Sharing personal information online became normal years ago. Chances are that almost every website ranging from small businesses to high-end corporations all have access to personal data. That’s okay unless they violate the most important data-privacy law of the decade – GDPR.
Non-compliance can be disastrously expensive for companies. In fact, corporate giants like Amazon face billions of dollars’ worth of lawsuits, showing just how ruthless GDPR is, not just for EU-based businesses but also for global companies that sell products and services to EU-based citizens.
GDPR affects most websites and their developers, including your Divi website. Here’s what key factors you should always pay attention to if you want to maintain your Divi GDPR compliance.
Disclaimer: We are by no means attorneys or legal GDPR advisors. The following advice comes strictly from our experience and educated work. From a legal perspective, for implementing GDPR regulations to their full extent, please consult with a legal solicitor before starting your online business with a Divi website.
Table of Contents
- 1. Consent
- 2. Personal Data Handling
- 3. Right to Access
- 4. Third-Party Contracts
- Introducing: GDPR Cache Scripts & Styles
- Wrapping Up
1. Consent
Within GDPR, consent is defined as:
“Freely given and informed indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her”.
According to regulation’s article 7, the following conditions are critical for the consent to be valid under GDPR:
- It needs to be given freely.
- Its purpose needs to be specific.
- It needs to be unambiguous.
- It needs to be given by a clear act.
- It needs to be unmistakable.
- It needs to be openly accessible.
Keep in mind that consent is not only about what you say on your Divi website. More importantly, it’s about what you do. You should not set the cookies consent popup unless you know that users can trust in what you do for them first.
2. Personal Data Handling
As you’re aware by now, GDPR applies to any website that collects EU citizens’ personal data. This means that if you’re running a Divi website and at least one of your web visitors resides in the EU, GDPR applies to you.
If your Divi website is operating on a different continent, don’t be tempted to disregard GDPR. You could be punished for breaching the rules, regardless of your location and target market.
For instance, there’s a 2% fine from your global annual revenue for not disclosing any data breach or a 4% penalty for not asking the users for their consent when attempting to collect their data.
Every user must have the right to access his/her own information you own about them. Users should have the right to ask you to delete their accounts and any related data on your Divi website. If your data management system is not safe, you will be held responsible.
3. Right to Access
Users’ right to access their data is at the heart of GDPR. As a Divi website owner, you’re responsible for any personal data that you process on your website. Your website visitors and subscribers should have the right to obtain the following information from you:
- Confirmation if their data is being processed.
- A copy of their data being processed.
- Any additional info about them that you process.
As a data controller, you should respond to the data access request immediately and in the manner in which the request was made.
4. Third-Party Contracts
As a business, you need to implement every technical and organizational requirement to ensure that your Divi website stays GDPR compliant. You are also responsible for ensuring that each of your third-party service providers implements GDPR measures with equal force.
DPR requires businesses explicitly to use only third-party contractors that guarantee compliant data processing and privacy for the users. The following are all binding components that you need to include when making a contract with third-party services for your Divi website:
- Service: Subject, duration, and data-processing objectives.
- Elements: The type of personal data that is going to be processed.
- Responsibilities: The service provider’s rights and duties.
- Authorization: Acting according to the rights and duties.
- Confidentiality: People responsible for data processing subjecting to privacy.
- Security: Implementing appropriate data security measurements.
- Records: Maintaining proper data processing records.
- Validation: Providing valid proof to demonstrate GDPR-compliance.
Introducing: GDPR Cache Scripts & Styles
At Divimode, we take data security seriously, and now we’re thrilled to introduce our revolutionary solution – GDPR Cache Scripts & Styles. Safeguard your visitors’ privacy like never before!
Our plugin is your fortress of protection. It meticulously scans every URL enqueued through wp_enqueue_script() and wp_enqueue_style(). When an external URL is detected, the file is securely stored in your uploads-folder and served from there.
But that’s not all – it also combs through CSS files to identify external dependencies and preserves those files in your uploads-folder.
No need to worry about sluggish response times or performance hits! GDPR Cache Scripts & Styles works seamlessly without any “output buffering.” It harmoniously integrates with recommended WordPress functions, ensuring your website remains lightning-fast, no matter how vast it is.
Our plugin has been rigorously tested with leading themes and plugins, including:
- Block Editor (for embedding Google Fonts via the Customizer’s “Additional CSS”).
- Divi (find detailed configuration instructions in the plugin’s documentation).
- Elementor.
- Jetpack (especially in conjunction with performance-boosting options like “site accelerator”).
- Fonts Plugin | Google Fonts Typography.
And guess what? Most other plugins and themes play nice with GDPR Cache Scripts & Styles, too!
Ready to enhance your website’s privacy and performance? Download the plugin directly from the WordPress plugin directory. Should you encounter any hiccups along the way, please don’t hesitate to reach out. We’re dedicated to perfecting our GDPR plugin for your peace of mind!
BONUS: Curious about the journey behind creating this exceptional plugin? Dive into our story in “Can I Create That Plugin in 24 Hours?” and uncover the magic that powers our innovation.
Wrapping Up
In today’s world, data is the most valuable currency. Sure, GDPR can represent a significant challenge when conducting business through your Divi website, but it also opens new opportunities for you.
If you value people’s data and privacy, and you’re transparent about how you use their data and how your third-party service providers manage customer data. In that case, you’ll definitely build more trust and retain your loyal customers.
We urge you to devote more time and resources to understanding each aspect that affects how your Divi website stays compliant under the GDPR rules, and we hope that this article is an excellent way to get you started.
Try Divi Areas Pro today
Sounds interesting? Learn more about Divi Areas Pro and download your copy now!
Many pre-designed layouts. Automated triggers. No coding.
Click here for more details