Your mailbox has certainly been invaded recently following the implementation of the new GDPR 25 May 2018. If you maintain your site yourself, you certainly looked at the issue and did some corrective action. What about Bloom? Is Bloom natively compatible with GDPR? What actions do you need to take to make Bloom GDPR friendly ? This is what we will see in this article.
Learn more about Bloom | Getting Bloom
A new box appeared in Bloom's options
There were two updates of Bloom suddenly after the release of the GDPR, but none of the nsa includes the box so important for the GDPR that we will see below. In the meantime, a new box has appeared and it is important: this box offers you to store or not store the IP address of the person entering his email or contact details.
Free to make your choice but if you decide to collect IP addresses in your database, you will think about state this in your Privacy Policy. The new version of Bloom leaves you the choice, while before the IP harvest was by default.
No checkbox in Bloom, for now...
That's the most annoying. Although Bloom is developed by a world-renowned company, I still can't figure out why they haven't put in place the possibility of adding a checkbox that users should necessarily check if they want to send the form. This small box is GDPR obligations... I guess this is just a matter of time and this option will soon be available in Bloom. I also waited a few days before writing this article in the hope that an update of the plugin would bring it back to GDPR standards. What to do in the meantime to make Bloom GDPR friendly? We will have to find an explicit way to inform your users and give them a easy access to your privacy policy.
How do I inform visitors of your Privacy Policy?
Below, I will give you two possibilities to make Bloom GDPR friendly Knowing that the first solution is not really up to standards and that it can be a transitional solution before finding better.
Option 1 – Add a link to the Privacy Policy directly in Bloom
Since Bloom offers visitors to enter at least their e-mail address and more so refined (name + first name + IP), this means that you collect personal data and must be up to standards with the GDPR. If you have not yet updated your opt-in forms, you can edit them and add a link to your Privacy Policy. Then go to the tab Bloom > Optin Forms then edit all your forms to add a sentence in the "Optimal Message" or " Footer" field such as:
By subscribing to this newsletter you become aware and accept our Privacy Policy.
Don't forget to add the "nofollow" attribute to the link of your Privacy Policy so as to avoid wasting too much time on indexing robots and giving too much weight to a page that isn't worth it.
Option 2 – Add a box of acceptance of the Privacy Policy in Bloom
If we follow the GDPR to the letter, it would seem that the above solution is not entirely suitable since the user really needs COCHER to agree. But Bloom's fields do not allow that. You will then have to use a third party plugin that allows this feature as the Bloom GPPR Overlay Plugin. This plugin will allow you to add a layer to the Bloom form in order to provide a link to your Privacy Policy and a check box to accept these conditions. Thus, your form will comply with GDPR or almost...
Bloom GDPR... or almost ???
Indeed, this is not all to be fully compliant with the GDPR. There is one last little step that is not really transparent: Bloom's gonna share your users' data with Google's API if you have enabled Google Fonts for Bloom. In itself, there is no gravity but you must report it in your Privacy Policy if you have chosen to use Google Fonts because their use works thanks to Google's API which can collect your users' personal data. Otherwise, you can disable this feature by going to Bloom > Bloom Setting (Icon of the toothed wheel at the top of the module).
Also read: How to make the contact forms of Divi GDPR-friendly?
In conclusion...
Have you thought about updating Bloom so that it complies with the GDPR? Feel free to add your comments on the topic...
14 Comments