If your website collects any sort of user information, it’s critical to keep the data safe – even something as innocuous as an email address. More importantly, users should have the option to delete their accounts (and any associated personal information) at their request.
As a WordPress administrator, you can delete any account you want by devising a method to receive and process requests. In this article, we’ll talk about why it’s important to provide an account deletion option for your users. Then, we’ll introduce you to two plugins that enable you to add that feature and teach you how to do it.
Let’s get to work!
- 1 Why Your Users Should Be Able to Delete Their Accounts
- 2 2 Plugins to Enable WordPress Users to Delete Their Accounts
- 3 How to Add an Account Deletion Option to WordPress (In 3 Steps)
- 4 Conclusion
Why Your Users Should Be Able to Delete Their Accounts
Chances are you’ve signed up for multiple website updates and newsletters, but have concerns. For instance, you may receive unwanted email messages, or don’t trust them to protect your data. You can always unsubscribe, but outright deleting your account isn’t as simple.
Ideally, you should be able to delete your account manually (or at least make the request), have your data completely erased, and to not be contacted in the future. As a website owner, processing these requests may seem a hassle, but there are (at least) two compelling reasons to do so:
- Some users want to protect their privacy. Providing this option shouldn’t be a significant effort, and it can make privacy-conscious users feel more at ease.
- To comply with the General Data Protection Regulation (GDPR). The legislation is set to go into effect in May 2018, and sets more stringent security requirements for websites.
The GDPR is complex, but there are two main points of concern to you. First off, there’s the ‘right to be forgotten’. This means you’re responsible for deleting personal information upon request. Moreover, the article mentions this should happen without ‘undue delay’. In other words, you need to stay on top of account deletion requests.
Secondly, despite the GDPR being European legislation, as long as your site collects data from EU citizens, you’re technically subject to it – and you can be fined for breaches. In other words, if you have European users, you’re bound to comply with the GDPR. Also, if your user’s data is ever compromised, you must inform them within 72 hours in order to protect themselves accordingly.
As far as why you should, comply, the GDPR is enforced by the Information Commissioner’s Office (ICO), who could fine you up to 4% of your annual turnover depending on the level of non-compliance. In a nutshell, it makes sense to stay on the right side of the law.
2 Plugins to Enable WordPress Users to Delete Their Accounts
You can always delete user accounts manually at their request, but that’s hardly efficient. Providing users with a way to delete their own accounts won’t only save you work, it’ll also provide them with more control over their own information, which is always a good thing.
1. Delete Me
The Delete Me plugin enables you to add an account deletion option to any of your WordPress pages using a simple shortcode. It also includes an option that adds the functionality to your user’s profile pages, which is the logical place for it to be, in most cases.
Using the plugin, you can decide which user roles will be able to delete their own accounts. When one of your users avails themselves of the option, they’ll need to confirm their action. When they do, the plugin will automatically erase all of their stored information, posts, links, and even comments. And
- Enables users to delete their accounts at any time.
- Asks for confirmation before erasing user information.
- Limits the account deletion feature to specific user roles (i.e. subscriber, author, etc.).
- Adds an account deletion option to user profile pages or anywhere you want through a shortcode.
- Supports WordPress Multisite installations.
Price: FREE | More Information
2. WP Delete User Accounts
This fledging solution is excellent as a quick way to add an account deletion option to WordPress. Once you enable the plugin, it’ll add a slick Delete My Account button to the bottom of every user’s profile page. Clicking on it will prompt a confirmation screen that requires users to type in a word before it’ll complete the process. All in all, setting up the plugin only takes minutes, and deleting a profile with it is even faster.
- Enable users to delete their WordPress accounts.
- Require confirmation before deleting an account.
- Add an account deletion button to every profile page on your website.
Price: FREE | More Information
How to Add an Account Deletion Option to WordPress (In 3 Steps)
Both plugins we introduced you to are fairly straightforward to use. However, the Delete Me plugin packs in a few more settings than its counterpart, and we’ll be using it for the purposes of this tutorial (once you’ve installed and activated it).
Step #1: Choose Which Users Have Permission to Delete Their Accounts
As we mentioned earlier, the Delete Me plugin enables you to limit account deletion functionality to specific user roles. This way, your authors and editors (for example) won’t be able to erase their accounts by mistake. To configure this feature, go to the Settings > Delete Me page and look at the Roles section at the top of the screen:
All you have to do is tick the boxes next to the roles you want to enable the option for. We recommend turning it on for Contributors and Subscribers since those tend to be less permanent roles. When you’ve made a decision, don’t save your changes yet since there are more settings for us to configure on this page.
Step #2: Configure the Account Deletion Option
By default, the Delete Me plugin will provide users with an option to delete their accounts, located on their profiles. You can change the text of the account deletion option and assign it a class or specific styles if you want to customize its look:
Moreover, you can also change the account deletion confirmation message that will show up when a user clicks on the original button:
The default settings for these buttons are descriptive enough, but feel free to tweak them if you think it’s necessary. Likewise, you can remove the account deletion option from all user profiles altogether by unchecking the Link Enabled setting. If you choose to remove the option from your user profiles, you can always add it anywhere else you want on your website using the following shortcode:
As far as we’re concerned, the best placement for an account deletion option is on user profiles, but your mileage may vary. In any case, you’ll also want to configure which information the plugin will delete when someone erases their account, which we’ll cover in the last step.
Step #3: Specify the Information the Plugin Will Erase
Out of the box, the Delete Me plugin will erase all of a user’s personal information and associated posts when they delete their accounts. However, you can also configure a couple of extra options related to this aspect from the Settings > Delete Me page. If you scroll to the bottom of the plugin’s settings screen, you’ll find three options we’re interested in. The first makes it so if you’re running a Multisite network, when a user deletes their account, they’ll erase it from the entire network if they’re not signed up to any other sites. This makes it a helpful multisite plugin for managing user accounts.
Secondly, you can choose whether to enable users to delete their comments as well when they erase their accounts, which is often a good idea since they might contain identifying information. Finally, you can enable account deletion confirmation emails which will go out when users erase their information:
All three of these features make for useful additions to your new account deletion feature, so go ahead and enable them. Then, save the changes to the plugin’s settings and you’re good to go!
Having the option to delete your data is going to be great for a lot of users. Many sign up for a site only to use it once or twice, which means there’s no good reason for them to keep their information on file. More importantly, the more sites you sign up for, the higher the chance some of your personal data might leak.
There are two plugins you can use to add this feature to your website – Delete Me and WP Delete User Accounts. If you’re using the former, here are the steps you need to follow to get it working:
- Choose which user roles can delete their accounts.
- Configure the account deletion option.
- Specify the information the plugin will erase.
Do you have any questions about how to create an account deletion form using Divi? Ask away in the comments section below!
Article image thumbnail by hanss / shutterstock.com.
Any experience with WooCommerce on this? How will the orders of the accounts be managed after deleting the linked account? Because this might be a legal constraint…
Thanks for the great info!