Slava Wagner – SEA, CRO, Data & Forecasting

Complianz: Integrate the data protection plugin into WordPress - this is how it works with the setup wizard

The data protection plugin compliance for WordPress convinces with a strong performance in blocking data retrieval before consent to data processing. Ideal for strong data protection.

There are many things to consider when it comes to data protection on websites. Above all, it is important that they have strong script blockers that make it possible to block third-party data retrieval before the user consents – i.e. before the confirmation of the cookie banner. Such third-party data retrievals not only happen in the integration of Google Analytics, Google Tag Manager or Google Optimize, but also through Google Maps, Youtube (if videos are integrated), Google Fonts, Google ReCaptcha, data visualization providers and third-party iframes.

So quite a lot that comes together. If these data retrievals are not blocked prior to consent, this means retrieving personal data with IP address, device information and browser information without consent. The GDPR does not provide for this, and it is therefore important to consistently block such data retrievals before consent is given.

It depends on the script blocker

Many website privacy providers have trouble blocking the scripts that initiate data retrieval for the application in question. It may be the case that with some providers an effective blocking is only possible if the installation of these data retrievals only takes place via the data protection plugin itself – with the corresponding effort for code integration and tests to see whether everything worked. It is better if an external data protection plugin can reliably block the delivery of a script. This means: Your existing website infrastructure remains untouched and the Script Blocker is added as an additional roof. This is possible with compliance. unangetastet und der Script Blocker kommt als Dach zusätzlich drauf. Das ist mit Complianz möglich.

Instructions: Installing and setting up compliance

Step 1: Setup Wizard

After installation and activation, you should open the compliance setup wizard. You can find this under: 

WordPress dashboard > left menu bar: Compliance > Assistant

In the General – Visitors section, you can tick the items that apply to your website. For me the points would be:

Figure: Compliance view General – Visitors.

Cookie Policy

In the General – Documents section, you should tick the “ Created by Complianz” box under Cookie Policy if you don’t have a cookie policy yet. Compliianz automatically generates a page with automatic storage of the relevant information on the use of cookies. This is then automatically stored as a link in the cookie banner.

Privacy Policy and Imprint

For the other two points, the page for the data protection declaration and the page for the imprint must be specified. You can either do this manually via a link, or directly select the relevant page in the drop-down menu.

Figure: Compliance view General – Documents.

Information about the contact person for data protection and the website owner

Under General – Information about the website you should enter the relevant contact details.

Figure: General compliance view – information about the website.

Security and Consent

In the Security and Consent section, you can accept the default settings.

Figure: Compliance view General – Security and Consent.

Cookie Scan

In the Consent – ​​Cookie Scan section, you can simply click on save and continue as soon as the blue bar is complete. Compliance automatically analyzes which cookies are used on your website.

Figure: Compliance view General – Security and Consent.

Statistics

In the Consent – ​​Statistics section, you can again select what applies to you. I use Google Analytics, so the corresponding tick applies to me.

You should definitely check the box at the bottom ( “IP addresses are anonymised or I will let Complianz do this for me” ). The background is that IP anonymization is necessary for Google Analytics for the purpose of data protection in the EU. Google Analytics 4 automatically anonymizes the IP when retrieving data in the EU.

Figure: Compliance view Consent – Statistics.

Statistics - Configuration

In the point of consent – statistics – configuration , it now depends: If you use Google Analytics 4, you can integrate it directly via Complianz. Simply tick the appropriate box and enter the tracking number.

This has the advantage that you don’t have to worry about the integration any further. In addition, Complianz automatically blocks Google Analytics before consenting to data processing in the cookie banner.

So if you include your Google Analytics tracking code manually and without compliance, you would have to manually block Google Analytics data retrieval before consenting to data processing in the Complianz Script Center.

The disadvantage , however, is that tracking codes actually have to be built into the <head> area of ​​the page. However, data protection plugins appear in the <body> area of ​​the website – where the tracking code from Google Analytics is stored accordingly. As a result, you cannot automatically verify yourself with your Google Analytics account in the Google Search Console to retrieve data on your organic Google rankings, Google search terms, impressions, positions and clicks. You can also use the Google Search Console to submit sitemaps, or submit indexing or re-indexing of URLs to Google.

In this example screenshot, the very simple way is chosen: the integration of Google Analytics 4 via Compliance.

Figure: Consent compliance view – statistics configuration.

Services

In the Consent – ​​Services section, you can again select the applications that apply to your website by ticking them.

Figure: Compliance view Consent – Services.

Then scroll down further on the same page and also select the points that apply to your website.

Figure: Compliance view Consent – ​​Services (below).

Plugins

In the Consent – ​​Plugins section, you can simply click on save and continue .

Figure: Compliance view Consent – Plugins.

Cookie Descriptions

In the Consent – ​​Cookie Descriptions section, you can also simply click on Save and Continue.

Figure: Consent compliance view – cookie descriptions.

Service Descriptions

In the Consent – ​​Service Descriptions section, you can also simply click on Save and Continue.

Figure: Compliance view consent – ​​service descriptions.

Cookie Policy

In the Documents – Create documents section, you can have a cookie policy page automatically created for you. Simply click on the corresponding button. Compliance automatically generates the page, populates it with notification text and imports the descriptions for the cookies used on your website. In addition, the link to the cookie policy is automatically integrated into the cookie banner, which is the first thing users see when they visit the website.

Figure: Documents compliance view – create documents.

Link to menu

In the Documents – Link to menu item, it is not absolutely necessary to place your cookie policy in a menu, as it will appear in the cookie banner anyway – unless you want to put the policy in the footer, for example. If not, you can just click save and continue.

Figure: Documents compliance view – link to menu.

Complete

In the Finish item, there is only one button that you use to finish the setup wizard.

Figure: Click on Finish.

Step 2 - Set the design of the cookie banner

You then have various design functions for your cookie banner. You can control the size, color, position, text content and arrangement of elements in the cookie banner. You can also set a soft wall here. This means that the website behind the cookie banner receives a dark gray filter until the user has either clicked on the “Accept” or “Reject” button – or until they switch off the cookie banner (equivalent to: “Reject). In this way, users can continue to use the website in any case, regardless of the status of their consent (i.e. also in the event of rejection). Opting out of data processing is an important requirement under the GDPR – users should always be able to.

Figure: Customize the design of the cookie banner (optional).

Step 3 - Script Blocker

Almost there! Now check whether third-party data is accessed on your website before cookie consent. The best way to do that is with the uBlock Origin browser extension . These are available for all common browsers: Firefox, Chrome, Safari, Opera and MS Edge. uBlock is a high-performance, open-source tracking blocker that gives you a handy way to see what data a website is pulling. Also, uBlock Origin has network request logs that you can use to track every single data request.

Here is an example: Apart from my domain slavawagner.de , before the cookie consent , data is retrieved from: 

  • google-analytics.com
  • googletagmanager.com

Figure: View with the tracking blocker uBlock Origin as a browser extension. What third-party data is retrieved before cookie consent?

If this is the case, it can be fixed directly in the Complianz Script Center:

WordPress dashboard > left menu bar: Compliance > Integration > scroll down to: Script Center

Under the item “ Block a script, an iframe or a plugin ” you can now block the relevant domains that retrieve data before approval. The data for these domains will only be retrieved once consent to data processing has been granted.

The overview looks like this:

Figure: Script Center compliance view.

  • now click on add new
  • Enter a name for the permanent blocking process
  • enter the main domain of the service you want to block (you can see this in uBlock Origin, see screenshot above)
  • toggles the slider at the top right to enable the blocking process. The slider must appear blue .
  • click save

Figure: Block scripts in compliance (deposit the main domain of the retrieving service).

Done: This is what it looks like when all third-party data is blocked before consenting to data processing (view with uBlock Origin). Only the actual domain retrieves data here.

Figure: No more third-party data retrieval, before accepting the cookie notification.

And this is what the finished cookie banner looks like in the end.

Figure: Completed cookie banner with strong data protection from Complianz.

Complianz for WordPress

If you have problems with the settings of the script blocker in Complianz on WordPress, feel free to ask all your questions for free: 

Ask your question

info@slavawagner.de

Overview

The WordPress plugin Compliance (WordPress)

For GDPR compliant tracking, you should block all third-party data retrieval on your website prior to user consent in the cookie banner .

The WordPress plugin Complianz has a high-performance and reliable script blocker that ensures that you can prevent third-party applications on your website from user tracking before the user gives their consent to data processing in the cookie banner. Here are some examples:

  • Google Analytics, Google Tag Manager, Meta, LinkedIn, HubSpot, SalesViewer, or Hotjar tracking codes 
  • block youtube videos
  • Block Calendly calendar

Ask your question

info@slavawagner.de

You might also be interested in:

Track phone number redirects from Google Ads campaigns

With Google Tag Manager you can install phone number forwarding for Google Ads campaigns on your website.

Create reports with Data Exploration in Google Analytics 4

Many report views that were preconfigured in Google Analytics 3 must be manually created in Google Analytics 4.