A few questions to help get started

Hi @ecologic,
Thank you for your interest in our plugin.

I’ll do my best to answer your questions.

1 – This should never happen. If this is happening, a script error occurred. Can you turn wp_debug and wp_debug_log and try again? Then check the debug.log file that gets created in the wp-content folder and let me know what the error is?

2 – I haven’t styled any of those forms so they would pick up the theme styling. You can style them using your theme CSS.

3 – The emails can be overwritten by creating a folder on your theme called gdpr/email/. Navigate to plugins/gdpr/templates/email/ and copy all files there to the folder you created. You can now start editing the file contents. Just keep in mind that some of the content there is essential, like links and so on.

4 – Take a look at our documentation. I explained there how to use it. Let me know if you still have questions on this so I can improve the documentation.

5 – It’s not an iframe, just a div on top of everything. That is only supposed to show when a user logs in and doesn’t have the privacy-policy consent saved in their database record. New users who register should have this already. If you are using a custom form, you can also check the documentation on how to display the consent checkboxes and how to save those to a user.

6 – Not sure if I understood, but the way it is supposed to be is when a user first lands on your site, nothing should run ( for this you need to wrap your blocks of code in our helper functions. Check the documentation for examples ) and only after they opt-in these features start working.

Let me know if the documentation doesn’t solve most of your issues and questions.

Thank you!

I’m going to be diving deeper into your answers shortly. I will turn on debugging and reply shortly.

I have another question. I notice that you are storing the GDPR info in the user-meta table. I’d like to setup zapier to fire triggers when rows in a MySQL Database>Table are modified, specifically, if a user requests to download their data or close their account. Is there any data that you store in user-meta table that I can use to detect those two cases?

Again, a HUGE THANK YOU for this plugin. I hope everyone is feverishly donating to you!! I will ASAP.

Arg,

I added both:
`define(‘WP_DEBUG’, true);
define(‘WP_DEBUG_LOG’, true);’ to wp-config but no debug log ever appears in /wp-content/

Is it possible other plugins prevent the debug log from being written?

Hmm. I never considered Zapier when building this. But if a notification is what you need, there is a pull request happening on our Github repository that is adding a notification when someone places a request. And there is also a future update where you will be able to block users from automatically deleting themselves from the site so you can review and remove them from third-party services. When someone requests something I add a key to their user meta. When they confirm that key is removed. Keep in mind that after 48 hours, this key will be deleted so the user not necessarily confirmed the request.

Another thing you could do is look into the options table. I add requests there and change the request status to confirmed when needed.

Hmm… That’s weird. Any chance you can give me access to your environment so I can try and debug? If possible, send the information to [email protected] and I’ll try to find out what is going on.

Some clarification if you can.

I followed the instructions to identify and categorize my cookies. I then added those cookie categories and entered which cookies fall under each category. Let’s say I created 3 categories, one is strictly necessary, analytics and user experience.

1) What does that toggle “Always Active” do?
2) Does the plugin automatically give the visitor the option to disable the cookie categories I’ve now created or do I have to build a form that updates that information? Not entirely clear here.
3) Do you have a recommended workflow for correctly and completely implementing the plugin? By that I mean, it’s unclear to me (after installing and activating the plugin) the set of tasks that are required to implement the full functionality in the plugin and determine if it is working as it should be.
4) Not really clear how to correctly implement consent management. If you have a contact form on your contact page (and that’s the only place where name/email are collected), does the plugin ask the visitor to consent when they hit anywhere on your site or just the contact page? And if I understood the documentation, it says that we’re supposed to remove the contact form entirely if they don’t consent?

I understand you’re super busy and helping others, so I’m grateful for whatever time you can spare to help me understand this process.

Cheers,

1) The always active is an indicator that those cookies need to be set for the site to work. So when they save their privacy preferences for the first time, they will not have the option to uncheck those.

2) There is the privacy preferences center. You can access this from the privacy bar that appears when you land on the site (if you filled out the settings with the text and so on) and there is also a function and shortcode that creates a button that opens this preference center. You can check available functions and shortcodes here: https://gdpr-wp.com/knowledge-base/functions-shortcodes/

3) I should probably add this to the documentation as a step by step guide. Here goes a simplified step by step:

1. Navigate to the plugin settings page.
2. Pick your privacy policy page and save.
3. Create your consent types.
4. Figure out which cookies your site is using and register them at the plugin settings (click here for help with this)
5. Find where your cookies are set and wrap the code that creates them with our helper function is_allowed_cookie( 'cookie_name' ). Read more on available functions.
6. Find where on your page you need a specific consent and wrap the code with our helper function has_consent( 'consent_id' ). Read more on available functions.
7. Write your privacy policy on the page you selected before and add the different types of request forms. You can find shortcodes for those here

I guess this is it. After this is just a matter of using the tools available on the dashboard to fulfil your users requests.

4) You can modify your form to include a consent checkbox there. You can also block form submission if that checkbox isn’t checked. Meaning that the only way to send an email is by giving consent. Just make sure the text for this checkbox explains why you ask for their name and that you will receive that information via email, which goes through an email server and so on. Not going to get deep into the law here because that is not my place. Just make sure everything is clear. You don’t have to hide your form, you can have this checkbox there or you can via PHP or javascript hide/show whatever you feel like and replace with a message and possibly the button for the privacy preference center. You have many options. It’s up to you to decide how you want your website flow to be and apply it.

I really don’t mind help you guys out with these questions. I understand this is all very new and confusing.

Let me know if you need further assistance and I’ll be happy to help.

Your input is important for me to know what I should write in our documentation.

Amazing! Thank you.

In terms of setting consent types, I’m still unclear what the intention is. Are these the different legal consent types or more like
– consent to submit name/email for contact forms
– consent to submit name/email for lead magnet
– consent to submit shipping address for online sale
– consent to submit project details for a proposal/estimate
– consent to share name/email with webinar host
– concent to store and share Email with Mailchimp for Newsletters
– consent to store name/email with chatbot to improve user experience?

What happens in the case where I use a service like LeadPages.net to capture leads? LeadPages is the controller and processor. But then I use zapier to push that information to my CRM to follow-up. What kind of consent is that? And where do I put that consent notification?

Thank you heaps for your help and guidance!

Consent is everything you need from your user and you feel like they should have the option to not give the information to you. Ideally, everything besides your privacy policy would be optional.

So for instance, tracking my site with google analytics. Then the user will consent or not.

For simple contact forms, you can simply add a checkbox with explanatory text of why you are collecting that data and what you are going to do with it. That checkbox locks the submit button so the only way to move forward is giving consent.

I can’t help you regarding the LeadPages.net situation. You should look for legal counsel on how to handle your own needs. The plugin is a helper tool to get you there easier.

Thank you! I’m so sorry, I’m a little thick…

… that doesn’t answer my general question with how I should use the plugin’s consent management section.

There are 4 fields: name, required, description, message.

Currently, the user is required to consent to the Privacy Policy. I get that.
You’re also saying that I should handle form-level consent at the form. You also said that google analytics should be consented to, but I thought that was handled in the cookies section?

So, I’m not understanding how to use this section appropriately. If the point is to track consent, then my intuition says that form-level consent should be on this section somehow. If you could provide a couple of examples that demonstrate how you would use the section for a realistic client, it would be very helpful.

Thank you!

Think of it this way,

Consent is the high-level permission and cookies is the low-level permission.
I can give you my consent to track how I use the site by agreeing to an Analytics consent. But at the same time, I do not agree to have GA set their cookie on my computer. That way I am giving you my consent for tracking but not allowing GA in particular, while other possible tracking systems will be free to use.

You can set form submission consent to be stored by this component too if you’d like. That way, if consent is not given, you can display a message asking for it with the button that opens the privacy preference options.

What I’m trying to say is that there are multiple ways of dealing with consent and forms. If you choose to add a checkbox to the form, fine, it will block the form from submitting. If you choose to register the consent for form submission where you explain that you will capture email, name, etc and you display a nice message asking for consent before displaying the form, that’s also great. Probably the recommended way of handling this.

But again, I’m not a lawyer, you should seek legal counsel. Having a checkbox on the form might not be enough and you should really register the consent on the plugin.