If your website collects any sort of user information, itβs critical to keep the data safe β even something as innocuous as an email address. More importantly, users should have the option to delete their accounts (and any associated personal information) at their request.
As a WordPress administrator, you can delete any account you want by devising a method to receive and process requests. In this article, weβll talk about why itβs important to provide an account deletion option for your users. Then, weβll introduce you to two plugins that enable you to add that feature and teach you how to do it.
Letβs get to work!
Why Your Users Should Be Able to Delete Their Accounts
Chances are youβve signed up for multiple website updates and newsletters, but have concerns. For instance, you may receive unwanted email messages, or donβt trust them to protect your data. You can always unsubscribe, but outright deleting your account isnβt as simple.
Ideally, you should be able to delete your account manually (or at least make the request), have your data completely erased, and to not be contacted in the future. As a website owner, processing these requests may seem a hassle, but there are (at least) two compelling reasons to do so:
- Some users want to protect their privacy.Β Providing this option shouldnβt be a significant effort, and it can make privacy-conscious users feel more at ease.
- To comply with the General Data Protection Regulation (GDPR).Β The legislation is set to go into effect in May 2018, and sets more stringent security requirements for websites.
The GDPR is complex, but there are two main points of concern to you. First off, thereβsΒ the βright to be forgottenβ. This means youβre responsible for deleting personal information upon request. Moreover, the article mentions this should happen without βundue delayβ. In other words, you need to stay on top of account deletion requests.
Secondly, despite the GDPR being European legislation, as long as your site collects data from EU citizens, youβre technically subject to it β and you can be fined for breaches. In other words, if you have European users, youβre bound to comply with the GDPR. Also, if your userβs data is ever compromised, youΒ mustΒ inform them within 72 hours in order to protect themselves accordingly.
As far asΒ whyΒ you should, comply, the GDPR is enforced by the Information Commissionerβs Office (ICO), who could fine you up to 4% of your annual turnover depending on the level of non-compliance. In a nutshell, it makes sense to stay on the right side of the law.
2 Plugins to Enable WordPress Users to Delete Their Accounts
You can always delete user accounts manually at their request, but thatβs hardly efficient. Providing users with a way to delete their own accounts wonβt only save you work, itβll also provide them with more control over their own information, which is always a good thing.
1. Delete Me
The Delete Me plugin enables you to add an account deletion option to any of your WordPress pages using a simple shortcode. It also includes an option that adds the functionality to your userβs profile pages, which is the logical place for it to be, in most cases.
Using the plugin, you can decide which user roles will be able to delete their own accounts. When one of your users avails themselves of the option, theyβll need to confirm their action. When they do, the plugin will automatically erase all of their stored information, posts, links, and even comments. And
Key Features:
- Enables users to delete their accounts at any time.
- Asks for confirmation before erasing user information.
- Limits the account deletion feature to specific user roles (i.e. subscriber, author, etc.).
- Adds an account deletion option to user profile pages or anywhere you want through a shortcode.
- Supports WordPress Multisite installations.
Price: FREEΒ | More Information
2. WP Delete User Accounts
This fledging solution is excellent as a quick way to add an account deletion option to WordPress. Once you enable the plugin, itβll add a slickΒ Delete My AccountΒ button to the bottom of every userβs profile page. Clicking on it will prompt a confirmation screen that requires users to type in a word before itβll complete the process. All in all, setting up the plugin only takes minutes, and deleting a profile with it is even faster.
Key Features:
- Enable users to delete their WordPress accounts.
- Require confirmation before deleting an account.
- Add an account deletion button to every profile page on your website.
Price: FREEΒ | More Information
How to Add an Account Deletion Option to WordPress (In 3 Steps)
Both plugins we introduced you to are fairly straightforward to use. However, the Delete Me plugin packs in a few more settings than its counterpart, and weβll be using it for the purposes of this tutorial (once youβve installed and activated it).
Step #1: Choose Which Users Have Permission to Delete Their Accounts
As we mentioned earlier, the Delete Me plugin enables you to limit account deletion functionality to specific user roles. This way, your authors and editors (for example) wonβt be able to erase their accounts by mistake. To configure this feature, go to theΒ Settings > Delete MeΒ page and look at theΒ RolesΒ section at the top of the screen:
All you have to do is tick the boxes next to the roles you want to enable the option for. We recommend turning it on forΒ ContributorsΒ andΒ SubscribersΒ since those tend to be less permanent roles. When youβve made a decision, donβt save your changes yet since there are more settings for us to configure on this page.
Step #2: Configure the Account Deletion Option
By default, the Delete Me plugin will provide users with an option to delete their accounts, located on their profiles. You can change the text of the account deletion option and assign it a class or specific styles if you want to customize its look:
Moreover, you can also change the account deletion confirmation message that will show up when a user clicks on the original button:
The default settings for these buttons are descriptive enough, but feel free to tweak them if you think itβs necessary. Likewise, you can remove the account deletion option from all user profiles altogether by unchecking theΒ Link EnabledΒ setting.Β If you choose to remove the option from your user profiles, you can always add it anywhere else you want on your website using the following shortcode:
[plugin_delete_me /]
As far as weβre concerned, the best placement for an account deletion option is on user profiles, but your mileage may vary. In any case, youβll also want to configure which information the plugin will delete when someone erases their account, which weβll cover in the last step.
Step #3:Β Specify the Information the Plugin Will Erase
Out of the box, the Delete Me plugin will erase all of a userβs personal information and associated posts when they delete their accounts. However, you can also configure a couple of extra options related to this aspect from theΒ Settings > Delete MeΒ page. If you scroll to the bottom of the pluginβs settings screen, youβll find three options weβre interested in. The first makes it so if youβre running a Multisite network, when a user deletes their account, theyβll erase it from the entire network if theyβre not signed up to any other sites. This makes it a helpful multisite plugin for managing user accounts.
Secondly, you can choose whether to enable users to delete their comments as well when they erase their accounts, which is often a good idea since they might contain identifying information. Finally, you can enable account deletion confirmation emails which will go out when users erase their information:
All three of these features make for useful additions to your new account deletion feature, so go ahead and enable them. Then, save the changes to the pluginβs settings and youβre good to go!
Conclusion
Having the option to delete your data is going to be great for a lot of users. Many sign up for a site only to use it once or twice, which means thereβs no good reason for them to keep their information on file. More importantly, the more sites you sign up for, the higher the chance some of your personal data might leak.
There are two plugins you can use to add this feature to your websiteΒ β Delete Me and WP Delete User Accounts. If youβre using the former, here are the steps you need to follow to get it working:
- Choose which user roles can delete their accounts.
- Configure the account deletion option.
- Specify the information the plugin will erase.
Do you have any questions about how to create an account deletion form using Divi? Ask away in the comments section below!
Article image thumbnail by hanssΒ / shutterstock.com.
Any experience with WooCommerce on this? How will the orders of the accounts be managed after deleting the linked account? Because this might be a legal constraint…
Thanks for the great info!
No problem. Happy to help π
Hi, do these also log the IP address and date/timestamp during verification?
I’m also concerned if users that are customers use this option as it may affect access to their product or service support?
Hello Vinny. Thanks for your question.
Can you please clarify which option you are referring to?
Thanks, very useful.
You’re welcome. Glad you found it useful. π