or more aspects of the applicable data protection regulations. And save you massive amounts of time making WordPress GDPR-safe.
In this article I will introduce you to 13 ingenious plugins for different setups and purposes.
Before I go into detail, a word of warning. As with many things, the same applies to WordPress plugins:
The less the better .
Please do not blindly install all the plugins that are in the list here. And think twice if you really need a plugin or not. 😉
This blog post is not legal advice! As a blogger and WordPress expert, I have dealt intensively with applicable data protection law, but I am not a lawyer. Therefore, I cannot assume any liability for the completeness, topicality and correctness of the content provided by me.
Table of contents
1. Real cookie banners
2. OMGF Pro
3. Borlabs Cookie
4. Disable emoji
5. Disable comments
6.Clearfy
7. Autooptimize
8. GDPR Patron
9. Antispam Bee
10. Shariff wrappers
11. Delete Me
12. smart user slug hider
13. Really Simple SSL
FAQ
1. Real cookie banners
Price: Freemium
Active installs: 50,000+
Rating: 5 stars
Your website sets cookies that serve marketing purposes and are not technically necessary, such as Facebook Pixel or Google AdSense? Or does third-party connections?
Then you need a cookie plugin to obtain active consent from your visitors!
The currently best cookie plugin for WordPress and cookie costing tool is Real Cookie Banner.
It not only offers a slightly larger range of functions than the top dog, Borlabs Cookie, but can also be configured more quickly, has a nicer interface and convinces with attention to detail.
One of the biggest selling points of Real Cookie Banner is its huge selection of cookie templates. It currently offers 110 templates, probably covering 80-90% of all services used on WordPress websites.
This saves a lot of setup work, because you have to enter far fewer details about your cookies or services yourself.
Since version 2.6 , Real Cookie Banner even offers a scanner that scans every subpage on your WordPress site for services that may require an opt-in.
2. OMGF Pro
Price (for one website): €19 per year
Active installs: 100,000+
Rating: 4.7 stars
If you have integrated Google Fonts by default, i.e. via Google servers, data such as the IP address or the browser used by your visitors is sometimes transmitted to Google.
This can pose a legal risk under the GDPR. Since a judgment by the LG Munich in January 2022, the use of Google Fonts has also been actively and en masse warned.
By far the easiest and fastest option for embedding Google Fonts locally is the small but ingenious WordPress plugin OMGF Pro .
It not only finds all Google Fonts on your website and loads them from your own server, but also removes all instances that are loaded from Google servers. 💪
The plugin is very easy to use. After installation, you just have to click on "Save & Optimize" in the settings and in a few seconds all Google Fonts will be recognized and loaded locally:
Is called:
It does all the steps for you (while still offering various advanced options).
Note: There is also a free version of OMGF . However, I advise against it, since it only comes with a slimmed-down font scanner. In contrast to OMGF Pro, the free version does not find any Google fonts that are reloaded via JavaScript, for example. In addition, some important functions are missing, such as setting a fallback font.
3. Borlabs Cookie
Price (for one website): €39 plus VAT per year
Active installs: 160,000+
Borlabs Cookie is by far the most popular cookie plugin. According to BuiltWith, it is currently used on over 160,000 websites worldwide.
On the one hand, Borlabs cookie allows you to opt-in for various services, e.g. B. Facebook Pixel, Google Analytics, Matomo or Google AdSense into the website.
On the other hand, embedded content, e.g. B. from YouTube, Vimeo, Facebook, Instagram, Google Maps, Open Street Maps or any other service with a two-click solution. This means that a connection to the service is only established after the user has consented by clicking on a button.
4. Disable emoji
Price: free
Active installs: 70,000+
Rating: 5 stars
Disable Emojis is a small but powerful plugin that removes an emoji script from WordPress.
This is loaded from external WordPress servers and is intended to ensure that emojis are also displayed in older browsers.
In my opinion, this is not particularly problematic in terms of data protection law.
However, the script is unnecessary anyway. I had also disabled it well before GDPR to make WordPress faster .
So away with it.
Tip: If you don't want to use a plugin, you can also deactivate the script via functions.php in the child theme . Or alternatively switch it off in the settings of Autoptimize or Clearfy (see below).
5. Disable comments
Price: free
Active installs: 1+ million
Rating: 4.7 stars
Don't want your blog articles to be commented on? Or you get little to no comments?
Then it can make sense to completely disable the comment function in WordPress. This is quick and easy with the Disable Comments plugin .
This saves you the passage in the data protection declaration and the mention in the list of processing activities. And you no longer have to worry about the GDPR compliance of the comment function.
If you want to allow comments again, you can deactivate the plugin at any time.
Alternatively, you can of course deactivate the comments yourself via WordPress. To do this, go to Settings > Discussion and uncheck Allow visitors to comment on new posts. You then deactivate the comments for individual articles using a collective action.
Disable Comments has the advantage that you save these steps. And that the comment function is completely hidden under the posts (i.e. the comment Comments are closed does not appear either). In addition, Disable Comments also hides all comment features in the dashboard.
Please note that deactivating the comment function must be carefully considered. Because the comment function of WordPress can be used GDPR-compliant. And please also avoid drastic steps like deleting all existing comments. You do not have to.
6.Clearfy
Price: Freemium
Active installs: 100,000+
Rating: 4.7 stars
Clearfy is a useful plugin for anyone who wants to rid WordPress of all unnecessary ballast.
It allows disabling various features to improve privacy on WordPress, such as:
Remove Google Fonts
Remove Google Maps
Disable embeds
Remove Emoji Script
Disable gravatars
Activate the comment function completely
If you have Clearfy installed, you can save yourself from using the three plugins Disable Emojis , Disable Embeds and Disable Comments .
In addition, it offers some features to make administration easier, clean up the dashboard and make WordPress more secure.
Attention: Please note that you do not have to deactivate all listed features in order to use WordPress GDPR-compliantly. Please only use Clearfy if you know what you are doing. Because by deactivating some functions, it can happen that your design is shot up or plugins no longer work.
7. Autooptimize
Price: free
Active installs: 1+ million
Rating: 4.7 stars
Autoptimize is a great plugin to improve your loading time.
By reducing the size of Javascript and CSS files, lazy loading and other features, you can save many server requests and kilobytes.
But that's not all:
It also has two functions that are relevant to data protection: Google fonts and the emoji script can be removed under Settings > Autoptimize in the Extras tab .
8. GDPR Patron
Price (for one website): €30 per year
GDPR Patron is a well-implemented all-in-one solution for better data protection on WordPress.
Of course, it doesn’t make WordPress completely GDPR-safe. This cannot be implemented with a single plugin.
But it solves many WordPress privacy issues in one fell swoop. Problems that would normally require you to spend hours and install dozens of other plugins.
It offers the following functions:
Host Google Fonts yourself (so you save yourself the 7 steps of this guide )
The local integration of externally loaded JS and CSS files (this saves you intervention in your theme or plugins)
Remove the emoji script (this saves you the plugin Disable Emojis )
Remove Gravatar images (this saves you WP User Avatar or Avatar Privacy )
The anonymization of IP addresses for comments (so you save Remove IP or Remove Comment IPs )
A two-click solution for YouTube videos (saves you YouTube Lyte )
Personally, what I like best is that it allows local integration of Google Fonts.
The feature alone is worth the €30 per year for the plugin.
9. Antispam Bee
Price: free
Active installs: 700,000+
Rating: 4.8 stars
Anti-Spam Bee is one of the best plugins to combat comment spam.
I've been using it on many of my WordPress websites for years and can recommend it unconditionally.
By default, no personal data is stored by the plugin. And it also works great with anonymized IPs.
If you are very particular about data protection, you could also deactivate the following settings. However , according to Simon from the plugin collective, this is not strictly necessary:
Allow comments only in a specific language (only the first three words are sent to Google Translate)
Block comments from specific countries (the commenter's IP address is sent to the IP2Country service , but the trailing digits are truncated and thus anonymized)
10. Shariff wrappers
Price: free
Active installs: 70,000+
Rating: 4.9 stars
The original sharing buttons from Facebook, Twitter, Google+ and Co. are problematic:
They automatically send personal data to the social networks in the background. Without users even clicking on a share button.
The popular plugin Shariff Wrapper can help . Its share buttons only connect to social networks after they have been clicked .
They can be embedded in various places in posts, pages and custom post types. The button design can also be customized. They are also compatible with AMP and display share counts.
And it's completely free!
11. Delete Me
Price: free
Active installs: 10,000+
Rating: 5 stars
The WordPress plugin Delete Me adds a small but ingenious feature to WordPress:
A link that allows WordPress users who have registered on your site to delete their account and all related posts, pages, and optionally comments.
The integration of the link is quick and easy with the shortcode [plugin_delete_me /].
12. smart user slug hider
Price: free
Active installs: 3,000+
Rating: 4.8 stars
By default, your WordPress user names are publicly viewable via their URL.
Because for each user created in WordPress, a URL is created that contains the user name, such as .https://www.igtechh.com/author/iqrar-hussain/
The smart User Slug Hider plugin provides a remedy by replacing user names with 16-digit codes.
13. Really Simple SSL
Price: Freemium
Active installs: 5+ million
Rating: 5 stars
In general, I advise switching WordPress to HTTPS manually .
Do you want it to be fast? Or do you currently have no time to deal with the changeover?
Then use Really Simple SSL .
Apart from creating the SSL certificate, it takes care of all the setup steps, such as changing the WordPress and website address or changing all internal links.
FAQ
Here I have compiled the answers to frequently asked questions about data protection plugins:
Does every WordPress website need a privacy plugin?
Yes and no.
The GDPR cannot be solved with one or more WordPress plugins.
However, WordPress plugins can help you to implement one or more aspects of the applicable data protection regulations. And save a massive amount of time making WordPress GDPR-safe.
Are all privacy plugins free?
Except for Borlabs Cookie, all presented privacy plugins are either completely free or available as freemium versions.
What is a privacy plugin?
Privacy plugins are basically designed to make your WordPress website more privacy-friendly. This means either reducing the amount of personal data processed by your website or making its processing compliant with data protection.
Post a Comment