On May 25, 2018, the European Union's General Data Protection Regulation (GDPR) went into effect.
If you’re a marketer, you probably already know what this means. But for those unfamiliar, I’ll catch you up: GDPR is a new set of guidelines for internet privacy and personal data protection. It mandates that all organizations that handle personal data must inform users of their acquiring this data, and store the data securely and accurately.
Personal data includes name, location, payment information, phone number, physical and email address, online identifier (like IP address), or any data that identifies a “physical, physiological, genetic, mental, commercial, cultural or social identity” of an individual.
Though GDPR is European legislation, it applies to any organization that uses personal data from EU citizens, which probably includes you. For example, GDPR is why websites that use tracking cookies now display popups requiring users to consent before continuing.
Even if you don’t knowingly collect personal data on your WordPress site, GDPR still applies if you use tracking cookies, a tracking plugin, or embed third-party content. Often, third-party services like Twitter, YouTube, and Google use embedded content on pages outside their domains to users to acquire information about users. This falls under personal data collection, and any website embedding such content must follow GDPR rules.
Ensuring GDPR compliance for your WordPress site is a necessary process that requires you to audit every part of your website, including your WordPress theme. Since your theme creates the interface that visitors use to interact with your site, you need the proper elements available to let users consent to third-party cookies.
That’s why, in this post, we’ve compiled 10 theme options to help you meet GDPR compliance.
Best GDPR-Compliant Themes
Avada is our top pick for WordPress themes designed with GDPR compliance in mind. One of the most downloaded WordPress themes of all time, the Avada website builder comes with its own set of GDPR compliance tools to keep you privacy-conscious.
Included in this toolkit is a privacy banner to let visitors consent to cookies and third party services, a consent checkbox for contact forms, and an option for visitors to consent to third-party embeds that might capture data without their knowledge. Avada goes the extra mile to ensure your WordPress site is safe, which is why it takes the number one spot on our list.
Besides its compliance tools, Avada offers dozens of pre-built mobile-friendly website demos for specific niches, making it easy for any business to launch a website quickly. After installing one, you can fine-tune your pages with its intuitive drag-and-drop builder. See what’s possible in our in-depth Avada post.
True to its name, Uncode takes the coding out of the website building process. This multipurpose WordPress theme comes with over 70 importable demo sites for a variety of businesses, stores, and freelance creatives. It’s also compatible with the WooCommerce plugin, the Slider Revolution plugin, and popular WordPress page builder plugins.
To help your site meet GDPR guidelines, your purchase of the Uncode theme comes with its proprietary Privacy Plugin. This plugin can display or hide certain content regions conditionally, based on whether visitors consent to cookies and third party services. It will also hide embedded content for the same reasons.
For example, if a visitor does not consent to third party data sharing, Uncode can block embedded content from a site like YouTube. This way, YouTube does not take personal information from the user (like IP address) without permission.
Newspaper is a theme for news websites, bloggers, writers, and magazine publishers. It’s an excellent option for publishers who want control over their site’s visual details while staying GDPR-compliant.
On top of its several layout options for showcasing content, the Newspaper theme supports YouTube videos and works with Instagram, bbPress Forum, BuddyPress, and WooCommerce.
Newspaper also integrates with Google Ads and AdSense, so you can easily monetize your content. Newspaper’s code is clean and optimized for search engines, and the theme is fast, mobile-friendly, and highly customizable.
At over 50,000 downloads to date, Porto is another acclaimed GDPR-compliant WordPress theme. Porto is a great fit for ecommerce websites in particular, as it’s built to integrate seamlessly with WooCommerce and associated WooCommerce plugins. There are over 90 pre-built websites and numerous WooCommerce-specific layouts where you can start placing products immediately after installing.
Alongside data protection, speed and SEO should be top priorities for anyone running an online store. That’s why Porto is built to be lightweight and mobile-responsive. It also comes with a built-in speed optimization tool to test performance whenever you make a substantial change.
One easy way to stay GDPR-compliant? Keep it simple: Reduce or eliminate the amount of visitor data you collect, cookies you place, and third-party services you integrate. The Typology theme from WordPress developer Meks can help you do just that — this minimalist blog theme places your text content above all else.
Typology supports your written content with basic but modern layouts. Pick from several blog post layouts, and control the appearance of your text with the theme’s built-in typography panel to ensure consistency across your site.
And, because Typology is so bare-bones, it helps your GDPR compliance (less info to worry about), page load times (less content to load), mobile-friendliness (less rearranging for smaller screens), and sanity (self-explanatory).
Kalium is a popular, GDPR-ready, multipurpose WordPress theme for online businesses and freelancers looking to build portfolios. Like other multipurpose themes we’ve covered so far, Kalium offers one-click installation for all of its demos and works with leading page builders to help you craft your layouts.
However, Kalium seeks a more minimalist approach with its layouts. It emphasizes white space, clean lines, and basic color palettes over visual clutter. Simplifying the site-building process allows you to focus on more important aspects of your website, like content and navigation.
Total combines intuitive customization with flexibility to produce an effective multipurpose WordPress theme for almost any website niche. Frequently updated, packed with content modules, and plugin-friendly, Total is another solid pick for beginner and experienced WordPress users alike.
As the top-selling theme from developer WP Explorer, Total has taken steps to help your site reach GDPR compliance, including notification pop-ups for third-party services and cookies and support for contact form plugins. Its layouts are also fully responsive and lightweight to aid performance.
While multipurpose themes are flexible enough to suit a variety of business niches, you might prefer a GDPR-compliant theme for a more specific use. If you run a nonprofit or charity, consider the Hope theme from ThemeREX.
Hope comes bundled with the GDPR Framework WP plugin to ensure you comply with regulations in the cases of collecting user information and payments. The theme’s form module also includes checkboxes for GDPR compliance as well.
This theme also integrates with plugins for scheduling events, collecting donations, and setting up an online store. Its WPBakery integration allows for fast and intuitive page building.
Need a theme with a solid built-in grid system? Look no further than Gridlove, a theme for content publishers who want to showcase their newest work in this popular format.
Even within the confines of a grid system, Gridlove features an impressive level of flexibility in its homepage customization — there are multiple ways to showcase your articles in cards, and to format your header and footers too.
Gridlove is built to be lightweight for performance, responsive for mobile user experience, and has recently added a cookie a consent checkbox module so visitors are fully informed while browsing.
Our final theme is a multipurpose option for businesses looking for a modern, clean interface. Webify’s minimalist demos, extensive library of page elements, and gallery layouts enable any business to make the most of their online presence. Plus, Webify’s customizer allows for real-time previews of all changes to appearance.
Additionally, Webify works on mobile devices, allows for WooCommerce integration, and, of course, meets GDPR standards.
WordPress Themes to Help Keep Data Secure
A sleek website is nice, a secure site is essential. Though your WordPress theme isn’t collecting and storing user data, it still provides the frontend for forms and third-party embeds that collect such information, and therefore should be considered in your GDPR preparation.
Of course, there’s a lot more to consider in the context of GDPR compliance beyond your WordPress theme. When forming your data protection plan, use our GDPR checklist to assess your current data collection and storage practices, then implement the appropriate changes.
Originally published Nov 13, 2020 7:00:00 AM, updated March 17 2021