Since the 25th of May, our (online) lives have been blessed with a new and improved GDPR. You might’ve noticed my shiny new Cookie Notice! For novice users it raised a lot of questions. Because as a law-abiding citizen, what the hell do I have to do to keep a good, law-abiding website? If you’re a Google Analytics user, look no further. Today I’m going to show you how you can use CAOS (and all of its locally hosted analytics.js goodness!) to make your WordPress-blog GDPR-proof.
First off, I have some good news. I know it’s been a while (!) but I recently released CAOS v. 1.50 to celebrate the coming of GDPR. Err, no. Not exactly. Let’s say I updated CAOS to allow you to keep using it in a GDPR complaint way.
So, before you continue. Make sure you’re using CAOS v. 1.50 or higher. Besides that, we’re going to call in the help of another nifty, little plugin called GDPR Cookie Consent to generate the Cookie Notice for you.
This is how it works: Basically, the plugin renders a Cookie Notice to any new visitors of your website. When a user clicks the ‘Approve’-button, a cookie is created. In turn, CAOS checks whether this cookie is present and renders its locally hosted Analytics-tracking script.
How to Configure CAOS to be GDPR Compliant
After following the steps below, your WordPress-blog will abide to the new laws enforced by the GDPR. Your Google Analytics-tracking scripts will still be locally hosted so you can have the best of both worlds. Follow the rules, and maintain your high score on Pingdom and Google Pagespeed. Let’s get started!
Enabling the Cookie Notice
The Cookie Notice will be provided by an external plugin, because I thought it was beyond the scope of my CAOS-plugin to build a Cookie Notice into it. I recommend using ‘GDPR Cookie Consent‘ by Webtoffee. It’s light-weight, easily configurable and fully tested and compatible with CAOS.
- Open the ‘Plugins‘ menu and click ‘Add new‘.
- In the next screen that opens, search for ‘GDPR Cookie Consent‘.
- The plugin will show at the top of the search results. Click ‘install now‘.
- After it’s finished downloading, click ‘activate‘.
A new menu-item will be added to your Administrator-menu, called ‘Cookie Law Info‘. Right underneath your ‘Comments‘-manager. Open it and you’ll see four options. ‘Cookie List‘, ‘Add new‘ and ‘Non-necessary Cookie‘ are beyond the scope of this post. So click on ‘Cookie Law Settings‘ to configure the cookie notice’s visuals and functioning.
Configuring CAOS and Google Analytics for GDPR Compliance
So now you’ll probably have a shiny new Cookie Notice on your WordPress-blog… Like mine! (We could be Cookie buddies! :D) Now all you need to is tell CAOS to check for the cookie created by Webtoffee’s plugin. Don’t worry, it’s as easy as cake… or Cookies!
- Open the ‘Settings‘-menu and click on ‘Optimize Analytics‘ to open CAOS’ configuration screen.
- Select the value ‘When cookie has a value‘ in the ‘Allow tracking…‘-section.
- In the field named ‘Cookie name‘ enter ‘viewed_cookie_policy‘. This is the name of the cookie generated by GDPR Cookie Consent once a user clicked the ‘Approve‘-button.
- In the field named ‘Cookie value‘ enter ‘yes‘. This is the value that is set to the cookie once the user clicks ‘Approve‘ in the Cookie Notice.
- Enter a value in the ‘Cookie expiry period‘-field. I use ‘30‘, since I don’t think I can keep following you around for more than a month. I get tired, you know…
- Press ‘Save Changes‘ and if you use any caching-plugins, make sure you flush your cache.
That’s it! You’re done. You’ve now configured CAOS and Google Analytics with a cookie notice to be fully compliant with GDPR. Enjoy!