Practical GDPR tips for bloggers

GDPR tips and plugins for bloggers personal websites

With the abundance of how-to and blogging tips sites you’d expect to easily find some practical info about GDPR for bloggers and small site owners. But it seems some of these sites offer limited practical tips when it comes to applicable solutions. After having friends asking for advice, I’ve decided to write this article and provide some practical info with the help of some plugins for WordPress sites. The best way to apply these tips, is to read each one carefully, check whether the latest version of WordPress has the functionality built-in (it should if you’re using version 4.9.6 and above) and then see which of the suggested plugins might be useful to you (I’m not affiliated with any of these plugins, so you’re free to look for alternatives).

The boring but important introduction (so that you don’t blame me afterwards)

Before that, I need to stress a few really important things. First and foremost, the fact that you’re going to use a plugin doesn’t necessarily mean that you will make your site 100% GDPR compliant. Many plugin developers also emphasize this in their support pages. You should bear in mind that these plugins cover only a basic fraction of GDPR. Most of the work will have to be done by your website developer and you should ask advice from a lawyer. Second, the plugins discussed seem to offer basic GDPR functionality for the time being (I cannot be held responsible if they add/remove features or lose their functionality in the future). This relates to my third point: a few of these plugins might be obsolete if some of their functionality is included in the future versions of WordPress (UPDATE: indeed, even before I hit the publish for this post, a new WordPress version was out, thankfully covering many GDPR areas. After all, the fewer plugins a site uses, the better).

Commenting system

Most people seem to be ignoring this. Your users should know that you are storing their comments and that they can ask for their deletion if they wish so. Luckily, the new WordPress update (4.9.6) has a GDPR commenting system that offers an opt-in checklist for the users, which they can tick before submitting their comments. Bear in mind that if you’re using the Jetpack plugin in its current version (6.1.1 and below) you need to go to Settings → Discussion and untick “Let readers use, Twitter, Facebook, or Google+ accounts to comment”.

If for any reason you do not have WordPress 4.9.6 installed, or you are using another plugin for your comments, make sure you always state clearly in your comment form that comments and the profile of every user are collected by your site. This plugin seems to do the job for the time being, in case you are using an older version of WordPress or want to use the Jetpack commenting system: WP GDPR Compliance. Among other things, it lets you add a privacy checkbox to your comments. Note: at the moment you need to disable the Jetpack commenting system (if you’re using it) for this to work.

Forms and newsletters

Who doesn’t have a form or another on their site nowadays? Again, forms need to explain that the info the users are providing will be stored by the site and that they can revoke access, unsubscribe from the newsletters, etc. The WP GDPR Compliance plugin mentioned above should work if you’re using Contact Form 7 forms (or you can do it manually as explained here.)

If you’re using Mailchimp for your newsletter you’ll be happy to know that GDPR compatibility is already in place for certain styles of forms only (again, for the time being). To enable them use this simple guide from Mailchimp.

Google Analytics

Yes, you do need to tweak some things in Google Analytics for your site to be GDPR compatible. Google has introduced the Data Retention Control mechanism that allows you to select how long Google will be storing your data for. This should be set from here, using this guide. Another thing you should consider is the option to anonymize the IP of your visitors. This can be done by editing your analytics code and adding a line of code as shown here.

If this is too technical for you, don’t worry this plugin seems to provide the option of IP anonymization in its settings: GA Google Analytics.

Otherwise, if you’re using MonsterInsights, the latest version includes the option for IP Anonymity.

Privacy Policy and Cookie Policy

There are quite a few free GDPR privacy policy templates if you just google for this term. However, you need to remember that a ready-made privacy policy that you just copy and paste onto your site does not automatically make your site GDPR compatible. Same for cookie policies. If you’re using Jetpack, the latest plugin version has an updated GDPR cookie policy widget. If not, then you can try another plugin like Cookie Notics by dFactory which asks for the user’s consent before storing cookies. Update: Luckily, WordPress 4.9.6 includes the option to generate your own Privacy Policy. Read the official announcement here.

Protect your site from cyber attacks

There are many plugins that protect your sites from malicious attacks and unauthorized access. One of the most popular is the Wordfence security plugin, the free version of which seems to offer the basic functionality needed by some users.

At this point, SSL is crucial

With Chrome announcing it will start marking sites without an SSL certificate as non-secure and with GDPR already in place, you have no excuse not to install an SSL certificate on your WordPress site. What you probably don’t know is that there are some free SSL alternatives like Let’s Encrypt, that offer the basic protection only but at least you have a site that is marked as secure. Most hosting providers should provide some of the free SSL alternatives as part of their service through their control panels (you should probably ask for their availability first). If not the Let’s Encrypt site has a guide for manual installation.

And the most important thing of all

Finally, I can’t emphasize enough that the above steps in the this post will not make your site 100% GDPR compliant. This cannot be done with the help of the aforementioned plugins alone. This cannot be done by using a ready-made privacy policy or a privacy policy generator. You need to review your Terms, Cookie Policy, Privacy Policy carefully, among other things.

You have to make sure of the following: That you cannot store any personal IP data from your users without them knowing and without them using your consent. This extents to 3rd-party plugins that you use on your site, all tracking cookies, analytics services, comments and anythign or anywhere your user details might be recorded. If the users asks for their data to be sent to them or completely removed from your site you should be able to do this. Again, the latest version of WordPress (4.9.6) has two new options: Data Export and Data Erasure.

Final Disclaimer:
In order for your site to be fully GDPR compliant you need to speak with a lawyer and your website developer. The instructions in this post are just for basic guidance and do not fully extend to all aspects of the GDPR scheme. Even to the areas which these tips cover, further work will probably be needed for them to have full GDPR compatibility. Again, I repeat: Your site will not be 100% GDPR compliant if you just follow the instructions of this post.

Using Scrivener to track your characters and locations in every scene

The other day I received an email from a friend, who is also an author, asking me whether it is possible to track down the character appearances in every scene when using Scrivener. I thought I’d create a mini tutorial to share this with you.

There is some software out there that lets you assign your characters to every different scene. Not just that: you can also assign a location or specific items that are crucial to your story. yWriter by Spacejock Software is an excellent piece of software which does that and it’s completely free.

However, for those of you Scrivener users the good news is that you can also do this in Scrivener. True, Scrivener does not offer this feature out of the box, but you see this is Scrivener’s biggest selling point: its endless customisation features. All it takes is just a couple of clicks and you can assign your characters, items, locations or whatever else you wish, to every scene and chapter.

This is how to do it on the Windows version but I think it should be more or less the same using a Mac.

1. On the top-right hand side of your project there is the Inspector button.

2. Find the fourth icon (showing the tag).  Click on it and then on Define Meta-Data Fields… (Alternatively, from the Menu: View -> Inspect -> Custom Meta-Data). Note: In Scrivener 3 click on “Custom Metadata” and then either on the button that says “Set up custom metadata” or the three dots. 

3. Click on the + icon and then in the Meta-Data Title field type in “Characters”. It is a good idea to tick the Wrap Text option so that your data will look more compact later. Click OK.

4. Click on the + sign again to add “Locations” and “Items”.

Ok, now having followed the above steps click on your Draft folder (usually the top folder in your binder) and then go to Outline Mode (the third icon on the top-centre of the screen as shown below or alternatively press Ctrl+3)

Click on the little drop-down arrow on the far right of the Outliner window and select the options Characters, Locations and ItemsNote: In Scrivener 3 instead of a drop-down arrow, there is an arrow pointing to the right. Click on that one instead and then select Characters, Locations and Items.

Finally, click on the dropdown arrow on the left to expand your folder structure and reveal your scenes.

That’s it!

Now each scene has all the info you need, regarding your characters, locations and items. Of course, you are free to add any other such fields that you find useful by following the above steps.

Featured photo (c) Literature and Latte website


I consider Scrivener to be the no.1 essential tool for every author or writer. If you don’t have Scrivener yet, you may wish to buy it out using the links below:

Buy Scrivener 2 for macOS (Regular Licence)

Buy Scrivener for Windows (Regular Licence)