WordPress 4.9.6 added a dedicated Privacy Policy page concept alongside the GDPR tools. Administrators can designate any page as the site’s Privacy Policy page in Settings → Privacy, and WordPress stores its ID in the wp_page_for_privacy_policy option. The helper function get_privacy_policy_url() retrieves the URL of this page from anywhere in the codebase. Plugins that collect personal data — contact forms, analytics integrations, commenting systems, newsletter sign-ups — can contribute their own policy text using the wp_add_privacy_policy_content() function. The content is displayed in the Privacy Policy Guide (Settings → Privacy → Privacy Policy Guide), giving the site administrator a consolidated draft they can copy into their actual privacy policy page. This API ensures that when a plugin is updated, its privacy policy contribution can be updated too, and administrators have a single location to check what data their plugins are collecting.
Problem: Your contact form plugin collects names, email addresses, and IP addresses. The site administrator needs to include this information in the privacy policy, but currently has to remember to add it manually. You want the plugin to suggest the relevant policy text automatically.
Solution: Use wp_add_privacy_policy_content() on the admin_init hook to contribute your plugin's data collection description to the Privacy Policy Guide. Use get_privacy_policy_url() to link to the policy page from your forms.
<?php
// ── Add plugin privacy policy content to the Policy Guide ─────────────
add_action( 'admin_init', 'register_my_plugin_privacy_policy_content' );
function register_my_plugin_privacy_policy_content() {
if ( ! function_exists( 'wp_add_privacy_policy_content' ) ) {
return; // WP < 4.9.6 fallback
}
$content = wp_kses_post( '
<h2>' . __( 'My Contact Form Plugin', 'textdomain' ) . '</h2>
<p>' . __( 'When you submit the contact form, we collect the following data:', 'textdomain' ) . '</p>
<ul>
<li>' . __( 'Your name and email address (required to respond to your message)', 'textdomain' ) . '</li>
<li>' . __( 'Your IP address and browser user agent (for spam prevention)', 'textdomain' ) . '</li>
<li>' . __( 'The date and time of submission', 'textdomain' ) . '</li>
</ul>
<p>' . __( 'This data is stored in our database for up to 90 days and is never shared with third parties.', 'textdomain' ) . '</p>
' );
wp_add_privacy_policy_content(
__( 'My Contact Form Plugin', 'textdomain' ), // plugin name (shown as heading)
$content
);
}
// ── Link to the privacy policy page from the form ─────────────────────
function render_privacy_policy_link() {
$privacy_url = get_privacy_policy_url();
if ( $privacy_url ) {
printf(
'<p class="form-privacy-note">%s <a href="%s">%s</a>.</p>',
esc_html__( 'By submitting this form you agree to our', 'textdomain' ),
esc_url( $privacy_url ),
esc_html__( 'Privacy Policy', 'textdomain' )
);
}
}
// ── Get the privacy policy page ID and URL directly ───────────────────
$policy_page_id = (int) get_option( 'wp_page_for_privacy_policy' );
$policy_page_url = get_privacy_policy_url(); // empty string if not set or not published
$policy_page_url = get_privacy_policy_url( '', true ); // second arg: include unpublished pagesNOTE: wp_add_privacy_policy_content() only affects the Privacy Policy Guide in the admin — it does not automatically add text to the published privacy policy page. The guide is a suggestion tool for administrators. The function should be called on the admin_init hook (not init), and the content should be re-registered on every page load — WordPress does not cache it across requests. If your plugin is deactivated, its content disappears from the guide automatically, which is the intended behaviour.