How to Make Your Joomla! Site GDPR Friendly

Thanks to Joomla for introducing the new privacy tool suit in response to the rules such as General Data Protection Regulation (GDPR) in Joomla 3.9. In this following section, you’ll find all the information about how to set up these new extensions and make your site GDPR friendly.

ThemeXpert is always concerned about clients privacy. So we updated our system to maintain clients privacy with their consent. Our policy stands for both old and new clients.

What is GDPR?

GDPR is the new rules design to give European Union citizens more control over their data. It is needed to set cookies under users consent to make sure the privacy of the user is not compromised.

How to make Joomla Website GDPR Friendly?

1. Privacy Dashboard

The privacy dashboard provides the summary of information requested for the website representing the status of actions to be taken. The privacy dashboard is situated right under the ‘User’ Menu link.

a. Request Count

The request count is more like the privacy dashboard. It represents the summary of the information on a website.

b. Health Check Module

With the help of health check module the status of several actions recommended to site owners is checked, as it relates integrating the privacy tools regarding the website, including:

  • Privacy Policy Published — it will check if the privacy policy has been configured and published or not. Developers can check the integration through onPrivacyCheckPrivayPoilicyPublished event.
  • Request Form Menu Item Published — this will check if the front-end information request form has a published menu item or not to the authenticated users submit valid request.
  • Outstanding Urgent Request — This option will check for any pending confirmed requests, which are older than 14 days and it will be alerted to the owner of the site for any such requests which requires urgent attention.

2. Extension Capabilities

This screen displays the capabilities of privacy policy related informations (such as cookies to set on browser, information shared with the third party for future usage, personal data processing etc) to assist the user assessing extensions regarding privacy policy related concerns and preparing documentation of terms and policy service. To know more, checkout Report Extension Capabilities in Privacy Component.

3. Information Requests​

Privacy Consent​ Plugin Setup

While collecting personal identifiable information, you need ensure the following terms:

  • The user is informed about the need of the information in clear understanding word.
  • The user should be informed about the exact data you want to collect from them
  • The user should know in what purpose you’ll be using their data
  • The user has actively agreed to your terms

But let me assure you one thing. This plugin DOES NOT make your website legally complaint. It’s only just a step to the process.

After enabling the plugin, any new user registering on your site will be needed to consent the privacy policy. By this process, the date and IP address of the user will be recorded. And all the existing users will be redirected to their user profile for their consent.

1. Plugin Configuration

Now the plugin is installed but yet not active. To active it you need to follow these steps, Extension -> Plugin -> look for Privacy. Once you’ve located the plugin, configure it before enabling.

2. Short Privacy Policy

This is a brief notice that will be displayed above the privacy consent checkbox. You can customize it to your own text or just leave the way as it is.

Note for Multilingual site : if you keep the default text, it will change to user’s language. But it is not possible to translate for custom text. So if you want to display your customized text, keep this field empty and go for Joomla language override facility to customize the PLG_USER_PRIVACYCONSENT_NOTE_FIELD_DEFAULT language string for each language installed.​

3. Privacy Article​

If wish to have a longer Privacy Policy, you can create or edit it right in this section which will be displayed in the modal window of the user.

Note for Multilingual site : if you associate this article with other languages then the privacy policy will be displayed in the correct language for the user.​

4. Redirect Message​

This section is used for the existing users who have entered their profile first time right after privacy policy plugin has been enabled. You can use the default text or just use your own customized text.

Note for Multilingual site : if you keep the default text, it will change to user’s language. But it is not possible to translate for custom text. So if you want to display your customized text, keep this field empty and go for Joomla language override facility to customize the PLG_USER_PRIVACYCONSENT_NOTE_FIELD_DEFAULT language string for each language installed.​

User — Terms & Conditions​ Setup

1. Plugin Configuration​

The plugin is installed but yet not enabled. To active it you need to follow these steps, Extension -> Plugin -> look for Terms. Once you’ve located it, you can customize it and enable it.

2. Short Terms & Conditions​

This is a short notice that will appear right above the Terms & Conditions checkbox. You can leave the default message to display or edit to your text.

Note for Multilingual site : if you keep the default text, it will change to user’s language. But it is not possible to translate for custom text. So if you want to display your customized text, keep this field empty and go for Joomla language override facility to customize the PLG_USER_PRIVACYCONSENT_NOTE_FIELD_DEFAULT language string for each language installed.​

3. Terms and Condition Article​

If wish to have a longer Privacy Policy, you can create or edit it right in this section which will be displayed in the modal window of the user.

Note for Multilingual site : if you associate this article with other languages then the privacy policy will be displayed in the correct language for the user.​

Content — Confirm Consent​

This plugin will add a required checkbox to a form (such as the core contact form).

1. Plugin Configuration

The plugin is installed but yet not enabled. To active it you need to follow these steps, Extension -> Plugin -> look for Consent. Once you’ve located it, you can customize it and enable it.

2. Short Privacy Policy​

This is a short notice that will appear right above the Terms & Conditions checkbox. You can leave the default message to display or edit to your text.

Note for Multilingual site : if you keep the default text, it will change to user’s language. But it is not possible to translate for custom text. So if you want to display your customized text, keep this field empty and go for Joomla language override facility to customize the PLG_USER_PRIVACYCONSENT_NOTE_FIELD_DEFAULT language string for each language installed.​

3. Privacy Article

If wish to have a longer Privacy Policy, you can create or edit it right in this section which will be displayed in the modal window of the user.

Note for Multilingual site : if you associate this article with other languages then the privacy policy will be displayed in the correct language for the user.​

Privacy Modules​ Setup

This module provides the summary of the information requests received for your website. This module is installed and enabled by default in Joomla 3.9 installation. To add it to your dashboard on an updated site, go to Extension -> Modules, change the site filter to Administrator, add a new Privacy Dashboard module, assign it to the cpanel position, and set access to Super Users.

Output

The output will mostly look like this,

Conclusion

Follow all the steps described above and make your Joomla site GDPR friendly. If you still find any problem, please contact us. None are expert here but we all are trying our best to get to know GDPR better.

You can download Joomla_3.9.0-dev-Development-Full_Package.zip for testing new privacy tool and report any issue.

Post your comment below and we’ll do our best to reach out there and answer it.


Originally published at www.themexpert.com.