The European Union’s GDPR law requires explicit consent before storing user data, and your WordPress comment section is no exception.
Many WordPress users have been asking about making their comment section GDPR-compliant. Thankfully, we’ve implemented GDPR-compliant comment systems on numerous WordPress sites, and we’ll show you exactly how to do it.
In this article, we will show you how to add a GDPR comment privacy opt-in checkbox to your WordPress website.
The General Data Protection Regulation (GDPR) aims to give EU citizens more control over their personal data.
When this law was introduced, it changed how many organizations approached data privacy. For more on this topic, please see our ultimate guide to WordPress and GDPR compliance.
If you don’t comply with GDPR, then you could be fined or even get jail time. That’s why it’s important to make your website GDPR-compliant, including your comment form.
A comment form collects personal information from visitors, including their names, email addresses, and optionally website URLs. WordPress also stores this information in a browser cookie, so it can automatically fill in the comment author’s information in the future.
By default, the WordPress comment form shows a comment privacy opt-in checkbox.
However, if you do not see this checkbox on your website, then it may be disabled by your WordPress theme.
Related Post: How to Create GDPR Compliant Contact Forms in WordPress
Before creating your own comment privacy box, it’s a good idea to check if your theme already has this feature built-in.
First, let’s check that both your theme and WordPress core are up to date by going to Dashboard » Updates.
If any updates are available, then go ahead and install them. If you need help, then please see our guide on how to safely update WordPress.
After that, go to Settings » Discussion and scroll to ‘Other comment settings.’ Here, check the box next to ‘Show comments cookies opt-in checkbox….’
With that done, simply click on ‘Save Changes’ to store your settings.
Now, you can visit your WordPress website to see if these changes have added the missing cookie consent checkbox.
If you are fully up to date and still can’t see the comment privacy checkbox, then this means your theme is overriding the default WordPress comment form.
With that in mind, we recommend asking the theme’s developer to fix this issue by opening a support ticket. For advice, please see our guide on how to properly ask for WordPress support.
Another option is to add the comment privacy checkbox to your WordPress theme yourself. There are a few different ways to do this, so use the quick links below to jump straight to the method you want to use:
The easiest way to add a comment privacy checkbox is to replace your current comment form with the one by Thrive Comments.
Thrive Comments is a WordPress comment plugin that comes with all sorts of features to boost your comment engagement. Besides a customizable comment form, the plugin also comes with features to:
The reason why this method is the easiest is that you don’t need to tinker with the code in your theme files to add the checkbox. All you need to do is install the plugin, enable the GDPR feature, and that’s it.
That said, there is no free version of the plugin, so it can feel like an investment. You can learn more about Thrive Comments in our Thrive Themes review.
The first step is to install Thrive Comments. To do this, you can go to the Thrive Themes website and get a paid plan.
Next, simply log in to go to the account dashboard.
On this page, click ‘Download and install the Thrive Product Manager plugin.’
Now, just install the Thrive Product Manager plugin on your WordPress site. For more details, check out our guide on how to install a WordPress plugin.
Up next, simply go to the Product Manager page from your WordPress admin area and click ‘Log into my account.’
You are now in the Thrive Product Manager dashboard.
At this stage, go ahead and select Thrive Comments. Then, click the ‘Install selected products’ button.
When the installation is done, you will see a message that says ‘Ready to use.’
Simply click the ‘Go to the Thrive Themes Dashboard’ button at the bottom.
You will now see all your installed plugins in the suite.
Go ahead and click the ‘Thrive Comments’ button to start using the plugin.
On the next page, open the ‘General Settings’ menu.
Then, activate the Thrive Comments section for your entire website and check off the box that says ‘Enable GDPR Consent.’
With that done, you can preview your comment section.
As you can see, the default comment form has been replaced and there is now a consent checkbox that says, ‘By using this form you agree with the storage and handling of your data by this website.’
That’s it. Also, feel free to play around with other Thrive Comments settings to enhance your comment section further.
For example, you can allow users to subscribe to WordPress comments and notify them of replies to their comments.
Now, we get it if you feel like using a paid comment plugin just to add this one checkbox seems like an overkill.
In that case, we recommend trying the next two methods. Both involve some custom coding, but we’ll walk you through the process so that you can successfully add the privacy checkbox even if you have no coding experience.
Note: Before following the tutorials below, we strongly recommend backing up your website just in case of unexpected errors. You can use a backup plugin like Duplicator.
This method should work for most WordPress themes. It will also keep your theme’s form style and layout intact.
First, you need to connect to your WordPress site using an FTP client such as FileZilla, or you can use the file manager of your WordPress hosting cPanel. If you are a SiteGround customer, then you can use the file manager in the Site Tools dashboard.
If this is your first time using FTP, then you can see our complete guide on how to connect to your site using FTP.
Once you are connected, you need to go to /wp-content/themes/ and open the folder for your current WordPress theme.
You will need to find the code that’s overriding the default WordPress comment form. Normally, you will find this in the comments.php or functions.php file in your theme folder.
After opening one of these files, look for any code that has the comment_form_default_fields filter. Themes use this filter to override the default WordPress comment form.
It will have lines for all your comment form fields. Every theme is different, but here’s an example of the code you are looking for:
$comments_args = array(
// change the title of send button
‘label_submit’=> esc_html(__(‘Post Comments’,’themename’)),
// change the title of the reply section
‘title_reply’=> esc_html(__(‘Leave a Comment’,’themename’)),
// redefine your own textarea (the comment body)
‘comment_field’ => ‘
‘,
‘fields’ => apply_filters( ‘comment_form_default_fields’, array(
‘author’ =>” .
” .
”,
’email’ =>” .
” .
”,
‘url’ =>” .
”.
”,
)
),
);
comment_form($comments_args); ?>
In this code, you will notice that the comment_form_default_fields filter is used to modify the author, email, and URL fields.
It displays each field using the following format:
‘fieldname’ => ‘HTML code to display the field’,
‘anotherfield’ => ‘HTML code to display the field’,
Now, we will add the comment privacy opt-in checkbox field toward the end of the code block before the comment_form($comments_args); ?> line.
This is what the code should look like now, but you can just copy and paste the code from the // Now we will add our new privacy checkbox opt-in comment:
$comments_args = array(
// change the title of send button
‘label_submit’=> esc_html(__(‘Post Comments’,’themename’)),
// change the title of the reply section
‘title_reply’=> esc_html(__(‘Leave a Comment’,’themename’)),
// redefine your own textarea (the comment body)
‘comment_field’ => ‘
‘,
‘fields’ => apply_filters( ‘comment_form_default_fields’, array(
‘author’ =>” .
” .
”,
’email’ =>” .
” .
”,
‘url’ =>” .
”.
”,
// Now we will add our new privacy checkbox opt-in
‘cookies’ => ” .
” . __( ‘Save my name, email, and website in this browser for the next time I comment.’ ) . ”,
)
),
);
comment_form($comments_args); ?>
After making this change, make sure to save and upload the file back to your WordPress hosting account.
When you are finished, you can visit your WordPress blog to see the changes in action.
This method simply replaces your theme’s comment form with the default WordPress comment form.
This method can change how the comment form looks, so it’s not the best method if you want to keep the form’s style and layout. However, after making this change, you can always style your comment form using custom CSS.
Like in the previous method, the first step is to connect to your server using FTP or open your host’s file manager.
After that, open the comments.php file and look for a line with the comment_form() function. Your theme will have a defined argument, function, or template that it uses to load your theme’s custom comment form. The comment_form line will look something like this:
You will need to replace this with the following line:
Once you have done that, save your changes.
Now, if you visit your website, then you will see the default WordPress comment form with the comment privacy opt-in checkbox.
Bonus Tip: Improve GDPR Compliance With MonsterInsights and WPConsent
Enabling a comment privacy opt-in checkbox is one way to make your website more GDPR-compliant. If you collect other data and want to make sure your website follows GDPR, then we recommend installing MonsterInsights.
MonsterInsights is a plugin that makes it easy to connect your website with Google Analytics. Not only that, it has an EU Compliance add-on to make your tracking comply with GDPR.
With this, MonsterInsights will wait for the user’s consent to track their activities instead of doing it as they arrive on your site.
For more information about MonsterInsights, you can read our MonsterInsights review.
Another essential tool for GDPR compliance is WPConsent, which handles cookie consent management across your entire website. It’s one of the best WordPress GDPR compliance plugins on the market.
This plugin automatically scans your entire WordPress installation to detect cookies from third-party scripts, core WordPress features, and plugins, even finding hidden cookies you might not know about.
Once detected, you can automatically create a custom cookie consent popup that prevents these scripts from tracking user activity until explicit permission is granted.
Using both MonsterInsights and WPConsent alongside your comment privacy checkbox creates a comprehensive GDPR compliance system that protects both you and your users.
We hope this article helped you learn how to add the GDPR comment privacy opt-in checkbox in WordPress. You may also want to see our beginner’s guide to moderating WordPress comments and our article on how to allow users to report inappropriate WordPress comments.
If you liked this article, then please subscribe to our YouTube Channel for WordPress video tutorials. You can also find us on Twitter and Facebook.
