Please note that WP-HR GDPR is intended as a set of tools to assist you with the management of your GDPR responsibilities towards potential, current and past employees. It is not intended to support GDPR related activities for other groups, such as customers, suppliers etc.
The first things you need to do to get the plugin up and running are:
1 – Assign a Data Protection Officer
For the Pro version you will need to specify a DPO who will have access to the complete information set on the back end (Admins, HR Managers and Employees only see a limited amount of information). Go to the WordPress sidebar Users => All Users => (select user) – scroll down the screen until you see the WPHR Manager Role section:
The free plugin assumes anyone with an Admin role in WordPress is acting either formally or informally as your Admin/DPO and they have full access to all the information, capabilities and screens in the plugin.
2 – Conduct your Data Audit and Integrate this Information into the Data Privacy Notice
The Admin/DPO should identify the types of data you hold on employees and how this is processed (called a Data Audit). They can then use this information to complete the Data Privacy Notice. A draft notice with model answers can be found at WPHR GDPR => Privacy Notice.
A page was automatically created to display this notice when the plugin was installed – DO NOT DELETE THIS PAGE.
You can add additional sections using the WPHR GDPR => Create Notice screen.
3 – Edit Consent Form
The DPO can also create a form for employees to consent to having their data processed and/or to acknowledge they have seen and read your policy. If you decide not to use consent as the legal basis for processing data the same form can be used to ask them to confirm they have read and understood your Data Privacy Notice.
4 – Announce your new Data Privacy Notice and Request Confirmations
The DPO should send a general announcement to all employees asking employees to review the Data Privacy Notice and acknowledge they have done so via the Consent form. You will need to do this outside the plugin if you are using the free version, but can use the Announcements feature to contact everyone if you are using the Pro version integrated with WP-HR Manager)
Done!
Additional Notes
Pages and Shortcodes
- Privacy Policy
- Consent Form
Do not delete these pages as they are used in various parts of the plugin. If you do, need to recreate the pages, add a new page with exactly the same name as the ones listed above and insert the following shortcode:
- Privacy Policy shortcode
- Consent Form shortcode