The Best GDPR Compliance WordPress Plugins
GDPR is here, but compliance doesn’t have to be hard. You can really speedup the process and feel confident that you’ve covered all your GDPR bases with these powerful GDPR compliance WordPress plugins.
What exactly do these GDPR compliance WordPress plugins do? Lots actually. They are an all encompassing solution that offers features and settings so your website meets all GDPR compliance requirements in a jiffy (including data access, privacy policy, cookie consent, data erasure, and data breach notifications). Alternatively there is a lot you can do to manually make your WordPress site GDPR compliant in which case you may just want a simple cookie consent notice which we already covered in detail in our guide on how to make your WordPress site EU Cookie Law compliant (so we’re not going to be including them in our roundup).
But if like many WordPress site owners you’ve put off GDPR compliance to the last minute, then our list of the best GDPR compliance WordPress plugins is for your. So let’s get into them!
IMPORTANT: We are not lawyers. Installing one of the following GDPR compliance WordPress plugins does not guarantee that your website fully complies with GDPR requirements. These are merely tools you can use to help with the process. Please consult a lawyer or GDPR consultant to be sure you are in full compliance.
1. Complianz GDPR Privacy Bundle
Complianz is not just a GDPR plugin – it’s an entire privacy management suite for WordPress. The free version of the plugin includes a useful cookie consent which will block cookies on your site before a user confirms (one of the most important features of GDPR that’s not built into WordPress like privacy policies are). In addition Complianz offers Cookie Policy configuration assistance, built-in website scanning functionality for security and regular updates for EU laws (saving you plenty of time and money).
For more features we recommend upgrading to a premium plan. This adds options for geolocation so your site displays a notice only when needed, notification and inventory of date breaches, as well premium support from their team of WordPress & GDPR experts.
2. WP GDPR Compliance
If you’re looking for a fast and free way to help get your website GDPR ready, then the free WP GDPR Compliance plugin is for you. Simply install this gem to have access to features such as data storage timestamps, a privacy policy link, user data request page, consent checkboxes and more. The plugin is also fully compatible with the latest versions of Contact Form 7, Gravity Forms, WooCommerce and WordPress Comments so you can quickly add consent optins to them as well from the integration settings tab.
3. Ultimate GDPR Compliance Toolkit
If you have a few bucks to spare we highly recommend the Ultimate GDPR Compliance Toolkit. For website owners who don’t have time to research GDPR compliance and start making changes on their own, this plugin provides a ton of options to get you going in the right direction. The plugin features a dedicated data access form (and data delete form), cookie consent optin form, pseudonymisation of user data stored for extra privacy, and automated data breach notifications. The plugin is compatible with popular WordPress plugins such as WooCommerce, MailChimp, Events Manager, Contact Form 7, Gravity Forms, Formidable Forms and BuddyPress so you can quickly check these plugins (if installed) for GDPR compliance.
4. GDPR
This free GDPR plugin is intended to make GDPR compliance easier to manage for your DPO, data processor or site manager. Simply install the plugin, set the cookies your site is using, add consent options for cookies and personal data, enable users to request to access or delete their data, identify data being sent to third parties via your website, setup a data breach notification and more.
5. WordPress GDPR All-in-One
Instead of installing multiple plugins and manually making changes to attempt to manage GDPR updates on your own, you could give the WordPress GDPR All-in-One plugin a try. With features like a data request contact form, forget me form, data breach notice, cookie popup, and policy update notification. Best of all, this plugin works great with WPML, MailChimp, BuddyPress, Google Adwords & Analytics, Facebook, Contact Form 7 and WooCommerce.
6. The GDPR Framework
Rather than dig into the legalize that is GDPR, you can turn to a plugin like the GDPR Framework to help make sense of the law. This plugin was created in conjunction with the Triniti IT Law Firm (which is based in Europe) to help WordPress site owners or managers. The plugin was built to allow users to easily access and delete their data, and to make quick work of aspects of compliance such as privacy policy creation. It’s important to note that as of today (May 24, 2018) the plugin does not yet include an option for cookie management but it is on the way.
7. GDPR Compliance Suite
The GDPR Compliance Suite provides easy tools to manage GDPR compliance on your website or blog, as well as for plugins you have installed (including BuddyPress, WooCommerce, WPML, Gravity Forms, Contact Form 7, Formidable Forms, Quform, Google Analytics, AddThis and more). Simply install the plugin and use the built-in settings for your cookies consent, user data access/erase requests, data breach notifications, site terms, privacy policy, disclaimer and even a contact DPO form. With 20 language translations already included, this is a great option for almost any site in just about any part of the world.
Wrapping Up
GDPR increases requirements for all websites, but implementing changes doesn’t have to be difficult. Thankfully the GDPR compliance WordPress plugins listed above are a quick and easy way to get started. We are not lawyers, so we can’t guarantee your site will be in 100% compliance (you should set up an appointment with a lawyer experience in this field or with a GDPR consultant) but in our opinion these plugins are a great place to start.
Do you have any other questions about GDPR compliance? Or about the GDPR compliance WordPress plugins we’ve listed? Let us know in the comments below.
This is a crazy law, stretching beyond their jurisdiction. For a small business in the US, how can they enforce it? Do they have representatives in the US to punish companies who do not comply? I do believe companies should practice strict data security, but if you make an honest mistake, it could cost you. I’m wondering how many companies will just choose to block EU-internet users.
Being a USA based business, we’re not exactly in love with a law being imposed on us by another country either. But we run an internet based business, so we’re rolling with it 🙂 That said, I do think it’s aimed more so at big players like Amazon, Facebook, Google, etc. I am not a lawyer but my guess would be that as long as you are taking steps to accommodate GDPR (such as updating your privacy policy and adding a cookie notice with a free plugin – both of which are fairly easy and completely free) you’re on the right track and likely won’t wind up on the EU’s radar. Again – I am not a lawyer, this is just my own opinion/speculation.
I believe, from what I have read, that in the event your website was found to be in violation of the new policy, there are 6-7 levels of notification and warnings given to you before anything resulted in any kind of fines or penalties.
Hi
Which GDPR Plugin do you use on this site?
Cheers
Jason S
We created a custom cookie notice actually. AJ is our developer – he made our site from scratch (along with all of our free & premium themes), so for us it made more sense to build-n a simple custom notice rather than use a plugin.
Your plugin works very well. 2gdpr shows no violations found
But I’ve installed a WordPress GDPR All-in-One, and 2GDPR shows the Google Analytics problem – “Prior consent to other than strictly necessary cookies”
What plugin can solve this problem?
I think this may be an issue with third party cookies – like from Google ads. If you’re using the premium version of WordPress GDPR All-in-One I’d try reaching out to the developer, since your purchase would include support. The developer is usually your best option for trouble shooting a situation, and in this case hopefully they can pinpoint which cookies are being set before you can ask for consent.
Hi Kyla. 🙂 I use Total theme on both my websites. Can you tell me if AJ’s plugin is available for download or is built in to Total. Thanks.
Hi Claude! Actually, it’s just a custom feature he built-in to our site. But I asked him and he said he used the script from Osano if that helps!
Thank you so much for getting back to me, Kyla. I’ll check it out but I’ll still keep my fingers crossed that AJ will incorporate into a future version of Total. 🙂
So what is the best plugin that you recommend if I have money to spare?
I would say that the first three options are my top picks. I would probably go with a paid option like Complianz or Ultimate GDPR though because they’re able to offer premium support with their products, so if you run into any integration or other issues later on you can get help from the developers.
Since my site is catered to local businesses in my region of the states I just blocked any non US IP. Simple problem solved 🙂
Hi
I’ve just released my first WordPress plugin on WordPress.org.
It’s a cookie consent notice banner that helps with GDPR compliance.
Please take a look.