01271 595100

eBook: WordPress and the Data Protection & Privacy Legislation

Including Direct Marketing

For many people starting their business, the data protection & privacy legislation was never at the forefront of their minds. For example: financial institutions never asked about the compliance with the legislation as part of any due diligence regime; business support services, (often sponsored by government initiatives), also paid little if any attention to it and so often organisations only found out about it when something went wrong.

Whether you are hosting your own website, hosting a website for another organisation or are a hosting re-seller or just contemplating developing a website using WordPress as part of your business then this 100+ page guide should hopefully help you to understand the legal requirements to operate the site(s) within the data protection & privacy legislation.

The methodology of the guide references the WordPress content management system (CMS), but the legislation applies to any business activities, whether operating a website, or otherwise ‘processing personal data’.




The legislation is important, because the supervisory authority has specific legal powers to bear when things go wrong. Also when things do go wrong, you or your organisation will almost certainly attract the attention of the media and news outlets potentially losing customers,  damage to your reputation and ultimately this could close down your business.

The legislation is there to protect individuals and their rights and is an historical change in the way many businesses have previously viewed their use of personal data.

You’ll benefit by finding out the pitfalls and learn how to avoid them and gain insight into securing and maintaining your website; which in turn could help you avoid unwanted enforcement or other actions from the supervisory authorities and possible monetary penalties (fines).



We’ll be looking at the following legislation:

  • General Data Protection Regulation (EU) 2016/679 (GDPR)
  • Data Protection Act 2018 (DPA2018)
  • “Applied GDPR”
  • The Data Protection (Charges and Information) Regulations 2018
  • The Privacy and Electronic Communications (EC Directive) Regulations 2003 (PECR)


Get Everything You Need With Just One eBook

The guide includes a “Let’s Get Started” section; which is an imaginary scenario for owners of new sites to use their imagination and apply the methodologies in the guide to their site.

The scenario and guide includes:

  • security;
  • back-ups;
  • e-commerce;
  • newsletter(s);
  • privacy policy legal requirements
  • cookie policy and what needs to be included

It should also enable existing WordPress website owners to re-evaluate their compliance with the legislation and take corrective/retrospective action as required.


Legislation in detail

The guide includes sections about:

  • General Data Protection Regulation (EU) 2016/679 (GDPR)
    • Definitions
    • Principles
    • Lawful bases of processing general personal data
    • Conditions of Consent
      • Conditions of Consent for a Child
    • Lawful bases of processing special category personal data
    • Individuals Rights
    • Data Subject Access Requests
    • Data Protection Impact Assessments
    • and so much more
  • Data Protection Act 2018 (DPA2018)
    • Criminal Offences
  • The Data Protection (Charges and Information) Regulations 2018
    • Paying for processing personal data
      • Exemptions
  • Privacy and Electronic Communications Regulations (PECR)


WordPress in detail

  • Hosting
  • Transfers of Data
  • Installing WordPress
    • WordPress.com vs WordPress.org
  • Default settings
  • Backing up a clean installation
  • Security
  • Themes
  • Plugins
    • Newsletter
    • Contact Forms
    • e-Commerce
  • Privacy policy
  • Cookie policy
  • Terms and Conditions
  • Documentation
    • Data Processing Agreements
    • Data Impact Assessments
  • Data Subject Access Requests
  • Day to day management of WordPress

"I've been developing websites for years and didn't realise that there were legal requirements to it!, I've learned so much with this guide"

WordPress developer

"Thank you, is all I can say. This guide has enabled me to ensure all my clients provide a data processing agreement for hosting their website"

WordPress Agency

"I just thought GDPR was about the fines of up to €20 million or 4% of global turnover. Never knew about the rest, until now"

Business owner with WordPress website


"Really well written, informative and interesting"


WordPress and the Data Protection & Privacy legislation (including Direct Marketing)