Make your Gravity Form GDPR ready

A step by step tutorial on how to make your Gravity Forms GDPR Ready.

Follow the written steps below or the graphical steps on the right.

The data that is protected by the GDPRegulation is all information about an identified or identifiable person. This can be his name, address, e-mail, but also a cookie, photo or ip-address. When you can use the data to find out who the person is, it is personal data and therefor protected by the GDPR.

When you want to store this data you need to have demonstrable permission from the person to collect his data and he needs to have the ability to view his stored data, adapt, remove and transfer it. The plugin will take care of the capability to view, adapt, remove and transfer personal stored data. But you will need to make your forms compliant.

So how can you do this?

First you need to check wether you need the personal data or not. If not, simply don’t store it. This eliminates any question of GDPR compliance.

However the purpose of most forms is to collect personal data and you’re responsible for letting the user know what data will be stored, how, where and for what purpose. In order to do this you can follow these steps.

  1. First things first, you’ll need to create a privacy policy where you clearly and in a simple and easy format fully disclose your data collection and storage practices.
  2. To inform the user of the data you collect and ask for his consent you need the HTML and Single Checkbox fields.
  3. Enter informational text & link to your privacy policy in the HTML field
  4. Request consent in the Checkbox field and make it a required field
  5. Your Gravity Form is now GDPR Ready.

This setup prevents data from being submitted unless consent is explicitly granted.

DON’T FORGET TO ALWAYS ASK FOR EMAIL-ADDRESS! This is the unique identifier used by the plugin.