Creating a website that people trust starts with protecting their personal information.
Privacy laws like GDPR and CCPA are designed to help with that, but they can feel confusing when you’re just trying to do the right thing.
Many of these rules ask you to add a ‘Do Not Sell My Info’ page to your site, and it’s not always clear where to start. I’ve been there myself.
After trying several different approaches, I found a step-by-step method that actually works for beginners.
In this guide, I’ll walk you through the exact process I use to build a professional ‘Do Not Sell My Info’ page in WordPress. I’ll also show you how to handle incoming requests, so you can protect your visitors’ privacy and stay compliant with international data laws.
⚠️ The term ‘Do Not Sell My Info’ comes directly from the California Consumer Privacy Act (CCPA).
Adding this page to your site also helps you follow Europe’s General Data Protection Regulation (GDPR). This is because you’re giving visitors a way to stop their personal data from being processed, which meets the GDPR’s Right to Object requirement.
However, the GDPR does not specifically say you must add a ‘Do Not Sell My Info’ page to WordPress.
Why Do You Need a ‘Do Not Sell My Info’ Page?
A ‘Do Not Sell My Info’ page gives your visitors a clear way to say they don’t want their personal data shared with outside companies. In many cases, this is required by law, but it’s also a smart way to build trust.
Some site owners assume that these kinds of privacy laws don’t apply to them because they’re not selling anything.
But under some laws, like the California Consumer Privacy Act (CCPA), “selling” personal information doesn’t just mean trading it for money. It can also include sharing user data with other companies for things like ads, tracking, or analytics—even if no money is involved.
For example, if your site uses ad networks, tracking pixels, or embedded YouTube videos, then you may still be seen as “selling” or “sharing” personal information under these laws.
Because the definitions are so broad, adding a ‘Do Not Sell My Info’ page helps you stay on the safe side of privacy rules while giving users more control over how their information is used.
As a website owner, it’s important to follow these laws and give your visitors real control over their data. While each regulation is different, most require you to let users opt out of having their personal information shared or sold to third parties.
This type of page is a specific requirement under the CCPA. Even though the GDPR doesn’t mention it by name, adding a ‘Do Not Sell My Info’ page can help meet its requirement to give users control over how their data is used.
But this isn’t just about legal compliance.
When visitors see that you take privacy seriously, they’re more likely to sign up for your email list, make a purchase, or stick around longer.
Overall, a ‘Do Not Sell My Info’ page helps meet modern privacy expectations and makes your site more trustworthy in the process.
How to Create a Do Not Sell My Info Page in WordPress
With privacy regulations getting stricter all the time, creating a ‘Do Not Sell My Info’ page is no longer just a good idea, but a legal requirement.
This guide will provide a step-by-step walkthrough on how to implement a ‘Do Not Sell My Info’ page on your WordPress site. You’ll also learn efficient methods for handling user requests, ensuring legal compliance.
Step 1: Configure WPConsent
The simplest method to incorporate a ‘Do Not Sell My Info’ page into WordPress involves using WPConsent. This privacy compliance plugin empowers users with increased control over their data, assisting you in adhering to essential privacy regulations.
WPConsent provides features such as cookie banners, privacy policy creation tools, and a consent log for monitoring user permissions, all of which are beneficial during audits.
It also features a ‘Do Not Track’ addon, which facilitates the creation of a dedicated form page with minimal effort. Visitors can utilize this form to express their preference against the sale of their personal information.
These requests are saved locally within a specialized table on your site, enabling prompt review and response.
⭐ We rely on WPConsent for managing user consent and displaying cookie notices across all our platforms, including CanadaCreate. Our direct engagement highlights WPConsent’s effectiveness and ease of use.
Interested in a detailed account of our experiences with WPConsent? Read our comprehensive WPConsent review.
If you have budget constraints, a free edition of WPConsent is available via WordPress.org.
It provides several key functionalities to aid in compliance with regulations like the GDPR.
To utilize the ‘Do Not Track’ addon, the premium version is required. For assistance with upgrading, consult our guide on WordPress plugin installation.
Once the plugin is active, you’ll see a quick onboarding wizard that walks you through setup, usually in under five minutes.
When you’re ready, click the ‘Let’s Get Started’ button to begin.
This setup wizard will guide you through several important tasks, such as scanning your site for third-party scripts and creating a cookie popup.
Completing these steps will help you comply with crucial privacy laws like the Personal Data Protection Law (PDPL), so I encourage you to go through the entire onboarding process.
After you’ve finished the setup, WPConsent will take you back to the WordPress dashboard.
Step 2: Create a WordPress Page
WPConsent lets you add a Do Not Sell My Info form to any page or post on your WordPress site. However, to keep things simple, I suggest creating a new page especially for this important form.
In your WordPress dashboard, head over to Pages » Add Page.
You can now give this page a clear title, something like ‘Do Not Sell My Info.’ You can also add any other information you think is important, such as an introduction explaining what the form is for and why someone might want to use it.
When you’re happy with how the page looks, save it as a draft for now.
Step 3: Install the Do Not Track Addon
WPConsent includes tools to help you follow major privacy laws right away. But if you want to add a Do Not Sell My Info page, then you’ll need to install an extra addon.
In your WordPress dashboard, go to WPConsent » Do Not Track. When that screen loads, just click the ‘Install Do Not Track Addon’ button.
Shortly, WPConsent will automatically handle the installation and activation of the addon.
Step 4: Create the ‘Do Not Sell My Info’ Form
Your next step is to navigate to WPConsent » Do Not Track, and open the ‘Configuration’ tab.
On this tab, you can specify where the form will be displayed.
Simply open the ‘Do Not Track Page’ dropdown and select the page you created earlier. This will automatically add a basic form to that page.
The default form includes a set of necessary fields:
- First Name
- Last Name
These fields are essential for identifying visitors, and WPConsent does not allow their removal.
However, you can modify the labels to suit your preferred wording by changing the text in the ‘Field Label’ box.
If you require additional information from users, you have the option to enable extra fields, such as:
- Address
- ZIP Code
- City State
- Country
- Phone
To add a field, simply select the ‘Enable this field’ checkbox.
These extra fields are optional by default.
However, you can enforce any field as mandatory by selecting the ‘Make this field required’ checkbox.
As before, you can customize any field labels to align with your site’s style.
After configuring everything to your satisfaction, scroll down and select the ‘Save Changes’ button.
Step 5: Adding the Form to Your Page
Now, you’re ready to add this form to the page you created earlier. In your WordPress dashboard, open that page for editing.
Locate the desired form insertion point, then select the ‘+’ icon.
In the selection box, type ‘Shortcode’ to locate the relevant block.
Once the shortcode block is visible, click it to insert it onto the page.
You can now paste the following shortcode into the block:
[wpconsent_do_not_track_form]
Once that’s complete, proceed to publish the page using your typical method.
You can now visit your WordPress blog or website to see the ‘Do Not Sell My Info’ page in action.
Step 6: Integrating Links in Key Locations
With your ‘Do Not Sell My Info’ page ready, ensure visitors can easily access it.
One approach involves linking the ‘Do not sell info’ page from your Privacy Policy. Consider placing it in a readily visible area, such as the website footer.
These minor actions significantly boost trust. Transparency regarding data practices fosters greater visitor confidence while browsing.
Step 7: Manage Incoming Requests
With setup complete, WPConsent systematically logs each request, presenting it within your WordPress dashboard. This simplifies tracking privacy requests as they arrive.
To review current requests, navigate toWPConsent » Do Not Trackand confirm that the ‘Requests’ tab is selected. A list of all submissions will appear, complete with essential details for each.
Your response strategy depends on your customer information management practices. You might, for instance, add a note within your CRM to denote the user’s opt-out status.
You are able to export a CSV file of your requests. This feature aids in both record maintenance and audits.
Navigate to the ‘Export’ tab, found underWPConsent » Do Not Track.
Begin by selecting a start date within the ‘From’ field.
Then, select the end date by clicking the ‘To’ field.
By default, WPConsent encompasses every request, including those already addressed and those still pending.
To filter for requests needing attention, select ‘Export only “not processed” entries.’
If immediate action is planned,
consider selecting ‘Mark exported data as processed.’ This tells WPConsent to update statuses automatically in your dashboard.
When using this feature, ensure each request is completed, keeping your dashboard data consistent.
Select ‘Export’ to download your CSV file.
If not marked automatically, manual closure is required for each request. Hover over the request and select ‘Mark as processed.’
Processed requests are distinctly labeled, enabling quick identification of pending requests.
What to Do When Someone Opts Out
When a site visitor submits a request to opt out of the sale or sharing of their data, the initial logging of the request is only the beginning.
Subsequently, you should delete their personal data from your website.
WordPress provides a tool for data removal upon request.
This option can be located underTools » Erase Personal Datawithin the WordPress admin area.
Employing this tool ensures adherence to regulations like the CCPA and GDPR, particularly if you’ve gathered contact details via forms, comments, or newsletter subscriptions. It provides a straightforward method to fulfill privacy requests effectively.
Refer to our guide detailing how to export and remove personal data in WordPress for further details.
Frequently Asked Questions About ‘Do Not Sell My Info’ Pages
Data privacy is a complex matter, so it’s natural to have some questions.
To assist you, I’ve compiled a list of the most common questions regarding the creation of a ‘Do Not Sell My Info’ page on WordPress.
What is WPConsent, and what are the advantages of its use?
WPConsent represents a complete plugin solution crafted to aid WordPress site administrators in observing diverse privacy mandates, encompassing the Lei Geral de Proteção de Dados (LGPD), CCPA, and GDPR.
WPConsent simplifies the process of generating and overseeing vital privacy pages and functionalities on your website, enabling you to satisfy legal stipulations and cultivate confidence among your visitors.
How does a ‘Do Not Sell My Info’ page differ from other privacy pages?
A ‘Do Not Sell My Info’ page is designed for a specific function: enabling users to decline the selling of their personal information. This is mandated by a number of privacy laws, such as the California Consumer Privacy Act (CCPA).
Generally, your site will feature other pages related to privacy, yet they won’t include this specific option.
Can WPConsent be used with other privacy plugins to improve compliance?
WPConsent can indeed be used alongside other privacy and security tools. For instance, you can use WPConsent for ‘Do Not Sell’ request management, and a plugin like Sucuri to audit your website for vulnerabilities that could lead to data breaches.
What should I do when a user sends me a ‘do not sell’ request?
Upon receiving a request, you must ensure its proper fulfillment. This involves modifying your internal data management procedures to align with the user’s expressed preferences.
For instance, you may be required to:
- Revise your records: Mark the user’s profile in your database or CRM system. For example, you could add a ‘Do Not Sell’ tag to their contact record in your CRM software. This makes it clear to your team that their data should not be sold.
- Inform pertinent teams:Make certain that all parties involved in data handling are aware of the request. Subsequently, they can prevent actions that would infringe upon the user’s choices.
- Examine data pathways:If you distribute data to external entities, verify that the user’s data is excluded from these transfers.
- Document the action:Maintain a detailed log of when the request was received and how it was processed. This documentation aids in demonstrating compliance during audits. Some tools, such as WPConsent, automatically record all user requests.
Failure to comply with these requests may result in legal repercussions, potentially including substantial fines and significant harm to your website’s credibility.
Therefore, promptly addressing each ‘Do Not Sell’ request is crucial.
Should you routinely revise the ‘Do Not Sell My Info’ page?
Certainly. Consistent updates are necessary to maintain compliance with current legal standards.
Privacy laws are subject to change, and new rules may be introduced. Keeping your page current helps you sidestep possible fines and other legal problems.
Your compliance measures must also reflect any modifications in your data handling practices. For instance, if you begin gathering different data types or collaborating with new third-party entities, your ‘Do Not Sell My Info’ page should be revised accordingly.
It is recommended to include reviewing and updating your ‘Do Not Sell My Info’ page as part of your routine website maintenance.
Additional Resources for Privacy Compliance
Managing data privacy can be intricate; however, having access to suitable resources simplifies the process.
Here are some additional articles and guides to aid you in your ongoing compliance efforts:
- How to Know if Your WordPress Website Uses Cookies
- How to Add WordPress Analytics Without Cookies
- How to Keep Personally Identifiable Info Out of Google Analytics
- How to Stop Storing IP Addresses in WordPress Comments
- How to Make Google Fonts Privacy Friendly
Hopefully, this tutorial was helpful in creating a ‘Do Not Sell My Info’ page on your WordPress site. Consider exploring our recommendations for top-tier WordPress security plugins or our comprehensive WordPress security guide.
If you found this article useful, consider subscribing to our YouTube channel for WordPress video guides. Connect with us on Twitter and Facebook as well.
