GDPR compliance information for WooCommerce and WordPress sites

Firstly, you shouldn’t trust any other source than the GDPR law itself. Try to find answers to your questions from the actual law document. This post is just a collection of information and links to help you understand how GDPR affects your WooCommerce site.

I recommend the Privacy by Design approach to GDPR.

WordPress GDPR compatibility

WordPress core development team is currently developing features that will make it easier for website administrators to offer users the privacy controls and data usage information required by the General Data Protection Regulation.

It’s a good idea to only collect the data you need, and preserve it for as long as you really need to.

How GDPR affects user experience?

In my opinion, adopting GDPR should not affect the end user’s experience. I recommend not using tracking that needs users’s consent. Just track less (and anonymously) and your users will be happier.

How is Automattic preparing for GDPR?

How to obtain consent?

Consent to different types of data collection, tracking or marketing cannot be bundled. Consent to each type of data collection and use must be asked separately. Customer’s opt-in steps need to be logged, so that there’s proof about the customer agreeing to the use of personal data.

WordPress plugins to make your site GDPR compliant

Just installing GDPR plugins or using WordPress/WooCommerce core privacy features alone is not enough. You will need to document all the services that capture data and make that information available to all your visitors. Write a blog post about it, just to be as transparent as possible. However, there are several plugins that make it easier for you to tell about data tracking and obtain tracking consent.

Answer these questions in your privacy statement

  • What data are you collecting and how it is used?
  • How can customers get their data removed?
  • How long are you retaining the data?
  • How and where customer data is saved?
  • How customer data is protected?
  • Document your data erasing process, in case your customer wants to be forgotten (remove personal data from your registry).
  • How will you inform about a data breach?

In case of data breach

If user data is breached or compromised, you will need to inform authorities and your customers about the breach within 72 hours.

How have social media services taken GDPR into account?

What should I do about Google Analytics?

Google Analytics tracking should be as anonymous as possible, to make it easy for the user to agree to tracking.

GDPR guides

Remove WordPress archive title prefix

On almost every website that I create, the archives don’t need to be titled as “archives”, because it’s self-explanatory that the page is an archive. So I quite often remove the “Archive:” prefix of all archive pages, including custom post types.

Just paste this code to your functions.php:

// Remove anything that looks like an archive title prefix ("Archive:", "Foo:", "Bar:").
add_filter('get_the_archive_title', function ($title) {
    return preg_replace('/^\w+: /', '', $title);
});

Thanks to Quinn Comendant, who posted a comprehensive solution to this problem on StackExchange.

How to translate the “Continue” button on SkyVerge Paytrail payment gateway plugin

I tried the standard way of translating the Continue button of the Paytrail payment gateway plugin by editing the .po/.mo files of WooCommerce and the plugin itself. I found one string for “Continue”, that was translated correctly to “Jatka”, but it seemed to be the wrong string, as having that translation in place, did nothing for the Continue button of the Paytrail payment gateway plugin. So I started writing a support request for the plugin, reporting about a bug, as it really seemed to be one. And just when I was ready to send my complaint, the automatic system of WooCommerce support showed me the answer that I couldn’t find by searching on DuckDuckGo or Google. It was there, but they talked about SkyVerge plugins in general, not the Paytrail plugin, for which I was trying to find the answer. Anyway, having followed the directions in that hard-to-find document, I was finally able to translate that one crucial word. Having a missing translation in such an important place of the checkout process, had already decreased the use of this payment gateway – as we saw an increase in manual payments. People were afraid to use the button with an untranslated label. Small things like this matter a lot.

Here are the instructions on how to translate the SkyVerge Paytrail plugin, to Finnish or any other language. Here I’m going to use -fi.po and -fi.mo extensions as examples of the filenames.

This is what they tell you in the hard-to-find document.

If you have already started a translation of the framework .pot file, you can skip steps 1 through 5 and just rename the .po and .mo files to woocommerce-plugin-framework-fi.po and woocommerce-plugin-framework-fi.mo.

  1. In your plugin, find the woocommerce-plugin-framework.pot file in lib/skyverge/woocommerce/i18n/languages/woocommerce-plugin-framework.pot
  2. Open the woocommerce-plugin-framework.pot file in PoEdit or similar and click on Create New Translation.
  3. Set the language of the translation and click OK
  4. Select File > Save then save the file on your computer, ensuring that you name it exactly woocommerce-plugin-framework-nb_NO.po (the .po extension should be added automatically by the application).
  5. Translate some strings and click on File > Compile to MO… and ensure you name the file exactly woocommerce-plugin-framework-nb_NO.mo
  6. Once you have made a few test translations, upload both the .po and .mo files via FTP to the wp-content/languages/woocommerce-plugin-framework/ folder in your site (you will likely have to create this folder). The two files should have the following paths:
    wp-content/languages/woocommerce-plugin-framework/woocommerce-plugin-framework-fi.po
    wp-content/languages/woocommerce-plugin-framework/woocommerce-plugin-framework-fi.mo
  7. Visit the frontend or admin of your site to verify if the new translations were picked up. If not, please send us admin and FTP credentials and we would be more than happy to troubleshoot.
  8. Assuming the translation test passed, complete the translations on your local computer, recompile the MO file when satisfied, then upload the two files again to the wp-content/languages/woocommerce-plugin-framework/ directory.

WooCommerce hosting – testing various service providers for a web store of 30 000 monthly visitors

We’re migrating a web store from Magento to WooCommerce, and finding the suitable hosting service for a web store of over 10 000 products and 30 000 monthly visitors hasn’t been easy. Ideally we’d like a hosting company that is somewhere between a VPS and managed hosting. Shell access and server infrastructure of scalable components would be ideal.

Hosting companies we’ve tested so far

Pressable.com

While Pressable offers similar features as WP Engine, but is a younger company. Their hosting plans are very good for simple WordPress projects, but we ran into trouble with large database imports, and had to deal with support for way too many times. Support was good, but having to deal with support with DB migration stuff has delayed the project for a week or so. If you started a completely new project, then Pressable would be good, but importing a big chunk of data proved to be a problem. I’ll have to give them credit for offering VaultPress within all of their plans. A very nice bonus, but still not good enough for this migration project.

Fortrabbit

Fortrabbit is a tad more nerdy than Pressable.com, and as for now, seems to be the best solution for the kind of migration we’re after (Magento to WooCommerce with big a big database). Fortrabbit is quite scalable, and they have a rather modern approach to hosting. Their servers are Amazon AWS servers, but with a layer of their own software magic on top of them. Importing the database, using shell access to the Fortrabbit servers, was quick and easy. They also offer a free trial, which is a big bonus. So far Fortrabbit seems to be a good option, but we’ll still have to test other hosting companies as well.

Cloudways

Cloud WooCommerce hosting with lots of manual control. Nginx-based servers with Varnish cache. All the bells and whistles make this a very compelling option, which we will soon try.

SiteGround

SiteGround offers a wide spectrum of server types. Cloud hosting seems to be the best for our needs. So far we’ve only dealt with pre-sales customer support, and they’ve replied quickly to all of our questions. SiteGround also has servers in Europe, which would be our preference. We still need to test this hosting company, but so far they seem to be a very good option.

One.com

Affordable option, but doesn’t offer shell access. We’ve used One.com on various projects, but it doesn’t seem to offer enough tools for a migration project. Smaller web stores could be hosted at One.com easily, but bigger sites with bigger needs will need to look elsewhere.

Searching for the perfect product carousel plugin for WooCommerce

I’m designing the front page for a WooCommerce store, and I need to find a suitable product carousel plugin to display products from certain categories. I already bought WooCommerce Product Carousel Slider Pro, which seemed to do what I wanted, but I found out that there’s some sort of a conflict when using it with SiteOrigin Page Builder. So, it’s not a very good option. I’m going to try some other alternatives next.

WooCommerce Product Carousel Slider Pro