WordPress & CCPA Compliance: What You Need To Know in 2023

As if WordPress users, developers, and agencies already do not have enough to worry about in the year 2022, the California Attorney General, Xavier Becarra, confirmed that despite the ongoing COVID-19 pandemic, the California Consumer Privacy Act (CCPA) enforcement date will remain July 1st.

Is this your first time hearing about the CCPA and not sure how it affects you? Well if you own a website for your business, it is important, so it is crucial that you read up!

What is the CCPA?

Essentially, the CCPA is an act that is meant to protect Californians’ privacy by allowing them to opt-out of certain disclosures of personally identifiable information (PII) to third parties. The CCPA also requires certain websites to have a Privacy Policy that makes those disclosures very specific. In addition, residents of California may also request what personal information the business has collected about them, and request that any and all data collected be deleted.

How Does the CCPA Affect Me?

Chances are that if you are using the weForms WordPress contact form plugin, you are collecting personally identifiable information. Whether it is something as simple as a basic contact form with MailChimp, you likely collect data that a customer could demand be deleted or not sold to third parties. Failing to comply with the CCPA could result in substantial fines for you and/or your business which could spell disaster regardless of your company’s size! In addition to fines, you could be liable in a lawsuit. If there is a breach of personal information the consumer could make use of the CCPA’s private right of action, allowing them to file lawsuits (individually or as a class action) directly against non-compliant businesses, provided the law’s procedural requirements are followed.

What Do I Need To Do?

Now you are informed about the CCPA, its implications, and understand the need to be compliant, you want to know how weForms can help. The first step is to utilize our Data Erasure Request form template and place it on your site so customers can make the request;  When using weForms as your contact form plugin, you can easily delete form data from your site.

In addition to preparing yourself to process any requests to ensure CCPA compliance, you need to make sure that you have an up to date privacy policy in place. Is retaining an attorney too expensive? No need to panic. Fortunately, our friends at Termageddon have you covered. 

What is Termageddon?

Termageddon is a service that creates and maintains privacy policies for your website. They help you stay in compliance by consistently reviewing legal changes across the country and updating legal language accordingly. Why does policy language matter when you can process requests on your own? As Termageddon explains, it will help you and your business:

  1. Avoid massive lawsuits and fines
  2. Limit liability
  3. Remain in control of your site
  4. Protect intellectual property
  5. Helps assure customers of your site’s/business’s legitimacy

With Termageddon, not only will you be able to easily create a privacy policy that is compliant with today’s privacy laws, but you won’t have the headache of researching law changes and update it on your own, Or even worse, have to pay huge lawyer fees to do so. 


Great, let’s talk about how to get started on your road to compliance. The first step would be to register and purchase a license from Termageddon. If you utilize the code WEFORMS you will receive 10% off your license! Once registered, you will be asked some questions about your business and your website. Utilizing the information you provide, Termageddon will then build a policy tailored to your business!

Dashboard of Termageddon

You will then have access to your Termageddon Dashboard where you can manage your account. If you happen to be an agency or business with multiple domains, you can use this dashboard to manage them all in one place. On this dashboard, you will be able to grab the embed code to your policy that you can easily add to your site.

Termageddon's embed code to add policy to site

Now that you have your policy code, you will now want to navigate to your WordPress website’s dashboard and create a new Privacy Policy page. This is where you will insert the code snippet, preview the page to ensure it is appearing correctly, and publish, taking note of the permalink.

weForms Terms and Conditions field options

Once you have the Privacy Policy page created all you have to do is add a link to it on any form that collects data. Simply navigate to the form you want to edit and add the Terms and Conditions form field. To update the hyperlinks, replace the “#” “<a href=”#”>” with the permalink to your Privacy Policy, save the form, and you are good to go with your new policy!

Utilizing Termageddon’s privacy policy generator with weForms is a great way to mitigate legal exposure you may have from collecting PII from your users. Of course even with some great tools such as these at your disposal, it is important to routinely audit your site to make sure you know exactly what data you are requesting and whether it is truly necessary. When it comes to data collection, be sure to take a look at all form fields and options when putting your WordPress form together and consider upgrading to a premium contact form plugin to unlock even more features.