=== Simple GDPR ===
Contributors: Rick Hellewell
Tags: GDPR, google analytics, privacy
Donate link: https://www.cellarweb.com
Requires at least: 4.9.6
Tested up to: 5.1
Requires PHP: 5.3
Stable tag: 1.21
License: GPLv2 or later
License URI: http://www.gnu.org/licenses/gpl-2.0.html

Creates a simple GDPR notice with links to your Privacy Page. Optionally creates the Privacy Page. Optionally enables server-side Google Analytics with your GA ID (this helps track visitors that have ad blocking).

== Description ==
Simple process to create a 'cookies are OK' banner/button; assumes that site cannot be accessed unless you agree. Creates a privacy page based on US Better Business Bureau recommendations (your country might have different requirements). Also allows for use of Google Analytics via a server-side 'post', to allow analytics tracking if ad-blocking is enabled by the visitor.

Optionally, you can enable placing your Privacy Page link in the site footer.

This is not a very fancy plugin - it just does the basics: displays a notice,and requires the visitor to accept the terms. It 's for simple sites. 

If you have a large site, or complex personal information retention or collection, you might want to find another solution. And 'we are not a lawyer ', so check with your legal folks for guidance. We make no guarantees about the  'legal worthiness ' or affordability or suitability of our plugin.

Note: requires WP 4.9.6, which contains the new Privacy code/supporting functions. The plugin will not activate if you do not have WP 4.9.6 installed (or PHP 5.3 or higher).

Disclaimer: This plugin may not provide full protection for your site, depending on how your site stores and uses personal data. We think our technique meets the basic notification requirements of GDPR, but you should consult with your legal advisors for guidance on what your site needs to do for GDPR compliance. Here is the 'official' GDPR site: https://www.eugdpr.org/ .

For reference:

- We use the code from the Cookie Consent site at https://cookieconsent.insites.com/ to display the Acceptance message and track user response (via a cookie) to the message notice.
- For the generic Privacy Page we generate, we use the guidance from the US Better Business Bureau at https://www.bbb.org/reno/for-businesses/sample-privacy-policy/.
- If you use Google Analytics, then you should be aware of their privacy policy, which could apply to your use of GA; see it here https://www.google.com/analytics/terms/us.html .
- See also the Privacy section.

We suggest that you consult with your legal advisor for specific methods and messages needed for GDPR compliance on your site. We provide no warranty or guarantee of GDPR compliance. We are not providing any legal advice. We are not responsible in any way for your use of our suggested GDPR solution. Your mileage may vary. Objects in mirror are closer than you expect. All aspirin is alike. Professional driver on a closed course.

== Installation ==
This section describes how to install the plugin and get it working.

1. Download the zip file, uncompress, then upload to `/wp-content/plugins/` directory. Or install via the Add Plugin page.
1. Activate the plugin through the 'Plugins' menu in WordPress.
1. Change settings in Settings, 'Simple GDPR Settings' to your requirements.

* Note: do a "Save" on the Simple GDPR Settings page once after an upgrade to ensure all is well; your settings will be preserved.


== Frequently Asked Questions ==
= Do I have to do anything special to enable this? =

You should fill in the settings on the Settings page. They are just selecting your Privacy Page from the dropdown list of all page names.

Optionally, enter your Google Analytics ID if you want to enable service-side Google Analytics - this helps track visitors with ad-blocking enabled. Leave blank if you track analytics with another method, or don't want to track analytics.

The plugin also create a generic Privacy Page, using suggested test from the US Better Business Bureau. This is a page you can edit for your own needs. Or, select an existing Privacy Page via the dropdown list.

= When is the GDPR notice displayed? =

The visitor will see the notice if the cookie the plugin uses is not set. Once the visitor agrees, the message will go away for about a year. If the visitor deletes the cookie, they will see the message again.

= Can I change the text of the notice? = 

Not with this version. Maybe with a future version. Unless you dig into the code. We'll might add something to the settings page in a future version.

= Do I really need this GDPR stuff? = 

We think so. But, we are not lawyers, so we can't tell you for sure. We just figured that a simple way to put up a notice would be helpful for all the sites we manage. And we didn't find an existing plugin that wasn't complex to use for simple sites. That's why we wrote the plugin. Then we figured that others might find it useful. So, here it is.

= Is all of this legal and compliant with GDPR? =

Who knows? We're not lawyers. But our personal, non-binding, your-mileage-may-vary opinion is that it is enough for simple sites (blogs, brochures, etc) to comply with the (in our opinion) silly GDPR law. 

See the dislaimer above. We are providing this as a simple way of complying with the GDPR terms. Contact your legal advisors to see if it is good enough for your site.

= What about the Privacy Link in the footer? =

If enabled, your Privacy page title/link is displayed in your site's footer. Note that there is no CSS for that link; you can adjust CSS using the 'privacy-policy-link' class in your theme, or in Appearances, Customize, Additional CSS (if supported by your theme).

= Do you place a Privacy link in the site menus? = 

Nope. That's up to you. We didn't want to mess with your menu.

= What about the Google Analytics - what data does it send? = 

Assuming that you enabled this feature by entering your GA User ID on the Settings page, the plugin will send some basic information to your GA account: page name/URL, geolocation, an anonymous IP address (last octect is blanked), a unique client ID value (to identify all the pages that person visits), and the referring page.

This should be all the info for basic analytics. And the data will be sent for all visitors, including those with ad blockers.

= What if something doesn't work? = 

Contact us on the plugin support page.

= I got an idea for a new feature! = 

Use the Support page to send us new ideas.

== Screenshots ==
1. Shows the Settings page.

== Privacy ==

This plugin does not save any personal information on your server. It will store cookies on your visitor's browsers. If you have enabled Google Analytics, it will also store a randomly-generated ID value as a cookie; there is no personal information associated with that cookie.

== Changelog ==

1.21 (10 Apr 2019)
* Set the server-side analytics code to get the geolocation of the visitor. This was not captured in prior versions.

1.20 (10 Apr 2019)
* Changed all array element names (the part in the brackets) to be strings, rather than 'assumed' strings. The use of 'assumed' strings was causing a PHP Warning about undefined constants. PHP ignores that, although that may cause a fatal error in PHP 8x (whenever that gets released). And the PHP Warnings were cluttering up the error.log file. 
So all array element names are now proper strings.

1.11 (7 Jan 2019)
* The plugin needs to set a cookie, but some themes are non-standard, outputting content before
	this plugin can set the cookie. That causes a 'headers already sent' error. And some error
	settings may cause that error message to display on the screen.
  Since the themes are non standard in how they output content, we have to suppress the
  	'headers not sent' message. We do this by saving the error settings, turning off error 
	display, then setting the cookie. Then we restore the error settings to original settings.
	This effectively hides the error message, while still letting the cookie to be set.

1.10 (25 May 2018)
* added support for WP 4.9.6 Privacy functions
* added requirement for WP 4.9.6; plugin will automatically deactivate if not at that minimum version.
* added optional checkbox to display the Privacy page name/link in the page footer.
* some code cleanup

1.02 (4 May 2018)
* fixed issue with timing of when cookies are created
* added reminder when privacy page created that the new Privacy Page should be added to the site menu

1.01 (4 May 2018) - Initial Release

1.00 (28 April 2018) = unreleased version

== Upgrade Notice ==

1.10 (25 May 2018)
* added support for WP 4.9.6 Privacy functions
* added requirement for WP 4.9.6; plugin will automatically deactivate if not at that minimum version.
* added optional checkbox to display the Privacy page name/link in the page footer.
* some code cleanup

1.02 (4 May 2018)
* fixed issue with timing of when cookies are created
* added reminder when privacy page created that the new Privacy Page should be added to the site menu

1.01 (4 May 2018) - Initial Release

1.00 (28 April 2018) = unreleased version
