This page is developer-facing documentation related to GPDR and other privacy features. Most of these features require Caldera Forms 1.7 or later.
For all documentation on Caldera Forms’ GDPR compliance tools see the main documentation for GDPR.
Personally Identifying Information Fields
In Caldera Forms 1.6.1 or later you can mark a field as containing personally identifiable information (PII).
Find All Personally Identifiable Fields Of A Form
You can find all fields of a form that contain PII, using the function Caldera_Forms_Forms::personally_identifying_fields()
Check If A Field Contains Personally Identifiable Information
You can check if a field contains PII, using the function Caldera_Forms_Field_Util::is_personally_identifying()
Set A Field As Email Identifying
Email Identifying Fields
While personally identifying fields contain personal data, the email identifying fields are used to search by email for form entries whose data is personally identifying.
Finding All Email Identifying Fields
Checking If A Field Is Email Identifying
Adding An Email Identifying Field
Enabling Or Disabling Data Export and Eraser Integration
By default, Caldera Forms data is not included in personal data exports or erasers. There is a UI option to enable them, which is documented here. You can also enable or disable them programmatically:
Enable Caldera Forms Data Export And Eraser
Disable Caldera Forms Data Export And Eraser
Changing The Privacy Page Link
The Caldera Forms consent field and privacy page magic tag use WordPress’ setting for the privacy page link. You can change this using the “caldera_forms_privacy_policy_page_url” filter.
Creating A Custom Exporter Or Eraser
If Caldera Forms’ default data exporter or eraser is not sufficient for your needs, you may make your own. There will be a filter to change the callback function for exporters and erasers. This filter is not included in 1.7 beta 1. See: https://github.com/CalderaWP/Caldera-Forms/issues/2545
Using The Caldera Forms PII Query Class
The default exporters and erasers use the class Caldera_Forms_Query_Pii to find personal data. This class decorates the Caldera_Forms_Query_Paginated class. It makes heavy use of the Caldera Forms Query tool under the hood.
REST API Routes
If you would like to read or update privacy settings via the REST API from a JavaScript client or other service you can. All routes require authentication as an admin user. No special, Caldera Forms-specific authentication is needed.
JavaScript developers can take advantage of the API functions found here.
Accessing Privacy Settings For A Form Via The WordPress REST API
You can read the privacy settings by making a GET request to one of these two endpoints
- /wp-json/cf-api/v2/forms/<form-id>/privacy
- /wp-json/cf-api/v2/forms/<form-id>? privacy=true
Saving Privacy Setting For A Forms Via The WordPress REST API
You can update the privacy settings by making a POST request to this endpoint:
- /wp-json/cf-api/v2/forms/<form-id>/privacy
Where Does This Code Go?
When using WordPress hooks to customize Caldera Forms or other plugins you should not modify the plugin files, or you will lose your changes when you update the plugin. Instead you should create a small plugin to hold the custom code. It's easy, learn how here.
Technically you can add the custom code to your theme's functions.php, but then you will not be able to change your theme and keep these customizations.