The European Union General Data Protection Regulation

by | Apr 20, 2021 | Blog, News

In this article, we’ll explain a little bit what the GDPR is and we’ll give you some tips to be actively compliant with this new regulation in case you collect, store and share EU citizen’s information.

The EU General Data Protection Regulation hereinafter GDPR changed the rules for a lot of people over the internet, and we are not strangers to this. Many companies and online business has been forced to make changes to their structures, products, and activities regarding with the collection of data, which are basically almost every commercial or marketing activity on the internet.

On the site, we can read the following:

The General Data Protection Regulation (GDPR) is the toughest privacy and security law in the world. Though it was drafted and passed by the European Union (EU), it imposes obligations onto organizations anywhere, so long as they target or collect data related to people in the EU. The regulation was put into effect on May 25, 2018. The GDPR will levy harsh fines against those who violate its privacy and security standards, with penalties reaching into the tens of millions of euros. is provided to you as a helpful resource to quickly find all 99 Articles and 173 Recitals of the Regulation, as well as helpful guides and checklists that walk you through how the Regulation may apply to you. Here you can find the official PDF of the Regulation (EU) 2016/679 (General Data Protection Regulation) in the current version.”


As we can read, GDPR is an active way to practice privacy and security of personal data by modifying the organization’s methods of collecting, storing, and sharing the information, with an emphasis on compliance



The GDPR defines a lot of legal terms to refer to the activities of the companies in regard to data collection. The most important ones are the following:

Personal data: Personal data is any information that relates to an individual who can be directly or indirectly identifies. Name and email address. Location information, ethnicity, gender, biometric data, religious beliefs, web cookies, and political standings. Pseudonymous can be considered personal data as well if it’s relatively easy to ID someone from it.

Data processing: Any action performed on data, whether automated or manual. These are: Collecting, recording, organizing, structuring, storing, using, erasing, or, basically, anything you do with the data.

Data subject: The person whose data is processed, these are your customers or site visitors.

Data controller: The person who decides why and how personal data will be processed. If you’re an owner or employee in your organization who handles data, this is you.

Data processor: A third party that processes personal data n behalf of a data controller. The GDPR has special rules for these individuals and organizations. They could include cloud servers or email service providers like Google.



Data protection principles:

If you are a data processor you have to do it accordingly to seven principles:

  1. Lawfulness, fairness, and transparency — Processing must be lawful, fair, and transparent to the data subject.
  2. Purpose limitation — You must process data for the legitimate purposes specified explicitly to the data subject when you collected it.
  3. Data minimization — You should collect and process only as much data as absolutely necessary for the purposes specified.
  4. Accuracy — You must keep personal data accurate and up to date.
  5. Storage limitation — You may only store personally identifying data for as long as necessary for the specified purpose.
  6. Integrity and confidentiality — Processing must be done in such a way as to ensure appropriate security, integrity, and confidentiality (e.g. by using encryption).
  7. Accountability — The data controller is responsible for being able to demonstrate GDPR compliance with all of these principles.



People’s privacy rights

You are a data controller and/or a data processor. But as a person who uses the Internet, you’re also a data subject. The GDPR recognizes a litany of new privacy rights for data subjects, which aim to give individuals more control over the data they loan to organizations. As an organization, it’s important to understand these rights to ensure you are GDPR compliant.

Below is a rundown of data subjects’ privacy rights:

  1. The right to be informed
  2. The right of access
  3. The right to rectification
  4. The right to erasure
  5. The right to restrict processing
  6. The right to data portability
  7. The right to object
  8. Rights in relation to automated decision-making and profiling.



How can affect you:

The GDPR applies when you process EU citizen’s information even if your company is not located in the EU.

The fines for violating the GDPR are pretty high and in accordance with the amount of money your organization generates annually maxing out at €20 million and with a minimum of €10 million.

It’s very easy to violate the terms imposed in this regulation especially if you use third-party software on your sites that you don’t know how it handles the information. For example, if you download a simple plugin to execute a function of displaying something visual if this asset is not stored locally and the request is made to another web, it’s possible for that web to collect all the ID direction of your visitors, as we will see in the next section. It’s that simple to be non-compliant. So to have awareness about this is paramount for medium and small companies.


How this affects us on Themekraft.

We have a plugin called TK Google Font which function is to display the Google Fonts on your web. To do this we created an Ajax request to Google to load the asset into the web, and that it’s loaded directly from the Google server in charge of storing the font families and other assets.

When the Ajax request is made Google is able to acquire the IP direction from where the request is being made and also all its visitors, violating the GDPR, by giving information about the user to Google, in this case, the IP direction.

Now, with the premium version of the plugin, this is no the case. With the new GDPR Compliant functionality, the web will download the assets and load them locally instead of from Google so they can’t acquire the IP, nor any other information, of your visitors. Now, the asses are stored in your backend and loaded from there as well, so no request is being made.

You can download TK Google Fonts plugin.

Read the TK Google Fonts documentation.


How can we help you with BuddyForms?

Within Buddyforms there is a GDRP Compliance feature for you to add to your forms and get a GDPR Compliant form in an instant, as you can watch our Youtube video BuddyForms – GDPR Compliant WordPress Form Builder.

Whit this function you can have a safe and compliant newsletter subscription form or any other kind of data collecting form you need.

As mention in the video, all the information input into those forms is locally stored and there is no third party involved in it.

You can download BuddyForms plugin.

And you can read the BuddyForms documentation available.



We can give you some tips so you are GDPR Compliant and ready in case any of your clients, customers, or subscribers demand their information or their right to be forgotten.

  1. First of all, allow people to “positively opt-in” to sharing their information ad to you storing it. People have to take explicit action to allow you to collect and use their data. Have evidence when someone opted-in to you collecting the data, like an email or some other method.
  2. Write a fair processing policy, easy to read and understand and have it in an easily accessible place on your site, or even better, sent it as soon as you have a new email address. In this policy you should state which data are you collecting, how are you collecting it, how are you storing it, how are you using it, why are you collecting the data, and whit whom you’ll share the data.
  3. Have a process for providing the information you have on a person. you have to provide the information in one month’s time and free of charge, according to this new regulation.
  4. Have a process in place to erase all the information you have on a person if they demand it. Remember they have the “Right to Be Forgotten” now. This process should be straight forward and it should be done by someone with technical knowledge and access to the information. Don’t assign this task to someone who is not prepared to do it because the consequences can be fatal for a small or medium-sized company. Basically, make it easy to opt-out
  5. Organize the data as soon as you collect it, so you know which information you have on who and where. this way you’ll never forget, misplace or erase data by mistake.
  6. Store the data in a secure location. If you have a lot of information, and especially if it is sensitive, you better have a secure location, either in a cloud or in a physical place such as your own server or an external hard drive, you should have a protocol in place to access, erase or copy the information.
  7. Record the safety measures you have in place and create a document, written or recorded in video, so every employee of your company is aware of the importance of keeping this information secure and organized.
    Don’t store unnecessary data, not all data is useful for you or your goals, only store the data you may use. For this, you should have a clear vision of your objectives and how to accomplish them.
  8. Finally, make your team aware of the new GDPR laws. If you have a lot of information, especially if it’s sensitive, appoint a Data Protection Officer (DPO), to take care of all the tasks described above. This way you are sure these measures are carried out by someone who is technically prepared to do it. The DPO should read the entire 88 pages document and consult with an attorney.

Thanks for taking the time to read our perspective about this important and interesting subject. Please, if you have doubts about this subject or any of our products or services, reach out to us at We are more than happy to answer all your questions.

0/5 (0 Reviews)

1 Comment


Submit a Comment

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

More from the Magazine

How to Customize Your WooCommerce Product Page in 2022

If you’re in the e-commerce business and using WooCommerce to build your store, a good product page is essential in getting your customers to talk about your brand. Furthermore, customizing your product page will have your revenue soaring! Why Exactly is a...

8 Reasons Why WordPress Platform Remains Important for Digital Marketing in 2022

The open-source content management system WordPress currently powers 43% of all websites on the internet. That makes WordPress platform by far the most popular CMS globally, so it’s pretty clearly doing something right. If you’re looking for ways to make your digital...

3 Easiest Ways to Make Your WooCommerce Site Mobile-Friendly

3 Easiest Ways to Make Your WooCommerce Site Mobile-Friendly     If you own a WooCommerce site in 2022 and that site is not mobile-friendly, it is bad news. This is a blatant truth.   The competition in the industry is too high in today’s date and when...

3 Tips for Working With Digital Photos

So you’ve taken a bunch of great digital photos during a vacation, event, or outing, but they don’t look as good on the screen as they looked in your head. How do Instagrammers make their photos look great? Are they just stellar photographers? Not...

E-commerce Website Design: Top 10 Ecommerce Design Trends You Need To Know In 2022

Shopping has changed immensely because of the pandemic. People opt to shop online, and when your website is not ready for your customers, your business will fail.  Web design is your first line of offense; that’s why e-commerce stores these days need to focus on...

Top Pros And Cons of Native Vs Hybrid App Development in 2022

Native apps are apps intended to run on a specific OS, while Hybrid apps show elements of both a native app and a web app. The fundamental difference between these two apps is that the primary kind can be created across all stages, though the production of the native...

Benefits of Virtual Reality in WordPress Design and Development

Since the introduction of groundbreaking technologies such as Virtual Reality and AR, the world of web design has undergone a dramatic change. Major automotive brands, gaming brands, healthcare and education programmes have been the early adopters of these...

Why Digital Marketing Will Be An Important Asset For Any Startup Company In 2022

With new start-ups and brands launching each day, start-ups and new brands consequently have to compete with companies and their marketing campaigns that have been running for years. For start-ups to taste success, for instance, they have to market efficiently and...

10 Tips to Optimize Your WooCommerce Website

When we talk about e-commerce platforms, WooCommerce is considered a preferred choice for techies. It is very simple and easy to set up a WooCommerce site. You just need to simply purchase a domain, add the WooCommerce extension then utilize some tips to optimize your...

10 of the Most Important E-Commerce Trends You Need to Know in 2022: A Helpful Guide

The year 2021 brought many developments and challenges for retailers. The industry experienced advancements in technology, while simultaneously being hit with shipping and supply chain issues. The COVID-19 lockdowns forced retailers to become more innovative to reach...

15 Best Donation Plugins For Accepting Charity & Funds

Are you looking for suitable WordPress or WooCommerce-enabled donation plugins? Many plugins in the online marketplace enable you to accept online donations using your WordPress or WooCommerce-enabled site. Using donation plugins on your website is an effective and...

Top 5 Reasons to Choose Custom WordPress Development Over Theme

If you are considering having a website for your business, several questions might come to your mind. How do we develop it? Do we need to outsource website development services? How much does it cost? What platform to choose for the development? Though all of the...

Image SEO best practices for WordPress websites

Google search is one of the main traffic drivers for many websites. However, image search is gaining traction and is more relevant across different industries like photography, videography, e-commerce, entertainment, etc. In this article we’ll talk about Google image...

Is WordPress a good blogging platform?

WordPress has become one of the most important platforms for people all around the world. Being used by approximately one-third of the world’s population, it tops the most loved platforms for blogging with thousands of people adopting it as their first choice...

How is on-demand mobile app development changing the face of business?

Smartphones are the most potent and pervasive technological devices around us. Consumers connected businesses through their smartphones, where mobile apps allow them to get almost anything at the flick of a finger. Mobile apps, are also a way for businesses to connect...

The Ultimate Guide on Web Application Architecture

Learn the basics of web app architecture. In this post, you can find web application architecture types, components, and ways to create web app architecture.  Starting a new web project, you should pick the right architecture. It determines all the logic of app...

Digital Marketing: Use These Hacks to Boost Your Leads in 2021

Image (Source) Introduction  One thing the 2020 year has taught us is that it is never too late to grab new opportunities to sustain your business. COVID-19 pandemic has given an immense rise to online platform usage. It helps the businesses to continue their leads...

Deprecated Plugins on Themekraft

(Source) In a normal company’s lifespan, a lot of work is done, customers are acquired, and problems are surpassed. Also, many products are launched, and because of that many times, some of those products get left behind by time, technological advances, replaced...

Web Development Strategies for an Outstanding Site

Did you know that 59.5% of the entire world population uses the internet daily? Of this, about 92.6% use mobile devices to access the web. These people are using the internet to find products and services, connect with friends, work, and for entertainment. For any...

Lifetime Deals

Lifetime Deals or LTD is one of the most popular of many ways to sell your digital products in the SaaS industry. Subscriptions, standalone for free, and charge for some functionalities, Bundles, Addons, etc  While the subscriptions and the add ons have been around...

Best Google Analytics Plugins for WordPress in 2021

If you want to understand the behavior of your website or blog visitors and from where they are coming to your site. You need analytics plugins that will help you to easily track the behavior of your website visitors & traffic resources.  If you are a WordPress...

5 Hottest Trends of PHP Development in 2021

Quick Summary: With the latest updates in modern technology and trends, web development is also evolving and gaining continuous popularity over the past few years. Tech and non-tech businesses are searching for the new  PHP web development trends for developing a...

WordPress Security: How to Protect Your Website and Be Safe

Many site owners often complain that WordPress security sucks. Usually, this line of thinking stems from WP being an open-source platform thus being more vulnerable to external attacks. But, how true is that? Is WP secure? The truth is – YES. It is secure. It’s...

Guest Posts and Pay For Submission on Themekraft

(Source) We have always claimed that we have an educative role in the community and because of that, we’ll share our procedures to manage Guest Posts. Also, if you want to implement a Guest Post or even a Pay for Submission method, this article may help you a great...

Our Products

Share This