Managing customer data in WordPress: is it possible? And is it safe?

Privacy is an important issue within the online world. By keeping customer data, you process orders more easily and personalize customer visits. But how can you manage customer data if you have a WordPress website?

A hack can cost you dearly, not only because of the fine from the Personal Data Authority, but also because of the reputational damage.

Why you want to keep customer data

It makes sense for a company or institution to keep customer or user data. That an organization knows the visitor makes it easy for the visitor to make a new inquiry or order. Retaining customer data also allows the organization to personalize the online experience; the organization can make an offer that matches that customer’s interests or history.

Customer data are all kinds of personal data of buyers, guests, clients or customers. This is not just data that reveals their identity, such as name, address and residence, date of birth and contact information. This includes other data that can be linked to them and is private. Think about uploaded documents, their usernames and passwords, their order history, their credit card information, and we could go on and on.

How to manage customer data in WordPress.

WordPress is a Content Management System (CMS), not a customer management system (CRM). As such, WordPress does not come with customer management functionality by default. There are plenty of plugins that jump into that gap. But there is a risk in managing customer data with plugins. Often they are not updated as often as WordPress itself, increasing the likelihood of error messages or security leaks. That’s why it’s wise to adapt web design to privacy regulations. ‘‘Privacy by design‘ is what we call it.

Custom interfacing with your CRM

We can well imagine that you already have your own CRM system. But if we advise against using standard plugins, how do you integrate the customer data in that CMS with your WordPress site? The answer is the custom coupling.

The Application Programming Interface (API) of a CRM like Salesforce allows you to build exactly the integration you need – no more, no less. For example, you can have customer data from Web forms sent directly into your CRM, and vice versa, the Web site can “pull” things from the CRM.

A similar link is possible with an Applicant Tracking System (ATS) such as Bullhorn. On the one hand, resumes and applicants’ personal data are sent directly from the website to the HR software. On the other hand, job openings that you put in the ATS will immediately show up on your work at site.

What should you consider?

All companies that collect personal data from users must comply with the guidelines of the General Data Protection Regulation (AVG). If they do not, they risk a large fine. That’s another reason why it’s advisable to have a custom customer data management solution created. Thus, you control all these factors yourself.

• A privacy statement lets you know why you collect personal data and what you do with it.
• An SSL certificate is designed specifically for websites that collect personal data. With such a certificate, recognizable to the user by the padlock in the browser’s address bar, the data transfer is encrypted.
• A cookie notification is required when your WordPress website places cookies on visitors’ computers. With some cookies, not just a notification is sufficient, but you must even ask permission.
• You may send newsletters only to people who have signed up for them. They must also have the ability to opt out.
• Enter into a processor agreement with external parties who manage your users’ data.
• With the processing register, which should always be available to visitors, you inform users about who has access to what data. You specify why they have access to it and for how long.

The good news is that a WordPress website, combined with a decent WordPress host, can meet all of these requirements. Through a custom integration, you can manage customer data in WordPress, securely.