Noptin Logo
Dashboard

    GDPR Compliance

    If you use Noptin for email marketing on your WordPress site, ensuring GDPR compliance is crucial, especially if you handle data from EU users. The General Data Protection Regulation (GDPR) requires businesses to handle personal data transparently, securely, and with user consent.

    This guide walks you through the steps to make Noptin GDPR compliant.

    Under GDPR, you must obtain explicit and informed consent from users before adding them to your mailing list.

    Open your form in the Noptin form editor and enable the GDPR checkbox under Design > Optin fields.

    Enable GDPR checkbox in Noptin

    If you’re using one of our form integrations, ensure you add a consent checkbox instead of automatically registering new form submissions as subscribers.

    TIP:-

    Link to your Privacy Policy in the checkbox label to give users full transparency.

    2. Update Your Privacy Policy

    Add a section about Noptin to your privacy policy. It should clearly explain:

    • What data you collect (e.g., name, email).
    • How you store and use it.
    • Who you share it with (if applicable).
    • How users can request data deletion or unsubscribe.

    Example:-

    Email Subscriptions & Cookies

    We use Noptin, a WordPress email marketing plugin, to manage email subscriptions on our website. When you subscribe to our mailing list, we may store a cookie in your browser to prevent duplicate subscriptions and improve user experience.

    What Information Do We Collect?

    • Your name and email address (if provided during subscription).
    • A cookie (noptin_email_subscribed) to track whether you have subscribed to our newsletter.

    This cookie helps us:

    • Prevent the subscription form from displaying repeatedly if you have already subscribed.
    • Ensure a smooth user experience by remembering your subscription status.

    This cookie does not store any personally identifiable information (PII) and is used solely to enhance your interaction with our site.

    Your Rights & Control

    You have the right to:

    • Opt out of email communications by clicking the “unsubscribe” link in any email we send.
    • Delete or block cookies through your browser settings.
    • Request the removal of your personal data by contacting us at [Your Contact Email].

    Don’t want cookies? Use the following PHP code snippet to disable them.

    add_filter( 'noptin_disable_cookies', '__return_true' );

    However, some tracking won’t work correctly if you disable cookies.

    A double opt-in process adds an extra layer of GDPR compliance by requiring users to confirm their email before subscribing.

    Open the Noptin settings page then navigate to “Emails > Double Opt-In” to enable it.

    Enable double opt-in
    Lean more about this

    4. Provide an Easy Unsubscribe Option

    GDPR mandates that users must be able to unsubscribe easily. Ensure all your emails have a visible newsletter unsubscription link.

    You can also create a new page on your site and add an unsubscription form to it. This way, users can still unsubscribe even if you don’t email them.

    TIP:-

    Consider adding a “Manage Preferences” link so users can update their preferences instead of fully unsubscribing.

    5. Allow Users to Request Data Deletion

    Users have the “right to be forgotten”, meaning they can request the deletion of their data.

    Erase personal data

    When doing so, Noptin will also delete their newsletter-related data.

    Similarly, Noptin will also include their newsletter-related data when they export their personal data.

    6. Securely Store Subscriber Data

    GDPR requires you to protect user data from breaches. This means that you should:-

    • Use SSL encryption on your site (your URL should start with https://).
    • Keep WordPress, Noptin, and other plugins updated.
    • Limit admin access to only trusted team members.
    • Regularly back up your data using plugins like UpdraftPlus.

    Final Thoughts

    Making Noptin GDPR compliant is easy and necessary to avoid legal risks.

    You can do this by:-

    1. Gaining clear consent.
    2. Enabling double opt-in.
    3. Providing unsubscribe options.
    4. Securing user data.
    5. Allowing users to export or delete their data.

    Take action now and update your Noptin settings for full GDPR compliance!

    Further reading:-

    1. How to comply with the CAN-SPAM Act.

    Related Guides

    Leave a Reply

    Your email address will not be published. Required fields are marked *