Wednesday, March 22, 2023

Steps I followed to make my blogs GDPR Compliant

5/22/2018 Update: I have deactivated the WP GDPR compliance plugin (Step 3) since it was throwing an error message about the checkbox. Make sure you have your privacy policy page set up and the EU cookie law banner widget enabled before the 25th of May 2018. 

The last couple of weeks I have been hearing only about GDPR. My inbox has been filled with subject lines requesting to accept this new beast from various websites. This flood of emails brought me the awareness that how many subscriptions have I signed up in the past years. It’s way too many people!

Since I have two blogs of my own, I too am required to make my sites GDPR compliant. Though it is mandatory only for the European Union if you have subscribers from the EU your website should be GDPR compliant, otherwise prepare to face the consequences. And we have time until the 25th of May 2018. That’s what I understood.

So, what is GDPR?

GDPR stands for General Data Protection Regulation and it is a new data protection law in the EU, which comes into force in May 2018.

The aim of the GDPR is to give citizens of the EU control over their personal data and change the approach of organizations across the world towards data privacy.

For instance, users must confirm that their data can be collected, there must a clear privacy policy showing what data is going to be stored, how it is going to be used, and provide the user a right to withdraw the consent to the use of personal data (consequently deleting the data), if required.

The GDPR applies to data collected about EU citizens from anywhere in the world. As a consequence, a website with any EU visitors or customers must comply with the GDPR, which means virtually all businesses that want to sell products or services to the European market.

The steps I have taken to be GDPR compliant

See, I am not a legal advisor. All these information I got from a dear blogger friend, Shailaja and from browsing the internet. I am sure Shailaja would come up with a much detailed tutorial on the whats and hows about GDPR. Below I am talking about what I did to make my sites GDPR compliant. If you have any more information please do share in the comment section.

  1. Added EU Cookie Law Banner widget –  Jetpack has this new widget which can be used for both the self-hosted blogs and the WordPress hosted blogs. I added this widget to both my blogs – this one which is self-hosted and Void Thoughts which runs on WordPress.

2. Added a Privacy Policy Page – We are supposed to display our website’s privacy policy on how what user data is collected and how we handle the data. You can see my Privacy Policy under the About section. I added this page on both my blogs depending on the type of data I’m collecting which is not much. I should mention that my privacy policy page is a work in progress.

3. Privacy Policy update for self-hosted blogs 

  • Update WordPress to version 4.9.6.
  • Under settings, there is a new tab – Privacy
  • Click on the Check out our guide link to learn more about how to write your privacy policy page.
  • On the Change your Privacy Policy page option, select your Privacy Policy page.

3. Installed WP GDPR Complaint plugin for self-hosted blogs – Once you do the necessary settings on this plugin a checkbox to confirm the user permission to store and handle the data will be displayed.

  • Click on the settings of the WP GDPR compliance plugin under the installed plugins tab.
  • Click on the Checklist tab on the WP GDPR compliance plugin. Below image shows my settings. Depending on the data you handle choose yes or no. 
  • Click on the Settings tab and link your Privacy Policy page and check the Activate page checkbox. 
  • Click on the Integration tab and choose Enable and Activate form wherever applicable and save changes. 

Note: I haven’t disabled the jetpack comment form as I prefer to use WordPress comment system. I am hoping that the addition of Privacy Policy page takes care of the GDPR compliance of WordPress comment system. It is your call to make.

So, these are the steps that I have taken to make my blogs GDPR compliant. Special thanks to Shailaja for all the timely help. 🙂

I am still learning this new scene. There might be things which I missed in this post. If you have any suggestions or additional information please do share with me in the comment section. I won’t misuse your data, you saw my privacy policy. 😉


An IT Professional, an author, an accidental blogger, a lover of words and a recent self-care addict. I love stringing words together, which I lovingly call a poem. You can read my affair with words at Void Thoughts( and Reflections..(

17 thoughts on “Steps I followed to make my blogs GDPR Compliant

  1. This GDPR thing is a pain… we are having such a issue wigh it.. with 25th may fast approaching.

    It would be interesting to see the first case that goes to court..

  2. Thanks for this post. I have been reading up but still find it complicated. Plus I have not been able to send a mail to my subscribers about it so….all the more mess.
    Hopefully will solve it with your post now.

  3. Great post, Vinitha. I love the step by step process you have shared. Very helpful! I just completed the basics of GDPR compliance for both my blogs. Phew!

  4. This is so helpful! Thank you for breaking it down into east to underest and & follow steps! I have followed everything you mentioned !!
    Big Thanks to Natasha from for helping me out by sharing this article.

  5. Thank you Vinitha! This was really helpful. I used your post as a step by step guide and got things done 🙂
    So wonderful of you to share this with us.

  6. Thank you for this easy to follow post – It hemped me out immensely when I was struggling with getting it done for my blog! 🙂

What do you think? Please share! :)

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Back To Top
%d bloggers like this: