Klaviyo is a powerful email marketing tool that helps businesses enhance their marketing by collecting user data such as email addresses, preferences, and interaction history. However, to stay compliant with GDPR (General Data Protection Regulation) and the ePrivacy Directive (ePD), you need to ensure that you manage user consent before collecting personal data.
This guide walks you through the steps to configure your Klaviyo setup for GDPR compliance in WordPress using AesirX Consent Management Platform (CMP). You'll learn how to set up consent settings, block tracking scripts until users provide consent, and achieve full compliance—all while using Klaviyo effectively.
(Assumes WordPress is installed and the Klaviyo plugin is uninstalled or deactivated.)
Step 1: Install AesirX CMP and Activate Your Trial
1. Download and Install AesirX CMP
- Download the plugin: Get the latest release from AesirX CMP Plugin on GitHub.
- Install the plugin:
- Log in to your WordPress admin panel.
- Go to Plugins > Add New.
- Click Upload Plugin, select the downloaded file, and click Install Now.
- Click Activate Plugin after installation.
2. Register Your Shield of Privacy (SoP)
- After activation, you'll be prompted to register your Shield of Privacy (SoP) to start your 14-day free trial with full features. (Your SoP serves as your AesirX Account ID, granting access to all AesirX solutions and licenses.)
- Steps:
- Enter your details:
- Shield of Privacy ID
- Domain
- Accept Terms & Verify:
- Check Accept Terms & Privacy Policy.
- Click “Click to start verification" → Activate My Trial.
- Your free license details will appear - copy your Client ID, Client Secret, and License Key.
- Paste them into WordPress > Settings > AesirX Consent Management.
- Enter your details:
3. Update Your License for Continued Access
Before your trial ends, upgrade your license to maintain full access:
- Visit the AesirX Licenses page and click Manage License under AesirX CMP.
- Under Action, select Upgrade License and choose your preferred plan.
- Complete the upgrade process, and your license will be updated automatically.
Step 2: Use AesirX Privacy Scanner to Identify Klaviyo Third-Party Domains
Now that AesirX CMP is installed, the next step is to identify and block Klaviyo’s third-party domains. AesirX Privacy Scanner makes this process simple.
1. Scan Your Site for Third-Party Domains:
- Open AesirX Privacy Scanner.
- Enter your website’s URL and click Scan.
- The scanner will analyze your site and list all third-party domains collecting user data.
2. Identify Klaviyo’s Tracking Domains
Look for Klaviyo-related domains in the scan results, such as:
- www.klaviyo.com
- Any other domains associated with Klaviyo (e.g., for email campaigns, tracking, etc.).
3. Copy Identified Domains:
Copy these domains for use in AesirX Consent Shield to block Klaviyo tracking until users provide consent.
Step 3: Prevent Klaviyo Tracking Until Users Give Consent with AesirX Consent Shield
By configuring AesirX Consent Shield, you can block Klaviyo from tracking users before they consent.
1. Block Third-Party Domains:
- Go to WordPress > Settings > AesirX Consent Management.
- Find AesirX Consent Shield for Domain/Path-Based Blocking.
- Enter the copied Klaviyo domains (e.g., www.klaviyo.com) to prevent them from loading before consent.
2. Block the YouTube Embed Plugin
- AesirX Consent Shield automatically detects and lists third-party plugins that collect user data.
- Go to AesirX Consent Shield for Third-Party Plugins.
- Find Klaviyo in the list and check the box to block it until users consent.
3. Adjust Script Blocking Settings:
- Select "Only Third-Party Hosts" (default).
- This blocks third-party scripts while keeping first-party scripts running normally.
4. Save your changes.
Click Save Settings to apply changes. Klaviyo and its third-party domains will remain blocked until users provide explicit consent.
Step 4: Set Up Explicit and Fully Informed Consent
AesirX enhances Google Consent Mode V2 with two improved compliance-focused consent modes:
- Simple Consent Mode – Works like Google’s Basic Consent Mode but with stricter compliance. No data is collected or shared with third parties until users explicitly consent. Includes Reject and Consent options.
- Default Template – Tags start with denied parameters, ensuring no data is collected, stored, or sent until consent is given. Unlike Google Consent Mode 2.0, AesirX prevents any tags from loading before consent, reducing compliance risks. Includes Reject, Consent, and Decentralized Consent, giving users full control over their personal data.
How to Update Consent Settings
- Go to Settings > AesirX Consent Management > Select Consent Mode.
- Choose a template and customize the consent text.
- Update your privacy policy to explicitly state:
- Who collects the data (your site or third-party services).
- Why the data is collected (e.g., analytics, personalization).
- What data is collected (cookies, form data).
- Keep the consent message simple, clear, and informative so users understand what they’re agreeing to and why it matters.
- Update your privacy policy to explicitly state:
- (Optional) Enter your Google Tag ID and Google Tag Manager ID.
- Click “Save Settings” to apply changes.
You've successfully configured your Klaviyo setup in WordPress for GDPR, the ePrivacy Directive, and other data protection laws using AesirX CMP. Klaviyo’s tracking scripts and third-party domains are now blocked until users provide explicit consent, maintaining full compliance.
Activate your 14-day free trial today and access powerful features like seamless consent management, customizable consent modes, and the unique Consent Shield for enhanced privacy protection. Take control of your site’s privacy and achieve compliance immediately!
Not sure if your site meets compliance standards? Test it now with AesirX Privacy Scanner to verify your data protection measures!
