Dashboard

GDPR Compliance

If you use Noptin for email marketing on your WordPress site, ensuring GDPR compliance is crucial, especially if you handle data from EU users. The General Data Protection Regulation (GDPR) requires businesses to handle personal data transparently, securely, and with user consent.

This guide walks you through the steps to make Noptin GDPR compliant.

Under GDPR, you must obtain explicit and informed consent from users before adding them to your mailing list.

Open your form in the Noptin form editor and enable the GDPR checkbox under Design > Optin fields.

Enable GDPR checkbox in Noptin

If you’re using one of our form integrations, ensure you add a consent checkbox instead of automatically registering new form submissions as subscribers.

TIP:-

Link to your Privacy Policy in the checkbox label to give users full transparency.

2. Update Your Privacy Policy

Add a section about Noptin to your privacy policy. It should clearly explain:

  • What data you collect (e.g., name, email).
  • How you store and use it.
  • Who you share it with (if applicable).
  • How users can request data deletion or unsubscribe.

Example:-

Email Subscriptions & Cookies

We use Noptin, a WordPress email marketing plugin, to manage email subscriptions on our website. When you subscribe to our mailing list, we may store a cookie in your browser to prevent duplicate subscriptions and improve user experience.

What Information Do We Collect?

  • Your name and email address (if provided during subscription).
  • A cookie (noptin_email_subscribed) to track whether you have subscribed to our newsletter.

This cookie helps us:

  • Prevent the subscription form from displaying repeatedly if you have already subscribed.
  • Ensure a smooth user experience by remembering your subscription status.

This cookie does not store any personally identifiable information (PII) and is used solely to enhance your interaction with our site.

Your Rights & Control

You have the right to:

  • Opt out of email communications by clicking the “unsubscribe” link in any email we send.
  • Delete or block cookies through your browser settings.
  • Request the removal of your personal data by contacting us at [Your Contact Email].

Don’t want cookies? Use the following PHP code snippet to disable them.

add_filter( 'noptin_disable_cookies', '__return_true' );

However, some tracking won’t work correctly if you disable cookies.

A double opt-in process adds an extra layer of GDPR compliance by requiring users to confirm their email before subscribing.

Open the Noptin settings page then navigate to “Emails > Double Opt-In” to enable it.

Enable double opt-in
Lean more about this

4. Provide an Easy Unsubscribe Option

GDPR mandates that users must be able to unsubscribe easily. Ensure all your emails have a visible newsletter unsubscription link.

You can also create a new page on your site and add an unsubscription form to it. This way, users can still unsubscribe even if you don’t email them.

TIP:-

Consider adding a “Manage Preferences” link so users can update their preferences instead of fully unsubscribing.

5. Allow Users to Request Data Deletion

Users have the “right to be forgotten”, meaning they can request the deletion of their data.

Erase personal data

When doing so, Noptin will also delete their newsletter-related data.

Similarly, Noptin will also include their newsletter-related data when they export their personal data.

6. Securely Store Subscriber Data

GDPR requires you to protect user data from breaches. This means that you should:-

  • Use SSL encryption on your site (your URL should start with https://).
  • Keep WordPress, Noptin, and other plugins updated.
  • Limit admin access to only trusted team members.
  • Regularly back up your data using plugins like UpdraftPlus.

Final Thoughts

Making Noptin GDPR compliant is easy and necessary to avoid legal risks.

You can do this by:-

  1. Gaining clear consent.
  2. Enabling double opt-in.
  3. Providing unsubscribe options.
  4. Securing user data.
  5. Allowing users to export or delete their data.

Take action now and update your Noptin settings for full GDPR compliance!

Further reading:-

  1. How to comply with the CAN-SPAM Act.

Related Guides

  • What is Noptin?

    This walk-through introduces you to Noptin and what you can do with the plugin

    Read More

  • Installation

    Learn how to install Noptin on a single site or a multisite network.

    Read More

  • Shortcodes

    Here is a list of shortcodes that you can use to display newsletter subscription forms, your subscriber count, and subscriber only content.

    Read More

  • Translating

    Learn how to translate Noptin into your language.

    Read More

  • WPML

    Learn how to run a multi-lingual newsletter using WPML

    Read More

  • Polylang

    Learn how to run a multi-lingual newsletter using Polylang

    Read More

  • How to allow Editors to manage Noptin

    This article will guide you on how to allow editors to access and manage Noptin Sign in to your WordPress Dashboard, then hover over Noptin > Settings. In the Settings, Select General and then Allow Editors

    Read More

  • How to keep data when uninstalling Noptin

    Uninstalling a plugin from your WordPress site can often lead to loss of data. However, Noptin has an inbuilt feature which ensures that the data you worked so hard to collect remains intact even when you remove it from your site. Keeping data allows you to export it to the next project you are working…

    Read More

Leave a Reply

Your email address will not be published. Required fields are marked *