Have you seen our new Legal Hub? If not, have a look before reading this instruction article.
We created the legal hub to centralize our legal documents and actionable events for our users, for example, managing consent. We also started the legal hub to give you a sneak preview of what’s to come in Complianz. For now, we will explain how to implement the legal hub on your website using Complianz and other popular plugins. In the future, however, all you need is Complianz!
The below instructions are separated in a couple of sections. To skip to specific parts, please use the anchor links.
1. Legal documents, structure and region redirects
The legal hub can be created with our free plugin as well, some features will not be available during these instructions.
Let’s start with the structure: Our Legal Hub acts as the parent of all our legal documents., creating the following structure: complianz.io/legal/ (Legal Hub) & complianz/legal/cookie-policy (legal document). You can create a new page, and add this new page as a parent to all your documents under “Pages”. Example:
1.2 Legal Documents
1.3 Region redirect
To refrain from showing all regions on the legal hub you can use a region redirect parameter on the URL to use one URL, but different outcomes per user. It is important to note DNSMPI is not included in the region redirect because the guidelines stipulate the Do Not Sell My Personal Information page needs to be visible at all times.
You can add the region redirect parameter by adding?cmplz_region_redirect=true. As an example:
With this information, you should be able to style and create the top part of our legal hub, under Legal Documents. You’re free to copy any text or styling if you wish to do so. We will come back to the legal hub, but first, we will show how we added the sidebars to our legal documents with a table of contents and navigation of all available legal documents.
2. Legal documents sidebar
Our table of contents is made with Elementor Pro, which has a dedicated block for the table of contents, we have found that the table of contents is available for Divi, Gutenberg, and others as well. And if you need a plugin, you could try one of these: https://wordpress.org/plugins/search/TOC/
2.1 Table of Contents
Depending on the theme, page builder, or custom templates you’re using we recommend adding the TOC and menu in a sidebar. To correctly show the anchor titles you should use H3 & H4 to target the legal documents.
2.2. Navigating the legal documents
This works the same for any menu in WordPress. Create a new menu under Appearance > Menu and only add the Legal Documents. You can now show your new menu in the sidebar, with a widget or a page builder block if needed. If you’re using your own custom templates, you know what to do! An example of our menu:
NB. Do not add region redirects to the menu if you’re using all documents as shown on our policies.
3. Manage Consent
Under the header Manage Consent you will find the manage consent options for complianz.io, an article for users to improve their browser’s privacy for other domains and improve privacy as a whole, and a data request form. We will start with the shortcode to create either a revoke consent button or showing your banner categories on-page.
You can show the revoke consent button (or link), to immediately revoke settings and trigger the cookie banner. You can use the below shortcode ( in brackets [ ] ):
cmplz-revoke-link text='Manage Cookie Consent'
Or use the category shortcode (in brackets [ ] ):
4. Privacy in your browser article
Although optional, this article is used to show users they have control of cookie usage on your own domain, as well as on other domains, by removing cookies and edit privacy settings in their browsers.
4.1 The article
You can copy-paste our article to your own website, we don’t mind. If you like, please add a source link below the article, or use a canonical link. You can link to our article if you don’t want the content on your website.
4. Data Request Form
The form is made with Gravity Forms, but any contact form will do for this situation.
5.1 Used fields
We use the following fields:
Name: used for searching databases and lists
Email: used for correspondence and searching databases and lists
Text-field: used for additional information or questions by the user
Rights under the GDPR:
1. Right to be forgotten – Delete your data (art. 17 – GDPR)
2. Right to data portability – Request your data (art. 20 – GDPR)
3. Right to rectification – Rectify your data (art. 16 – GDPR)
4. Right of Access – Request to see if data is being processed (art. 15 – GDPR)
5. Objection to sharing data – CCPA
6. Other questions regarding privacy
5.2 Actions after a request
After a request has been made we advise you to do the following:
Take immediate action to fulfill the request. You will need to either, delete the data related to their name/email, rectify the data as they requested, or specify per service which data you’re using. In our case, we will try to do all.
Someone exercises: 1. Right to be forgotten – Delete your data (art. 17 – GDPR).
- We will create an inventory of all services and used data for this person. This might look like:
Mailchimp: Email / Full Name / IP Address for Opt-in / Analytics
WordPress: Email / Username / Analytics
Correspondence via Email (Support): Email / Name / Login Credentials
- We will remove all data, and will do so immediately. Correspondence for support will be archived, but not deleted as support by email does not require consent. We will remove login credentials by default, but please delete sensitive data from any users if it’s not relevant anymore.
- We will reply to the user with
- The data we collected per service
- The actions we took per service
- The notice we need to keep the request as proof under the GDPR.