WordPress added the opportunity to build a privacy policy page just before the GDPR law took effect, and if the WordPress plugin repository wasn’t already swamped with GDPR and cookie plugins.
In short, absolutely, you must let your visitors know what you do with the data you gather and why.
This is one method of informing the visitor that you need to use.
add_action( 'wp_head', 'weszty_web_cookie_notice' );
function weszty_web_cookie_notice() {
// TODO: load script here
}
<link rel="stylesheet" type="text/css" href="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css" />
<script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js" id="gdpr-notice" defer></script>
window.addEventListener("load", function() {
window.cookieconsent.initialise({
"palette": {
"popup": {
"background": "#000"
},
"button": {
"background": "#f1d600"
}
},
"theme": "edgeless",
"position": "bottom-right",
"content": {
"message": "I use cookies, Google Analytics and custom functions to better understand bla bla bla..",
"dismiss": "Your Button Text For OKAY",
"link": "Your LINK text for the read more button",
"href": "your-page-slug"
}
})
});