DPO Radio

Free Website Privacy Check: Ensure Your Site's Compliant Now!

Using AesirX Consent Shield for Privacy Compliance on WordPress

Using AesirX Consent Shield for Privacy Compliance on WordPress

How to Use AesirX Consent Shield for WordPress to Prevent Unauthorized Data Collection and Enable Privacy Compliance

Maintaining privacy compliance is more crucial than ever. As regulations like GDPR and the ePrivacy Directive require greater control over user data, website owners need to prevent third-party scripts or cookies from running without explicit consent.

Imagine visiting a website and knowing your data is safe before you even engage with its content. AesirX Consent Shield makes this possible. It automatically scans your website, detecting and blocking any unauthorized scripts, giving you peace of mind and building trust with your visitors.

This guide will show you how to use AesirX Consent Shield to protect user privacy while keeping your website fully compliant with legal standards.

how_to_use_aesirX_consent_shield.png

Overview of AesirX Consent Shield

AesirX Consent Shield for WordPress helps website owners protect user privacy by preventing third-party scripts and plugins from loading until users provide explicit consent. This proactive approach supports compliance with important regulations like GDPR and the ePrivacy Directive, safeguarding users against unauthorized data collection and fostering trust with your audience.

With AesirX Consent Shield, you can effectively manage the loading of JavaScript files by blocking those from specific domains, paths, or active plugins until users provide consent. This approach prevents unnecessary data collection before user approval, helping maintain both compliance and a user-friendly website.

Key Features of AesirX Consent Shield

1. Consent Shield for Third-Party Plugins

AesirX Consent Shield automatically identifies all active third-party plugins on your site. It prevents any related JavaScript files from running until users give their consent. This feature gives you complete control over how your plugins behave, helping you stay compliant with privacy regulations.

2. Domain and Path-Based Script Blocking

You can easily block scripts from specific sources by entering the domain, path, or folder in the settings. AesirX Consent Shield will stop any JavaScript files from these sources from loading until consent is granted. This feature is perfect for managing third-party content such as embedded videos, ads, or external services, allowing you to meet privacy requirements.

3. Proactive Plugin Detection

AesirX regularly scans your WordPress site to identify active plugins and scripts that may collect user data. It lets you review and block any plugins that need user consent before they load, keeping your site compliant with the latest privacy standards.

4. Script Blocking Options

AesirX Consent Shield offers two ways to block scripts:

  • Only Third-Party Hosts (Default): This option stops JavaScript from third-party domains while allowing scripts from your own site to function as usual. It keeps your site working properly without allowing third-party sources to collect data without permission.
  • Both First- and Third-Party Hosts: This option blocks all JavaScript from both your site and external sources until users give consent. It gives you complete control over which scripts are allowed, offering the highest level of privacy protection and compliance with data regulations.

How to Set Up AesirX Consent Shield for WordPress

Step 1: Prepare Your WordPress Site

  • First, install WordPress on your server or choose a WordPress-compatible hosting provider. 
  • Pick a theme that suits your brand and provides a good user experience. 
  • Add essential plugins to enhance your site’s functionality, such as those for SEO, security, and performance.

Step 2: Integrate AesirX Analytics & CMP with WordPress

1. Install AesirX Analytics & CMP Plugin:

  • In your WordPress dashboard, go to Plugins > Add New and search for "AesirX Analytics".
  • Click "Install Now" and then "Activate".

2. Create an AesirX Account and Obtain an Analytics License:

  • Register on the AesirX Sign-Up Page. (Note that you will be redirected to register for a Shield of Privacy (SoP) account - this acts as your AesirX Account ID and provides access to access all AesirX solutions and licenses).
  • Choose your Shield of Privacy ID.
  • Select “First-Party Analytics” from the Solutions drop-down menu. 
  • Receive your license ID and confirmation email to complete the setup.

3. Configure AesirX Analytics:

  • Navigate to Settings > AesirX Analytics in your WordPress dashboard.
  • Configure server setup (internal or external) and enable consent management before data collection.
  • Paste your solution key and click “Save” to apply changes.

search_plugin.png

Step 3: Configure AesirX Consent Shield for Plugin Detection and Blocking

1. Access the Settings:

  • Navigate to Settings > AesirX Analytics in your WordPress dashboard.

2. Automatic Plugin Detection:

  • AesirX Consent Shield will automatically scan your WordPress installation to identify active plugins that may collect user data without consent.

3. Select Plugins for Blocking:

  • Review the list of detected plugins and select the ones you want to block until explicit user consent is granted. This prevents these plugins from executing any related JavaScript files.

4. Domain/Path-Based Blocking:

  • This feature lets you block specific domains or paths to prevent unauthorized scripts from loading until user consent is given. 
  • For example, if you embed a YouTube video in a WordPress post, AesirX Consent Shield will block the video and its tracking scripts until the user consents. This way, third-party services like YouTube can't collect data from visitors without approval. Once consent is granted, the video will load, and the scripts will run.
  • To use this feature, specify the domains (e.g., youtube.com) or folder paths (e.g., /wp-content/plugins/) to block. 

5. Script Blocking Options:

  • Choose between two script blocking options:
    • Only Third-Party Hosts (Default): This option blocks only third-party JavaScript, allowing first-party scripts to run normally.
    • Both First- and Third-Party Hosts: For comprehensive control, block scripts from both first-party and third-party domains. This ensures no script, internal or external, runs without user consent.

6. Save Your Configuration:

Make sure to save all changes to effectively enforce the settings and prevent unauthorized data collection.

config_image.png

Step 4: Customize the Consent Banner to Match Third-Party Services

1. Access Consent Banner Settings:

In the AesirX BI dashboard, go to Consent > Consent Templates. Here, you can customize your consent banner to meet privacy regulations by explicitly mentioning third-party plugins and services. There are two consent modes to choose from:

  • Simple Consent Mode: No data is collected or sent to third parties until users provide explicit consent. This mode is ideal for strict GDPR and ePrivacy compliance.
  • Default Template: Tags are preloaded with denied parameters, so no data is collected or sent until consent is obtained. This prepares your site for future data collection once consent is granted.

2. Configure Your Consent Settings:

Enter your Google Tag ID and, if desired, your Google Tag Manager ID. Select your preferred consent mode and customize the consent text to reflect the specific third-party services and plugins on your website.

3. Update Consent Text to Reflect Third-Party Services:

Your consent text should clearly inform users about the third-party scripts and cookies that will remain inactive until consent is given. This promotes transparency and compliance with privacy regulations. For example:

“This website uses AesirX Analytics & CMP to manage your data preferences. You can choose to:

  • Reject: No data will be collected.
  • Consent: Allow data collection to improve site performance and user experience.
  • Decentralized Consent: Retain control over your personal data and revoke consent anytime.

Data collected may be used for [insert specific third-party plugin data collection purposes], as well as analytics and marketing, including tracking through [insert third-party plugin names] and AesirX Analytics, as outlined in our Privacy Policy. These third-party scripts and cookies will remain inactive until you provide your consent.”

Make sure to mention all relevant third-party plugins and services (e.g., Google Analytics, YouTube, Facebook Pixel) in the consent text, so users know what will be activated once they agree.

4. Save Changes:

After customizing the consent text to reflect the plugins and services on your website, save your changes. This will display the updated consent banner to users, allowing third-party services to activate only after receiving the necessary consent.

tag.jpg

Important Note on Limitations

AesirX Consent Shield Limitations for Third-Party Plugins:

  • Scripts Not Enqueued via WordPress Functions: Some plugins or themes may add scripts directly to your site's HTML using <script> tags instead of the standard wp_enqueue_script function. This limits the Consent Shield’s ability to detect and block these scripts before they load, potentially impacting compliance with privacy regulations.

Key Points:

  • Automated Detection: The Consent Shield effectively manages scripts that are properly enqueued using WordPress functions.
  • Manual Script Additions: Scripts added directly to your theme or injected into HTML may bypass the Consent Shield's blocking.

Recommendations:

  • Use WordPress Enqueue Functions: Make sure all third-party scripts are added using wp_enqueue_script for better compliance and detection.
  • Review Plugins and Themes: Check for plugins or themes that add scripts directly to HTML and request they follow best practices.
  • Alternative Measures: Use our Domain/Path-Based Blocking feature as an additional safeguard, though it may not prevent initial network requests before consent is given.

Compliance Considerations:

Be aware that scripts not managed through WordPress functions may still load before user consent, affecting compliance with regulations like the ePrivacy Directive.

Need Help?

If you have questions or need assistance identifying scripts that may bypass the Consent Shield, please contact our support team. We're here to help you achieve the highest level of compliance and protect user privacy.

Next Steps

By following the steps in this guide, you've successfully set up AesirX Consent Shield, making your website compliant with privacy regulations such as GDPR and the ePrivacy Directive. You can now interact with your visitors with confidence, knowing their data is protected until they give explicit consent.

Additional Guides

To further improve your website's compliance and functionality, check out these guides:

1. How to Customize the Consent Modal Style for Your WordPress Site Using AesirX Analytics & CMP: Learn how to tailor the design and style of your consent modal to align with your brand while maintaining full privacy compliance on your WordPress site.

2. How to Use AesirX Privacy Scanner for Effective GDPR and ePrivacy Compliance: Learn how to conduct comprehensive privacy audits to meet essential regulations for your website.

3. How to Use AesirX Privacy Advisor AI for Seamless Privacy Compliance: Find out how to utilize AI to simplify your privacy compliance efforts and make informed decisions about data protection.

4. How to Install AesirX First-Party Server: Get step-by-step instructions on setting up a first-party server to reduce reliance on third-party services and enhance your control over data.

Enjoyed this read? Share the blog!