What Is GDPR Exactly?
The General Data Protection Regulation (GDPR) is Europe’s new framework for data protection laws, replacing the 1995 data protection directive. EU legislation says that is designed to harmonise data privacy laws across Europe and that its main purpose is to give greater protection and rights to individuals. After publication of GDPR in May 2016, it will come into force on May 25, 2018.
In a nutshell, GDPR protects user data in just about every conceivable way. Both personal data and sensitive personal data are covered. Sensitive personal data is easier to describe, as the usual suspects like genetic data, information about political views, sexual orientation, religion etc, belong to that category. Personal data, more or less, means any information that can be used to identify a person, starting with name and address and can also include email and IP addresses.
Who Is Affected By GDPR?
In short, every company, organization and individual that are processing or controlling datasets of their customers or website visitors will be covered by GDPR. It will affect any business that does have customers who reside in the EU.
What Does GDPR Entail?
In order to be GDPR-compliant companies must handle customer data with the utmost care and attention. However, that alone is not enough, and customers have to be provided with tools to control, edit and also delete any information pertaining to them. Furthermore, any data that is handled has to be protected, meaning that anonymization and encryption are two important aspects that come into play. Another very important factor is that customers have to be asked for their consent explicitly, before their data is collected and processed.
Further Reading
Responsibility Of Compliance For Websites
It’s important to note that it is the responsibility of every company or website owner to prepare their sites for GDPR compliance. It is not the duty of any framework used to create and manage a websites compliance, solely. In almost all cases a lot of manual fine tuning will be needed. Generally speaking, that means there is no use in asking “Is WordPress GDPR compliant?” or “Is Avada GDPR compliant?”. For example, Avada itself will never be violating the GDPR criteria as it does not collect any data. It is a powerful tool to create websites, and the end users website is what will collect data and the data collected will be different for every usecase.
Does that mean that WordPress and Avada users are left alone in their fight for compliancy? No, not at all!
WordPress And Its GDPR tools
An article about GDPR Compliance Tools in WordPress was posted on WordPress.org shedding light on the new privacy features that WordPress has added to its latest release 4.9.6, which shipped on May 17, 2018.
The main features are new areas for handling data export and erasure requests, a new privacy policy page and also a consent checkbox for the comments form.
Avada 5.5.2 And Its New Intuitive GDPR Tools
On top of the new WordPress features, ThemeFusion decided that we wanted to give our userbase even more possibilities to get their sites GDPR compliant. In the following we want to present you the main new features in Avada 5.5.2
Google Fonts
When you are using Google fonts that usually mean retrieving the font files from their API, which includes sending the IP addresses of your users (which are considered to be private data) to Google. You might find that circumstance worrisome, but at the same time you don’t want to do without the nice typography options Google fonts offer. Avada to the aid. We have added a new Theme Option that easily allows you to decide whether Google fonts should retrieved via the Google fonts API, or if they should be hosted locally on your server. View the new Theme Option below.
User Control Over Third Party Embeds
Avada 5.5.2 offers a variety of elements and widgets that help you to utilize third party content, like YouTube and Vimeo videos, Google Maps, Facebook and Twitter timeline, Flickr images, SoundCloud files etc. While all of these third party services enrich your websites, they also do collect data about your users. IP addresses, location data or user activity tracking, to name a few. Under the GDPR it is necessary to ask visitors for their explicit consent if data should be passed along to third parties. While that is generally not possible to achieve with embeds, on the other hand, similar to Google fonts, you don’t want to lose these services on your site.
Our development team has come up with a very nice and easy to use solution. We added a new Theme Option to prevent embeds from loading until user consent is granted. For any of the third party services, which you can freely choose from, you add to the consent list, the embeds will stop to be loaded on page load. Instead your users will see a placeholder graphic, with custom text on it and a button to accept this third party service. The background color and text color for that placeholder can be set in Theme Options.
We have also added a Fusion Builder privacy element, that you can easily add to your privacy policy page, or wherever it fits best for your site. It will display checkboxes for all services you chose, and will show to each of your users which of the services they have consented to and which not. They can also easily update their consents within that element.
The whole setup is cookie driven, and thus we also added an option, so that you can set a custom expiration date for that cookie. Once it is expired your users will have to set their consents newly according to their preferences. Check out the images below of these third party embed tools and settings.
Contact Form Consent CheckBox
In Avada 5.5.2 we have also added a new option to display a consent checkbox on the contact form page. The label can be easily customized in Theme Options to reflect your needs which you can view below.
Custom Message On Registration Element
In previous versions, we used the default WordPress note before the submit button on the user registration element in Fusion Builder. In Avada 5.5.2, to give you full freedom of choice, and added a new setting to show custom text before the submit if you want to inform a new user about GDPR compliance. View the new custom registration notice message field for the user registration element below.
Other Awesome Features in Avada 5.5.2
For Avada 5.5.2 we did focus a lot on GDPR, but we also wanted to give you some other nice features to work with, to make your work flow even easier. Here are some of the coolest ones:
And don’t forget to check out our last major update Avada 5.5 packed full of new features and improvements.
The whole team here at ThemeFusion wishes you all the best for your GDPR preparations, and we will keep working on other great new features for you, so always stay tuned for the next Avada update.
The text “For privacy reasons Google Maps needs your permission to be loaded. For more details, please see our …” is not translateable.
Sorry for the inconvenience, we’ll release a patch for this today.
Where do I translate (WPML): “For privacy reasons Facebook needs your permission to be loaded. For more details, please see our . I ACCEPT” etc.?
Sorry for the inconvenience, we’ll release a patch for this today.
Hi, I believe that this is what i’m looking for – so when someone clicks on the social media icons on the top menu, a privacy/permission statement is shown. This is not working though and goes straight through to the Social Media platform. I’ve turned it on under Privacy.
I am afraid that this is not what the embed privacy tool is for.
Can somebody tell me, where I can change the text for the Third Party Embeds? Didn’t find it in the new privacy section.
Need this for a plugin in the sidebar. Thanks
Thanks, I updated the patch, but now the first part:”For privacy reasons %s needs your permission to be loaded.” is now translateable.
BUT the second part: ” For more details, please see our %s.” is still not translateable.
Tell me if I am wrong, but I think its still missing
Hi, you are right. There is a separate problem with that string. I will update with a new patch for both. Alternatively if you want more control over the content you may want to consider a filter. For example – https://gist.github.com/mikka23/9f615f5304736a9319968e2bc4658824
Same issue here. Just make it translateable please! Thank you!
How can i translate that string? “For privacy reasons Facebook needs your permission to be loaded. For more details, please see our . I ACCEPT”
Thank you
Sorry for the inconvenience, a patch for this issue has been released today.
Hello, thanks for your fast answers! I really apreciate.
I found other strings not translated. For example the whole Lost password Texts are not translateable.
Cheers
If you notice other strings please provide specific examples. Where is the lost password string you are referring to? If you are referring to Lost password? in the user login element then that is translatable from the Fusion Builder language files.
I got the patch, but its still not translateable. I found the string translated, but it didnt came in effect on the page. The first part (sentence) is okay, but the second one just doesnt work.
Please ensure that the actual strings have been updated in whatever tool you are using. The POT and the PO will need updated. If you see any spaces at the start of the string then that means the string still hasn’t been updated from theme files.
Thanks for the great update!
I got the same problem as szeadam. The first part is translatable but the second part just doesn’t work.
Have exact the same problem, the string starts with a space. When will we get the updated po-files? Thanks!
Hi,
We have released a patch today. Please apply it to get the latest pot file with the updated strings.
Thank you 🙂
Could you show the way to the translation? Where is the string translated? In the Po I not find it 🙁 Thank you …
I found the string translated, but the second “For more details, please see our” one just doesnt work….
Hi,
Sorry for the inconvenience caused. We just have released a patch for this. Please try applying the Patch #416382.
Thank you 🙂
Thank you …but I try the patch and it does not work 🙁 …I translated in the po without 🙁
Same for me … #416382 applied, but still missing translation for “For more details, please see our “…
See here; https://www.sus-sehnde-badminton.de/training/
After applying the patch you need to update the language files. If you see spaces at the start of the string that means the string is still old. To update language files please check here https://theme-fusion.com/documentation/avada/translations/translating-theme/
Thank you Michael, now it works fine for me 😉
Thank you Michael, now it works for me too 🙂
Is it possible to add instagram as Embed Types?
Hello!
Currently these are the services we use that require embeds: https://d.pr/i/W3oz1c … when we do add Instagram integration (most likely via a widget) we’ll make sure to add it as an embed also.
Thanks!
To add, you can also add extra embed types from a child theme using a filter. Example code https://gist.github.com/mikka23/4a44d5851849e039edfa49523a781d14
Hey guys, thanks for the update!
I turned on the option to display the consent checkbox on the contact form page, but nothing happens. Do I have to do some changes to the contact form or somewhere else?
The option for the consent checkbox is strictly for the contact page template. Please ensure the form you are referring to is actually the default contact page template form and not a form from a plugin such as Contact Form 7.
Hi there,
is there a way to add an acceptance checkbox to the Comments section?
Like the way it can be added to the contact form, but the comments are equally important.
Cheers, Ed’
sorry, but where/how can i change the text?
Hi Have updated one of my websites, however i see Convert plus is outdated (cannot update via Theme options)
The new fusion builder privacy element is missing? Or am i using it wrong, trying to add to home page.
Hello,
It would be best to open a support ticket for us here: https://theme-fusion.com/support/submit-a-ticket/ … so we can get more details and see.
The privacy element will only show in FB if you have it enabled in theme options > advanced > privacy. On that panel, enable the “Embeds Privacy” option. Then you insert the services you want embedded, and then can use the privacy element via FB.
For convert Plus, you can’t update it in Theme Options, omly on the Plugins page which is Avada > Plugins in the backend. If they just released a new update, we may not have it no our servers yet, but you should be able to install and activate it. If it says there is an update and it wont update for you there, then please do submit a ticket so we can check.
Thanks!
Hi Everyone,
The best way to get help for your questions is to submit a ticket here: https://theme-fusion.com/support/submit-a-ticket/ … that will ensure we get all the details we need, plus give you faster service.
Thanks!
Hello everybody,
I use the current Avada version and set the Google Fonts Mode to Local. Nevertheless,
I am shown that the fonts are loaded via google!
Can someone help me?
Hi, for help please create a ticket via the submit a ticket form. If you do not have active support then you can also post on the community forum. Note, the fonts you are seeing will almost certainly be coming from somewhere else. Remember to check your plugins and any embedded content (for example Google Maps).
Hello everybody,
I love your theme and the GDRP-Settings, but I have a small issue. I maintain a multilanguage page, with german, englisch and french translations.
At the german translation the Consent works great: https://www.kunstaugen.com/saarbruecken/
but on the english or french pages the map is shown directly without the question:
https://www.kunstaugen.com/en/saarbrucken/ or https://www.kunstaugen.com/fr/sarrebruck/
Any idea what I can do?
Best regards
Eldodino
Have you enabled the privacy mode in the Theme Options for each language (remember the TOs are separate for each)? If you have and there is still a problem, please create a ticket via the submit a ticket page. We will need details in order to check it out.