The EU General Data Protection Regulation (GDPR) has been in force in all member states of the European Union since May 25, 2018. For WordPress agencies, freelancers and website operators, this means that anyone who has not yet implemented the requirements of the GDPR risks warnings and fines from the supervisory authorities. But that's no reason to panic! Fortunately, there are helpful GDPR plugins that can help you make your WordPress site legally compliant. We'll show you which plugins these are and how to use them.
Disclaimer
This article does not replace legal advice. As part of our work as a WordPress host, we have dealt intensively with the applicable German data protection regulations and the EU GDPR. We assume no liability for the completeness, up-to-dateness and accuracy of the plugins and content recommended by us.
In the following article, I would like to show you to what extent various WordPress plugins can support you in the lawful implementation of the GDPR requirements.
The order of the following plugins in this list is based on the number of active installations (as of February 2019).
WP GDPR Compliance
Active installations | Rating
Over 100,000 | 3.7 out of 5 (105 ratings)
Who developed it?
WPGDPR Compliance was developed by the Dutch WordPress agency "Van Ons". The plugin is available in 11 languages (including German, English, Dutch and Spanish).
What does the plugin cost?
WPGDPR Compliance was developed for the WP community and is therefore free of charge. However, the Van Ons team is happy to receive donations for support costs or "beer money" 😉 .
What functions does the plugin offer you?
WPGDPR Compliance automatically adds GDPR-compliant checkboxes to the Contact Form 7, Gravity Forms and WooCommerce plugins as well as to WordPress comments. With these opt-ins, visitors to your site can give their consent for you to process their personal data with the respective plugin.
Visitors to your site can also request their personal data from your database. They will then receive temporary access to a page on which their personal data is listed. From there, they can send you a request to delete their data.
What can't the plugin do?
As with all GDPR plugins, you won't achieve 100% legal certainty with it. After all, WP GDPR Compliance only focuses on a handful of plugins. This means that you may be using other extensions that are not GDPR-compliant. According to the roadmap, however, further features will be added in the future. The integration of MailChimp and HTML Forms is currently being worked on. A GDPR-compliant cookie banner is also on the agenda.
GDPR
Active installations | Rating
Over 40,000 | 4.3 out of 5 (57 ratings)
Who developed it?
The GDPR plugin was developed by the Canadian online marketing agency "Trew Knowledge". The plugin is currently available in 12 languages, but not yet in German.
What does the plugin cost?
GDPR is free of charge, but donations for support and further development of the plugin are welcome.
What functions does the plugin offer you?
GDPR comes with a wide range of functions. For example, you can use the plugin to manage consent for your terms and conditions and privacy policy. The plugin can also be used to manage the opt-in and opt-out for tracking by cookies.
You can also implement the right to access and delete data at the request of a user or as an admin with the help of the plugin. When users request their data, they can download it in JSON or XML format. The plugin also supports you with the obligation to provide evidence by creating an encrypted log of the consents and deletion requests of all users.
What can the plugin not do?
The plugin does not currently offer the function of obtaining consent for the use of certain plugins using GDPR-compliant checkboxes. However, integrations of MailChimp, SalesForce, Marketo and HubSpot as well as other WordPress plugins are planned.
What can the plugin not do?
The plugin does not currently offer the function of obtaining consent for the use of certain plugins using GDPR-compliant checkboxes. However, integrations of MailChimp, SalesForce, Marketo and HubSpot as well as other WordPress plugins are planned.
WP DSGVO Tools
Active installations | Rating
Over 30,000 | 3.9 out of 5 (44 ratings)
Who developed it?
WPGDPR Tools was developed by the Linz-based online marketing agency "Shapepress" together with data protection experts and checked for compliance with German and Austrian law.
For the sake of transparency, I would like to mention at this point that the creators of the plugin are Raidboxes customers. This is how we ended up pestering the developers of WP GDPR Tools with our questions about development and functionality. After our senior dev took a look at the technical side of the plugin, we were so convinced that we were happy to recommend it with a clear conscience.
What does the plugin cost?
There is a completely free version, a blog edition for a one-off fee of €9.90 and a premium version for €29 per year. These versions differ only in the scope of features. There are also corresponding bulk licenses for several websites.
What functions does the plugin offer you?
Even in the free version of WP GDPR Tools , you can use templates for legally compliant data protection texts, easily set up Google Analytics and the Facebook pixel in compliance with the GDPR, create a cookie banner, implement the right to be forgotten (with a time option) and make user data downloadable and deletable as a PDF or in JSON format. The integration of Contact Form 7 and a GDPR-compliant checkbox for comments are also included. There are also plenty of tips and helpful GDPR templates.
In the Blog Edition, you can also customize the cookie banner and adjust the texts of the checkboxes in the comments. Recently, a custom Google Analytics and Facebook code has also been included in the Blog Edition.
The Premium version also supports WooCommerce, Gravity Forms, MailChimp, bbPress and BuddyPress and has other additional features.
What can't the plugin do?
WPGDPR Tools offers you numerous features and integrations, but no plugin developer will be able to guarantee you 100% legal certainty. Nevertheless, the plugin covers important areas (such as Google Analytics and the FB pixel) that many GDPR plugins do not even take into account.
The GDPR Framework By Data443
Active installations | Rating
Over 20,000 | 4.8 out of 5 (54 ratings)
Who developed it?
The GDPR Framework By Data443 was developed by the Estonian WordPress experts "Codelight" together with a law firm. So far, it is only available in English, Spanish and Swedish.
What does the plugin cost?
The GDPR Framework By Data443 is free of charge.
What functions does the plugin offer you?
The motto of the creators of TheGDPR Framework By Data443: "You don't need to drown your customers in pointless acceptance checkboxes if you know what you're doing!"
One of the features of the plugin is to allow your users and visitors to view, export and delete their data. You can also track and manage your collected consents. The plugin also offers you a template for a GDPR-compliant privacy policy and helpful documentation for site operators and developers.
The GDPR Framework by Data443 supports Contact Form 7, Gravity Forms, Formidable Forms and WPML. Ninja Forms and Flamingo are planned as the next integrations.
What can't the plugin do?
Currently, The GDPR Framework By Data443 seems to focus on form plugins. However, according to the plugin authors, further integrations with WP Migrate DB, WooCommerce and Easy Digital Downloads are in the pipeline.
WP GDPR
Active installations | Rating
Over 6000 | 3.6 out of 5 (22 ratings)
Who developed it?
WPGDPR was created by the Belgian WordPress developers "AppSaloon" and is currently available in English, Dutch, Spanish and Swedish.
What does the plugin cost?
For a single website, the annual license for WP GDPR with just one plugin integration costs 20 euros. If you want to use all available plugin integrations, you pay 50 euros per year. There are also special freelancer and agency rates for multiple WordPress sites.
What functions does the plugin offer you?
With WP GDPR , you can make your website visitors' personal data (such as emails and comments) accessible and deletable. This information includes data from the Gravity Forms, Contact Form 7, WooCommerce, Flamingo and MailChimp plugins. WP GDPR also creates opt-ins for data processing for these plugins.
What can't the plugin do?
Even with WP GDPR , one hundred percent legal certainty is not guaranteed, as it only supports five plugins so far. Further plugin integrations such as Formidable Forms are being planned.
GDPR tools for the WordPress core
The WP GDPR Compliance Team is also working hard in the WordPress core to make WordPress GDPR-compliant in good time. To this end, various GDPR and privacy tools are being developed and integrated into the core step by step. The current update to WordPress 4.9.6 already includes some of these adjustments.
At Raidboxes, we have also developed GDPR tools to support our customers in implementing data protection requirements. With the "WP Session Eraser", for example, you can define with just a few clicks in your RB dashboard the period of time after which the session data of all your WP users is deleted after they have logged out.
Conclusion: No guarantee, but a helping hand
Which plugin is right for you depends entirely on your needs. Before you decide on one of the GDPR plugins, you should check which extensions you are currently using and which of them process personal data at all. This GDPR plugin list from Blogmojo can help you with this. If in doubt, however, you should contact the plugin developer yourself.
If you not only need checkboxes for integrated plugins, but also additional support for topics such as privacy policy, cookie banners, right to erasure, etc., a GDPR plugin with a wide range of features is a good choice. However, this will quickly take you into the paid area. The WP GDPR Tools plugin is particularly suitable for the DACH region, as it was developed in accordance with Austrian and German law and you receive German-language support.
Have you already tested one of the GDPR plugins mentioned or do you think a plugin is missing from the list? Then please leave me a comment, I look forward to your feedback!
Hi! I came here from english-speaking side of internet, when i try to find some info about some WordPress Plugins for GDPR Compliance. Why german, not english, i don't know.... but i use google translator and now i have full answer from you 🙂 Thank you! I must use GDRP comp. for some of my personal project (based on WP) and i need to respect European law about personal data protection. Once more: thank you VERY much for help, and good day 🙂
Hi Tobi,
We're very happy that the article was helpful to you (even in German 😉 ). It's a shame, though, you had to use Google Translate because in fact there is an English version of the article. 🙈=> https://b3193xx5.myraidbox.de/gdpr-plugins-compared/
Best regards from Münster
Leefke