What is GDPR?
The General Data Protection Regulation (GDPR) is a new regulation under EU law based off of data protection and privacy for all individuals within the European Union. The newest regulation addresses the export of personal data outside of the EU as well as giving more control to citizens and residents over their own personal data.
The General Data Protection Regulation affects any website that is accessed by EU customers or held in the EU and as a result, if your WordPress website is storing data by anyone accessing it in the EU, you need to make sure that your WordPress website meets the regulation for safeguarding the information that you collect.
The GDPR represents new changes in consent for individuals, right to access, privacy design, the right to delete accounts and increased territorial scope for the rights of individuals based off of their access of a WordPress website.
Some useful resources to learn more about GDPR:
- GDPR Compliance Tools in WordPress Plugin
- A GDPR Checklist for Those Who Are Tired of GDPR Checklists
- EU GDPR Information Portal
If you want to make sure that your WordPress website is compatible with these new regulations so that you don’t face any kind of repercussions or fines, you should consider installing some of the compliancy WordPress plugins that are available for data protection.
Here’re the best WordPress GDPR plugins & tools that help website owners to comply with European privacy regulations. By May 25th, 2018 your site or blog has to comply.
Originally Published May 2018, updated Mar 15 2021
Table of contents:
- All-in-One GDPR Tools
- GDPR Tools for Cookies Tracking
- GDPR Tools for Comments
- GDPR Tools for Analytics
- Other resources for GDPR compliance
Total downloads: 100,000+
Five Star Ratings: 120+
This plugin helps your website stay compliant with GDPR using a free cookie pop-up, consent log, and more.
- Add Consent and give your visitors full control.
- Keeping a consent log for supported plugins.
- Adding checkboxes to supported plugins for explicit visitor consent.
- ‘Right to access’ through encrypted audit logs and double opt-in mail.
- ‘Right to be forgotten’ by anonymizing user data.
Total downloads: 90,000+
Five Star Ratings: 190+
This plugin is an All-in-One approach developed by iubenda, which includes functionalities of two powerful solutions (see below) that help to make your website GDPR and ePrivacy compliant.
The plugin lets you automate the implementation of ePrivacy (Cookie Law) and GDPR requirements by providing a fully customizable cookie banner, blocking scripts, and by managing all aspects of cookie consent.
It also allows you to record, review, and maintain comprehensive GDPR records of consent for your web-forms.
- The plugin automatically inserts the iubenda code in the head of every page of the site
- Allows you to automatically or manually block scripts that can install cookies prior to consent, without the need of direct intervention on the code
- Allows you to autodetect and limit prior-blocking and cookie consent requests only to users from the EU – where this is a legal requirement – while running cookies scripts normally in regions where you are still legally allowed to do so.
- Asynchronously re-activates cookie scripts once consent is collected.
- California Consumer Privacy Act (CCPA) Support
- Integrates with IAB’s Transparency and Consent Framework (TCF)
- Allows you to provide you users with granular, per-category preference control (e.g. basic functionalities, experience enhancement, targeting & advertising)
- Compatible with Google’s Accelerated Mobile Pages (AMP)
- Features an easy-to-use interface for entering custom scripts and iframes
- Detects bots/spiders and serves them a clean page so that your SEO efforts are never compromised
Total downloads: 30,000+
Five Star Ratings: 100+
Prepare your WordPress Website & WooCommerce Shop for the GDPR and secure your user data with our plugin.
Easy installation, dozens of useful features, and lots of information on how to make your website compliant. It has been developed in cooperation with lawyers.
Total downloads: 20,000+
Five Star Ratings: 60+
The GDPR Framework provides a set of easy to use tools to help make your website GDPR-compliant.
- Allow both users and visitors without an account to automatically view, export and delete their personal data;
Configure the plugin to delete or anonymize personal data automatically or send a notification and allow admins to do it manually;
- Track, manage and withdraw consent;
- Comes with a helpful installation wizard to get you started quickly;
- Fully documented;
- Developer-friendly. Everything can be extended, every feature and template can be overridden.
- Contact Form 7
- Gravity Forms
- Formidable Forms
- More will be coming soon
Total downloads: 20,000+
Five Star Ratings: 50+
This plugin is meant to assist a Controller, Data Processor, and Data Protection Officer (DPO) with efforts to meet the obligations and rights enacted under the GDPR.
- Consent management
- Privacy Preference management for Cookies with front-end preference UI & banner notifications
- Rights to erasure & deletion of website data with a double opt-in confirmation email
- Re-assignment of user data on erasure requests & pseudonymization of user website data
- Data Processor settings and publishing of contact information
- Right to access data by admin dashboard with email look up and export
- Right to access data by Data Subject with front-end requests button & double opt-in confirmation email
- Right to portability & export of data by Admin or Data Subject in XML or JSON formats
- Encrypted audit logs for the lifetime of Data Subject compliance activity
- Data Subject Secret Token for two-factor decryption and recovery of data
- Data breach notification logs and batch email notifications to Data Subjects
- Telemetry Tracker for visualizing plugins and website data
Total downloads: 1,000,000+
Five Star Ratings: 2,900+
- Customizable cookie message
- Redirects users to specified page for more cookie information
- Multiple cookie expiry options
- Option to accept cookies on scroll
- Option to set on scroll offset
- Option to refuse functional cookies
- Option to revoke the user consent
- Option to manually block scripts
- Option to reload the page after cookies are accepted
- Select the position of the cookie message box
- Animate the message box after cookie is accepted
- Select bottons style from None, WordPress and Bootstrap
- Set the text and bar background colors
- WPML and Polylang compatible
- SEO friendly
- .pot file for translations included
Total downloads: 1,000,000+
Five Star Ratings: 1,700+
The CookieYes GDPR Cookie Consent & Compliance Notice plugin will assist you in making your website GDPR (RGPD, DSVGO) compliant.
In addition to compliance with this GDPR WordPress plugin also supports cookie compliance in accordance with the LGPD of Brazil and California Consumer Privacy Act (CCPA) which is a state statute intended to enhance privacy rights and consumer protection for residents of California.
- The plugin will enable a WordPress cookie notice with Accept and Reject options. The cookies are not rendered by default and only upon user consent. (The cookie value will be set to ‘null’ by default; it takes a value ‘yes’ when the user clicks ‘Accept’ and ‘no’ upon ‘Reject’. Your developer can check this value to set a cookie accordingly.)
- The plugin allows single click automatic scanning and categorization of cookies.
- This GDPR plugin adds a subtle cookie banner to your WordPress website either in the header or footer so you can show your compliance status regarding the new GDPR law.
- With the help of this WordPress GDPR plugin, you can fully customise the cookie notice style so it blends with your existing website: change the colours, fonts, styles, the position on the page and even how it behaves when you click “Accept”.
- You can choose to make the cookie notice bar disappear after a few seconds (completely configurable) or to accept on scroll (an option available under Italian law).
- It also has a Cookie Audit module so you can easily show what cookies your site uses and display them neatly in a table on your Privacy & Cookies Policy page.
- The plugin can be configured to have a CCPA ‘Do Not Sell My Personal Information’ control to the cookie notice.
- Integrates seamlessly with Official Facebook Pixel, Smash Balloon Instagram Feed & Twitter Feed.
- Fully customisable to look just like your own website’s style: customise the colours, styles and fonts
- Put the cookie bar in either the header or the footer
- (Optional) automatically close the cookie notice bar after a delay (delay is configurable)
- (Optional) cookie banner can be permanently dismissed or accessible through a “show again” tab
- (Optional) “show again” tab is fully customisable including position shown on page and styles
- WPML compatible
- qTranslate and Polylang support
Total downloads: 200,000+
Five Star Ratings: 140+
GDPR Cookie Consent Banner is one of the simplest and most popular cookie consent plugins out there. Compliance with data privacy regulations like the GDPR and the ePrivacy Directive has never more attainable.
- Choice of dismissal method – on click, on scroll, or timed
- Choice of dismissal element – either button or ‘x’ close
- Option to show the notification on the first page only – subsequent pages visited by the user will not display the message
- Option to exclude selected pages and posts from displaying the notification
- Choice of position – either top or bottom bar, or floating in one of the corners of the screen
- Translation support
- Customization options – including the ability to update styles from within the customizer
- Inherits your theme styles where possible
- The option to use an absolute or external URL to link to for further information
- Set the cookie duration
- Set the cookie version – updating a version will reset the cookie on all user sites
Total downloads: 300,000+
Five Star Ratings: 700+
- Configure a Cookie Notice for your specific region: European Union, United Kingdom, United States or Canada. Or use one Cookie Notice worldwide.
- Configure specific cookie consent per subregion, for example: European Union + DSGVO or USA + CCPA.
- Cookie Consent and Conditional Cookie Notice with Custom CSS and Customizable Templates.
- Banner Templates include: GDPR-friendly Cookie Wall – Accept/Dismiss – Category Based Consent
- Banner Templates CA/US also include; Dismiss on scroll, time on page or both.
- Proof of Consent; user consent registration that respects the GDPR data minimization guideline.
- Automatically detects if you need a Cookie Notice (also called a Cookie Banner or Pop-Up).
- Periodical Cookie Scan for changes in Cookies, Plugins and 3rd Party services.
- Detected Cookie Data is prefilled from cookiedatabase.org,the community-driven database with clear and transparent cookie descriptions, which is continuously updated.
- Do Not Sell My Personal Information: DNSMPI Page for CCPA – if required.
- Integrated with WordPress Privacy features. Export and erase personal data from our dashboard.
- Implementation of Google Tag Manager, Google Analytics, Matomo etc.
- Categorize your Cookies with Tag Manager or our own Script Center, if needed.
- Automatically anonymizes IP-addresses for Google Analytics if needed.
- Integration with the WP Consent API
- Blocks 3rd party cookies like Google Maps, Facebook, Instagram, AdSense, Recaptcha, Twitter, ActiveCampaign, and more.
- Blocks iFrames, like YouTube, Vimeo, Dailymotion embedded videos and Social iFrames.
- Shows placeholders for blocked iFrames. Stills from videos and individual placeholders per service.
- Integrates seamlessly with Gutenberg, Elementor, Divi, Forminator, WPBakery, Monsterinsights, GADWP, Beehive, WPForms, Gravity Forms, HappyForms, Contact Form 7 (CF7), Woocommerce, Easy Digital Downloads, WP Google Maps, Google Maps Widget, CAOS | Host Google Analytics Locally and other popular plugins.
- Tested with the popular themes en page builders.
- Gutenberg Blocks enabled.
Cookie Banners and Legal Documents conform to WCAG 2.1 Accessibility Guidelines.
- Ready for GDPR, AVG, DSGVO, CNIL, PECR, UK DPA, UK GDPR, CCPA, COPPA, PIPEDA & CASL.
- We closely follow the latest developments in the ePrivacy regulation, the proposed Cookie Law for the European Union, and other legislation world-wide.
Total downloads: 200,000+
Five Star Ratings: 100+
GDPR Cookie Compliance plugin has settings that can assist you with cookie compliance and consent notice requirements on your website.
- Give your users full control over cookies stored on their computer, including the ability for users to revoke their consent
- Simple, beautiful & intuitive user interface
- Choose from two unique layouts
- Fully customizable – upload your own logo, colors, fonts
- Fully editable – you can change all text
- Set the position of the Cookie Banner: at the top or bottom of your pages
- Flexible – decide which scripts will be loaded by default or only when the user gives consent
- SEO friendly
- WPML, qTranslate, WP Multilang and Polylang compatible, .pot file for translations included
- CDN Base URL supported
- Sleek animations to enhance user experience
Total downloads: 1,000+
Five Star Ratings: 5+
This plugin helps you to meet GDPR compliance requirements for comments, including anonymized IPs, extra checkbox, and terms notice.
- Anonymize IPs of new comments.
- Anonymize IPs of already stored comments in your database.
- Display compliance label, text, and extra checkbox right before the “Submit Comment” button.
Total downloads: 10,000+
Five Star Ratings: 25+
Google Analytics preconfigured to respect EU law and with lots of advanced analytics settings for extensive tracking possibilities.
You can use this plugin to integrate Google Analytics conform to EU law in compliance with data protection. For this you only need to put your Google Analytics ID into the general settings. Other settings (e.g. AnonymizeIP) are preconfigured accordingly and need to be changed only when needed or when extensions are desired.
In the advanced settings features of Google Analytics can be activated. Corresponding information can be found in the settings.
- Easy Google Analytics integration only the UA ID is required, everything else is preconfigured
- Preconfigured to respect EU law
- Cookie Consent Integration for EU cookie law
- Compatible to Google Site Tag and Universal Analytics Code (it’s your choice)
- Google Analytics integration could be disabled and you can use the Opt-out as standalone feature (compatible to other Google Analytics plugins)
- Compatible to eRecht24 generated Opt-out links
- Anonymize IP is integrated and enabled by default
- Demographics and Interests Reports
- Outbound Link Tracking
- Enhanced Link Attribution
- Custom Code integration
- GDPR Compliant Cookie Consent Popup Plugin – jQuery ihavecookies.js
- GDPR Cookie Compliance Plugin
- Ultimate GDPR Compliance jQuery Toolkit
- ClearGDPR Platform
- Manage opting in & out of tracking/marketing/mailing
The GDPR is affecting website owners worldwide and if you are unable to meet the new forms of compliance in the way that you collect data, in the weighting you are collecting analytics data, in a way that you store data and in the various plug-ins and themes that you use, your WordPress website could actually be subject to fines.
Installing one of these top plug-ins from our list could be all that you need to meet compliance and mitigate risk. Be sure to consider using any of these solutions when the newest legislation on GDPR comes into effect.