GDPR part 3 – Oops!

Previously on the CogitActive Saga:
Putting together a ‘privacy policy’ is a daunting task. Thankfully, the new tool provided by WordPress will generate a pre-made privacy policy template and site footers will display a link to the site’s privacy policy when one has been selected.

I knew I would not managed to write a Privacy Policy before May 25, 2018; yet, I remained relatively composed. Few days earlier, WordPress had released a new version of its software with GDPR-related tools (see GDPR part 2 – WordPress privacy release). The one allowing generating a Privacy Policy in one-click was of particular interest for the task at hand. Of course, this feature could not provide all the information required for a Privacy Policy of a complex website; yet, I was confident that the pre-filled template would be a good starting point. Besides, my sites were still under construction and the Search Engine Visibility restriction in Settings > Reading was checked for both of them.

Once again, an oversight would prove troublesome.

Privacy Settings

As described in this WordPress Privacy article, the aforementioned tool makes it easier to select and build a Privacy Policy page by providing prompts and headers to kickstart the process. Skillfully, the Editing Helper feature of the tool indeed pulls together a collected set of default texts which detail a site’s data collection and sharing. Apparently, it draws the information from WordPress core, but also from the theme and participating plugins.

Every website is different. No two privacy notices will be alike, just as no two site administrators will have identical compliance journeys . . . These tools can help you with parts of that process, but they are not a compliance process in and of itself.WordPress

Anyway, I navigated to Settings > Privacy and clicked on Create New Page. That simple!

Nota bene: I did this for the main site of my network and should do the same for my blog as well. Indeed, at the time of this writing, it is still not possible to set a single Privacy Policy page for the entire network. The possibility to have a network-wide policy would be welcome, if only to benefit from the Editing Helper feature.

Twenty Seventeen

The automatically generated page was far from complete. Of course, no matter how neat the tool may be, as acknowledged in the aforementioned article, the default template may not completely describe how your site might collect data about its user. Nonetheless, I published it as-is; I was eager to see how Twenty Seventeen will display the link to the site’s Privacy Policy.

Currently supported bundled themes . . . have been updated to support these changes. Site footers will display a link to the site’s privacy policy when one has been selected.WordPress

I checked everywhere, every corner; I could not see any link. Nothing! Did I forget something? As underlined in Updates & Upgrade Network, the Auto-Update tool of SiteGround doesn’t handle themes updates; yet, immediately after the automatic update of WordPress (by the SiteGround tool), I took care of updating Twenty Seventeen as well – via the WordPress One-click update feature. However, the Privacy Policy link was nowhere to be found.


I should have known better; still, it took me a while to figure this out. Now, if you follow the CogitActive Saga, you already know what the culprit is. Few clues were indeed leaked out in the last post before this mini-series on GDPR. Here is another hint:

Child themes built on top of bundled themes should be checked to see if any adjustments are necessary for the privacy policy link in the footer.WordPress

Sure enough, I have a child theme and, few days before the WordPress privacy release, I used it to replace the “Proudly powered by WordPress” link (in the footer of my theme) with a copyright notice. Indeed, the best way to modify a template file (of the parent theme) – other than using hooks as exemplified in Customizing the WordPress comment form – is to create a copy of that file, add it to the child theme folder, and make the modifications to that copy. The exact procedure I did follow with the site-info.php file.

A good practice – that I learned the hard way – is to go through the List of Files Revised1 every time there is a WordPress update and to double check if there are any templates (from your parent theme) that have been modified. Needless to say, this applies only if you are using one of the default WordPress theme as your parent theme. Of course, that is my case (see How did I choose my theme?). With WordPress 4.9.6, only four Twenty Seventeen files were changed:

  • wp-content/themes/twentyseventeen/template-parts/footer/site-info.php
  • wp-content/themes/twentyseventeen/README.txt
  • wp-content/themes/twentyseventeen/rtl.css
  • wp-content/themes/twentyseventeen/style.css

If you compare the code of the site-info.php files before and after the update (i.e. Twenty Seventeen version 1.5 vs. 1.6), you will notice these extra lines of code:

if ( function_exists( 'the_privacy_policy_link' ) ) {
	the_privacy_policy_link( '', '<span role="separator" aria-hidden="true"></span>' );

No need to be a coder to understand that this has to do with the privacy policy link! The fix was simple then: either add this extra code to the site-info.php file of my child theme or redo the aforementioned steps (to replace the “Proudly powered by WordPress” link in the footer of my theme with a copyright notice) using this updated version of the site-info.php file. Once done, I could finally appreciate this feature!

Privacy Policy / CogitActive | Copyright © 2017-2020 Alexandre Seillier

While this gives you a start to build on, your privacy policy is not constrained by this starter text. It is your responsibility to write a comprehensive privacy policy, to ensure that it reflects all national and international legal requirements on privacy, and to keep your policy current and accurate.WordPress

To be continued…

1 With every WordPress update (at least the major ones), there is a blog post showcasing the latest enhancements and a changelog covering more technical aspects. You can find this list in the latter (at the end). Conveniently, the WordPress Versions page lists the links to these two resources for all the versions since 0.70. Good to know! ^
2 In fact, commenting your code is an important part of staying organized. In PHP, you need to add /* before and */ after your comment; doing so, it will not be executed as part of the code. If you only have a single-line comment, you can also start it with either // or #. ^

What do you think?
  • Like 
  • Agree 
  • Disagree 
  • Thank you