1. Web Design
  2. WordPress

Best WordPress GDPR Plugins

Read Time:12 minsLanguages:

Is your website GDPR and CCPA compliant? Are you complying with strict regulations that require your website to protect the personal data and privacy of citizens in European Union (EU) countries and in California? In this post, I'll show you how to quickly and easily make your WordPress website compliant with GDPR and CCPA.

What Is GPDR?

The General Data Protection Regulation (GDPR) is a European Union (EU) law that took effect on 25 May 2018. The goal of GDPR is to:

  • ensure the protection of data and privacy of EU individuals
  • give EU individuals control over their personal data
  • change the data privacy approach of organizations across the world

Websites around the world that collect data on individuals in European Union (EU) countries need to comply with strict new rules around protecting customer data. GDPR compliance requires that you give visitors choice over whether they want cookies or not and also how they want their data to be handled. 

Here are some questions you should ask yourself so you can be sure you are compliant. 

  • Do you run a website that individuals in the EU have access to? 
  • Do you collect personal data or use cookies or tracking tools like Facebook Pixel?
  • Do you use Google Analytics or anything else to store personal data for statistical purposes?
  • Do you collect users' data using forms like Contact Form 7?
  • Do you use addons like Mailchimp or Constant Contact to create mailing lists?
  • Do you use live chat support or a helpdesk to help visitors on your website? 

You don't have to be a legal expert to make your website GDPR compliant. GDPR plugins make it easy.

What Is the California Consumer Privacy Act (CCPA)?

The state of California also has a privacy and data protection law—this is called CCPA. Here are some requirements of CCPA: 

  • cookie consent banner
  • privacy policy with links to the opt-out facility, privacy policy, and Do Not Sell My Information Page
  • age verification
  • do not sell my information document
  • my account form CCPA disclaimer

Some plugins make sure you compliant with both GDPR and CCPA. You will find these plugins on both Envato Elements and CodeCanyon. 

Before we look at the WordPress GDPR compliance plugins, let's explore the benefits of a monthly subscription to Envato Elements

Envato Elements: Unlimited Downloads

Envato Elements is a service that provides an unlimited download subscription, meaning that you are free to download as many items as you like from millions of digital assets.

The subscription is covered by simple commercial licensing that gives you the rights to use the item in a broad variety of projects, including those of a commercial nature.

The licensing is future-proof, meaning even if you unsubscribe and can't download items from Envato Elements any more, any existing uses that you registered are still covered.

Unlimited downloads of 54+ million creative assets. From just €14.50/month.Unlimited downloads of 54+ million creative assets. From just €14.50/month.Unlimited downloads of 54+ million creative assets. From just €14.50/month.

Subscribe Today and start creating, or learn more about why Envato Elements is Great for WordPress Developers

GDPR Plugins on Envato Elements 

1. WordPress GDPR

WordPress GDPRWordPress GDPRWordPress GDPR

With WordPress GDPR, your website can easily be brought into compliance with the GDPR regulations. Features of this all-in-one GDPR compliance plugin include:

  • forget me: right to be forgotten forms
  • data breach notifications
  • request data archive
  • cookie popup
  • contact DPO
  • newsletter unsubscribe

The plugin integrates with WooCommerce, Mailster, BuddyPress, Facebook Pixel, Google Analytics, Google Ads, Google Tag Manager, Hot Jar, Contact Form 7, Flamingo DB, and other custom integrations. You can use this plugin with different languages by integrating it with WPML. 

You will also find WordPress GDPR on CodeCanyon.

2. Ninja GDPR Compliance for WordPress

Ninja GDPR Compliance for WordPress Ninja GDPR Compliance for WordPress Ninja GDPR Compliance for WordPress

This plugin complies with seven key features of GDPR compliance: 

  • Cookie consent: informs users about cookie use and gets their consent.
  • Term and Conditions consent: takes users automatically to your Terms and Conditions page to get their consent. 
  • Privacy Policy consent: takes users automatically to your Privacy Policy page and gets their consent. 
  • Request Data Archive: collects data access requests and automatically informs the admin. 
  • Forget me form: create a form for users to request for their stored data to be deleted and automatically notify the website admin. 
  • Data Rectification: allow users to request their stored data to be rectified.
  • Data Breach Notification: notify data breaches to all users as required by law.
  • Control EU Traffic: display cookie popup for EU users only or refuse them.

The Ninja GDPR Compliance for WordPress plugin, which is also available on CodeCanyon, is compatible with most popular plugins related to GDPR requirements: WooCommerce, Contact Form 7, Gravity Forms, Mailchimp, Facebook Pixel, and Google Analytics. 

GDPR Plugins on CodeCanyon

3. Bestseller: Ultimate GDPR and CCPA Compliance Toolkit for WordPress

Ultimate GDPR & CCPA Complance Toolkit for WordPress Ultimate GDPR & CCPA Complance Toolkit for WordPress Ultimate GDPR & CCPA Complance Toolkit for WordPress

Using Ultimate GDPR and CCPA Compliance Toolkit for WordPress, you can take control of cookies from your dashboard using the advanced cookie management panel. From here, you can use a one-click cookie detector to discover what cookies your website is using. You can block any third-party cookies you don't need. You also have the option to display a cookie consent box in the header so it doesn't feel intrusive to users. You can customize your cookie boxes to match the look of your website by choosing from a whopping 34 styles and over 15 cookie notice skins. 

With just a few clicks, you’ll comply with all GDPR requirements, including:

  • personal data access: a dedicated form for users to access currently stored personal data
  • right to be forgotten: an accessible, dedicated form for users to request deletion of stored data
  • requests for data access or deletion: easily browse these requests and set custom email notifications
  • policy consent: redirects for your Terms and Conditions and Privacy Policy pages until consent is given
  • cookie consent: a dedicated box for cookie consent and cookie blocker until consent is given
  • services consent: automatically add consent boxes for various forms on your website
  • data breach notification: automatic global email notifications regarding data breaches
  • pseudonymisation: pseudonymise stored user data 
  • privacy by design: manage, encrypt, and erase all users’ data easily via your WordPress admin panel
  • data portability: export all user data easily to JSON format or text files, with an option to automatically send via email

This plugin is designed to be compatible with a range of popular themes, such as Divi and Avada, as well as other plugins and tools including Contact Form 7, QuForm, Gravity Forms, Facebook Pixel, BuddyPress, Google Analytics, WPBakery Page Builder, MailPoet, Mailstar, Polylang, Wordfence, and more. 

4. Trending: WeePie Cookie Allow

WeePie Cookie AllowWeePie Cookie AllowWeePie Cookie Allow

WeePie Cookie Allow makes it possible for your website to fully comply with the GDPR and CCPA.

GDPR compliance features include: 

  • cookie information bar or box with the possibility of adding a link to your cookie policy page  
  • icon to open the cookie settings pop-up  that includes accept cookies button and decline cookies button
  • change cookie settings
  • blocking privacy-sensitive or third-party cookies before consent
  • consent logging
  • cookie consent only for EU visitors (disable cookie consent bar/box for non-EU visitors)

CCPA compliance features include: 

  • show a bar/box with a notice at collection
  • add a link to your Do Not Sell My Personal Information (DNSMPI) page inside your Notice of Collection text
  • opt out of placing third-party cookies

Third-party cookies are automatically blocked. 

5. Cookie Plus GDPR: Master Popups Addon

Cookie Plus GDPR - Cookies Consent Solution for WordPress. Master Popups AddonCookie Plus GDPR - Cookies Consent Solution for WordPress. Master Popups AddonCookie Plus GDPR - Cookies Consent Solution for WordPress. Master Popups Addon

Cookie Plus GDPR is a complete GDPR Cookie consent solution for your WordPress website. It automatically blocks all non-essential cookies from your website so no plugin or script will be able to add cookies in the user’s browser without consent. Cookies are added after the user has accepted cookies.

You can create your cookie popup form by choosing from eight cookie pop templates. The consent popup form has five cookie categories that visitors can activate or deactivate. You have many options at your disposal to show your consent popups of cookies only to users in EU countries. 

The plugin is easily integrated with forms, plugins, and themes used to collected users' data. These include WooCommerce, Contact Form 7, Gravity Forms, WordPress comments, BuddyPress, Google Analytics, Google Tag Manager, Google Ads, Facebook Pixel, DoubleClick, and more. 

6. GDPR Solution: Bookly Customer Cabinet (Add-on)

If you use Bookly PRO on your website, then this plugin will allow you to comply with GDPR requirements by providing customers with the possibility to access, manage, and delete their personal details and appointments list in a user account. 

Let your customers return to your website at any time to manage their profile details and bookings that have been made. They’ll be able to:

  • update the name, email address, phone number, and customer information 
  • delete the customer’s profile
  • view appointment history
  • view appointment details 
  • reschedule or cancel an appointment

7. Total GDPR Compliance

Total GDPR Compliance Total GDPR Compliance Total GDPR Compliance

Integrate the Total GDPR Compliance plugin on your website and become totally GDPR-compliant. The plugin is fully responsive. You have 30 customizable consent templates to choose from. Each template has a choice of three layouts: cookie bar, popup cookie, and floating cookie. It also includes a "Privacy Policies" consent button and a “Terms & conditions" consent button. 

The plugin comes with a consent box for different WordPress sections such as the default WordPress login, registration, and comment submission, along with third-party plugins such as WooCommerce and Contact Form 7. 

8. Easy GDPR


Easy GDPR makes your website GDPR-compliant in a few easy steps. You can show the cookie popup to EU users who can accept or decline cookies. A cookie detector allows you to find out all cookies your site uses with one click. The cookies are grouped into categories. 

Other features of this GDPR compliance plugin include: 

  • privacy and terms pages
  • right of access by the data subject 
  • right to be forgotten 
  • right to data portability 
  • notification to users in case of a data breach

The plugin integrates with plugins that collect user data: WooCommerce, Facebook Pixel, Yandex Metrika, BuddyPress, Google Analytics, Google Tag Manager, Flamingo DB, Contact Form 7, and Hot Jar. 


WP GDPR PRO - Most Advanced GDPR PluginWP GDPR PRO - Most Advanced GDPR PluginWP GDPR PRO - Most Advanced GDPR Plugin

WP GDPR PRO covers cookie consent, creating a delete my account form, request data form, and erase data form. It also handles data breach notifications. Users can submit various requests using DPO forms, and admins can manage all requests in the back-end. Google reCAPTCHA is integrated into each DPO form to avoid spamming. All forms are fully multi-lingual using the WPML plugin.

You can set cookie popups to appear at the top, center, or bottom position. You can also add DPO forms in the sidebar using a widget. You can display a cookie consent notification on all pages and also display all important blocks using shortcode anywhere.

On top of being multisite-compatible, this WordPress GDPR plugin supports WooCommerce, BuddyPress, BBPress, and Contact Form 7. If you're using WooCommerce, users can view the privacy policy before checkout, and they can accept the privacy policy on the registration page or login page. If you're using BuddyPress, users can accept the privacy policy and terms during registration. 

10. EasyCookie WordPress Plugin 

EasyCookie WordPress Plugin - GDPR Responsive Cookie Law Compliance Alert NotificationEasyCookie WordPress Plugin - GDPR Responsive Cookie Law Compliance Alert NotificationEasyCookie WordPress Plugin - GDPR Responsive Cookie Law Compliance Alert Notification

EasyCookie is a lightweight, fully responsive plugin that helps your website comply with GDPR regulations. You can place a cookie notification bar at the top or bottom of the page. You can enable auto-accept on page scroll and even choose the number of days the cookies can be valid. The cookie notification can also include emojis if you choose to use them. The plugin is compatible with Bootstrap.

Free WordPress GDPR Plugins


cookie yescookie yescookie yes

CookieYes is a popular cookie consent and compliance notice plugin with over a million downloads. It assists in making your website compliant with privacy regulations:

  • GDPR for EU citizens
  • the LGPD for Brazil
  • CNIL for France
  • CCPA for California

Complianz: GDPR and CCPA Cookie Consent

Complianz – GDPR/CCPA Cookie Consent Complianz – GDPR/CCPA Cookie Consent Complianz – GDPR/CCPA Cookie Consent

Complianz is a GDPR and CCPA Cookie Consent plugin that supports GDPR, DSGVO, CCPA, and PIPEDA, with a conditional cookie notice and customized cookie policy based on the results of the built-in cookie scan. 

WP AutoTerms

WP AutoTerms: Privacy Policy Generator, Terms & Conditions Generator, Cookie Notice BannerWP AutoTerms: Privacy Policy Generator, Terms & Conditions Generator, Cookie Notice BannerWP AutoTerms: Privacy Policy Generator, Terms & Conditions Generator, Cookie Notice Banner

The WP AutoTerms plugin helps you with a wide range of legal requirements your WordPress website might be required to keep up with, such as the CCPA or the GDPR law or Amazon Associates requirement to have a disclosure for affiliate links.



This plugin is for German language users of WP GDPR.  As a web admin, you only have two simple tasks: selection of the services used, and filling in a few input fields.

WP GDPR does everything else:

  • creation of the cookie popup
  • creation of the cookie notice
  • control of services
  • control of embedding
  • generation of the data protection information
  • creation of the imprint

All translations have been translated by sworn and certified interpreters and officially certified by WPML. The plugin also works with Polylang and WPGlobus.

GDPR Basics

Data collection is part and parcel of our daily lives. Our online activities generate data that is tracked, stored, parsed, packaged, shared, and sold. This data is used to create individual profiles that are quite often misused. Having control over our data and privacy is now more important than ever. 

What Is GDPR?

General Data Protection Regulation (GDPR) is a European digital privacy law designed to give EU individuals more control over their personal data. 

Personal Data, Privacy by Design, Consent 

Here are the key principles of the GPDR:

  1. Businesses and websites offering goods and services to individuals in the EU or monitoring behavior of EU individuals have direct responsibility for securing the individual data in their possession.
  2. All businesses and websites have the responsibility to implement appropriate privacy policies. 
  3. IP addresses, geolocations, device identifiers, and other online identifiers constitute personal data that can be used to identify individuals.
  4. Pseudonymisation of personal data will minimize the risk of individuals being singled out or profiled during processing. Genetic data and biometric data are categorized as sensitive data in need of greater protection. Religious beliefs, web cookies, and political opinions can also be personal data.

Under GDPR, EU individuals have the following rights:

  • to know what information about them has been collected
  • to know how their data is collected and used
  • to request changes to their data where there are mistakes
  • to request their data to be deleted
  • to refuse any data processing requests

Under GDPR, all businesses, including your blog and websites, should do the following:

  • have a privacy policy that explains to users how their information is used
  • ask in clear and simple language for users' consent before processing their data
  • send data breach notifications to users when it happens 

Become GDPR-Compliant Now!

Put the control of data and privacy in your visitors' hands with GDPR compliance plugins from Envato Elements and CodeCanyon.

Become GDPR Compliant Now! Become GDPR Compliant Now! Become GDPR Compliant Now!

If you're thinking of offering better support services for your customers, these posts will guide you to some of the best plugins for this purpose available on CodeCanyon. Remember, you will also need to give your customers a choice on how they want their data handled.

Looking for something to help kick start your next project?
Envato Market has a range of items for sale to help get you started.