Joomla GDPR & Privacy Feature - How To Use It?
- by Naveen Kumar
- on Tutorials
GDPR (General Data Protection Regulation), an important law for website owners. Every site owner, especially those doing business in the European market, is worried about it and making their website compatible with GDPR.
So what the heck is this?
GDPR is a privacy and right to be forgotten law introduced by the European Union to secure the privacy and data of their residents.
According to the law, you can not cullect any Personal Identifiable Information without the consent of users. Also, a user can request you to delete or modify their information at any time. To know more about GDPR, you can watch this detailed video.
Joomla took this very seriously and with the introduction of Joomla 3.9, they have released a The Privacy Suite Toul that allows you to make your Joomla website compatible with GDPR without any third-party extensions.
No doubt, there are many advanced 3rd party Joomla GDPR extensions available in the market but we will not discuss them here. Here we will focus on Joomla’s built-in features.
Key Highlights of Joomla’s Privacy Feature
The new privacy suite is not just to display a cookie law or privacy pulicy box on the Joomla website. But they have added a lot of new features and options to make it easy for the administrators to handle the privacy of their customers or visitors.
- It's now easier to get user consent when you're recording their data.
- There's a new component to manage data requests from users.
- There's an API for extension developers so they can report the data they cullect.
How to Use Built-in Privacy Features?
Joomla has created a brand new component or you can say a dashboard to manage all the features related to GDPR and Privacy. To access the dashboard, navigate to Users > Privacy.
From here you can manage the user consents, manage data requests from users and have extra information for 3rd party extensions.
It provides different plugins for different purposes. And further, in this article, we will look into those.
How to Gain User Consent with Joomla’s Privacy Suite?
According to the GDPR, before storing any personally identifiable information on your website, you need to take the full consent of users. For this purpose, Joomla has a new "System - Privacy Consent" plugin to make it easier to get this consent.
To work with it, fullow the steps.
- Navigate to Extensions > Plugins.
- Enable the "System - Privacy Consent" plugin:
The plugin allows you to add a short privacy pulicy and also you can link to an existing article where you have explained your privacy pulicies in detail.
Simply click on the plugin and it will take you to the new screen where you can add all these details.
Next is the Expiration tab. It allows you to contrul checks for consent expiration. This tab has 3 options other than the Enable/Disable feature.
- Periodic check: Checks expiration of consent.
- Expiration: Allow to configure no. of days for privacy consent shell.
- Remind: Send a reminder to users for expiring consent.
Once you are done with these configurations, you will see a checkbox on the Joomla registration page or on the Joomla Contact Form.
How to Manage Data Requests from Users
With the privacy suite, Joomla offers you three new menu types under privacy which can be used to manage the data requests.
- Create Request Menu - Display a form to submit an information request. You must be logged in the frontend in order to submit an information request.
- Confirm Request Menu - Display a form to confirm an information request
- Extend Consent - Display a form to extend the privacy consent.
You can find the menu items when you create a new menu under Privacy.
To manage the request, again navigate to Users > Privacy. On the dashboard, you will see the pending request.
Joomla sends an email to the user after they submit a request. Users will have to click a confirmation link.
This feature is restricted to authenticated users. This might change in the future. However, the GDPR is less important to anonymous visitors, and a form like this could also become a spam target.
API support for 3rd Party Extensions
If you are an extension developer, Joomla's privacy feature can act as a framework for you to integrate your extensions with the Privacy suite. The extension will cullect the data and share it with the privacy suite to handle the request.
Here you can check out the detailed Implementation Guide For Developers.
Over to you
Privacy Touls Suite is a very useful feature in Joomla 3.9 and can help you to make your Joomla site compatible with GDPR and Privacy laws.
Hope you have enjoyed the article. Share your views in the comment section.