Hi @johan-stam
Sorry about the trouble.
Just FYI:
You can comment out this line form handl-utm-grabber.php and it does not insert the email field in the DOM.
wp_localize_script( ‘handl-utm-grabber’, ‘handl_utm’, HUGGenerateUTMsForURL() );
Let me know if you need help!
Rather not change plugin code directly and according to ChatGPT ‘comment out that line’ wouldn’t work. They came up with:
add_filter(‘handl_params_filter’, function($params) {
unset($params[’email’]); // Blocks it from being tracked or used
return $params;
});
My question stays. This is not a valid solution for GDPR. Is there an option in your paid version of this plugin to ‘not collecting an email address’?
ChatGPT’s reocmmendation would remove the param altogether and it would not allow you to track email at all (including prefill). If that’s what you need, you can use that call.
V3 is GDPR ready and can with work most of the consent management plugins out there.
I’ve worked on a plugin that solved the issue. The plugin :
- prevents email address to get injected server-side
- No email appears in the HTML source, eliminating cache or privacy risks.
- Email fields are prefilled only client-side, with validation – GDPR safe and cache-safe
This custom “Safe Email Autofill” plugin uniquely addresses the need to prevent email addresses from being exposed in the HTML source by removing the email parameter from $_GET, $_REQUEST, and $_SERVER superglobals before any output is generated. It then uses client-side JavaScript to populate the email field, ensuring GDPR compliance by avoiding server-side exposure of personal data.
As of now, there doesn’t appear to be an existing plugin that replicates this exact functionality.
