The Planet 4 journey to GDPR compliance
The Greenpeace recipe for a GDPR-compliant website
Let’s make a bet: you type “Wordpress GDPR” in Google. If 50% of results do not propose to solve all your GDPR problems with plugins please send us your email, you’ll receive 4 majestic GIFs.
Truth is that plugins rarely solve all Wordpress-related needs, and least of all complicated macro-areas as GDPR (aka [EU] General Data Protection Regulation), which require deep analysis and a mix of solutions, touching all aspects of data collection and protection.
Without reading the 88 pages of the GDPR official text, going through the thousands Wordpress.org solutions, here’s a 5-minute recap of how we made European Greenpeace Planet 4 sites GDPR-compliant without losing traffic data or reducing content consumption.
The journey
A few things to mention:
- Beside editor’s / admin access, P4 has no login (yet), therefore the “where is supporters’ data stored” question was quickly sorted.
- This setup has been validated at various stages by pro-bono Dutch lawyers, the Greenpeace International Legal team and various partners, but may change over the next few months. Watch this space.
- This journey started by typing “Wordpress GDPR” in Google 14 months ago
1) Privacy policy
We said "a 5-min recap". If you work in a EU organisation and have not updated your website privacy policy yet, it’s time to see your legal department. Here’s a template for P4 website with the full setup described in this post.
2) IP Anonymization
IP Addresses do qualify as personal information. Among the various options Google Analytics proposes, we opted for the default anonymization of IP Addresses of all Planet 4 visitors. This is easily set up in Tag Manager via a simple field in the Google Analytics tag/s (‘anonymizeIp’ with a value of ‘true’). Full instructions here.
No Login is required to comment on P4 posts, but we noticed that Wordpress collects IP addresses of anyone leaving a comment by default. We reviewed and installed the GDPR Comments plugin to anonymize IPs, both of past comments and of real-time ones. Here the instructions & plugin analysis.
3) Data sharing with Google
Whether you decide to anonymize users’ IP addresses or not, Google may collect other information to help improve Google’s products and services. We decided to opt-out and not share any Analytics data with Google across the P4 global property.
4) Anonymous YouTube video consumption
YouTube videos embedded in P4 pages or posts are by default in privacy-enhanced mode, to avoid any 3rd party cookies fired by Google, regardless of the P4 cookies setup (see below).
In both the Media Block and the embedded videos in pages or posts, we enforced the Privacy Enhanced Mode, changing the domain for the embed from https://www.youtube.com to https://www.youtube-nocookie.com
5) Cookies (consent & management)
Accepting cookies is a choice users make, and as such, it must be reversible. Through a “Cookies control” block, P4 allows users to have complete control over which cookies to accept, simply by ticking checkboxes.
Here’s the block code on GitHub, tied to the P4 theme but more than enough for demonstration (here the front-end rendering).
If fully implemented, this block will prevent Google Tag Manager from loading unless users click on the cookies banner and accept all cookies. This is 150% safe, but it was de facto blocking the collection of the essential statistical data we needed to improve the prototype (see Magali’s post on UX findings).
To maintain the Cookies Block functionality without losing 95% of traffic, we came up with a Google Tag Manager mix of triggers and variables, firing 2 types of cookies according to users’ preferences.
This Tag Manager / Cookies Block setup enables the (anonymous) collection of basic stats (e.g. pageviews, device type..) while allowing users to choose whether remarketing tags (containing personally identifiable information from Facebook, for ex.) should be fired or not. All Cookies preferences can, of course, be changed in the block!
Detailed instructions are in the P4 Handbook. You can also download the Google Tag Manager recipe and import directly into your container.
(!) Important: Before applying this setup to your live website, web admins should perform due diligence and verify this setup against local legislation for cookies and privacy.
6) AdFeatures Block in Google Analytics
Since Google’s DoubleClick servers usually contain users’ information, we decided to block the data sharing in Google Analytics directly from Google Tag Manager, simply adding a new field in the Analytics tag/s called ‘allowAdFeatures’ and make the value conditioned to the user’s preferences expressed in the cookies block above.
Live in EU P4 sites and ready for you
This setup is implemented in Planet 4 European websites, the International site and P4 Handbook, and can be replicated to all other Wordpress sites (in combination with Tag Manager, of course).
Here's all the links you need:
- Template of a Greenpeace GDPR-compliant Privacy Policy
- IP Anonymization in Google Analytics
- “Cookies control” block and Tag Manager setup (incl. block AdFeatures)
And here’s a quick debug video to check if your setup is perfect.
Up next: cookies bar redesign
As mentioned, this setup may change and adapt to future P4 features, but the privacy of users and the compliance with GDPR remain our priorities.
Besides encouraging the deployment of this model across Greenpeace sites and continuously reviewing the Tag Manager setup, the (anonymous) data we are capturing is already generating some actions, starting with a cookies bar redesign (see Magali’s post on UX findings).
First, we propose a larger and more prominent bar, passing from 52px to 80px height on XL (Desktop) versions; 68px to 80px on L (Laptop/Tablet Landscape); 92px to 100px on M (Tablet Portrait).
>>>Please send us an email if you want to test this new design on your P4 site!
Secondly, we will look at the colour of the bar to make it more eye-catching. Below a range of potential colours, given the impact this has with the overall design, no colour has been decided yet, feel free to express your preferences by commenting below or via email.
¡GDPR saludos!
